PC games start to lag

[seanroxas]

My PC games like fifa 11, nba 2k11, assassin's creed start lagging today. It only started lagging after the match started (no lagging before menu screen) . It is not my pc spec that cause the lagging because I played these games for a whole month without lagging. I also noticed that my computer is a little bit slower than usual. I think the last thing I did is my assassin's creed crash and i pressed the power off button. The first around 8 times I played it, it didn't crash but after that it always crashes after 30-40 minutes i play. So I don't know what to do and press power off button, then wait for a while then press on again.

My pc specs are asus n53s, intel i5, 4gb ram, 640hdd, window 7 and nvidia geforce gt540m 1gb.

Please help me..

 

[JoshuaJay]

If ALL of your applications have started to lag, and your computer is running slowly; and it all started around the same time...

You most likely have a virus, spyware, adware, trojan take your pick.

This usually is the result of visiting adult websites, visiting or downloading from illegal pirate websites, or just clicking on pop ups you may not see as a scam.

If you have an AV utility on your PC I suggest a system scan, if you don't have an AV then well... *Bonk*

 

[seanroxas]

Hi joshua, i already scan my pc with avira antivirus free version. No virus or unwanted programmes are found. Any other possibility?

 

[Abstract Hero]

Seanroxas,

Lets try a more thorough virus check up. go to the spyware asylum link in my signature and follow the instructions. Post back here with your log.

JoshuaJay,
Visiting those sites isn't necessarily the risk. Your average website is just as safe as the next but its the link you click on and the files you download that are dangerous. IDC if your on youtube or porntube, you click the wrong link and sir, you have a virus.

I just want to clarify that as I regular on many torrent sites (not for illegal material I might add) and I have yet to get a virus because I play smart.

 

[seanroxas]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:27:22 PM, on 16/5/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files (x86)\DAP\DAP.exe
C:\Program Files (x86)\Common Files\PPLiveNetwork\PPAP.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\vividwireless\vividwireless.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Sean\Documents\Setup File\HiJackThis.exe

R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~2\SEARCH~1\SEARCH~1.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\DAP\DAPIEL~1.DLL
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\SPEEDB~1\Toolbar\grabber.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe
O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PPAP] "C:\Program Files (x86)\Common Files\PPLiveNetwork\PPAP.exe" -background
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Electronic Arts\EADM\EADMUI.exe"
O4 - Startup: Registration Assassin's Creed.LNK = C:\Program Files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?%SystemRoot%\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files (x86)\PPLive\PPTV\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files (x86)\PPLive\PPTV\PPLive.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://*.pps.tv
O15 - Trusted Zone: http://*.ppstream.com
O15 - Trusted Zone: http://*.webscache.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O15 - ESC Trusted Zone: http://*.pps.tv
O15 - ESC Trusted Zone: http://*.ppstream.com
O15 - ESC Trusted Zone: http://*.webscache.com
O18 - Protocol: mbox - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: mboxflash - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: sequansd - Sequans communications - C:\Program Files (x86)\vividwireless\sequansd.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15550 bytes

 

[seanroxas]

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: 6588

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16/5/2011 8:48:34 PM
mbam-log-2011-05-16 (20-48-34).txt

Scan type: Quick scan
Objects scanned: 168204
Time elapsed: 5 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

[seanroxas]

