Inactive Can't download anti-virus software for some reason

Broni! Thank you for bearing with me!

eh... I'm having issue again. I can't see the page: http://support.microsoft.com/kb/948247

I don't dare to run the combofix yet...... before I create the restore point...

is it possible that I don't have anything that require me to disable? I used to have [FONT=helvetica]MCAFEE ANTIVIRUS [/FONT]but then I've deleted it since it wasn't working anymore. I checked and it's no longer in the list of software available on this laptop.

Thank you!
 
Ehhh the only thing that I can think of would be the Malwarebytes anti-malware version 1.70.0.1100 thingy that I've downloaded and also the windows firewall (do I need to disable it please?) (it's not [FONT=helvetica]MICROSOFT SECURITY ESSENTIALS [/FONT]though. it's part of the laptop I suppose...)
Sorry for my silly questions.....*nerd*
 
Never disable firewall.


To set up a restore point, follow these steps:
  1. Close any programs that are open.
  2. Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore. The System Restore Wizard opens.

    Note If the System Restore Wizard does not open, the System Restore feature may be turned off. To turn System Restore on, see the "More Information" section in this article.
  3. Click Create a restore point, and then click Next.
  4. In Restore point description box, type a description for the restore point. Use a description that is easy to understand. If you are creating a restore point before you install specific software or hardware, you could use that information in the description.

    Note The date and time are automatically added to your restore point. Therefore, you do not have to use them in your description.
  5. Do one of the following:
    • To finish creating this restore point, click the Create button. The System Restore Wizard notifies you when the restore point is created.
    • To stop creating a restore point and to return to the Welcome to System Restore page, click the Back button.
    • To stop creating a restore point and to exit the System Restore Wizard, click the Cancel button.
  6. When you are finished, click the Close button.
Congratulations! You have successfully created a restore point, and you are finished.
Click to expand...
 
HI Broni! Hope you are well.

there's the rkill log
Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/03/2013 04:49:21 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Active Proxy Server Detected

* Proxy Disabled.
* ProxyOverride value deleted.
* ProxyServer value deleted.
* AutoConfigURL value deleted.
* Proxy settings were backed up to Registry file.

Checking Registry for malware related settings:

* No issues found in the Registry.

Backup Registry file created at:
C:\Documents and Settings\Acer\桌面\rkill\rkill-03-03-2013-04-49-31.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic

* Automatic Updates (wuauserv) is not Running.
Startup Type set to: Automatic

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 03/03/2013 04:50:31 PM
Execution time: 0 hours(s), 1 minute(s), and 10 seconds(s)
 
But for some reason after running the Combofix test, I got a box telling me sth like I cant name it as (blank), best to name it with numbers and letters.*nerd*
 
But for some reason after running the Combofix test, I got a box telling me sth like I cant name it as (blank), best to name it with numbers and letters.
Click to expand...
I have no idea what you're saying :)
 
This topic is marked as abandoned and closed due to inactivity.
This member will NOT be eligible to receive any more help in malware removal forum.
 
:D! Thank you!
If I may, please allow me to explain once again:
But for some reason after running the Combofix test, I got a box telling me sth like I cant name it as (blank), best to name it with numbers and letters.
Click to expand...
I ran the test, but at the end, instead of getting the report, I only got a box/window popped out telling me that I can't name the file as "blank" (there was no name at all), I should rename it with numbers/ letters. I didn't see anything new in the folder or on desktop...(I was confused)
Today I ran the test again and was hoping to print screen it. But it worked!:eek: the laptop was being restarted but at the end I still can't locate the report.....:confused: Maybe it's because it's not stored on the desktop :\ (remember that you mentioned I should save it in desktop...) it's in the "download" folder.
I'll double check if it's in the combofix folder if there's any. I hope I can get this done within 24 hrs....
Thank you so much.
 
