Jump to content

Recommended Posts

Hi,

My computer started having problems today afternoon when I began to receive errors for DNS settings. I fixed/attempted to fix them with some Chinese Antivirus that I have been using since 2 years ago. It is a very reputed program in China so my issue is not with my Antivirus program. I had been able to get online periodically every now and then but my connection died completely now.

I have not uploaded my dds file for fear that any thumbdrive that I inserted into the infected computer could be infected. Concurrently, my computer is in safe mode with networking and I am trying to scan the computer for malware with AVG, which is probably not going to work...

Please advice on what to do.

Thank you!

Link to post
Share on other sites

Hi,

I have read from other threads and replies that booting up in safe mode and pluggin in the flashdrive would not infect the thumbdrive.

Here are the logs.

Please advice.

Thank you!

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 11.0.9600.16518
Run by dou dou at 23:50:42 on 2014-02-21
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8172.6657 [GMT 8:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SafeMon Class: {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files (x86)\360\360safe\safemon\safemon.dll
BHO: 迅雷下载支持组件: {DE05CF4A-7B0A-4775-B5E5-396244938679} - C:\Program Files (x86)\Thunder Network\Thunder\Thunder BHO Platform\np_tdieplat.dll
uRun: [bitTorrent] "C:\Users\dou dou\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
mRun: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPO
mRun: [360Safetray] "C:\Program Files (x86)\360\360safe\safemon\360tray.exe" /start
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [systray] C:\Windows\syswow64\systray.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\DOUDOU~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\360~1.LNK -
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
IE: &使用&迅雷离线下载 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\OfflineDownload.htm
IE: &使用&迅雷下载 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\geturl.htm
IE: &使用&迅雷下载全部链接 - C:\Program Files (x86)\Thunder Network\Thunder\BHO\GetAllUrl.htm
IE: &??&???? - <no file>
IE: &??&???????? - <no file>
IE: &??&?????? - <no file>
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
LSP: C:\Program Files (x86)\Common Files\Thunder Network\NetMon\net_monitor2.0.2.9.dll

TCP: NameServer = 192.168.1.254
TCP: Interfaces\{053F7BFD-2D08-4426-8F68-504CBC8B65D3} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{053F7BFD-2D08-4426-8F68-504CBC8B65D3}\B6566796E6 : DHCPNameServer = 192.168.0.50
TCP: Interfaces\{E2AA0817-35B1-439E-A5EF-4F367BA8276E} : DHCPNameServer = 8.8.8.8 8.8.4.4
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - LocalServer32 - <no file>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: 迅雷下载支持: {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO647.9.18.4724.dll
x64-BHO: MediaLibrary Movie Show: {20E1725C-7237-41A9-954A-04DCCB1FD16C} - C:\Program Files (x86)\Baofeng\StormPlayer\MediaLibraryIcon64.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [beatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - LocalServer32 - <no file>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\dou dou\AppData\Roaming\Mozilla\Firefox\Profiles\h2de69z9.default\
FF - prefs.js: keyword.URL -
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\360\360safe\MobileMgr\np360MMPlugIn.dll
FF - plugin: C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Baofeng\StormPlayer\npBFWebBrowserPlugin.dll
FF - plugin: C:\Program Files (x86)\Baofeng\StormPlayer\webplayer\npWebStrom.dll
FF - plugin: C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll
FF - plugin: C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll
FF - plugin: C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\dou dou\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\dou dou\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\dou dou\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\dou dou\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\dou dou\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
FF - ExtSQL: 2013-12-31 16:49; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R0 Kemon;Kemon;C:\Windows\System32\drivers\Kemon.sys [2014-2-21 356272]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-11-7 283064]
R3 NWVoltron;NextWindow Voltron Touch Screen;C:\Windows\System32\drivers\NWVoltron.sys [2013-2-4 28920]
R3 tihub3;TI USB3 Hub Service;C:\Windows\System32\drivers\tihub3.sys [2011-11-18 136000]
R3 tixhci;TI XHCI Service;C:\Windows\System32\drivers\tixhci.sys [2011-11-18 409408]
S1 360AntiHacker;360Safe Anti Hacker Service;C:\Windows\System32\drivers\360AntiHacker64.sys [2013-7-9 96960]
S1 360Box64;360Box mini-filter driver;C:\Windows\System32\drivers\360Box64.sys [2013-7-9 305336]
S1 360Camera;360Safe Camera Filter Service;C:\Windows\System32\drivers\360Camera64.sys [2013-7-9 40120]
S1 360FsFlt;360FsFlt mini-filter driver;C:\Windows\System32\drivers\360fsflt.sys [2013-7-9 285880]
S1 360netmon;360netmon;C:\Windows\System32\drivers\360netmon.sys [2013-7-9 62144]
S1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
S1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
S1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-10-12 46792]
S1 TKFWFV;nProtect Firewall Core Driver ;C:\Windows\System32\tkfwfv64.sys [2013-10-29 34400]
S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-11-5 89600]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-1-20 402192]
S2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-1-20 115472]
S2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-1-3 1363616]
S2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-1-3 1748640]
S2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-17 16384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-11-18 2375168]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-2-8 1593632]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-2-8 16939296]
S2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-11-18 109360]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-18 2656280]
S3 AVerAVF2;AVerAVF2;C:\Windows\System32\drivers\AVerAVF2.sys [2011-11-18 1212416]
S3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-1-20 385808]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2011-11-18 349736]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-11-18 39464]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2014-1-26 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 hidkmdf;Microsoft HID Class Shim for KMDF;C:\Windows\System32\drivers\hidkmdf.sys [2011-11-18 16152]
S3 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-2-8 39200]
S3 NWWakeFilterV;NextWindow Remote Wake Blocker (V);C:\Windows\System32\drivers\NWWakeFilterV.sys [2011-11-18 16152]
S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2011-11-18 31152]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-9 19456]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-11-18 338536]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-18 565352]
S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
S3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
S3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\skype\Updater\Updater.exe [2013-10-23 172192]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2013-6-1 31232]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-9-18 42184]
S3 tapse01;SurfEasy TAP-Windows Adapter V9;C:\Windows\System32\drivers\tapse01.sys [2013-6-18 39608]
S3 TKCtrl;TKCtrl;C:\Windows\System32\TKCtrl2k64.sys [2013-10-29 117512]