ComboFix 11-05-15.04 - Sean 5/2011 Mon 20:52:35.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.936.86.1033.18.4008.1884 [GMT 10:00]
执行位置: c:\users\Sean\Documents\Setup File\ComboFix_1.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( 被删除的档案 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( 2011-04-16 至 2011-05-16 的新的档案 )))))))))))))))))))))))))))))))
.
.
2011-05-16 11:09 . 2011-05-16 11:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-05-16 11:09 . 2011-05-16 11:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-16 10:41 . 2011-05-16 10:41 -------- d-----w- c:\users\Sean\AppData\Roaming\Malwarebytes
2011-05-16 10:41 . 2010-12-20 08:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-16 10:41 . 2011-05-16 10:41 -------- d-----w- c:\programdata\Malwarebytes
2011-05-16 10:41 . 2011-05-16 10:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-16 10:41 . 2010-12-20 08:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-16 09:06 . 2011-05-16 09:06 -------- d-----w- c:\program files\CCleaner
2011-05-16 08:05 . 2011-05-16 08:06 -------- d-----w- c:\users\Sean\AppData\Local\{73F8EB01-7FB8-4C3E-B8A9-D21EA2E56655}
2011-05-16 02:46 . 2011-05-16 02:46 -------- d-----w- c:\users\Sean\AppData\Local\{99B8417D-DB4E-4D72-9FB5-16FD79022B7B}
2011-05-15 23:03 . 2011-05-15 23:03 -------- d-----w- c:\users\Sean\AppData\Local\{086B69FF-C846-4678-9587-F11F92D78502}
2011-05-15 04:54 . 2011-05-15 04:54 -------- d-----w- c:\users\Sean\AppData\Local\{50533641-6D67-43B1-9477-A5696FD05142}
2011-05-13 22:48 . 2011-05-13 22:50 -------- d-----w- c:\users\Sean\AppData\Local\{3B32C147-27FD-4972-B5B3-2DB6C6E5187C}
2011-05-13 08:08 . 2011-05-13 08:08 -------- d-----w- c:\users\Sean\AppData\Local\{C3E61297-D50C-4750-AACE-A7022554362B}
2011-05-12 05:49 . 2011-05-12 05:49 -------- d-----w- c:\users\Sean\AppData\Local\{BDCED424-5FEA-4DFF-AC02-A40126FC3153}
2011-05-12 00:11 . 2011-05-12 00:11 -------- d-----w- c:\users\Sean\AppData\Local\{FF50DB02-19ED-44AF-8C5C-83EC64154DAB}
2011-05-11 03:30 . 2011-05-11 03:30 -------- d-----w- c:\users\Sean\AppData\Local\{4381D91B-A8F6-4625-94C9-A48C7099547F}
2011-05-10 22:39 . 2011-03-29 03:32 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-10 22:39 . 2011-03-29 03:32 99328 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-10 22:39 . 2011-03-29 03:32 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-10 22:39 . 2011-03-29 03:32 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-10 22:39 . 2011-03-29 03:32 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-10 22:39 . 2011-03-29 03:32 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-10 22:39 . 2011-03-29 03:32 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 22:39 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-10 22:39 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-10 22:39 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-09 22:25 . 2011-05-09 22:27 -------- d-----w- c:\users\Sean\AppData\Local\{C1E18D7E-B6AA-4848-B7FA-07158C56F50D}
2011-05-09 08:03 . 2011-05-09 08:03 -------- d-----w- c:\users\Sean\AppData\Local\{153861E5-D0E6-4BEF-B4A2-AB5294692321}
2011-05-09 02:45 . 2011-05-09 02:45 -------- d-----w- c:\users\Sean\AppData\Local\{644E50ED-DE4F-4B77-B44F-D333A14AF89F}
2011-05-09 00:01 . 2011-05-09 00:01 -------- d-----w- c:\users\Sean\AppData\Local\{09C4D4F5-28D5-4075-B820-92A151023802}
2011-05-08 08:31 . 2011-05-08 08:31 -------- d-----w- c:\users\Sean\AppData\Local\{991B3A5D-D710-4E0A-8227-877503DD8A91}
2011-05-08 00:43 . 2011-05-08 00:43 -------- d-----w- c:\users\Sean\AppData\Local\{B52D1700-75D8-441E-91B4-4468F34154EF}
2011-05-07 12:35 . 2011-05-07 12:35 -------- d-----w- c:\users\Sean\AppData\Local\{C5B260DA-92C7-4DAD-9B78-3023AF804626}
