Im using Window Vista Home Premium
below are my OTL report:
OTL Extras logfile created on: 2012/6/8 18:03:34 - Run 1
OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\Dell\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000804 | Country: People's Republic of China | Language: CHS | Date Format: yyyy/M/d
2.00 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 47.97% Memory free
4.23 Gb Paging File | 3.41 Gb Available in Paging File | 80.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.47 Gb Total Space | 22.13 Gb Free Space | 16.22% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 2.17 Gb Free Space | 21.74% Space Free | Partition Type: NTFS
Computer Name: SHENKAESIEW | User Name: Dell | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- "%1" %*"
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Playback] -- "C:\Program Files\TTPlayer\TTPlayer.exe" "%1" (Alen Soft)
Directory [PlayList] -- "C:\Program Files\TTPlayer\TTPlayer.exe" /a "%1" (Alen Soft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"$INSTDIR\FlvDetector.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlvDetector.exe:*:Enabled:FGFlvDetector
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Windows\explorer.exe" = C:\Windows\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Program Files\MSNShell\Bin\engie.exe" = c:\program files\msnshell\bin\engie.exe:*:enabled:msnshell
"c:\BBPlayer\RunMon.exe" = c:\bbplayer\runmon.exe:*:enabled:runmon
"c:\BBPlayer\BBAcc.exe" = c:\bbplayer\bbacc.exe:*:enabled:bbacc
"c:\BBPlayer\BobaClient.exe" = c:\bbplayer\bobaclient.exe:*:enabled:bobaclient
"C:\Program Files\PPStream\PPStream.exe" = c:\program files\ppstream\ppstream.exe:*:enabled:pps网络电视
"C:\Program Files\PPStream\PPSAP.exe" = c:\program files\ppstream\ppsap.exe:*:enabled:pps 网络加速器
"C:\Users\Dell\Desktop\flashget_18859_1.exe" = c:\users\dell\desktop\flashget_18859_1.exe:*:enabled:fg_ol_setup
"C:\Users\Dell\Desktop\show\flashget_77242_2.exe" = c:\users\dell\desktop\show\flashget_77242_2.exe:*:enabled:fg_ol_setup
"C:\Users\Dell\Desktop\show\flashget_18859_1.exe" = c:\users\dell\desktop\show\flashget_18859_1.exe:*:enabled:fg_ol_setup
"C:\Users\Dell\Desktop\Reginout.System.Utilities.3.0.crack.by.Lz0.exe" = c:\users\dell\desktop\reginout.system.utilities.3.0.crack.by.lz0.exe:*:enabled:reginout.system.utilities.3.0.crack.by.lz0
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0538EFD1-3802-4C40-8B98-92A0146144B8}" = lport=139 | protocol=6 | dir=in | app=system |
"{0B741C9A-A49A-4124-8A81-D72AC638CA18}" = rport=139 | protocol=6 | dir=out | app=system |
"{0F6EE754-7D48-4B76-B8D6-ECD73ACE2D14}" = rport=10243 | protocol=6 | dir=out | app=system |
"{15979044-2E36-47F2-AF4F-DFAA6D37B205}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{1667F3C5-3964-4E25-BC74-1D1734569D63}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{24C28DA3-4955-4E10-B617-F633EA0E7DF9}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2B715396-06DA-4AA0-82C9-171683B47AB4}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{320282A7-6FEB-4146-BDFB-C861D75FD600}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{33ED36DD-CAEB-476A-9D1D-F609E4D8A28E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{390381BD-8890-42CE-9C4A-76036DCC8823}" = lport=138 | protocol=17 | dir=in | app=system |
"{3C62C17E-F177-4A31-9A0D-DABC80E7A075}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3D1127EB-C789-4BB7-B25F-A52B559CE466}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3ECC38CC-8E73-4638-BD86-0D8E9B6EF37E}" = rport=138 | protocol=17 | dir=out | app=system |
"{403CB304-9C79-4AB2-A231-9D867C7A6A71}" = rport=2869 | protocol=6 | dir=out | app=system |
"{407419B2-C2CE-4DDE-9F12-02006E4CA7F4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4676DDE0-F22E-48E7-88E5-44A8860CE1FC}" = lport=445 | protocol=6 | dir=in | app=system |