S3 TKFsAvM;TKFsAvM;C:\Windows\System32\TKFsAv64.sys [2013-10-29 159984]
S3 TKFsFtM;TKFsFtM;C:\Windows\System32\TKFsFt64.sys [2013-10-29 23392]
S3 TKFWVT;TKFWVT;C:\Windows\System32\tkfwvt64.sys [2013-10-29 184072]
S3 TkIdsVt;TkIdsVt;C:\Windows\System32\tkidsvt64.sys [2013-10-29 99592]
S3 TKPcFt;TKPcFt;C:\Windows\System32\TKPcFtCb64.sys [2013-10-29 29424]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-9 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-7-9 30208]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-6-1 746392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-28 1255736]
S3 XLServicePlatform;XLServicePlatform;C:\Windows\System32\svchost -k XLServicePlatform --> C:\Windows\System32\svchost -k XLServicePlatform [?]
.
=============== Created Last 30 ================
.
2014-02-21 08:55:35 356272 ----a-w- C:\Windows\System32\drivers\Kemon.sys
2014-02-21 08:47:18 -------- d-----w- C:\Users\dou dou\AppData\Roaming\360SuperKiller
2014-02-17 13:42:23 -------- d-----w- C:\ProgramData\Electronic Arts
2014-02-16 04:25:57 0 ----a-w- C:\Windows\SysWow64\nssEB5C.tmp
2014-02-16 04:25:57 0 ----a-w- C:\Windows\System32\nsxEB7C.tmp
2014-02-16 04:22:34 -------- d-----w- C:\Users\dou dou\AppData\Local\BitTorrent
2014-02-15 12:24:41 -------- d-----w- C:\Users\dou dou\AppData\Roaming\Crysis 3
2014-02-15 12:16:52 -------- d-----w- C:\Program Files (x86)\R.G. Mechanics
2014-02-13 13:52:08 -------- d-----w- C:\Users\dou dou\AppData\Roaming\BitTorrent
2014-02-12 14:19:22 -------- d-----w- C:\Users\dou dou\AppData\Roaming\Dogecoin
2014-02-12 14:15:59 -------- d-----w- C:\Program Files (x86)\MultiBit-0.5.16
2014-02-12 12:24:03 -------- d-----w- C:\Users\dou dou\AppData\Roaming\steamvr
2014-02-12 10:15:57 -------- d-----w- C:\6d50f868cf3321931df9179fe871
2014-02-12 10:15:19 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-12 10:15:19 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-02-12 10:15:19 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-12 10:15:19 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-12 10:09:30 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-12 10:09:30 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-12 10:09:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-12 10:09:30 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-12 09:58:43 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-12 09:58:43 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-12 04:32:58 5917288 ----a-w- C:\Windows\System32\SogouPY.ime
2014-02-12 04:32:58 3470440 ----a-w- C:\Windows\SysWow64\SogouPY.ime
2014-02-09 11:23:48 -------- d-----w- C:\Users\dou dou\AppData\Roaming\poclbm
2014-02-09 10:56:11 -------- d-----w- C:\Users\dou dou\AppData\Roaming\WinAVI
2014-02-09 10:56:11 -------- d-----w- C:\Users\dou dou\AppData\Local\WinAVI
2014-02-09 10:55:33 -------- d-----w- C:\Program Files (x86)\WinAVI
2014-02-09 10:53:56 -------- d-----w- C:\AMD
2014-02-09 10:49:22 -------- d-----w- C:\Program Files (x86)\AMD APP
2014-02-09 10:49:12 -------- d-----w- C:\Program Files\ATI Technologies
2014-02-09 10:49:09 -------- d-----w- C:\Program Files\ATI
2014-02-09 09:17:08 -------- d-----w- C:\Users\dou dou\AppData\Roaming\Litecoin
2014-02-08 15:57:59 1179576 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-02-08 15:57:59 1048152 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-02-08 15:57:59 -------- d-----w- C:\Users\dou dou\AppData\Local\NVIDIA
2014-02-08 15:55:34 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-02-08 15:55:32 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-02-08 15:55:32 33056 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-02-08 15:49:46 -------- d-----w- C:\NVIDIA
2014-02-08 15:40:52 -------- d-----w- C:\Program Files (x86)\BlueStacks
2014-02-08 15:36:05 -------- d-----w- C:\ProgramData\BlueStacks
2014-02-08 15:32:34 -------- d-----w- C:\Program Files (x86)\Portal 1
2014-02-08 15:32:03 -------- d-----w- C:\Program Files (x86)\Portal 2
2014-02-01 08:10:27 -------- d-----w- C:\Users\dou dou\AppData\Roaming\Buxenger
2014-02-01 08:10:21 -------- d-----w- C:\Program Files (x86)\Buxenger
2014-01-29 11:38:43 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-27 12:49:35 -------- d-----w- C:\Users\dou dou\AppData\Roaming\3909 LLC
2014-01-26 04:17:19 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe 2
2014-01-26 04:13:04 -------- d-----w- C:\Windows\zh-cn
2014-01-26 04:12:25 -------- d-----w- C:\Windows\en
2014-01-26 04:10:39 57840 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2014-01-26 04:07:51 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 04:07:51 -------- d-----r- C:\Users\dou dou\SkyDrive
2014-01-26 04:07:42 -------- d-----w- C:\ProgramData\Microsoft SkyDrive
2014-01-26 03:43:08 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 03:29:49 -------- d-----w- C:\Windows\SysWow64\Storm
2014-01-26 03:19:49 0 ----a-w- C:\Windows\SysWow64\nsoCC38.tmp
2014-01-26 03:19:49 0 ----a-w- C:\Windows\System32\nseCC49.tmp
2014-01-26 03:18:16 -------- d-----w- C:\ksDownloads
2014-01-26 03:13:09 41696 ----a-w- C:\Windows\System32\drivers\kwifinat64.sys
2014-01-26 03:13:09 31896 ----a-w- C:\Windows\System32\drivers\kwifinat.sys
2014-01-26 02:55:02 32104 ----a-w- C:\Windows\System32\drivers\bootsafe64.sys
2014-01-26 02:55:02 24424 ----a-w- C:\Windows\System32\drivers\bootsafe.sys
2014-01-26 02:37:27 -------- d-----w- C:\Users\dou dou\AppData\Local\KSafe
2014-01-26 02:37:13 -------- d-sh--w- C:\KRSHistory
2014-01-25 12:45:12 -------- d-----w- C:\ProgramData\Tencent
2014-01-25 12:15:27 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe
2014-01-25 11:58:52 114488 ----a-w- C:\Windows\System32\drivers\kisnetmxp.sys
2014-01-25 11:58:52 112952 ----a-w- C:\Windows\System32\drivers\kisnetm.sys
2014-01-25 11:58:52 106808 ----a-w- C:\Windows\System32\drivers\kisnetm64.sys
2014-01-25 09:51:59 -------- d-----w- C:\Users\dou dou\AppData\Local\Geckofx
.
==================== Find3M  ====================
.
2014-02-21 11:41:26 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 11:41:26 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-09 14:04:20 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-01-26 04:21:30 159032 ----a-w- C:\Windows\System32\atl90.dll
2014-01-26 04:21:29 655872 ----a-w- C:\Windows\System32\msvcr90.dll
2014-01-26 04:21:29 568832 ----a-w- C:\Windows\System32\msvcp90.dll
2014-01-10 14:28:14 290776 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-01-10 14:28:14 290776 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-01-10 14:23:12 281288 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-01-10 10:48:50 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-01-09 18:10:54 827728 ----a-w- C:\Windows\msvcr100.dll
2014-01-09 18:10:54 607568 ----a-w- C:\Windows\msvcp100.dll
2014-01-04 06:33:48 3130440 ----a-w- C:\Windows\SysWow64\pbsvc_blr.exe
2013-12-31 12:18:50 80328 ----a-w- C:\Windows\xinstaller.dll
2013-12-31 12:18:48 35272 ----a-w- C:\Windows\xinstaller.exe
2013-12-31 08:22:06 0 ----a-w- C:\Windows\SysWow64\nsq84EC.tmp
2013-12-31 08:22:06 0 ----a-w- C:\Windows\System32\nsf84FC.tmp
2013-12-20 04:25:00 40664 ----a-w- C:\Windows\System32\drivers\tap0901.sys
2013-12-17 03:54:48 285880 ----a-w- C:\Windows\System32\drivers\360fsflt.sys
2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll
2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
2013-12-02 11:58:18 179896 ----a-w- C:\Windows\System32\drivers\BAPIDRV64.SYS
2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-26 11:40:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
.
============= FINISH: 23:51:38.34 ===============
 