2011-05-07 08:10 . 2011-05-07 08:10 -------- d-----w- c:\users\Sean\AppData\Local\{C86B908D-183F-4205-812A-025750B57B43}
2011-05-06 13:28 . 2011-05-06 13:28 -------- d-----w- c:\users\Sean\AppData\Local\{5FC94B48-04F7-4B88-BBC3-454CED388D37}
2011-05-06 11:43 . 2011-05-06 11:43 -------- d-----w- c:\users\Sean\AppData\Local\{2A0F7C63-D190-4358-8785-D01B06FF893B}
2011-05-05 22:10 . 2011-05-05 22:11 -------- d-----w- c:\users\Sean\AppData\Local\{B12BD52C-1017-435A-B184-80722386D292}
2011-05-05 11:08 . 2011-05-05 11:08 -------- d-----w- c:\program files (x86)\DtsFilter
2011-05-05 11:01 . 2011-05-05 11:01 -------- d-----w- c:\users\Sean\AppData\Roaming\Media Player Classic
2011-05-05 11:00 . 2011-05-05 11:00 -------- d-----w- c:\program files (x86)\Real Alternative
2011-05-05 09:50 . 2011-05-05 09:50 -------- d-----w- c:\users\Sean\AppData\Local\{E17EA57A-4A58-4A15-952D-EE04D3B75EF1}
2011-05-04 04:39 . 2011-05-04 04:39 -------- d-----w- c:\users\Sean\AppData\Local\Electronic Arts
2011-05-04 04:39 . 2011-05-04 04:39 -------- d-----w- c:\programdata\Electronic Arts
2011-05-04 04:10 . 2011-05-04 04:39 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-05-04 04:10 . 2008-10-14 20:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2011-05-04 04:10 . 2008-10-14 20:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2011-05-04 04:10 . 2008-10-14 20:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2011-05-04 04:10 . 2008-10-14 20:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2011-05-04 04:10 . 2008-10-14 20:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-05-04 04:10 . 2008-10-14 20:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-05-04 03:50 . 2011-05-14 04:56 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-04 03:45 . 2011-05-04 03:45 -------- d-----w- c:\users\Sean\AppData\Local\{9C51F6C8-92A6-43DB-B235-AD9442CC7859}
2011-05-03 23:44 . 2011-05-03 23:44 -------- d-----w- c:\users\Sean\AppData\Local\{355C7003-6646-4CF9-A3D6-B546AEDDEC32}
2011-05-03 07:17 . 2011-05-03 07:17 -------- d-----w- c:\users\Sean\AppData\Local\{BACF851E-07C4-46C5-951F-4F6F05A4C5DF}
2011-05-02 21:49 . 2011-05-02 21:49 -------- d-----w- c:\users\Sean\AppData\Local\{573466D0-1876-416E-A843-AA2F4B6F4AB3}
2011-05-02 02:52 . 2011-05-02 02:52 -------- d-----w- c:\users\Sean\AppData\Local\{5400E3F6-356D-4A42-9E2C-0FCACCE7177C}
2011-05-01 21:43 . 2011-05-01 21:43 -------- d-----w- c:\users\Sean\AppData\Local\{C36EEB61-9570-42DE-9C5E-24CE08043D3A}
2011-05-01 05:23 . 2011-05-06 08:39 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-05-01 05:23 . 2011-05-01 05:23 -------- d-----w- c:\windows\SysWow64\xlive
2011-05-01 05:20 . 2011-05-04 04:04 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-05-01 04:45 . 2011-05-01 04:45 -------- d-----w- c:\program files (x86)\Eidos
2011-05-01 04:32 . 2011-05-01 04:32 -------- d-----w- c:\users\Sean\AppData\Roaming\Ubisoft
2011-05-01 04:30 . 2011-05-01 04:30 -------- d-----w- c:\programdata\Ubisoft
2011-05-01 04:15 . 2011-05-01 04:15 -------- d-----w- c:\program files (x86)\Ubisoft
2011-05-01 04:14 . 2011-05-01 04:14 -------- d-----w- c:\users\Sean\AppData\Roaming\InstallShield
2011-04-30 14:43 . 2011-05-02 12:30 -------- d-----w- c:\users\Sean\AppData\Roaming\PPStream
2011-04-30 12:09 . 2010-11-10 02:03 10240 ----a-r- c:\windows\system32\drivers\HuaweiWiMAXUSBCoX64.dll
2011-04-30 12:09 . 2010-11-10 02:03 83968 ----a-r- c:\windows\system32\drivers\HuaweiWiMAXUSB.sys
2011-04-30 12:09 . 2010-11-10 02:03 10240 ----a-w- c:\windows\system32\HuaweiWiMAXUSBCoX64.dll
2011-04-30 12:08 . 2011-05-01 05:13 -------- d-----w- c:\program files (x86)\vividwireless
2011-04-30 11:12 . 2011-04-30 11:12 -------- d-----w- c:\users\Sean\AppData\Local\{630D4D4D-7A1B-41F7-AD44-3A9AFCD36954}