"{4EB87C0B-19FA-4F9F-BF0A-31CF00E76564}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5CE99F7C-4222-498A-A6E5-5701BDAA8B1C}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6803E66B-91F9-4491-8A5B-487A82CE2290}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D578960-2557-43CA-814B-395A0B3C5720}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6EB2411B-4250-4A46-A37B-A3F9CF202695}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{70B292E0-F9CF-415C-A731-D30970FC415B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7400E218-4378-46F7-8CD2-FB1FFF456044}" = rport=445 | protocol=6 | dir=out | app=system |
"{75AF8749-46C1-474B-B718-EC4DFB8B1D9F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7C5BCF7B-52C8-4FFF-86DC-093CB4BDC981}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{96D17F78-6350-4590-9D7D-A8620CF4C005}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{994F74D1-D455-4D63-A8CE-2553EF7C8392}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9ABFE8CE-C5EE-4DE8-98BD-C0B6F31E9DC7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A0FB295A-484A-4D1F-8EED-53C86F3F9D8D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A3E662C3-9C7B-4C67-81C5-7FF0A847D455}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ACE01BE5-381A-48F1-A1B2-64BDEA9ABE51}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD89E2D9-2EEB-4AC4-9635-D0CF11D25264}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B1BDB6BB-E33E-4AAA-B6D9-B43B6E658436}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C93532B1-7D74-4225-BE7E-2DE53318540E}" = lport=137 | protocol=17 | dir=in | app=system |
"{CE8EB758-5612-462C-8195-242973BF3D08}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CEDFD341-6241-49CF-8F8D-A0411E1796CA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D384F223-6ED5-40BE-9193-F6385AC9580F}" = rport=137 | protocol=17 | dir=out | app=system |
"{E13D7DF7-F5F3-4C48-847B-7EB95C34554A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E717C196-FE9F-4DAA-88E6-5F78F0D6C950}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{ECDF267B-A543-4148-826D-C1F03351B898}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FD11BDD6-DC3C-4323-A5F8-7501482E92E0}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0090223B-2EEA-4661-B319-3EADFF1ED699}" = protocol=58 | dir=in | [email protected],-148 |
"{0579A546-9D96-497F-917E-5AE1AD7584EE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0CE51C79-A5E7-40AC-81C4-0B71DBEB6EEC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0DE67F5C-058A-4479-9F14-7F2B30072661}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{0EA0DCD9-D127-4937-9F97-5848A67AB777}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{13F85331-49AD-4B21-8D81-B8A465C5BDA8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{19807D7B-448C-469A-A45C-A04DE114C75A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A75EDFF-704A-480E-B0F5-89CD10027413}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{1AC78DBD-2879-4124-80AA-EEC312DF78B1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1AD7EC2A-47A9-4B8A-8D07-04DF45E00A8A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D1348CC-F2A3-450E-9D13-A755CC452604}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1E699C9F-9C73-4B6C-815E-3107EB77309E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20AFD135-B910-4B0A-AE73-436A144730B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2525AAA8-DB51-49F2-B5B7-659CC5B4A2CA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{2702BEAF-514F-4F3E-BB56-BF3EF8D2D123}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{28DD2120-6C9B-4D40-948B-671A8B4ABAC1}" = protocol=6 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{29211250-F733-4D5B-9FB0-C1A9A3B66A9E}" = protocol=1 | dir=in | [email protected],-28543 |