Link to post
Share on other sites

 .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2012/3/25 14:54:43
System Uptime: 2014/2/21 23:48:45 (0 hours ago)
.
Motherboard: PEGATRON CORPORATION |  | 2AC3
Processor: Intel® Core i7-2600S CPU @ 2.80GHz | CPU 1 | 2793/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 912 GiB total, 529.895 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 1.262 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: Consumer IR Devices
Device ID: ROOT\SYSTEM\0001
Manufacturer: Microsoft
Name: Consumer IR Devices
PNP Device ID: ROOT\SYSTEM\0001
Service: circlass
.
==== System Restore Points ===================
.
RP403: 2014/2/21 21:08:55 - Installed DirectX
.
==== Installed Programs ======================
.
"BioShock Infinite"
???
???? 5.0?????
?????
??????
??????? 7.1???
????5
初三化学上(A)
迅雷7
玃rison Architect?- Alpha 12
360?????6
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06) - Chinese Simplified
AMD APP CPU SDK Runtime
AMD APP SDK Developer
AMD APP SDK Samples
AMD Catalyst Install Manager
APB Reloaded
Apple ??????
Apple Mobile Device Support
Apple Software Update
AVerMedia MiniCard Hybrid TV Tuner 1.1.64.56
AVG 2014
Battlefield Play4Free
BitTorrent
Blacklight Retribution
Blacklight: Retribution
BlueStacks App Player
BlueStacks Notification Center
Bluetooth by hp
Bonjour
Borderlands 2
Buxenger
Crysis 3
Crysis?
D3DX10
DAEMON Tools Lite
Deep Fritz 12 DL
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectX for Managed Code Update (Summer 2004)
Don't Starve
Dota 2
DVD Menu Pack for HP TouchSmart Video
eReg
Fraps
Fritz 12
Garena - BlackShot
Garena - FIFA ONLINE 3(English)
GeForce Experience NvStream Client Components
Google Chrome
Google Talk Plugin
Google Update Helper
HP Auto
HP Calendar
HP Client Services
HP Clock
HP Customer Experience Enhancements
HP Deskjet 1050 J410 series Basic Device Software
HP Deskjet 1050 J410 series Help
HP Deskjet 1050 J410 series Product Improvement Study
HP LinkUp
HP Magic Canvas
HP Music
HP My Display TouchSmart Edition
HP Notes
HP Odometer
HP Photo
HP Remote Solution
HP RSS
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP Touch Browser
HP TouchSmart Twitter
HP Update
HP Vision Hardware Diagnostics
IDT Audio
iFunbox (v2.7.2386.747), iFunbox DevTeam
Intel® Identity Protection Technology 1.1.2.0
Intel® Management Engine Components
iTunes
Java 7 Update 25 (64-bit)
JavaFX 2.1.1
Junk Mail filter update
KeePass Password Safe 1.26
KeePass Password Safe 2.25
Logitech SetPoint 6.61
Macromedia Extension Manager
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Mathematics
Microsoft Office ???? 2013 - ????
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft XNA Framework Redistributable 3.0
Microsoft XNA Framework Redistributable 4.0
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Monitor Off Utility 1.0
Movie Maker
Movie Theme Pack for HP TouchSmart Video
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MultiBit 0.5.16
Need for Speed?Most Wanted
Neverwinter
Notepad++
nProtect Security Platform
NVIDIA Control Panel 296.19
NVIDIA GeForce Experience 1.8.2
NVIDIA Graphics Driver 296.19
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA Update 11.10.11
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.20
opensource
Photo Common
Photo Gallery
PlayReady PC Runtime amd64
Portal 1 version 1.0
Portal 2 version 2.0
PunkBuster Services
Python 2.7.5
QQ International
Realtek PCIE Card Reader
Recovery Manager
SDK
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2894842)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2894842)
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SHIELD Streaming
Skype Click to Call
Skype 6.11
Soldier Front 2
Star Conflict
Steam
Team Fortress 2
TSHostedAppLauncher
Tunngle beta
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
Video
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Warframe
Windows Live ???
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 5.01 (64-?)
Zinio Reader 4
.
==== Event Viewer Messages From Past Week ========
.
360netmon AFD Avgdiska AVGIDSDriver Avgldx64 Avgtdia DfsC discache HssDRV6 NetBIOS NetBT nsiproxy Psched rdbss spldr tdx TKFWFV vwififlt Wanarpv6 WfpLwf ws2ifsl
360Camera
2014/2/21 23:49:41, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
2014/2/21 23:49:28, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2014/2/21 23:49:28, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2014/2/21 23:49:26, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2014/2/21 23:49:26, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
2014/2/21 23:49:24, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2014/2/21 23:49:16, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2014/2/21 23:49:07, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The dependency service or group failed to start.
2014/2/21 23:49:07, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.
2014/2/21 22:07:36, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for Start with the following error:  Access is denied.
2014/2/21 21:46:36, Error: Service Control Manager [7023]  - The Function Discovery Resource Publication service terminated with the following error:  %%-2147024882
2014/2/21 21:46:36, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:  %%-2147024882
2014/2/21 21:44:28, Error: Service Control Manager [7034]  - The Network Connections service terminated unexpectedly.  It has done this 4 time(s).
2014/2/21 21:44:28, Error: Service Control Manager [7031]  - The WLAN AutoConfig service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/21 21:44:28, Error: Service Control Manager [7031]  - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/21 21:44:28, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/21 21:44:28, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/21 21:44:10, Error: Service Control Manager [7034]  - The Office Software Protection Platform service terminated unexpectedly.  It has done this 1 time(s).
2014/2/21 21:42:30, Error: Microsoft-Windows-Application-Experience [205]  - The Program Compatibility Assistant service failed to perform the phase two initialization.
2014/2/21 21:11:52, Error: Service Control Manager [7023]  - The Function Discovery Resource Publication service terminated with the following error:  %%-2147024891
2014/2/21 21:11:52, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:  %%-2147024891
2014/2/21 21:09:45, Error: Service Control Manager [7034]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 3 time(s).
2014/2/21 21:09:45, Error: Service Control Manager [7034]  - The Network Connections service terminated unexpectedly.  It has done this 3 time(s).
2014/2/21 17:36:13, Error: Service Control Manager [7031]  - The WLAN AutoConfig service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
2014/2/21 17:36:13, Error: Service Control Manager [7031]  - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
2014/2/21 17:36:13, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/21 17:36:13, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
2014/2/21 17:36:13, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
2014/2/21 17:36:13, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
2014/2/21 17:34:03, Error: Service Control Manager [7023]  - The Superfetch service terminated with the following error:  Access is denied.
2014/2/21 17:33:02, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2014/2/21 17:33:02, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2014/2/21 17:33:02, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
2014/2/21 17:13:55, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for Type with the following error:  Access is denied.
2014/2/21 17:13:55, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for Description with the following error:  Access is denied.
2014/2/21 17:13:44, Error: Service Control Manager [7034]  - The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).
2014/2/21 16:42:15, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  kisnetm TKFWFV
2014/2/21 16:42:06, Error: Service Control Manager [7023]  - The BlueStacks Android Service service terminated with the following error:  An exception occurred in the service when handling the control request.
2014/2/21 16:36:48, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
2014/2/20 21:18:53, Error: Service Control Manager [7034]  - The Office Software Protection Platform service terminated unexpectedly.  It has done this 2 time(s).
2014/2/20 17:55:29, Error: bowser [8003]  - The master browser has received a server announcement from the computer BRENDAN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{50B1F3EB-43A2-4615-B093-F052870CBD95}. The master browser is stopping or an election is being forced.
2014/2/20 17:55:27, Error: NetBT [4319]  - A duplicate name has been detected on the TCP network.  The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
2014/2/20 17:51:06, Error: Service Control Manager [7034]  - The PnkBstrA service terminated unexpectedly.  It has done this 1 time(s).
2014/2/20 17:37:34, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
2014/2/20 17:37:34, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2014/2/19 22:04:40, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
2014/2/16 17:47:09, Error: Server [2505]  - The server could not bind to the transport \Device\NetBT_Tcpip_{053F7BFD-2D08-4426-8F68-504CBC8B65D3} because another computer on the network has the same name.  The server could not start.
2014/2/16 11:39:40, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  TKFWFV
2014/2/16 11:38:46, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000001, 0xfffff80002efbc6b). A dump was saved in: C:\Windows\Minidump\021614-45645-01.dmp. Report Id: 021614-45645-01.
2014/2/16 10:30:26, Error: Service Control Manager [7030]  - The Kingsoft Core Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
2014/2/15 16:37:42, Error: bowser [8003]  - The master browser has received a server announcement from the computer CKL-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{50B1F3EB-43A2-4615-B093-F052870CBD95}. The master browser is stopping or an election is being forced.
2014/2/15 08:39:23, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
2014/2/15 08:39:23, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error:  An instance of the service is already running.
2014/2/15 08:39:23, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Remote Access Connection Manager service, but this action failed with the following error:  An instance of the service is already running.
2014/2/15 08:39:23, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:  An instance of the service is already running.
2014/2/15 08:38:23, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Shell Hardware Detection service, but this action failed with the following error:  An instance of the service is already running.
2014/2/15 08:38:23, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:  An instance of the service is already running.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The Remote Access Connection Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The Remote Access Auto Connection Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
2014/2/15 08:37:23, Error: Service Control Manager [7031]  - The Extensible Authentication Protocol service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
.
==== End Of File ===========================
 

Link to post
Share on other sites

FRST logs

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2014
Ran by dou dou (administrator) on DOUDOU-HP on 22-02-2014 15:27:53
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
 