2011-04-29 15:05 . 2011-04-29 15:05 -------- d-----w- c:\users\Sean\AppData\Local\{7E29F9BE-E69E-4AFD-94DC-247AB3C3D38A}
2011-04-29 13:39 . 2011-04-29 13:39 -------- d-----w- c:\users\Sean\AppData\Local\{EBFB3B05-D3F7-4C94-AB9E-C7E77C0002D3}
2011-04-29 01:16 . 2011-04-29 01:16 -------- d-----w- c:\users\Sean\AppData\Local\{BD4072C0-C9F5-44BC-B812-5FE305FC0714}
2011-04-27 23:34 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer.exe
2011-04-27 23:34 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-27 23:31 . 2011-03-12 12:03 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 23:31 . 2011-03-12 11:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 23:29 . 2011-03-11 06:23 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-04-27 23:29 . 2011-03-11 06:23 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2011-04-27 23:29 . 2011-03-11 06:23 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-04-27 23:29 . 2011-03-11 06:23 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-04-27 23:29 . 2011-03-11 06:23 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-04-27 23:29 . 2011-03-11 06:22 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-04-27 23:29 . 2011-03-11 06:22 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-04-27 23:29 . 2011-03-11 06:18 2566144 ----a-w- c:\windows\system32\esent.dll
2011-04-27 23:29 . 2011-03-11 06:15 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-04-27 23:29 . 2011-03-11 05:39 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2011-04-27 23:29 . 2011-03-11 05:37 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-04-27 23:28 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-27 23:28 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-04-27 13:45 . 2011-04-27 13:45 -------- d-----w- c:\users\Sean\AppData\Roaming\NVIDIA
2011-04-27 13:40 . 2011-04-27 13:40 -------- d-----w- c:\users\Sean\AppData\Roaming\PPLive
2011-04-27 13:37 . 2011-04-27 13:37 -------- d-----w- c:\programdata\Jlcm
2011-04-27 13:37 . 2011-04-01 03:24 709992 ----a-w- c:\windows\system32\kindling.dll
2011-04-27 13:37 . 2011-04-27 13:40 -------- d-----w- c:\programdata\PPLive
2011-04-27 13:37 . 2011-04-27 13:37 -------- d-----w- c:\program files (x86)\Common Files\PPLiveNetwork
2011-04-27 13:37 . 2011-04-27 13:37 -------- d-----w- c:\program files (x86)\PPLive
2011-04-27 13:37 . 2011-04-01 03:24 624056 ----a-w- c:\program files (x86)\Internet Explorer\PPLite\plugin\1.0.0.512\mframe.dll
2011-04-27 13:37 . 2011-04-01 03:24 312768 ----a-w- c:\program files (x86)\Internet Explorer\PPLite\plugin\1.0.0.512\ppp.dll
2011-04-27 13:37 . 2011-04-01 03:24 251400 ----a-w- c:\program files (x86)\Internet Explorer\PPLite\plugin\pplugin2.dll
2011-04-26 13:42 . 2011-04-26 13:42 -------- d-----w- c:\users\Sean\AppData\Local\{2750F395-51A4-4735-8A52-F76B077A531E}
2011-04-26 00:14 . 2011-04-26 00:14 -------- d-----w- c:\users\Sean\AppData\Local\{7454352E-3D75-4D02-BDFB-115C84052FEC}
2011-04-25 07:13 . 2011-04-25 20:29 -------- d-----w- c:\programdata\VirtualizedApplications
2011-04-25 05:10 . 2011-04-25 05:10 -------- d-----r- C:\MSOCache
2011-04-25 05:03 . 2011-04-25 05:03 -------- d-----w- c:\users\Sean\AppData\Local\SoftGrid Client
2011-04-25 05:03 . 2011-05-15 11:25 -------- d-----w- c:\users\Sean\AppData\Roaming\SoftGrid Client
2011-04-25 05:02 . 2011-04-25 19:00 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2011-04-25 05:02 . 2011-04-25 05:03 -------- d-----w- c:\users\Sean\AppData\Roaming\TP
2011-04-24 16:09 . 2011-04-24 16:09 -------- d-----w- c:\users\Sean\AppData\Local\{980B7EFF-B848-45CB-AA06-670046E50F17}
2011-04-24 16:09 . 2011-04-24 16:09 -------- d-----w- c:\users\Sean\AppData\Local\{1F3346E9-EC1A-41D9-93D9-1ABDDB5CFF22}