I ran the test for 3 times after downloading it to the desktop again. I still can't see any report.....
I tried to look for it in the folder, I can only see a lot of funny doc. (can't upload the screen shot for some reason..)
 
redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

redtarget.gif
Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
AdwCleaner

# AdwCleaner v2.114 - Logfile created 03/14/2013 at 20:14:25
# Updated 05/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Acer - ACER-AE22EBF040
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Acer\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16762

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.152

File : C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [837 octets] - [14/03/2013 20:14:25]

########## EOF - C:\AdwCleaner[S1].txt - [896 octets] ##########
 
OTL:
OTL logfile created on: 3/14/2013 8:21:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Acer\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: 美國 | Language: ENU | Date Format: M/d/yyyy

1011.88 Mb Total Physical Memory | 497.80 Mb Available Physical Memory | 49.20% Memory free
2.37 Gb Paging File | 1.96 Gb Available in Paging File | 82.74% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.22 Gb Total Space | 29.03 Gb Free Space | 20.41% Space Free | Partition Type: NTFS

Computer Name: ACER-AE22EBF040 | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/14 20:12:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Acer\My Documents\Downloads\OTL.exe
PRC - [2013/03/12 20:51:52 | 000,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Acer\Local Settings\temp\RtkBtMnt.exe
PRC - [2013/03/01 07:08:21 | 001,274,832 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2013/01/08 20:24:01 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/01/17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2008/09/03 22:46:04 | 000,425,984 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2008/06/04 18:10:02 | 000,114,688 | ---- | M] (InterVideo Inc.) -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
PRC - [2008/05/14 11:14:34 | 000,821,768 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008/04/15 11:00:00 | 000,978,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/03 18:19:40 | 014,718,320 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll
MOD - [2013/03/01 07:08:19 | 000,459,728 | ---- | M] () -- C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.152\ppgooglenaclpluginchrome.dll
MOD - [2013/03/01 07:08:16 | 004,050,896 | ---- | M] () -- C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.152\pdf.dll
MOD - [2013/03/01 07:07:21 | 001,552,848 | ---- | M] () -- C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll
MOD - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2007/04/06 01:56:30 | 000,356,352 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\it41.dll
MOD - [2006/01/12 09:33:34 | 000,212,992 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\imagefile.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/14 19:50:19 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Acer\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/01/07 10:00:08 | 004,968,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/10/31 12:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/08/21 11:47:46 | 001,318,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/08/06 16:54:14 | 000,151,936 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\M3000KNT.sys -- (M3000Srv)
DRV - [2008/07/09 01:16:26 | 000,096,856 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/04/15 11:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2005/01/13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c04&s=0&o=xph&d=0809&m=aoa150
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7ACAW


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c04&s=0&o=xph&d=0809&m=aoa150
IE - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?source...={outputEncoding}&rlz=1I7ACAW_zh-TWHK389HK389
IE - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Acer\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\Acer\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Acer\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/08 20:24:55 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.152\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.152\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Acer\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Acer\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: Learn Foreign Languages = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bknagapjnmiflhaafpnmdildjnbimpnn\4_0\
CHR - Extension: Music ShownToMe = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bmbpkjkphcognlnpnapkdogkjmngkehj\297_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Click to call with Skype = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\