The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Malwarebytes Corp.) G:\mbar-1.07.0.1009.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Malwarebytes Corporation) C:\Users\dou dou\Desktop\MBAM Rootkit Remove\mbar\mbar.exe
(Malwarebytes Corporation) C:\Users\dou dou\Desktop\MBAM Rootkit Remove\mbar\mbar.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [beatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-11-05] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-21] (Hewlett-Packard)
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2012-11-05] (IDT, Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-08-01] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [DT HPO] - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121648 2011-09-16] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [360Safetray] - C:\Program Files (x86)\360\360safe\safemon\360tray.exe [894896 2014-01-16] (360.cn)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] - C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [systray] - C:\Windows\syswow64\systray.exe [8192 2009-07-14] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1113064780-694992294-3566763946-1000\...\Run: [bitTorrent] - C:\Users\dou dou\AppData\Roaming\BitTorrent\BitTorrent.exe [1516120 2014-02-13] (BitTorrent Inc.)
HKU\S-1-5-21-1113064780-694992294-3566763946-1000\...\RunOnce: [Report] - C:\AdwCleaner\AdwCleaner[s0].txt [3300 2014-02-22] ()
HKU\S-1-5-21-1113064780-694992294-3566763946-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1113064780-694992294-3566763946-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1113064780-694992294-3566763946-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
Startup: C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\360急救箱回访.lnk
ShortcutTarget: 360急救箱回访.lnk -> C:\Program Files (x86)\360\360safe\firstaid\Fix\FirstAidBox.exe (360.cn)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3F6C63D0E77BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-CN
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {3F9A707D-2C36-4344-8621-B8E4ADC95C18} URL = http://www.so.com/s?q={searchTerms}&ie=utf-8&src=wd_xp
BHO: ѸÀ×ÏÂÔØÖ§³Ö - {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO647.9.18.4724.dll (深圳市迅雷网络技术有限公司)
BHO: MediaLibrary Movie Show - {20E1725C-7237-41A9-954A-04DCCB1FD16C} - C:\Program Files (x86)\Baofeng\StormPlayer\MediaLibraryIcon64.dll (北京暴风科技股份有限公司)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files (x86)\360\360safe\safemon\safemon.dll (360.cn)
BHO-x32: ѸÀ×ÏÂÔØÖ§³Ö×é¼þ - {DE05CF4A-7B0A-4775-B5E5-396244938679} - C:\Program Files (x86)\Thunder Network\Thunder\Thunder BHO Platform\np_tdieplat.dll (深圳市迅雷网络技术有限公司)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -  No File
Winsock: Catalog9 01 C:\Program Files (x86)\Common Files\Thunder Network\NetMon\net_monitor2.0.2.9.dll [100808] (Thunder Networking Technologies,LTD)
Winsock: Catalog9 02 C:\Program Files (x86)\Common Files\Thunder Network\NetMon\net_monitor2.0.2.9.dll [100808] (Thunder Networking Technologies,LTD)
Winsock: Catalog9 03 C:\Program Files (x86)\Common Files\Thunder Network\NetMon\net_monitor2.0.2.9.dll [100808] (Thunder Networking Technologies,LTD)
Winsock: Catalog9 17 C:\Program Files (x86)\Common Files\Thunder Network\NetMon\net_monitor2.0.2.9.dll [100808] (Thunder Networking Technologies,LTD)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\dou dou\AppData\Roaming\Mozilla\Firefox\Profiles\h2de69z9.default
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - c:\Program Files (x86)\Virtual Earth 3D\ No File
FF Plugin-x32: @360.cn/npaxlogin - C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll (360.cn)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @baofeng.com/npBFWebBrowserPlugin - C:\Program Files (x86)\Baofeng\StormPlayer\npBFWebBrowserPlugin.dll (Beijing Baofeng Inc.)
FF Plugin-x32: @baofeng.com/npWebStorm - C:\Program Files (x86)\Baofeng\StormPlayer\webplayer\npWebStrom.dll (Beijing Baofeng Inc.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @qq.com/npchrome - C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll No File
FF Plugin-x32: @qq.com/npqscall - C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll No File
FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @xunlei.com/npxluser - C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll No File
FF Plugin-x32: @xunlei.com/npxunlei;version=1.0.0.2 - C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @360.cn/360MMPlugin - C:\Program Files (x86)\360\360safe\MobileMgr\np360MMPlugIn.dll (360.cn)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\dou dou\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\dou dou\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\dou dou\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\dou dou\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\dou dou\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\dou dou\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @xunlei.com/npxluser - C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll No File
FF Plugin HKCU: @xunlei.com/npxunlei;version=1.0.0.2 - C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\dou dou\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\dou dou\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\dou dou\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Thunder Extension - C:\Users\dou dou\AppData\Roaming\Mozilla\Firefox\Profiles\h2de69z9.default\Extensions\{1B33E42F-EF14-4cd3-B6DC-174571C4349C} [2013-11-07]
FF Extension: 金山毒霸上网保护 - C:\Users\dou dou\AppData\Roaming\Mozilla\Firefox\Profiles\h2de69z9.default\Extensions\{3ec6f6a6-94e7-41d5-8c36-cec334456e1e}.xpi [2014-01-29]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com [2014-02-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-02-17]
FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-14]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-19]
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.com.sg
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Battlefield Play4Free Updater) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\npBP4FUpdater.dll (EA Digital Illusions CE AB)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (360MMPlugin) - C:\Program Files (x86)\360\360safe\MobileMgr\np360MMPlugIn.dll (360.cn)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Baofeng StormPlayer 5) - C:\Program Files (x86)\Baofeng\StormPlayer\webplayer\npWebStrom.dll (Beijing Baofeng Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Garena Talk Plugin) - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (XunLei Plugin) - C:\Program Files (x86)\Thunder Network\Thunder\Data\npxunlei1.0.0.2.dll ( )
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (APlayer ActiveX hosting plugin) - C:\Users\Public\Thunder Network\APlayer\codecs\npaplayer.dll No File
CHR Plugin: (Unity Player) - C:\Users\dou dou\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\dou dou\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\dou dou\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\dou dou\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\dou dou\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (npsosalbum Module) - D:\360\360jishi\np360album.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Beautiful landscape) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2013-11-04]
CHR Extension: (Google Drive) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-29]
CHR Extension: (Adblock Plus) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-24]
CHR Extension: (Adblock for Youtube™) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-10-24]
CHR Extension: (MouseHunt AutoBot) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgifpdckjdccaagjmjnbggkicanonngc [2013-10-25]
CHR Extension: (AdBlock) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-26]
CHR Extension: (Buxenger) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjhnhagchgnpplknnnamokceodlnoeg [2014-02-01]
CHR Extension: (Google Wallet) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-24]
CHR Extension: (Battlefield Play4Free) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-01-16]
CHR Extension: (Gmail) - C:\Users\dou dou\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-22]
CHR HKLM-x32\...\Chrome\Extension: [efbncjlebdihjkdedfcajhfepaapbioa] - c:\program files (x86)\kingsoft\kingsoft antivirus\npkws.crx [2012-09-22]
CHR HKLM-x32\...\Chrome\Extension: [hmbifdmobcbjlhplmlnbjbofnnoolink] - C:\Program Files (x86)\Thunder Network\Thunder\BHO\xl_plugin_chrome.crx [2014-01-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]
CHR HKLM-x32\...\Chrome\Extension: [pppagaglfkmlpgobnlenhknilehpmcbo] - D:\360\360Safe\safemon\360webshield.crx [2013-07-26]
 
==================== Services (Whitelisted) =================
 
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
S2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [133936 2011-09-16] (Portrait Displays, Inc.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH)
S3 XLServicePlatform; C:\Program Files (x86)\Common Files\Thunder Network\ServicePlatform\XLSP.dll [174024 2014-01-26] (ShenZhen Xunlei Networking Technologies,LTD)
S2 ZhuDongFangYu; C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe [224192 2013-09-23] (360.cn)
 