"{355140A0-04A6-4841-A07B-C16088D98B88}" = protocol=17 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{35B35E3A-CA59-4EC2-8CD7-576067D54339}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{36F44BEE-52D8-4568-9AD6-11404A15561B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{384912EB-4554-4013-BF00-8D091448A273}" = protocol=6 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{3876DB5D-5916-481A-942A-266742B3055A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3884C613-849C-4953-A301-2D4D2DCCE99A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{40B1C4B5-A69E-4C88-9FB2-D0BCA2708601}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{47CF2953-2689-4652-ABC5-443903EAE7D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{47E6D092-7CDF-42EA-9D86-9FDA64EC9296}" = protocol=17 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{4B057275-7AC9-4BBD-9014-BB7A70FA1BA7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4B8C7E9C-7B26-4C37-8864-7EF415B000D1}" = protocol=17 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{4CF7C080-BC62-4A51-BBCD-16CD51B57507}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{52638F14-8B56-4E86-B29E-04BD7E09B044}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56CB1927-4F17-43D5-B5D2-2AC76DF78352}" = protocol=6 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{5719B7F9-C6AB-42D6-AD92-585EF537874B}" = protocol=6 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{68662E41-AC2F-4021-8964-48E29F5A638E}" = protocol=1 | dir=out | [email protected],-28544 |
"{68F206B0-379F-4036-9A77-4E4B565C63E2}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6B141DDD-036D-4AC7-B9A4-7347BA7AE3B6}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{6E80B0D5-8779-40F0-9873-0550BCDE3EE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6F7678AE-3C93-46DF-8AE5-5A9188BF09C8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{74133324-1161-4480-A094-3E8931D74A95}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{79DB0CF7-3860-4623-A2C1-64153F6A862D}" = protocol=6 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{7E7F2D53-C34B-4D79-B4DC-5117415835F0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7F3F8CE3-C16C-4544-B131-031CC0FAA319}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8013CDC0-04F4-47F8-BCDF-1D93AF57C098}" = protocol=6 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{8542B43F-E5D0-481E-AD67-A8D1B85B418B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8C2A40CE-96C4-4DDA-B708-A01518E925D0}" = protocol=6 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{8E487325-8188-4769-A28E-9F6A1A1C6F6D}" = protocol=17 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{90294D80-641C-415E-9106-B842355A446D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{912DA597-BC12-46BE-A94D-AF070CDD879C}" = protocol=17 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"{95B4A116-FD65-4B2A-914C-86FD2E0196AE}" = protocol=58 | dir=out | [email protected],-28546 |
"{95BE4BAD-2CA2-4EA5-80DC-66194473A16B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{9FC2EF8B-54E8-45E3-8DF9-5F01A91F2D43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6468A5D-AB1D-48B3-B44D-6BAB30719BE5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AC7DAEEB-6FB0-4CCC-BA00-7C474EC36D91}" = protocol=6 | dir=in | app=c:\program files\kwmusic\kwmusic.exe |
"{B1453C78-44EF-4194-B639-7C79858678BD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B64D980E-2BA6-4EA1-86E9-97BE40615DC4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{BBD113E5-1CA0-4AA8-97EC-B3AE7B71BADB}" = protocol=17 | dir=in | app=c:\program files\kwmusic\kwmusic.exe |