O1 HOSTS File: ([2013/03/10 17:43:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1284457498-3847012612-2740669036-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36AFB345-864C-4AF6-9DE6-F3260878ED19}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (目前的首頁) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Acer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Acer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/21 12:35:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/12 20:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/03/12 20:36:53 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/03/11 23:06:22 | 005,037,889 | R--- | C] (Swearware) -- C:\Documents and Settings\Acer\桌面\ComboFix.exe
[2013/03/10 17:33:07 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/03/10 17:29:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/03/10 17:29:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/03/10 17:29:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/03/10 17:29:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/03/07 18:57:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer\Application Data\Mozilla
[2013/03/03 16:49:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer\桌面\rkill
[2013/03/03 16:45:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/03/03 16:45:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/14 20:20:39 | 000,902,554 | ---- | M] () -- C:\WINDOWS\System32\prfh0404.dat
[2013/03/14 20:20:39 | 000,511,456 | ---- | M] () -- C:\WINDOWS\System32\prfc0404.dat
[2013/03/14 20:20:39 | 000,405,670 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/03/14 20:20:39 | 000,064,220 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/03/14 20:16:12 | 000,000,526 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/14 20:16:12 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1284457498-3847012612-2740669036-1006.job
[2013/03/14 20:16:10 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1284457498-3847012612-2740669036-1006.job
[2013/03/14 20:16:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/14 20:16:02 | 1061,105,664 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/14 19:50:19 | 000,000,526 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/14 19:49:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1284457498-3847012612-2740669036-1006UA.job
[2013/03/14 19:46:00 | 000,000,530 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/13 23:13:42 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/12 20:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1284457498-3847012612-2740669036-1006.job
[2013/03/11 23:48:43 | 001,843,254 | ---- | M] () -- C:\Documents and Settings\Acer\桌面\image.bmp
[2013/03/11 23:07:08 | 005,037,889 | R--- | M] (Swearware) -- C:\Documents and Settings\Acer\桌面\ComboFix.exe
[2013/03/10 20:26:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1284457498-3847012612-2740669036-1006.job
[2013/03/10 17:43:48 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/03/10 17:33:12 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/03/10 16:49:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1284457498-3847012612-2740669036-1006Core.job
[2013/03/07 18:57:16 | 000,002,299 | ---- | M] () -- C:\Documents and Settings\Acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/07 18:57:16 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\Acer\桌面\Google Chrome.lnk
[2013/02/13 20:15:10 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Acer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/12 20:51:31 | 1061,105,664 | -HS- | C] () -- C:\hiberfil.sys
[2013/03/11 23:48:42 | 001,843,254 | ---- | C] () -- C:\Documents and Settings\Acer\桌面\image.bmp
[2013/03/10 17:33:12 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/03/10 17:33:08 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/03/10 17:29:57 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/03/10 17:29:57 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/03/10 17:29:57 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/03/10 17:29:57 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/03/10 17:29:57 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/03/03 18:19:43 | 000,000,526 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/01/08 21:47:02 | 000,185,616 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar39.dll
[2013/01/08 21:47:02 | 000,169,744 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2013/01/08 21:47:02 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2013/01/08 21:47:02 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2013/01/08 21:47:02 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2012/11/03 17:20:46 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Acer\Application Data\wklnhst.dat
[2011/12/26 22:36:24 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Acer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/09 19:35:01 | 000,000,064 | ---- | C] () -- C:\WINDOWS\minitab.ini
[2009/08/01 14:30:58 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Acer\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2009/01/21 12:39:10 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/15 11:00:00 | 001,498,624 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/15 11:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/15 11:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/05/06 18:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Application Data\bayardKids.08AE7BFC096D057FBA48C7E4F898C35F7FA11BBA.1
[2012/08/11 19:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Application Data\Dropbox
[2009/08/02 01:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Application Data\eSobi
[2009/08/02 01:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Application Data\InterVideo
[2012/07/12 21:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Application Data\Oracle
[2013/01/08 21:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Application Data\Simply Super Software
[2012/11/03 17:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Application Data\Template
[2012/07/12 19:49:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/08/02 05:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2012/12/08 22:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/08 21:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2011/03/13 20:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore

========== Purity Check ==========



========== Files - Unicode (All) ==========

[2010/07/23 16:29:53 | 004,944,151 | ---- | C] (Adasky.com)(C:\Documents and Settings\Acer\桌面\《管家婆9.0》使用手?.exe) -- C:\Documents and Settings\Acer\桌面\《管家婆9.0》使用手册.exe
[2010/07/23 16:29:52 | 000,000,000 | ---D | M](C:\Documents and Settings\Acer\桌面\管家婆?煌?机?人版) -- C:\Documents and Settings\Acer\桌面\管家婆辉煌单机个人版
[2010/07/23 16:29:52 | 000,000,000 | ---D | M](C:\Documents and Settings\Acer\桌面\??教程) -- C:\Documents and Settings\Acer\桌面\详细教程
[2010/07/23 16:29:52 | 000,000,000 | ---D | C](C:\Documents and Settings\Acer\桌面\??教程) -- C:\Documents and Settings\Acer\桌面\详细教程
[2010/07/23 16:29:49 | 000,000,000 | ---D | C](C:\Documents and Settings\Acer\桌面\管家婆?煌?机?人版) -- C:\Documents and Settings\Acer\桌面\管家婆辉煌单机个人版
[2010/07/23 16:29:46 | 000,000,000 | ---D | M](C:\Documents and Settings\Acer\桌面\管家婆?煌版 v9.0) -- C:\Documents and Settings\Acer\桌面\管家婆辉煌版 v9.0
[2010/07/23 16:29:43 | 000,000,000 | ---D | C](C:\Documents and Settings\Acer\桌面\管家婆?煌版 v9.0) -- C:\Documents and Settings\Acer\桌面\管家婆辉煌版 v9.0
[2006/05/31 05:55:38 | 004,944,151 | ---- | M] (Adasky.com)(C:\Documents and Settings\Acer\桌面\《管家婆9.0》使用手?.exe) -- C:\Documents and Settings\Acer\桌面\《管家婆9.0》使用手册.exe

< End of report >
 
Extras:

OTL Extras logfile created on: 3/14/2013 8:21:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Acer\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: 美國 | Language: ENU | Date Format: M/d/yyyy

1011.88 Mb Total Physical Memory | 497.80 Mb Available Physical Memory | 49.20% Memory free
2.37 Gb Paging File | 1.96 Gb Available in Paging File | 82.74% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.22 Gb Total Space | 29.03 Gb Free Space | 20.41% Space Free | Partition Type: NTFS

Computer Name: ACER-AE22EBF040 | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1284457498-3847012612-2740669036-1006\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1707:TCP" = 1707:TCP:*:Enabled:rcdgsvdc
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\Acer\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Acer\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox
"C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Acer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Disabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Disabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Disabled:Windows Live Sync -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C9B0475-F65F-45AB-8D88-2AE7C195E907}" = Microsoft .NET Framework 1.1 Chinese (Traditional) Lang. Pack
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live 上載工具
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{350C97B6-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{358AF23D-82CD-41C3-B56E-39DCF562FD54}" = Windows Live Writer
"{43BB3F74-CF20-4162-A2F8-0E9E97116E7B}" = Windows Live 影像中心
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AAC5AE8-EDE6-44D4-AA87-E90870178FDC}" = Minitab 15 English
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B0F63DE-E54F-46C4-B32B-F2211373D3D1}" = Windows Live 程式集
"{4FDDC592-3089-4510-A891-FB492B9CF37C}" = Windows Live Call
"{56A648C2-D185-46A9-BBFF-78AE7A503000}" = Acer Crystal Eye webcam
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C91A37F-64AC-4C9A-A6DB-06D7E56E101D}" = Windows Live Messenger
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{725E378F-39EB-4E64-B5ED-9B0CC3C99055}" = Windows Live Mail
"{750C7476-9A2D-4996-BA43-11946B28B3BE}" = Windows Live 登入小幫手
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0804-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Chinese (Simplified)) 12
"{90120000-0010-0C04-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Chinese (Traditional)) 12
"{90120000-0015-0804-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Simplified)) 2007
"{90120000-0016-0804-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Simplified)) 2007
"{90120000-0016-0C04-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{B362E10E-DE41-4CD5-A419-2B45599AAFA0}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0804-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
"{90120000-0018-0C04-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{B362E10E-DE41-4CD5-A419-2B45599AAFA0}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0804-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Simplified)) 2007
"{90120000-001A-0804-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Simplified)) 2007
"{90120000-001B-0804-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Simplified)) 2007
"{90120000-001B-0C04-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{B362E10E-DE41-4CD5-A419-2B45599AAFA0}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}_HOMESTUDENTR_{5CE74E24-2E09-4547-A1E0-354688209BBA}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002C-0804-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Simplified)) 2007
"{90120000-002C-0C04-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0804-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Chinese (Simplified)) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0804-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Simplified)) 2007
"{90120000-006E-0C04-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{2909625A-6814-4AE6-A48F-DFC0FAD2CCE7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0804-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Chinese (Simplified)) 2007
"{90120000-00A1-0C04-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Chinese (Traditional)) 2007
"{90120000-00A1-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{B362E10E-DE41-4CD5-A419-2B45599AAFA0}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0804-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (Chinese (Simplified)) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B6FB0C12-6429-4d4d-A30B-B680FB7C5F5A}" = Microsoft Works
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DD21A6AA-DF5B-480F-82F5-33A14E54B5EC}" = Windows Live Sync
"{EAC98582-5ED4-3BCA-BCD5-9E1A328BD7BE}" = Google Talk Plugin
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F7952CA2-A925-4CA1-A934-A46E8EC9CA18}" = Acer Crystal Eye Webcam
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 16.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite_Wave3" = Windows Live 程式集
"WinRAR archiver" = WinRAR 4.10 beta 5 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1284457498-3847012612-2740669036-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/14/2013 8:16:29 AM | Computer Name = ACER-AE22EBF040 | Source = crypt32 | ID = 131080
Description = 從 <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
自動更新廠商根清單順序數字發生失敗,錯誤: 這個網路連線不存在。