==================== Drivers (Whitelisted) ====================
 
S1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [96960 2013-10-25] (360.cn)
S1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305336 2013-10-14] (360.cn)
S1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40120 2013-07-11] (360.cn)
S1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [285880 2013-12-17] (360.cn)
S2 360LanProtect; C:\Windows\System32\DRIVERS\360LanProtect.sys [39112 2013-07-12] (360.cn)
S1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [62144 2013-05-23] (360.cn)
S3 AVerAVF2; C:\Windows\System32\DRIVERS\AVerAVF2.sys [1212416 2010-11-11] (AVerMedia TECHNOLOGIES, Inc.)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-07] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-09-18] (AnchorFree Inc.)
R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-02-22] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119000 2014-02-22] (Malwarebytes Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-28] (NVIDIA Corporation)
R3 NWVoltron; C:\Windows\System32\DRIVERS\NWVoltron.sys [28920 2013-02-04] ()
S3 NWWakeFilterV; C:\Windows\system32\drivers\NWWakeFilterV.sys [16152 2011-06-24] (n/a)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-11-18] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-18] (Anchorfree Inc.)
S3 tapse01; C:\Windows\System32\DRIVERS\tapse01.sys [39608 2013-06-18] (The OpenVPN Project)
S3 TKCtrl; C:\Windows\system32\TKCtrl2k64.sys [117512 2013-10-10] (INCA Internet Co., Ltd.)
S3 TKFsAvM; C:\Windows\system32\TKFsAv64.sys [159984 2013-10-10] (INCA Internet Co., Ltd.)
S3 TKFsFtM; C:\Windows\system32\TKFsFt64.sys [23392 2013-06-05] (INCA Internet Co., Ltd.)
S1 TKFWFV; C:\Windows\System32\TKFWFV64.sys [34400 2013-10-15] (INCA Internet Co., Ltd.)
S3 TKFWVT; C:\Windows\system32\TKFWVT64.sys [184072 2013-09-13] (INCA Internet Co.,Ltd.)
S3 TkIdsVt; C:\Windows\system32\TkIdsVt64.sys [99592 2013-10-14] (INCA Internet Co.,Ltd.)
S3 TKPcFt; C:\Windows\system32\TKPcFtCb64.sys [29424 2013-10-15] (INCA Internet Co., Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R5 Tfmon; C:\Windows\System32\Drivers\Tfmon.sys [356272 2013-11-04] (360.cn)
U2 TMAgent; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-22 15:14 - 2014-02-22 15:17 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-22 15:14 - 2014-02-22 15:14 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-22 15:13 - 2014-02-22 15:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-22 15:13 - 2014-02-22 15:13 - 00000000 ____D () C:\Users\dou dou\Desktop\MBAM Rootkit Remove
2014-02-22 13:11 - 2014-02-22 13:12 - 00000000 ____D () C:\AdwCleaner
2014-02-22 09:25 - 2014-02-22 09:25 - 00040763 _____ () C:\ComboFix.txt
2014-02-22 09:11 - 2011-06-26 14:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-22 09:11 - 2010-11-08 01:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-22 09:11 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-22 09:11 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-22 09:11 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-22 09:11 - 2000-08-31 08:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-22 09:11 - 2000-08-31 08:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-22 09:11 - 2000-08-31 08:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-22 09:08 - 2014-02-22 09:25 - 00000000 ____D () C:\Qoobox
2014-02-22 09:05 - 2014-02-22 09:05 - 00002908 _____ () C:\Users\dou dou\Desktop\RKreport[0]_S_02222014_090540.txt
2014-02-22 09:02 - 2014-02-22 09:08 - 00000000 ____D () C:\Users\dou dou\Desktop\RK_Quarantine
2014-02-22 08:58 - 2014-02-22 09:01 - 00003036 _____ () C:\Users\dou dou\Desktop\Rkill.txt
2014-02-22 08:56 - 2014-02-22 08:56 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-22 08:56 - 2014-02-22 08:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 08:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-22 08:31 - 2014-02-22 08:32 - 00000000 ____D () C:\Users\dou dou\AppData\Local\Warframe
2014-02-21 23:51 - 2014-02-21 23:51 - 00031196 _____ () C:\Users\dou dou\Desktop\attach.txt
2014-02-21 23:51 - 2014-02-21 23:51 - 00029113 _____ () C:\Users\dou dou\Desktop\dds.txt
2014-02-21 23:50 - 2014-02-21 22:43 - 00688992 ____R (Swearware) C:\Users\dou dou\Desktop\dds.com
2014-02-21 22:36 - 2014-02-21 23:25 - 00134183 _____ () C:\Users\dou dou\Desktop\avgrep.txt
2014-02-21 17:43 - 2014-02-21 17:43 - 00000000 _____ () C:\dfu.log
2014-02-21 16:55 - 2013-11-04 16:44 - 00356272 _____ (360.cn) C:\Windows\system32\Drivers\Tfmon.sys
2014-02-21 16:47 - 2014-02-22 15:39 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\360SuperKiller
2014-02-20 20:58 - 2014-02-22 15:39 - 00000000 ____D () C:\Users\dou dou\Desktop\cracks
2014-02-20 20:58 - 2014-02-20 20:58 - 00486499 _____ () C:\Users\dou dou\Downloads\Auto-Proxy Locator v2.0.zip
2014-02-20 20:43 - 2014-02-20 20:43 - 00000000 ____D () C:\Users\dou dou\Downloads\Combo To Email
2014-02-20 20:42 - 2014-02-20 20:42 - 00219216 _____ () C:\Users\dou dou\Downloads\Combo To Email.rar
2014-02-17 22:10 - 2014-02-22 15:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 21:42 - 2014-02-17 21:42 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-02-17 20:42 - 2014-02-17 20:42 - 00001999 _____ () C:\Users\dou dou\Desktop\360安全浏览器6.lnk
2014-02-17 20:42 - 2014-02-17 20:42 - 00001967 _____ () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\360安全浏览器6.lnk
2014-02-17 20:42 - 2014-02-17 20:42 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360安全中心
2014-02-16 20:40 - 2014-02-16 20:40 - 00000000 ____D () C:\Users\dou dou\Documents\NFS Most Wanted
2014-02-16 12:25 - 2014-02-16 12:25 - 00000000 _____ () C:\Windows\SysWOW64\nssEB5C.tmp
2014-02-16 12:25 - 2014-02-16 12:25 - 00000000 _____ () C:\Windows\system32\nsxEB7C.tmp
2014-02-16 12:22 - 2014-02-16 12:22 - 00000000 ____D () C:\Users\dou dou\AppData\Local\BitTorrent
2014-02-15 20:24 - 2014-02-15 20:24 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Crysis 3
2014-02-15 20:16 - 2014-02-22 15:38 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics
2014-02-13 21:52 - 2014-02-22 15:39 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\BitTorrent
2014-02-13 21:52 - 2014-02-13 21:52 - 00000837 _____ () C:\Users\dou dou\Desktop\BitTorrent.lnk
2014-02-12 22:19 - 2014-02-12 23:07 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Dogecoin
2014-02-12 22:15 - 2014-02-12 22:16 - 00000000 ____D () C:\Program Files (x86)\MultiBit-0.5.16
2014-02-12 20:24 - 2014-02-12 20:24 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\steamvr
2014-02-12 18:15 - 2014-02-12 18:18 - 00000000 ____D () C:\6d50f868cf3321931df9179fe871
2014-02-12 18:15 - 2013-12-06 10:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 18:15 - 2013-12-06 10:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 18:15 - 2013-12-06 10:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 18:15 - 2013-12-06 10:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 18:09 - 2013-12-25 07:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 18:09 - 2013-12-25 06:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 18:09 - 2013-11-26 16:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 18:09 - 2013-11-23 06:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 18:00 - 2014-02-06 20:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 18:00 - 2014-02-06 19:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 18:00 - 2014-02-06 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 18:00 - 2014-02-06 19:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 18:00 - 2014-02-06 19:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 18:00 - 2014-02-06 19:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 18:00 - 2014-02-06 18:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 18:00 - 2014-02-06 18:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 18:00 - 2014-02-06 18:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 18:00 - 2014-02-06 18:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 18:00 - 2014-02-06 18:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 18:00 - 2014-02-06 18:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 18:00 - 2014-02-06 18:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 18:00 - 2014-02-06 18:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 18:00 - 2014-02-06 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 18:00 - 2014-02-06 18:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 18:00 - 2014-02-06 18:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 18:00 - 2014-02-06 18:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 18:00 - 2014-02-06 18:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 18:00 - 2014-02-06 17:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 18:00 - 2014-02-06 17:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 18:00 - 2014-02-06 17:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 18:00 - 2014-02-06 17:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 18:00 - 2014-02-06 17:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 18:00 - 2014-02-06 17:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 18:00 - 2014-02-06 17:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 18:00 - 2014-02-06 17:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 18:00 - 2014-02-06 17:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 18:00 - 2014-02-06 17:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 18:00 - 2014-02-06 17:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 18:00 - 2014-02-06 17:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 18:00 - 2014-02-06 17:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 18:00 - 2014-02-06 17:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 18:00 - 2014-02-06 17:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 18:00 - 2014-02-06 16:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 18:00 - 2014-02-06 16:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 18:00 - 2014-02-06 16:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 18:00 - 2014-02-06 16:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 18:00 - 2014-02-06 16:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 17:58 - 2013-12-21 17:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 17:58 - 2013-12-21 16:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 17:53 - 2014-01-01 07:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 17:53 - 2014-01-01 07:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 17:52 - 2013-12-04 10:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 17:52 - 2013-12-04 10:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 17:52 - 2013-12-04 10:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 17:52 - 2013-12-04 10:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 17:52 - 2013-12-04 10:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 17:52 - 2013-12-04 10:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 17:52 - 2013-12-04 10:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 17:52 - 2013-12-04 10:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 17:52 - 2013-12-04 10:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 17:52 - 2013-12-04 10:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 17:52 - 2013-12-04 10:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 17:52 - 2013-12-04 10:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 17:52 - 2013-12-04 10:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 17:52 - 2013-12-04 10:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 17:52 - 2013-12-04 09:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 17:52 - 2013-12-04 09:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 17:52 - 2013-12-04 09:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 17:52 - 2013-12-04 09:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 12:32 - 2014-02-12 12:32 - 05917288 _____ (Sogou.com Inc.) C:\Windows\system32\SogouPY.ime
2014-02-12 12:32 - 2014-02-12 12:32 - 03470440 _____ (Sogou.com Inc.) C:\Windows\SysWOW64\SogouPY.ime
2014-02-09 22:04 - 2014-02-09 22:09 - 00000340 _____ () C:\Windows\LkmdfCoInst.log
2014-02-09 18:57 - 2014-02-09 18:57 - 00003148 _____ () C:\Windows\System32\Tasks\{B91C44AB-99D1-4BE7-8AA4-3AAF2B58F775}
2014-02-09 18:56 - 2014-02-09 18:56 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\WinAVI
2014-02-09 18:56 - 2014-02-09 18:56 - 00000000 ____D () C:\Users\dou dou\AppData\Local\WinAVI
2014-02-09 18:55 - 2014-02-09 20:07 - 00000000 ____D () C:\Program Files (x86)\WinAVI
2014-02-09 18:53 - 2014-02-09 18:53 - 00000000 ____D () C:\AMD
2014-02-09 18:49 - 2014-02-09 18:49 - 00000000 ____D () C:\Users\dou dou\Documents\AMD APP
2014-02-09 18:49 - 2014-02-09 18:49 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-02-09 18:49 - 2014-02-09 18:49 - 00000000 ____D () C:\Program Files\ATI
2014-02-09 18:49 - 2014-02-09 18:49 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-02-09 17:17 - 2014-02-09 19:53 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Litecoin
2014-02-08 23:57 - 2014-02-08 23:57 - 00000000 ____D () C:\Users\dou dou\AppData\Local\NVIDIA
2014-02-08 23:57 - 2014-01-21 10:54 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-08 23:57 - 2014-01-21 10:54 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-08 23:55 - 2013-12-28 02:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-08 23:55 - 2013-12-28 02:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-08 23:55 - 2013-12-28 02:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-08 23:49 - 2014-02-08 23:49 - 00000000 ____D () C:\NVIDIA
2014-02-08 23:42 - 2014-02-08 23:42 - 00001809 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-02-08 23:40 - 2014-02-08 23:40 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-08 23:36 - 2014-02-08 23:41 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-08 23:32 - 2014-02-09 15:35 - 00000000 ____D () C:\Program Files (x86)\Portal 2
2014-02-08 23:32 - 2014-02-08 23:41 - 00000000 ____D () C:\Program Files (x86)\Portal 1
2014-02-06 22:04 - 2014-02-06 22:04 - 00000000 ____D () C:\Users\dou dou\Desktop\remote
2014-02-05 17:33 - 2014-02-06 22:41 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-01 16:10 - 2014-02-11 19:24 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Buxenger
2014-02-01 16:10 - 2014-02-01 16:10 - 00001903 _____ () C:\Users\Public\Desktop\Buxenger.lnk
2014-02-01 16:10 - 2014-02-01 16:10 - 00000000 ____D () C:\Program Files (x86)\Buxenger
2014-01-29 19:38 - 2014-02-19 17:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-29 19:38 - 2014-01-29 19:38 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-28 22:42 - 2014-02-20 23:21 - 00000512 _____ () C:\Windows\system32\ksclras.lck
2014-01-28 22:42 - 2014-02-20 23:21 - 00000512 _____ () C:\Windows\system32\kbootlck.lck
2014-01-28 22:42 - 2014-02-20 23:21 - 00000512 _____ () C:\Windows\system32\kbootck.lck
2014-01-28 22:42 - 2014-01-28 22:42 - 00000000 _____ () C:\Windows\system32\bootsafe.lck
2014-01-28 19:04 - 2014-01-28 19:04 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-28 19:03 - 2014-01-28 19:04 - 00000000 ____D () C:\Users\dou dou\Desktop\Terraria
2014-01-28 19:03 - 2014-01-28 19:03 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-27 20:49 - 2014-01-27 20:49 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\3909 LLC
2014-01-27 20:43 - 2014-01-27 20:44 - 12863847 _____ () C:\Users\dou dou\Desktop\PapersPlease-0-5-13-Win.zip
2014-01-26 14:24 - 2014-02-22 10:19 - 00306678 _____ () C:\Windows\PFRO.log
2014-01-26 14:24 - 2014-02-21 23:45 - 00004707 _____ () C:\Windows\setupact.log
2014-01-26 14:24 - 2014-01-26 14:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-26 13:05 - 2014-01-26 13:05 - 00000020 _____ () C:\Windows\SysWOW64\pub_store.dat
2014-01-26 12:17 - 2014-02-16 12:23 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-01-26 12:12 - 2014-01-26 12:12 - 00000000 ____D () C:\Windows\en
2014-01-26 12:10 - 2014-01-26 12:10 - 00000000 ____D () C:\Program Files\Windows Live
2014-01-26 12:10 - 2013-02-05 22:06 - 00057840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2014-01-26 12:08 - 2014-02-16 17:29 - 00045619 _____ () C:\Windows\DirectX.log
2014-01-26 12:07 - 2014-01-29 22:02 - 00000000 ___RD () C:\Users\dou dou\SkyDrive
2014-01-26 12:07 - 2014-01-28 19:02 - 00002126 _____ () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 12:07 - 2014-01-26 12:07 - 00002102 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 12:07 - 2014-01-26 12:07 - 00002102 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 12:07 - 2014-01-26 12:07 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-01-26 12:07 - 2014-01-26 12:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 11:43 - 2014-01-26 11:43 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 11:29 - 2014-01-26 11:29 - 00001179 _____ () C:\Users\Public\Desktop\暴风影音5.lnk
2014-01-26 11:29 - 2014-01-26 11:29 - 00000000 ____D () C:\Windows\SysWOW64\Storm
2014-01-26 11:20 - 2014-02-16 21:36 - 00003420 _____ () C:\Windows\System32\Tasks\SogouImeMgr
2014-01-26 11:19 - 2014-01-26 11:19 - 00000000 _____ () C:\Windows\SysWOW64\nsoCC38.tmp
2014-01-26 11:19 - 2014-01-26 11:19 - 00000000 _____ () C:\Windows\system32\nseCC49.tmp
2014-01-26 11:18 - 2014-01-26 11:18 - 00098136 _____ () C:\Users\dou dou\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-26 11:13 - 2014-01-26 10:51 - 00041696 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kwifinat64.sys
2014-01-26 11:13 - 2014-01-26 10:51 - 00031896 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kwifinat.sys
2014-01-26 10:55 - 2014-01-27 17:21 - 00032104 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\bootsafe64.sys
2014-01-26 10:55 - 2014-01-27 17:21 - 00024424 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\bootsafe.sys
2014-01-26 10:38 - 2014-01-26 10:38 - 00000000 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-26 10:37 - 2014-01-26 10:37 - 00000000 ____D () C:\Users\dou dou\AppData\Local\KSafe
2014-01-25 20:44 - 2014-01-25 20:44 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-01-25 20:20 - 2014-02-09 17:27 - 00002844 _____ () C:\Users\dou dou\Desktop\ALLPASS.kdb
2014-01-25 20:16 - 2014-01-25 20:16 - 00001105 _____ () C:\Users\dou dou\Desktop\KeePass.lnk
2014-01-25 20:15 - 2014-01-25 20:15 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe
2014-01-25 19:58 - 2014-01-25 19:58 - 00114488 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetmxp.sys
2014-01-25 19:58 - 2014-01-25 19:58 - 00112952 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetm.sys
2014-01-25 19:58 - 2014-01-25 19:58 - 00106808 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetm64.sys
2014-01-25 17:51 - 2014-01-25 17:51 - 00000000 ____D () C:\Users\dou dou\AppData\Local\Geckofx
 