2011-04-23 15:56 . 2011-04-23 15:56 -------- d-----w- c:\users\Sean\AppData\Roaming\FLEXnet
2011-04-23 15:56 . 2011-04-23 15:56 -------- d-----w- c:\users\Sean\AppData\Roaming\Nuance
2011-04-23 15:56 . 2011-04-23 15:56 -------- d-----w- c:\users\Sean\AppData\Roaming\Zeon
2011-04-23 01:38 . 2011-04-23 01:38 -------- d-----w- c:\users\Sean\AppData\Local\{EA0F1976-74DC-483C-8292-CF58E0C7DC81}
2011-04-22 10:03 . 2011-04-22 10:03 -------- d-----w- c:\users\Sean\AppData\Local\{0703D001-8149-4612-8586-F83F8B1FC80D}
2011-04-20 19:02 . 2011-04-20 19:02 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-04-19 18:09 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-04-19 18:09 . 2011-02-19 06:37 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-04-19 18:09 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-04-19 18:09 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-04-19 18:09 . 2011-02-19 05:32 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-04-19 04:57 . 2011-04-19 04:57 -------- d-----w- c:\users\Sean\AppData\Roaming\GRETECH
2011-04-19 04:55 . 2011-04-19 04:55 -------- d-----w- c:\program files (x86)\GRETECH
.
.
(((((((((((((((((((((((((((((((((((((((( 在三个月内被修改的档案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-16 08:04 . 2011-04-16 06:59 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-04-16 15:26 . 2010-06-24 19:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-09 08:55 . 2011-04-09 08:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 08:55 . 2011-04-09 08:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-07 08:24 . 2011-03-07 08:24 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-03-07 08:24 . 2011-03-07 08:24 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-03-07 08:24 . 2011-03-07 08:24 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-03-07 08:15 . 2011-03-07 08:15 520192 ----a-w- c:\windows\SysWow64\ASUS_Screensaver.scr
2011-03-07 08:15 . 2011-03-07 08:15 3058304 ----a-w- c:\windows\AsScrPro.exe
2011-03-07 08:10 . 2011-03-07 08:10 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-03-07 08:10 . 2011-03-07 08:10 2048 ----a-w- c:\windows\system32\tzres.dll
2011-03-07 08:09 . 2011-03-07 08:09 112000 ----a-w- c:\windows\system32\consent.exe
2011-03-07 08:07 . 2011-03-07 08:07 395776 ----a-w- c:\windows\system32\webio.dll
2011-03-07 08:07 . 2011-03-07 08:07 314368 ----a-w- c:\windows\SysWow64\webio.dll
2011-03-07 08:06 . 2011-03-07 08:06 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-03-07 08:06 . 2011-03-07 08:06 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2011-03-07 08:06 . 2011-03-07 08:06 473600 ----a-w- c:\windows\system32\taskcomp.dll
2011-03-07 08:06 . 2011-03-07 08:06 464384 ----a-w- c:\windows\system32\taskeng.exe
2011-03-07 08:06 . 2011-03-07 08:06 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll
2011-03-07 08:06 . 2011-03-07 08:06 285696 ----a-w- c:\windows\system32\schtasks.exe
2011-03-07 08:06 . 2011-03-07 08:06 192000 ----a-w- c:\windows\SysWow64\taskeng.exe
2011-03-07 08:06 . 2011-03-07 08:06 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2011-03-07 08:06 . 2011-03-07 08:06 1169408 ----a-w- c:\windows\system32\taskschd.dll
2011-03-07 08:06 . 2011-03-07 08:06 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2011-03-07 08:04 . 2011-03-07 08:04 552960 ----a-w- c:\windows\system32\msdri.dll
2011-03-07 08:04 . 2011-03-07 08:04 288256 ----a-w- c:\windows\system32\MSNP.ax
2011-03-07 08:04 . 2011-03-07 08:04 204288 ----a-w- c:\windows\SysWow64\MSNP.ax
2011-03-07 08:04 . 2011-03-07 08:04 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-03-07 08:01 . 2011-03-07 08:01 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2011-03-07 08:01 . 2011-03-07 08:01 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2011-03-07 08:01 . 2011-03-07 08:01 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2011-03-07 08:01 . 2011-03-07 08:01 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2011-03-07 07:59 . 2011-03-07 07:59 9728 ----a-w- c:\windows\SysWow64\sscore.dll