"{C2311A2A-3A14-44C3-9212-371142192DA3}" = protocol=6 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{C5428A59-198B-4509-A593-ECFB01181052}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C90491B3-0564-4E0D-BAF9-0A5BB63F3A09}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{CAAC1F4E-1383-43A1-A0FA-75E5CCC5CBFB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF5A970B-58BC-4AF9-8873-788B35F5AC38}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CF757AC9-7EA6-45AE-B779-58A0BCFD2768}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D0C4C927-C995-469A-938B-3F99972984E3}" = protocol=17 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{D364090D-BDA7-4C3D-9D78-DE73F73D02D9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D70F10F2-2139-4600-8EB1-78157035112E}" = protocol=6 | dir=out | app=system |
"{DA4C615A-9CA8-429A-BF11-AEABC4B09E12}" = protocol=58 | dir=in | [email protected],-28545 |
"{EF586B97-AFFF-42B9-B3AC-32E677F7B5B1}" = protocol=17 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"{F29EB5DA-8D35-478A-BABA-27AD5E3BC066}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F59988A6-66FF-471F-BD13-650A0293600F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FCF91F19-A96A-45F3-8B02-EEE345218D4E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"TCP Query User{10797E95-3497-48FA-A10E-85D38043E919}C:\program files\ttplayer\ttplayer.exe" = protocol=6 | dir=in | app=c:\program files\ttplayer\ttplayer.exe |
"TCP Query User{1BEBFB4F-F2E9-4BDD-8E93-8A9777BCE5A3}J:\war 3\war3.exe" = protocol=6 | dir=in | app=j:\war 3\war3.exe |
"TCP Query User{2339FEDB-B1F8-4224-B941-24E27BCA0813}C:\program files\games\condition zero\hl.exe" = protocol=6 | dir=in | app=c:\program files\games\condition zero\hl.exe |
"TCP Query User{2EE0D167-FD98-4A28-8680-DC5811800398}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{35F94C56-8452-4CAA-89AF-70514F370028}C:\program files\games\condition zero\hl.exe" = protocol=6 | dir=in | app=c:\program files\games\condition zero\hl.exe |
"TCP Query User{497B1F2C-FABC-426E-9374-618A86FA933C}J:\war 3\war3.exe" = protocol=6 | dir=in | app=j:\war 3\war3.exe |
"TCP Query User{7D7AE10E-6AE6-4B37-989B-58F57C2F4ABC}C:\program files\games\warcarft3\war3.exe" = protocol=6 | dir=in | app=c:\program files\games\warcarft3\war3.exe |
"TCP Query User{84B7C1D0-2292-4AE7-A025-9C6F37BB4DE0}C:\program files\kwmusic\kwmv.exe" = protocol=6 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"TCP Query User{98587D2D-673B-4FE8-A7A1-72510EFFFE97}C:\program files\games\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\games\garena\garena.exe |
"TCP Query User{99657D7D-D99C-4D78-8AC1-8292A03C5E0A}C:\program files\thunder network\thunder\program\thunder5.exe" = protocol=6 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"TCP Query User{AE46C866-D99E-4B63-A2A3-F5F25CC5CED1}C:\program files\games\warcarft3\war3.exe" = protocol=6 | dir=in | app=c:\program files\games\warcarft3\war3.exe |
"TCP Query User{CE4BAFCB-15DD-4B99-9F18-811C5C7DD1F3}C:\users\dell\appdata\local\temp\cprogram filesopera\operaupgrader.exe" = protocol=6 | dir=in | app=c:\users\dell\appdata\local\temp\cprogram filesopera\operaupgrader.exe |
"TCP Query User{DF2C9D29-8459-4F7C-807C-D719537BADCF}C:\program files\kwmusic\kwmusic.exe" = protocol=6 | dir=in | app=c:\program files\kwmusic\kwmusic.exe |
"TCP Query User{FB4E085C-8AB9-4C45-A5D7-9BBF607A7046}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{FB87876F-C139-4D9F-B846-7972C14BC844}C:\program files\ttplayer\ttplayer.exe" = protocol=6 | dir=in | app=c:\program files\ttplayer\ttplayer.exe |
"UDP Query User{2A5FF0AC-0A05-4DCC-A7D2-4F6C025C887D}C:\program files\kwmusic\kwmusic.exe" = protocol=17 | dir=in | app=c:\program files\kwmusic\kwmusic.exe |