==================== One Month Modified Files and Folders =======
 
2014-02-22 15:39 - 2014-02-21 16:47 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\360SuperKiller
2014-02-22 15:39 - 2014-02-20 20:58 - 00000000 ____D () C:\Users\dou dou\Desktop\cracks
2014-02-22 15:39 - 2014-02-13 21:52 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\BitTorrent
2014-02-22 15:39 - 2013-07-09 22:51 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\360Login
2014-02-22 15:39 - 2013-07-09 22:50 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\360Safe
2014-02-22 15:39 - 2013-05-11 23:23 - 00000000 ____D () C:\Games
2014-02-22 15:39 - 2012-04-23 21:53 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
2014-02-22 15:39 - 2012-03-25 14:57 - 00000000 ___RD () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-22 15:39 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-02-22 15:39 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-22 15:39 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\com
2014-02-22 15:39 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\registration
2014-02-22 15:38 - 2014-02-17 22:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 15:38 - 2014-02-15 20:16 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics
2014-02-22 15:38 - 2012-03-25 20:39 - 00000000 ___RD () C:\MSOCache
2014-02-22 15:36 - 2012-06-18 11:41 - 00000000 ____D () C:\ProgramData\Recovery
2014-02-22 15:27 - 2013-10-24 22:32 - 00000000 ____D () C:\FRST
2014-02-22 15:17 - 2014-02-22 15:14 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-22 15:14 - 2014-02-22 15:14 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-22 15:13 - 2014-02-22 15:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-22 15:13 - 2014-02-22 15:13 - 00000000 ____D () C:\Users\dou dou\Desktop\MBAM Rootkit Remove
2014-02-22 13:18 - 2009-07-14 13:13 - 00803968 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-22 13:12 - 2014-02-22 13:11 - 00000000 ____D () C:\AdwCleaner
2014-02-22 10:19 - 2014-01-26 14:24 - 00306678 _____ () C:\Windows\PFRO.log
2014-02-22 10:18 - 2013-09-21 14:38 - 00000000 ____D () C:\Users\dou dou\Desktop\LIMBO.v1.0r4.multi9.cracked-THETA
2014-02-22 10:18 - 2013-09-21 14:38 - 00000000 ____D () C:\Program Files (x86)\LIMBO
2014-02-22 09:25 - 2014-02-22 09:25 - 00040763 _____ () C:\ComboFix.txt
2014-02-22 09:25 - 2014-02-22 09:08 - 00000000 ____D () C:\Qoobox
2014-02-22 09:22 - 2009-07-14 10:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-22 09:08 - 2014-02-22 09:02 - 00000000 ____D () C:\Users\dou dou\Desktop\RK_Quarantine
2014-02-22 09:08 - 2013-07-02 22:30 - 00000000 ____D () C:\Windows\erdnt
2014-02-22 09:05 - 2014-02-22 09:05 - 00002908 _____ () C:\Users\dou dou\Desktop\RKreport[0]_S_02222014_090540.txt
2014-02-22 09:01 - 2014-02-22 08:58 - 00003036 _____ () C:\Users\dou dou\Desktop\Rkill.txt
2014-02-22 08:56 - 2014-02-22 08:56 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-22 08:56 - 2014-02-22 08:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 08:32 - 2014-02-22 08:31 - 00000000 ____D () C:\Users\dou dou\AppData\Local\Warframe
2014-02-22 08:32 - 2012-07-24 21:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-21 23:51 - 2014-02-21 23:51 - 00031196 _____ () C:\Users\dou dou\Desktop\attach.txt
2014-02-21 23:51 - 2014-02-21 23:51 - 00029113 _____ () C:\Users\dou dou\Desktop\dds.txt
2014-02-21 23:49 - 2012-03-25 14:54 - 00000000 ____D () C:\Users\dou dou
2014-02-21 23:45 - 2014-01-26 14:24 - 00004707 _____ () C:\Windows\setupact.log
2014-02-21 23:45 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-21 23:25 - 2014-02-21 22:36 - 00134183 _____ () C:\Users\dou dou\Desktop\avgrep.txt
2014-02-21 22:43 - 2014-02-21 23:50 - 00688992 ____R (Swearware) C:\Users\dou dou\Desktop\dds.com
2014-02-21 20:34 - 2012-03-25 14:54 - 01856317 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 20:09 - 2013-07-09 22:50 - 00002173 _____ () C:\Users\dou dou\Desktop\360软件管家.lnk
2014-02-21 19:41 - 2012-05-24 16:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 19:41 - 2011-11-18 15:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 18:14 - 2013-10-10 21:20 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-21 17:43 - 2014-02-21 17:43 - 00000000 _____ () C:\dfu.log
2014-02-21 16:51 - 2009-07-14 12:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-21 16:51 - 2009-07-14 12:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-21 16:45 - 2013-10-24 18:25 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Expert
2014-02-20 23:21 - 2014-01-28 22:42 - 00000512 _____ () C:\Windows\system32\ksclras.lck
2014-02-20 23:21 - 2014-01-28 22:42 - 00000512 _____ () C:\Windows\system32\kbootlck.lck
2014-02-20 23:21 - 2014-01-28 22:42 - 00000512 _____ () C:\Windows\system32\kbootck.lck
2014-02-20 20:58 - 2014-02-20 20:58 - 00486499 _____ () C:\Users\dou dou\Downloads\Auto-Proxy Locator v2.0.zip
2014-02-20 20:43 - 2014-02-20 20:43 - 00000000 ____D () C:\Users\dou dou\Downloads\Combo To Email
2014-02-20 20:42 - 2014-02-20 20:42 - 00219216 _____ () C:\Users\dou dou\Downloads\Combo To Email.rar
2014-02-20 17:57 - 2012-10-13 21:56 - 00000000 ____D () C:\Users\dou dou\AppData\Local\LogMeIn Hamachi
2014-02-19 17:43 - 2014-01-29 19:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-17 21:42 - 2014-02-17 21:42 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-02-17 20:42 - 2014-02-17 20:42 - 00001999 _____ () C:\Users\dou dou\Desktop\360安全浏览器6.lnk
2014-02-17 20:42 - 2014-02-17 20:42 - 00001967 _____ () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\360安全浏览器6.lnk
2014-02-17 20:42 - 2014-02-17 20:42 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360安全中心
2014-02-17 20:42 - 2014-01-01 18:37 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\360se6
2014-02-16 21:36 - 2014-01-26 11:20 - 00003420 _____ () C:\Windows\System32\Tasks\SogouImeMgr
2014-02-16 20:40 - 2014-02-16 20:40 - 00000000 ____D () C:\Users\dou dou\Documents\NFS Most Wanted
2014-02-16 20:38 - 2012-03-31 10:05 - 00000000 ____D () C:\Users\dou dou\AppData\Local\CrashDumps
2014-02-16 17:29 - 2014-01-26 12:08 - 00045619 _____ () C:\Windows\DirectX.log
2014-02-16 17:29 - 2013-01-16 20:49 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-02-16 13:17 - 2013-07-09 22:50 - 00000000 ____D () C:\Program Files (x86)\360
2014-02-16 12:25 - 2014-02-16 12:25 - 00000000 _____ () C:\Windows\SysWOW64\nssEB5C.tmp
2014-02-16 12:25 - 2014-02-16 12:25 - 00000000 _____ () C:\Windows\system32\nsxEB7C.tmp
2014-02-16 12:25 - 2013-07-10 21:05 - 00000000 ____D () C:\Thunder
2014-02-16 12:23 - 2014-01-26 12:17 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-02-16 12:22 - 2014-02-16 12:22 - 00000000 ____D () C:\Users\dou dou\AppData\Local\BitTorrent
2014-02-16 12:19 - 2012-06-12 08:40 - 00000000 ____D () C:\Users\dou dou\AppData\Local\Kingsoft
2014-02-16 12:19 - 2012-06-11 20:26 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Kingsoft
2014-02-16 12:19 - 2012-06-11 20:26 - 00000000 ____D () C:\ProgramData\kingsoft
2014-02-16 12:19 - 2012-06-11 20:26 - 00000000 ____D () C:\Program Files (x86)\Kingsoft
2014-02-16 12:08 - 2013-10-24 18:55 - 00000000 __SHD () C:\Users\dou dou\AppData\Roaming\360Quarant
2014-02-16 12:08 - 2013-10-24 18:55 - 00000000 ____D () C:\$360Section
2014-02-16 12:08 - 2012-09-07 09:33 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ChessBase
2014-02-16 12:08 - 2012-07-22 17:37 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Port Forwarding
2014-02-16 12:07 - 2013-02-08 15:57 - 00000000 ____D () C:\Windows\Minidump
2014-02-16 11:51 - 2013-07-15 21:41 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\360DiagnoseScan
2014-02-15 20:24 - 2014-02-15 20:24 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Crysis 3
2014-02-15 08:37 - 2009-07-14 13:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-14 21:26 - 2012-10-27 19:39 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\.minecraft
2014-02-14 21:25 - 2013-12-31 17:19 - 00000000 ____D () C:\Users\dou dou\Desktop\cracker
2014-02-14 18:53 - 2013-05-31 21:05 - 00000000 ___RD () C:\Program Files (x86)\skype
2014-02-14 18:53 - 2011-11-18 15:44 - 00000000 ____D () C:\ProgramData\Skype
2014-02-13 21:52 - 2014-02-13 21:52 - 00000837 _____ () C:\Users\dou dou\Desktop\BitTorrent.lnk
2014-02-13 20:52 - 2013-07-09 22:50 - 00000000 ___RD () C:\360SANDBOX
2014-02-13 19:34 - 2013-05-12 00:00 - 00000000 ____D () C:\ProgramData\Steam
2014-02-13 19:34 - 2012-09-13 20:39 - 00000000 ____D () C:\Users\dou dou\Documents\My Games
2014-02-12 23:18 - 2011-11-18 15:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-12 23:07 - 2014-02-12 22:19 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Dogecoin
2014-02-12 23:07 - 2013-06-09 17:09 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Bitcoin
2014-02-12 22:16 - 2014-02-12 22:15 - 00000000 ____D () C:\Program Files (x86)\MultiBit-0.5.16
2014-02-12 22:00 - 2012-04-01 17:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 20:24 - 2014-02-12 20:24 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\steamvr
2014-02-12 18:18 - 2014-02-12 18:15 - 00000000 ____D () C:\6d50f868cf3321931df9179fe871
2014-02-12 17:56 - 2011-02-12 01:15 - 00797692 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 12:32 - 2014-02-12 12:32 - 05917288 _____ (Sogou.com Inc.) C:\Windows\system32\SogouPY.ime
2014-02-12 12:32 - 2014-02-12 12:32 - 03470440 _____ (Sogou.com Inc.) C:\Windows\SysWOW64\SogouPY.ime
2014-02-11 19:24 - 2014-02-01 16:10 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Buxenger
2014-02-09 22:09 - 2014-02-09 22:04 - 00000340 _____ () C:\Windows\LkmdfCoInst.log
2014-02-09 22:04 - 2014-01-19 14:19 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-02-09 20:07 - 2014-02-09 18:55 - 00000000 ____D () C:\Program Files (x86)\WinAVI
2014-02-09 20:02 - 2012-06-02 21:05 - 00000915 _____ () C:\Users\dou dou\AppData\Roaming\coreavc.ini
2014-02-09 19:53 - 2014-02-09 17:17 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Litecoin
2014-02-09 18:57 - 2014-02-09 18:57 - 00003148 _____ () C:\Windows\System32\Tasks\{B91C44AB-99D1-4BE7-8AA4-3AAF2B58F775}
2014-02-09 18:56 - 2014-02-09 18:56 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\WinAVI
2014-02-09 18:56 - 2014-02-09 18:56 - 00000000 ____D () C:\Users\dou dou\AppData\Local\WinAVI
2014-02-09 18:53 - 2014-02-09 18:53 - 00000000 ____D () C:\AMD
2014-02-09 18:49 - 2014-02-09 18:49 - 00000000 ____D () C:\Users\dou dou\Documents\AMD APP
2014-02-09 18:49 - 2014-02-09 18:49 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-02-09 18:49 - 2014-02-09 18:49 - 00000000 ____D () C:\Program Files\ATI