2011-03-07 07:59 . 2011-03-07 07:59 236032 ----a-w- c:\windows\system32\srvsvc.dll
2011-03-07 07:59 . 2011-03-07 07:59 633856 ----a-w- c:\windows\system32\comctl32.dll
2011-03-07 07:59 . 2011-03-07 07:59 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2011-03-07 07:58 . 2011-03-07 07:58 738816 ----a-w- c:\windows\SysWow64\wmpmde.dll
2011-03-07 07:58 . 2011-03-07 07:58 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2011-03-07 07:58 . 2011-03-07 07:58 340992 ----a-w- c:\windows\system32\schannel.dll
2011-03-07 07:58 . 2011-03-07 07:58 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-03-07 07:56 . 2011-03-07 07:56 148992 ----a-w- c:\windows\system32\t2embed.dll
2011-03-07 07:56 . 2011-03-07 07:56 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2011-03-07 07:55 . 2011-03-07 07:55 483840 ----a-w- c:\windows\system32\StructuredQuery.dll
2011-03-07 07:55 . 2011-03-07 07:55 363520 ----a-w- c:\windows\SysWow64\StructuredQuery.dll
2011-03-07 07:55 . 2011-03-07 07:55 2085376 ----a-w- c:\windows\system32\ole32.dll
2011-03-07 07:55 . 2011-03-07 07:55 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2011-03-07 07:54 . 2011-03-07 07:54 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-03-07 07:54 . 2011-03-07 07:54 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-03-07 07:54 . 2011-03-07 07:54 558592 ----a-w- c:\windows\system32\spoolsv.exe
2011-03-07 07:52 . 2011-03-07 07:52 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-03-07 07:52 . 2011-03-07 07:52 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-03-07 07:48 . 2011-03-07 07:48 52224 ----a-w- c:\windows\system32\rtutils.dll
2011-03-07 07:48 . 2011-03-07 07:48 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2011-03-07 07:48 . 2011-03-07 07:48 82944 ----a-w- c:\windows\SysWow64\iccvid.dll
2011-03-07 07:45 . 2011-03-07 07:45 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-03-07 07:43 . 2011-03-07 07:43 213888 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2011-03-07 07:38 . 2011-03-07 07:38 84992 ----a-w- c:\windows\system32\asycfilt.dll
2011-03-07 07:38 . 2011-03-07 07:38 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2011-03-07 07:38 . 2011-03-07 07:38 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2011-03-07 07:38 . 2011-03-07 07:38 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2011-03-07 07:38 . 2011-03-07 07:38 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2011-03-07 07:38 . 2011-03-07 07:38 1446912 ----a-w- c:\windows\system32\lsasrv.dll
2011-03-07 07:37 . 2011-03-07 07:37 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-03-07 07:34 . 2011-03-07 07:34 139264 ----a-w- c:\windows\system32\cabview.dll
2011-03-07 07:34 . 2011-03-07 07:34 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2011-03-07 07:33 . 2011-03-07 07:33 220672 ----a-w- c:\windows\system32\wintrust.dll
2011-03-07 07:33 . 2011-03-07 07:33 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2011-03-07 07:33 . 2011-03-07 07:33 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-03-07 07:33 . 2011-03-07 07:33 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-03-07 07:31 . 2011-03-07 07:31 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-03-07 07:31 . 2011-03-07 07:31 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-03-07 07:31 . 2011-03-07 07:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-03-07 07:31 . 2011-03-07 07:31 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-03-07 07:31 . 2011-03-07 07:31 243200 ----a-w- c:\windows\system32\wow64.dll