"UDP Query User{2C48B2A7-8324-439D-BCD2-03E276E8F6EF}C:\program files\games\warcarft3\war3.exe" = protocol=17 | dir=in | app=c:\program files\games\warcarft3\war3.exe |
"UDP Query User{4988BEBB-8DC1-4A7B-A8E1-BD879FE334D6}C:\program files\games\condition zero\hl.exe" = protocol=17 | dir=in | app=c:\program files\games\condition zero\hl.exe |
"UDP Query User{4F2E9F40-019F-4020-B2B5-B734C97D9264}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"UDP Query User{6528F533-E405-4712-BC5C-D20CE10C81F1}C:\program files\thunder network\thunder\program\thunder5.exe" = protocol=17 | dir=in | app=c:\program files\thunder network\thunder\program\thunder5.exe |
"UDP Query User{9531D107-EBE4-4247-96A4-6F113CC853FC}C:\users\dell\appdata\local\temp\cprogram filesopera\operaupgrader.exe" = protocol=17 | dir=in | app=c:\users\dell\appdata\local\temp\cprogram filesopera\operaupgrader.exe |
"UDP Query User{9F15A41A-023A-4727-A577-D12F6B7A8384}J:\war 3\war3.exe" = protocol=17 | dir=in | app=j:\war 3\war3.exe |
"UDP Query User{ADC3B955-C28A-4130-9C7D-9FB074A6360E}C:\program files\kwmusic\kwmv.exe" = protocol=17 | dir=in | app=c:\program files\kwmusic\kwmv.exe |
"UDP Query User{C2993F62-1487-4A5E-B3AA-8BE8DF9EF708}J:\war 3\war3.exe" = protocol=17 | dir=in | app=j:\war 3\war3.exe |
"UDP Query User{C74BDC9E-96DB-418D-BA14-1852842F3D4B}C:\program files\ttplayer\ttplayer.exe" = protocol=17 | dir=in | app=c:\program files\ttplayer\ttplayer.exe |
"UDP Query User{D342D619-085E-4039-A020-3D34F4953F30}C:\program files\ttplayer\ttplayer.exe" = protocol=17 | dir=in | app=c:\program files\ttplayer\ttplayer.exe |
"UDP Query User{DB35A379-C068-4D21-B52D-96CDAB811FD3}C:\program files\games\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\games\garena\garena.exe |
"UDP Query User{E4361E8E-3CB8-42B4-B177-052D05DA034F}C:\program files\games\condition zero\hl.exe" = protocol=17 | dir=in | app=c:\program files\games\condition zero\hl.exe |
"UDP Query User{ED0CE6EC-5601-4005-9E1F-2250C35D4EA1}C:\program files\games\warcarft3\war3.exe" = protocol=17 | dir=in | app=c:\program files\games\warcarft3\war3.exe |
"UDP Query User{EE6714B7-A9C8-419A-85AB-0A6E3C70952F}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B6CAD40-063E-4198-B580-C077C1E72FE2}" = GIZMO ver.2
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.7
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2AEC19D2-037B-4099-9AE0-267CAD0B522C}" = YouTube Downloader Toolbar v5.8
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3763A2B4-B07A-4E4D-994D-7D2C6AF0CF9E}" = Safari
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{55FFA15B-4B16-4E17-AD8B-95EC3C793DE3}" = ESET Smart Security
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7B738CD9-D107-48C7-8E65-2E6639A39C8D}" = PerfectDisk 10 Professional
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D57197A0-E318-42CC-AA6D-8CB5543E3076}" = UNIQLOCK SCREENSAVER
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD129AAE-30BD-4E64-BD35-94CEC21F1C0E}" = Seraphim
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"AutoComplete ActiveX Control" = AutoComplete ActiveX Control
"AVG Secure Search" = AVG Security Toolbar
"CCleaner" = CCleaner
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Condition Zero" = Condition Zero
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Eset-NOD32: Fix Dasumo v3.2 hasta el 2038" = Eset-NOD32: Fix Dasumo v3.2 hasta el 2038
"FormatFactory" = FormatFactory 2.20
"Garena" = Garena 2010
"GOM Player" = GOM Player
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD Ultra
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"KwMusic" = 酷我音乐盒 2010
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel® PROSet/Wireless Software
"Rainmeter" = Rainmeter (remove only)
"RealAlt_is1" = Real Alternative 2.0.2