Error - 3/14/2013 8:16:29 AM | Computer Name = ACER-AE22EBF040 | Source = crypt32 | ID = 131083
Description = 無法從自動更新 CAB 檔案中(在: <http://www.download.windowsupdate.c...tic/trustedr/en/authrootstl.cab>)將廠商根清單解壓縮,錯誤:
與目前的系統時鐘或簽署檔案的時間戳記核對時,所需的憑證不在有效日期內。

Error - 3/14/2013 8:16:29 AM | Computer Name = ACER-AE22EBF040 | Source = crypt32 | ID = 131080
Description = 從 <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
自動更新廠商根清單順序數字發生失敗,錯誤: 這個網路連線不存在。

Error - 3/14/2013 8:16:29 AM | Computer Name = ACER-AE22EBF040 | Source = crypt32 | ID = 131083
Description = 無法從自動更新 CAB 檔案中(在: <http://www.download.windowsupdate.c...tic/trustedr/en/authrootstl.cab>)將廠商根清單解壓縮,錯誤:
與目前的系統時鐘或簽署檔案的時間戳記核對時,所需的憑證不在有效日期內。

Error - 3/14/2013 8:16:29 AM | Computer Name = ACER-AE22EBF040 | Source = crypt32 | ID = 131080
Description = 從 <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
自動更新廠商根清單順序數字發生失敗,錯誤: 這個網路連線不存在。

Error - 3/14/2013 8:16:31 AM | Computer Name = ACER-AE22EBF040 | Source = crypt32 | ID = 131083
Description = 無法從自動更新 CAB 檔案中(在: <http://www.download.windowsupdate.c...tic/trustedr/en/authrootstl.cab>)將廠商根清單解壓縮,錯誤:
與目前的系統時鐘或簽署檔案的時間戳記核對時,所需的憑證不在有效日期內。

Error - 3/14/2013 8:16:31 AM | Computer Name = ACER-AE22EBF040 | Source = crypt32 | ID = 131080
Description = 從 <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
自動更新廠商根清單順序數字發生失敗,錯誤: 這個網路連線不存在。

Error - 3/14/2013 8:16:31 AM | Computer Name = ACER-AE22EBF040 | Source = crypt32 | ID = 131083
Description = 無法從自動更新 CAB 檔案中(在: <http://www.download.windowsupdate.c...tic/trustedr/en/authrootstl.cab>)將廠商根清單解壓縮,錯誤:
與目前的系統時鐘或簽署檔案的時間戳記核對時,所需的憑證不在有效日期內。