2011-03-07 07:31 . 2011-03-07 07:31 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-03-07 07:31 . 2011-03-07 07:31 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-03-07 07:30 . 2011-03-07 07:30 389632 ----a-w- c:\windows\system32\winlogon.exe
2011-03-07 07:29 . 2011-03-07 07:29 91648 ----a-w- c:\windows\SysWow64\avifil32.dll
2011-03-07 07:29 . 2011-03-07 07:29 84480 ----a-w- c:\windows\SysWow64\mciavi32.dll
2011-03-07 07:29 . 2011-03-07 07:29 54272 ----a-w- c:\windows\system32\iyuv_32.dll
2011-03-07 07:29 . 2011-03-07 07:29 50176 ----a-w- c:\windows\SysWow64\iyuv_32.dll
2011-03-07 07:29 . 2011-03-07 07:29 38912 ----a-w- c:\windows\system32\msvidc32.dll
2011-03-07 07:29 . 2011-03-07 07:29 31744 ----a-w- c:\windows\SysWow64\msvidc32.dll
2011-03-07 07:29 . 2011-03-07 07:29 25088 ----a-w- c:\windows\system32\msyuv.dll
2011-03-07 07:29 . 2011-03-07 07:29 22016 ----a-w- c:\windows\SysWow64\msyuv.dll
2011-03-07 07:29 . 2011-03-07 07:29 16384 ----a-w- c:\windows\system32\msrle32.dll
2011-03-07 07:29 . 2011-03-07 07:29 1572352 ----a-w- c:\windows\system32\quartz.dll
2011-03-07 07:29 . 2011-03-07 07:29 14848 ----a-w- c:\windows\system32\tsbyuv.dll
2011-03-07 07:29 . 2011-03-07 07:29 13312 ----a-w- c:\windows\SysWow64\msrle32.dll
2011-03-07 07:29 . 2011-03-07 07:29 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2011-03-07 07:29 . 2011-03-07 07:29 12288 ----a-w- c:\windows\SysWow64\tsbyuv.dll
2011-03-07 07:26 . 2011-03-07 07:26 85504 ----a-w- c:\windows\SysWow64\secproc_ssp_isv.dll
2011-03-07 07:26 . 2011-03-07 07:26 85504 ----a-w- c:\windows\SysWow64\secproc_ssp.dll
2011-03-07 07:26 . 2011-03-07 07:26 424960 ----a-w- c:\windows\system32\secproc.dll
2011-03-07 07:26 . 2011-03-07 07:26 422912 ----a-w- c:\windows\system32\secproc_isv.dll
2011-03-07 07:26 . 2011-03-07 07:26 369152 ----a-w- c:\windows\SysWow64\secproc.dll
2011-03-07 07:26 . 2011-03-07 07:26 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2011-03-07 07:26 . 2011-03-07 07:26 357888 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-03-07 07:26 . 2011-03-07 07:26 356352 ----a-w- c:\windows\system32\RMActivate.exe
2011-03-07 07:26 . 2011-03-07 07:26 324608 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
.
.
((((((((((((((((((((((((((((((((((((( 重要登入点 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白与合法缺省登录将不会被显示
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2011-04-17 01:14 2447360 ----a-w- c:\program files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 04:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-03-07 07:30 433648 ----a-w- c:\programdata\Partner\Partner.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-12-09 04:51 3911776 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
2010-11-26 04:30 60576 ----a-w- c:\program files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DownloadAccelerator"="c:\program files (x86)\DAP\DAP.EXE" [2011-04-17 2918576]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-09 4240760]
"PPAP"="c:\program files (x86)\Common Files\PPLiveNetwork\PPAP.exe" [2011-04-01 189880]
"EADM"="c:\program files (x86)\Electronic Arts\EADM\EADMUI.exe" [2011-02-03 11509760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-24 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-13 21504]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-17 222504]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
.
c:\users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Registration Assassin's Creed.LNK - c:\program files (x86)\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe [2011-5-1 967304]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-3-7 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-3-7 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 135664]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2011-03-07 332272]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 networx;networx;c:\windows\system32\drivers\networx.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-27 821664]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-04 1997416]