"Recuva" = Recuva
"Registry Fix_is1" = RegistryFix v8.0
"thunder_is1" = 迅雷5
"TTPlayer" = 千千静听 5.7正式版
"VeriFace" = VeriFace
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 压缩文件管理器
"帝国时代3之亚洲王朝 简体中文版_is1" = 帝国时代3之亚洲王朝 简体中文版
"金庸群侠传3单机版" = 金庸群侠传3单机版
"快车(FlashGet)3.7" = 快车(FlashGet)3.7 正式版
"美女写真天蚕变" = 美女写真天蚕变
"三国群英传7 中文破解版_is1" = 三国群英传7 中文破解版
"性感海滩3_is1" = 性感海滩3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2012/6/8 1:36:38 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 2012/6/8 1:36:38 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 2012/6/8 1:36:38 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 2012/6/8 1:36:38 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 2012/6/8 1:36:38 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 2012/6/8 1:36:38 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 2012/6/8 1:36:38 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 2012/6/8 1:36:38 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 2012/6/8 1:36:39 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 2012/6/8 3:00:21 | Computer Name = ShenKaeSiew | Source = EventSystem | ID = 4609
Description =
[ Media Center Events ]
Error - 2008/6/14 13:42:43 | Computer Name = Inspiron_1420 | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 2008/6/24 0:20:40 | Computer Name = ShenKaeSiew | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 2008/7/10 7:23:09 | Computer Name = ShenKaeSiew | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 2008/7/22 19:45:26 | Computer Name = ShenKaeSiew | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 2008/8/10 2:19:50 | Computer Name = ShenKaeSiew | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 2008/8/10 2:21:56 | Computer Name = ShenKaeSiew | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 2008/9/29 8:46:02 | Computer Name = ShenKaeSiew | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 2008/11/2 14:07:04 | Computer Name = ShenKaeSiew | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 2010/2/20 1:49:19 | Computer Name = ShenKaeSiew | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 2010/2/20 3:51:24 | Computer Name = ShenKaeSiew | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
[ OSession Events ]
Error - 2008/9/2 8:00:32 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 493
seconds with 300 seconds of active time. This session ended with a crash.
Error - 2008/9/2 8:00:54 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2008/9/2 13:23:14 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 328
seconds with 300 seconds of active time. This session ended with a crash.
Error - 2008/10/7 10:56:44 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1106
seconds with 1080 seconds of active time. This session ended with a crash.
Error - 2008/10/18 14:59:46 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2008/10/18 15:00:05 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2008/10/19 2:18:14 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2008/10/20 2:40:14 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2009/3/21 17:26:12 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 2, Application Name: Microsoft Office Access, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 55
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2009/5/25 17:59:13 | Computer Name = ShenKaeSiew | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 806
seconds with 660 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 2012/6/8 2:58:39 | Computer Name = ShenKaeSiew | Source = d347bus | ID = 262148
Description =
Error - 2012/6/8 2:59:25 | Computer Name = ShenKaeSiew | Source = EventLog | ID = 6008
Description = The previous system shutdown at 14:46:31 on 2012/6/8 was unexpected.