Error - 3/14/2013 8:16:31 AM | Computer Name = ACER-AE22EBF040 | Source = crypt32 | ID = 131080
Description = 從 <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
自動更新廠商根清單順序數字發生失敗,錯誤: 這個網路連線不存在。

Error - 3/14/2013 8:20:39 AM | Computer Name = ACER-AE22EBF040 | Source = LoadPerf | ID = 3001
Description =

[ OSession Events ]
Error - 9/13/2011 9:09:40 AM | Computer Name = ACER-AE22EBF040 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 9655 seconds with 3360 seconds of active time. This session ended with a
crash.

Error - 11/29/2011 9:05:20 AM | Computer Name = ACER-AE22EBF040 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 16471 seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/28/2012 2:21:36 AM | Computer Name = ACER-AE22EBF040 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/28/2012 2:21:42 AM | Computer Name = ACER-AE22EBF040 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 3/14/2013 6:55:50 AM | Computer Name = ACER-AE22EBF040 | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1058",是當嘗試啟動服務 BITS 而引數為 "", 為了執行伺服器: {4991D34B-80A1-4291-83B6-3328366B9097}
之時

Error - 3/14/2013 6:55:57 AM | Computer Name = ACER-AE22EBF040 | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1058",是當嘗試啟動服務 BITS 而引數為 "", 為了執行伺服器: {4991D34B-80A1-4291-83B6-3328366B9097}
之時

Error - 3/14/2013 6:55:59 AM | Computer Name = ACER-AE22EBF040 | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1058",是當嘗試啟動服務 BITS 而引數為 "", 為了執行伺服器: {4991D34B-80A1-4291-83B6-3328366B9097}
之時

Error - 3/14/2013 6:55:59 AM | Computer Name = ACER-AE22EBF040 | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1058",是當嘗試啟動服務 BITS 而引數為 "", 為了執行伺服器: {4991D34B-80A1-4291-83B6-3328366B9097}
之時

Error - 3/14/2013 6:57:12 AM | Computer Name = ACER-AE22EBF040 | Source = Service Control Manager | ID = 7023
Description = Universal Task 服務因下列錯誤而終止: %%1114

Error - 3/14/2013 8:16:23 AM | Computer Name = ACER-AE22EBF040 | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1058",是當嘗試啟動服務 BITS 而引數為 "", 為了執行伺服器: {4991D34B-80A1-4291-83B6-3328366B9097}
之時

Error - 3/14/2013 8:16:28 AM | Computer Name = ACER-AE22EBF040 | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1058",是當嘗試啟動服務 BITS 而引數為 "", 為了執行伺服器: {4991D34B-80A1-4291-83B6-3328366B9097}
之時

Error - 3/14/2013 8:16:29 AM | Computer Name = ACER-AE22EBF040 | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1058",是當嘗試啟動服務 BITS 而引數為 "", 為了執行伺服器: {4991D34B-80A1-4291-83B6-3328366B9097}
之時

Error - 3/14/2013 8:16:29 AM | Computer Name = ACER-AE22EBF040 | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1058",是當嘗試啟動服務 BITS 而引數為 "", 為了執行伺服器: {4991D34B-80A1-4291-83B6-3328366B9097}
之時

Error - 3/14/2013 8:17:46 AM | Computer Name = ACER-AE22EBF040 | Source = Service Control Manager | ID = 7023
Description = Universal Task 服務因下列錯誤而終止: %%1114


< End of report >
 
You must log in or register to reply here.

Similar threads

midian182
"You wouldn't steal a car" anti-piracy ads may have used a stolen font
Replies
9
Views
140
3ogdy
3ogdy
A
Android users will soon be able to pause Google's anti-malware service for sideloading
Replies
1
Views
125
ZedRM
ZedRM
S
Software engineer exploits Unicode quirks to conceal information within emoji characters
Replies
2
Views
109
Godel
G

Latest posts

Back