S2 sequansd;sequansd;c:\program files (x86)\vividwireless\sequansd.exe run 0 [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-23 483688]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HuaweiWiMAXUSB;HuaweiWiMAXUSB Device driver;c:\windows\system32\DRIVERS\HuaweiWiMAXUSB.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-23 209768]
.
.
‘计划任务' 文件夹 里的内容
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 07:29]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 07:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-03-07 07:30 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
2011-03-24 04:16 398000 ----a-w- c:\program files (x86)\DAP\DAPIELoader64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-03 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-03 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-03 417304]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-11-30 2186856]
"AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"NetWorx"="c:\program files\NetWorx\networx.exe" [2011-02-11 2771968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- 而外的扫描 -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Clean Traces - c:\program files (x86)\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files (x86)\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files (x86)\DAP\dapextie2.htm
IE: {{7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
Trusted Zone: pps.tv
Trusted Zone: ppstream.com
Trusted Zone: webscache.com
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~2\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~2\DAP\dapie.dll
FF - ProfilePath - c:\users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\lsfi76g6.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-SessionLogon - c:\expressgateutil\SessionLogon.exe
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
完成时间: 2011-05-16 21:16:32
ComboFix-quarantined-files.txt 2011-05-16 11:16
.
Pre-Run: 61,556,731,904 bytes free
Post-Run: 61,303,406,592 bytes free
.
- - End Of File - - 26301AE0AD86FABC782272A369AA9266

 

[seanroxas]

HI Abstract hero, i've done 3 of the scan. Please tell me there is no virus..

 

[mikesx4911]

How about the hard drive, possible need to defrag, or even hard drive is going out. I would suggest you use spybot search and destroy and malware bytes and do a scan.

 

[JoshuaJay]

Seanroxas,
JoshuaJay,
Visiting those sites isn't necessarily the risk. Your average website is just as safe as the next but its the link you click on and the files you download that are dangerous. IDC if your on youtube or porntube, you click the wrong link and sir, you have a virus.

I just want to clarify that as I regular on many torrent sites (not for illegal material I might add) and I have yet to get a virus because I play smart.

Using that logic, sites like Verizon or Time Warner or Charter Digital would also house virus links. Which is nonsense. It's about the site and legitimacy of the site that control what links are on it. Porn sites and pirate sites bring a much higher risk for virus as users often are allowed to upload content others can download.

Where as sites such as... Verizon Wireless, Time Warner Cable, Blizzard, name any other legit large company.. Will NEVER have links on it that will lead to a virus.

So yes, it all comes down to the sites your visiting, regardless of whether clicking a link is how you get a virus or not.