Error - 2012/6/8 2:59:52 | Computer Name = ShenKaeSiew | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
Error - 2012/6/8 3:00:02 | Computer Name = ShenKaeSiew | Source = DCOM | ID = 10005
Description =
Error - 2012/6/8 3:00:21 | Computer Name = ShenKaeSiew | Source = DCOM | ID = 10005
Description =
Error - 2012/6/8 3:00:27 | Computer Name = ShenKaeSiew | Source = DCOM | ID = 10005
Description =
Error - 2012/6/8 3:00:35 | Computer Name = ShenKaeSiew | Source = DCOM | ID = 10005
Description =
Error - 2012/6/8 3:00:44 | Computer Name = ShenKaeSiew | Source = Service Control Manager | ID = 7001
Description =
Error - 2012/6/8 3:00:44 | Computer Name = ShenKaeSiew | Source = Service Control Manager | ID = 7026
Description =
Error - 2012/6/8 3:02:05 | Computer Name = ShenKaeSiew | Source = DCOM | ID = 10005
Description =
< End of report >
OTL logfile created on: 2012/6/8 18:03:34 - Run 1
OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\Dell\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000804 | Country: People's Republic of China | Language: CHS | Date Format: yyyy/M/d
2.00 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 47.97% Memory free
4.23 Gb Paging File | 3.41 Gb Available in Paging File | 80.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.47 Gb Total Space | 22.13 Gb Free Space | 16.22% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 2.17 Gb Free Space | 21.74% Space Free | Partition Type: NTFS
Computer Name: SHENKAESIEW | User Name: Dell | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/08 17:51:29 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Dell\Desktop\OTL.exe
PRC - [2009/04/11 14:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/23 09:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Dell\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
MOD - [2012/05/23 09:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Dell\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
MOD - [2012/05/23 09:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Dell\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll
MOD - [2012/05/23 09:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Dell\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll
MOD - [2012/05/23 09:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Dell\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll
MOD - [2012/05/23 09:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Dell\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
MOD - [2012/05/23 09:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Dell\AppData\Local\Google\Chrome\APPLIC~1\190108~1.52\gcswf32.dll
MOD - [2009/03/12 00:06:14 | 000,241,752 | ---- | M] () -- C:\Program Files\Lenovo\VeriFace\IcnOvrly.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- c:\program files\nos\bin\getplus_helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2012/06/02 11:26:49 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/25 15:12:54 | 000,785,344 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/03/22 09:07:07 | 000,918,880 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2011/10/20 08:12:56 | 000,503,536 | ---- | M] (Baidu.com, Inc.) [On_Demand | Stopped] -- C:\Program Files\BaiDu\BaiduUpdate\bdupdate.exe -- (BaiduUpdater)
SRV - [2010/01/26 13:46:16 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk2008\PDEngine.exe -- (PDEngine)
SRV - [2010/01/26 13:46:14 | 000,939,272 | ---- | M] (Raxco Software, Inc.) [Auto | Stopped] -- C:\Program Files\Raxco\PerfectDisk2008\PDAgent.exe -- (PDAgent)
SRV - [2009/02/19 00:30:20 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/08/18 13:30:58 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2008/08/18 13:25:10 | 000,468,224 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/14 18:29:24 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/05/14 18:09:23 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/19 15:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 15:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 15:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008/01/02 12:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/02 12:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Dell\AppData\Local\Temp\QQF4C63.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2010/08/01 05:22:53 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/07/10 06:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/06/26 01:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2009/09/01 17:51:32 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/10/27 14:42:48] [Kernel | Auto | Stopped] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2009/08/20 11:11:30 | 000,073,232 | ---- | M] (Raxco Software, Inc.) [File_System | Boot | Stopped] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009/03/30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008/12/18 23:44:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/12/18 23:43:48 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/12/18 23:43:40 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/08/18 13:27:42 | 000,054,280 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2008/08/18 13:27:40 | 000,030,728 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2008/08/18 13:27:36 | 000,071,688 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2008/08/18 13:19:26 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\easdrv.sys -- (easdrv)
DRV - [2008/08/18 13:18:26 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2008/01/02 12:37:18 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/03 13:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/03 13:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/09/24 17:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/27 15:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 15:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 15:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 15:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 15:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/08/05 08:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2004/08/22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\d347prt.sys -- (d347prt)