2014-02-09 18:49 - 2014-02-09 18:49 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-02-09 17:27 - 2014-01-25 20:20 - 00002844 _____ () C:\Users\dou dou\Desktop\ALLPASS.kdb
2014-02-09 15:35 - 2014-02-08 23:32 - 00000000 ____D () C:\Program Files (x86)\Portal 2
2014-02-09 13:51 - 2013-05-29 20:10 - 00000000 ____D () C:\Users\dou dou\AppData\Local\SKIDROW
2014-02-09 09:54 - 2011-11-18 15:28 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-08 23:57 - 2014-02-08 23:57 - 00000000 ____D () C:\Users\dou dou\AppData\Local\NVIDIA
2014-02-08 23:57 - 2013-01-17 19:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-08 23:57 - 2011-11-18 15:28 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-08 23:49 - 2014-02-08 23:49 - 00000000 ____D () C:\NVIDIA
2014-02-08 23:46 - 2012-09-07 13:37 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-02-08 23:42 - 2014-02-08 23:42 - 00001809 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-02-08 23:42 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-08 23:41 - 2014-02-08 23:36 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-08 23:41 - 2014-02-08 23:32 - 00000000 ____D () C:\Program Files (x86)\Portal 1
2014-02-08 23:40 - 2014-02-08 23:40 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-06 22:41 - 2014-02-05 17:33 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-06 22:41 - 2012-03-25 16:06 - 00000000 ____D () C:\Windows\Tasks\360Disabled
2014-02-06 22:04 - 2014-02-06 22:04 - 00000000 ____D () C:\Users\dou dou\Desktop\remote
2014-02-06 21:00 - 2012-07-04 21:04 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Notepad++
2014-02-06 20:16 - 2014-02-12 18:00 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 19:30 - 2014-02-12 18:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 19:30 - 2014-02-12 18:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 19:12 - 2014-02-12 18:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 19:07 - 2014-02-12 18:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 19:06 - 2014-02-12 18:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 18:57 - 2014-02-12 18:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 18:56 - 2014-02-12 18:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 18:52 - 2014-02-12 18:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 18:49 - 2014-02-12 18:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 18:48 - 2014-02-12 18:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 18:48 - 2014-02-12 18:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 18:38 - 2014-02-12 18:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 18:32 - 2014-02-12 18:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 18:20 - 2014-02-12 18:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 18:17 - 2014-02-12 18:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 18:11 - 2014-02-12 18:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 18:01 - 2014-02-12 18:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 18:00 - 2014-02-12 18:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 17:57 - 2014-02-12 18:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 17:57 - 2014-02-12 18:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 17:52 - 2014-02-12 18:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 17:52 - 2014-02-12 18:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 17:50 - 2014-02-12 18:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 17:49 - 2014-02-12 18:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 17:47 - 2014-02-12 18:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 17:46 - 2014-02-12 18:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 17:25 - 2014-02-12 18:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 17:25 - 2014-02-12 18:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 17:24 - 2014-02-12 18:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 17:22 - 2014-02-12 18:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 17:13 - 2014-02-12 18:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 17:09 - 2014-02-12 18:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 17:03 - 2014-02-12 18:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 16:58 - 2013-10-11 14:28 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-06 16:55 - 2014-02-12 18:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 16:41 - 2014-02-12 18:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 16:40 - 2014-02-12 18:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 16:36 - 2014-02-12 18:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 16:34 - 2014-02-12 18:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 19:09 - 2012-03-29 23:16 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-01 17:38 - 2012-08-26 13:47 - 00000000 ____D () C:\Users\dou dou\AppData\Local\Deployment
2014-02-01 16:10 - 2014-02-01 16:10 - 00001903 _____ () C:\Users\Public\Desktop\Buxenger.lnk
2014-02-01 16:10 - 2014-02-01 16:10 - 00000000 ____D () C:\Program Files (x86)\Buxenger
2014-02-01 11:38 - 2013-11-04 18:04 - 00002055 _____ () C:\Users\Public\Desktop\Tencent QQ.lnk
2014-02-01 11:37 - 2013-11-04 18:04 - 00000000 ____D () C:\Users\dou dou\Documents\Tencent Files
2014-01-30 22:02 - 2012-10-15 11:14 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Skype
2014-01-29 22:02 - 2014-01-26 12:07 - 00000000 ___RD () C:\Users\dou dou\SkyDrive
2014-01-29 19:38 - 2014-01-29 19:38 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-29 17:29 - 2012-03-25 17:09 - 00000000 ____D () C:\Users\Public\Thunder Network
2014-01-28 22:42 - 2014-01-28 22:42 - 00000000 _____ () C:\Windows\system32\bootsafe.lck
2014-01-28 19:04 - 2014-01-28 19:04 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-28 19:04 - 2014-01-28 19:03 - 00000000 ____D () C:\Users\dou dou\Desktop\Terraria
2014-01-28 19:03 - 2014-01-28 19:03 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-28 19:02 - 2014-01-26 12:07 - 00002126 _____ () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-27 20:49 - 2014-01-27 20:49 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\3909 LLC
2014-01-27 20:44 - 2014-01-27 20:43 - 12863847 _____ () C:\Users\dou dou\Desktop\PapersPlease-0-5-13-Win.zip
2014-01-27 17:21 - 2014-01-26 10:55 - 00032104 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\bootsafe64.sys
2014-01-27 17:21 - 2014-01-26 10:55 - 00024424 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\bootsafe.sys
2014-01-26 14:24 - 2014-01-26 14:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-26 13:07 - 2012-09-06 23:06 - 00000000 ____D () C:\Program Files (x86)\Thunder Network
2014-01-26 13:07 - 2012-03-25 17:09 - 00000000 ____D () C:\ProgramData\Thunder Network
2014-01-26 13:05 - 2014-01-26 13:05 - 00000020 _____ () C:\Windows\SysWOW64\pub_store.dat
2014-01-26 12:21 - 2013-07-06 14:26 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\msvcr90.dll
2014-01-26 12:21 - 2013-07-06 14:26 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp90.dll
2014-01-26 12:21 - 2013-07-06 14:26 - 00159032 _____ (Microsoft Corporation) C:\Windows\system32\atl90.dll
2014-01-26 12:21 - 2013-07-06 14:26 - 00001857 _____ () C:\Windows\system32\Microsoft.VC90.CRT.manifest
2014-01-26 12:21 - 2013-07-06 14:26 - 00000466 _____ () C:\Windows\system32\Microsoft.VC90.ATL.manifest
2014-01-26 12:17 - 2012-08-20 13:09 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-26 12:17 - 2012-04-14 22:05 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-26 12:12 - 2014-01-26 12:12 - 00000000 ____D () C:\Windows\en
2014-01-26 12:11 - 2011-11-18 15:59 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-01-26 12:10 - 2014-01-26 12:10 - 00000000 ____D () C:\Program Files\Windows Live
2014-01-26 12:07 - 2014-01-26 12:07 - 00002102 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 12:07 - 2014-01-26 12:07 - 00002102 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 12:07 - 2014-01-26 12:07 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-01-26 12:07 - 2014-01-26 12:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 12:06 - 2012-04-13 19:31 - 00000000 ____D () C:\Users\dou dou\AppData\Local\Windows Live
2014-01-26 11:43 - 2014-01-26 11:43 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 11:43 - 2012-08-22 21:40 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-26 11:43 - 2012-08-22 21:40 - 00000000 ____D () C:\Program Files\iTunes
2014-01-26 11:43 - 2012-08-22 21:40 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-26 11:40 - 2012-03-29 19:33 - 00000000 ____D () C:\ProgramData\Apple
2014-01-26 11:29 - 2014-01-26 11:29 - 00001179 _____ () C:\Users\Public\Desktop\暴风影音5.lnk
2014-01-26 11:29 - 2014-01-26 11:29 - 00000000 ____D () C:\Windows\SysWOW64\Storm
2014-01-26 11:29 - 2013-05-30 18:51 - 00000000 ____D () C:\Users\dou dou\Documents\暴风影视库
2014-01-26 11:19 - 2014-01-26 11:19 - 00000000 _____ () C:\Windows\SysWOW64\nsoCC38.tmp
2014-01-26 11:19 - 2014-01-26 11:19 - 00000000 _____ () C:\Windows\system32\nseCC49.tmp
2014-01-26 11:18 - 2014-01-26 11:18 - 00098136 _____ () C:\Users\dou dou\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-26 10:51 - 2014-01-26 11:13 - 00041696 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kwifinat64.sys
2014-01-26 10:51 - 2014-01-26 11:13 - 00031896 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kwifinat.sys
2014-01-26 10:38 - 2014-01-26 10:38 - 00000000 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-26 10:37 - 2014-01-26 10:37 - 00000000 ____D () C:\Users\dou dou\AppData\Local\KSafe
2014-01-25 20:44 - 2014-01-25 20:44 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-01-25 20:20 - 2013-07-25 22:57 - 00000000 ____D () C:\Users\dou dou\AppData\Roaming\KeePass
2014-01-25 20:16 - 2014-01-25 20:16 - 00001105 _____ () C:\Users\dou dou\Desktop\KeePass.lnk
2014-01-25 20:15 - 2014-01-25 20:15 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe
2014-01-25 19:58 - 2014-01-25 19:58 - 00114488 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetmxp.sys
2014-01-25 19:58 - 2014-01-25 19:58 - 00112952 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetm.sys
2014-01-25 19:58 - 2014-01-25 19:58 - 00106808 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisnetm64.sys
2014-01-25 17:51 - 2014-01-25 17:51 - 00000000 ____D () C:\Users\dou dou\AppData\Local\Geckofx
 
Some content of TEMP:
====================
C:\Users\dou dou\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-01-18 19:27
 
==================== End Of Log ============================
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.