DRV - [2004/08/22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\d347bus.sys -- (d347bus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ap.dell....c=my&l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.4318.com/?kuai
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://bar.baidu.com...aultsearch.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch_sb =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://bar.baidu.com...aultsearch.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant_sb = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.93965.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.baidu.com...p?tn=avantcn_dg
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.getdota.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.my/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://malaysia.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-my
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8F 09 71 26 46 16 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CE9CB67A-D729-4fed-A44F-B901A514C291} - C:\Windows\System32\cssrhplus.dll (ChinaStar Studio)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {8929A5FA-4969-402A-988E-778E2684D6FD}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{8929A5FA-4969-402A-988E-778E2684D6FD}: "URL" = http://www.baidu.com...d={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-03-22 09:07:08&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2}: "URL" = http://www.baidu.com...n=utf8kb_oem_dg
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.103: c:\program files\nos\bin\np_gp.dll File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrlPlugin: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(899).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dell\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dell\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012/03/22 09:07:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{A89AED22-9133-424c-88E7-C8235C5FF302}: C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\ [2010/11/07 00:14:44 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: GamePlayLabs Plugin (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\npGamePlayLabsPlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Windows Media Player\np-mswmp.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll
CHR - plugin: Thunder DapCtrl Plugin (Enabled) = C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(899).dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DropinSavings = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\1.0_0\
CHR - Extension: GamePlayLabs Plugin = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\
CHR - Extension: Gmail = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/01/12 23:49:03 | 000,000,905 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 173.212.255.178 embedded.garena.com
O1 - Hosts: 173.212.255.178 embedded.garenanow.com
O1 - Hosts: 173.212.255.178 ad.garena.com
O1 - Hosts: 173.212.255.178 ad.garenanow.com
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {040EE122-CAE3-4F99-A63F-EC9165E8FE5B} - No CLSID value found.
O2 - BHO: (PIPI Link Helper) - {1A3440C6-F123-4CAB-84EE-C814E1AE0D8F} - C:\Users\Dell\AppData\Roaming\pipi\JfCheck.dll (PIPI Tech.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Dell\AppData\Roaming\FlashGetBHO\FlashGetBHO31.dll (Trend Media Group)
O2 - BHO: (no name) - {E1360DF6-AC39-771E-F3C0-315741BA4331} - No CLSID value found.
O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No CLSID value found.
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe (Symantec Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VeriFacePassManager] C:\Program Files\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxConnectionPer1_0Server = 16
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxConnectionPerServer = 16
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Dell\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载当前视频 - C:\Users\Dell\AppData\Roaming\FlashGetBHO\GetFlvUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Dell\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部视频 - C:\Users\Dell\AppData\Roaming\FlashGetBHO\GetAllFlvUrl.htm ()
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm ()
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getAllurl.htm ()
O9 - Extra Button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe (深圳市迅雷网络技术有限公司)
O9 - Extra 'Tools' menuitem : 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe (深圳市迅雷网络技术有限公司)
O9 - Extra Button: Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\Program Files\Lenovo\VeriFace\OpenWnd.exe (Lenovo)
O9 - Extra 'Tools' menuitem : Password Administration Box - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\Program Files\Lenovo\VeriFace\OpenWnd.exe (Lenovo)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.0.cab (Reg Error: Key error.)
O16 - DPF: {1DABF8D5-8430-4985-9B7F-A30E53D709B3} http://cache.tv.qq.c...veInstaller.cab (InstallHelper Class)
O16 - DPF: {1FAF427B-1EE5-43D3-A023-3009142AFCDC} https://www.ecmlibra...l/csoex_ecm.cab (CS Order Entry Control (ECM))
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {B9B2EE1A-E314-4338-A305-BE845EACB112} https://www.ecmlibra...ontrol/cswx.cab (CyberStock 250)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ad...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA9000EA-0D31-46A4-87DB-72FE74D72005}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\KuGoo - No CLSID value found
O18 - Protocol\Handler\KuGoo3 - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 05:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/05/09 04:10:14 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008/07/05 12:32:11 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{09b36307-7dc7-11de-a716-001ec9070864}\Shell\AutoRun\command - "" = F\UCK\FK.exe
O33 - MountPoints2\{09b36307-7dc7-11de-a716-001ec9070864}\Shell\open\command - "" = F\UCK\FK.exe
O33 - MountPoints2\{3c481c29-93ba-11de-a65d-001f3ad922ae}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL pet32.exe
O33 - MountPoints2\{3c481c2e-93ba-11de-a65d-001f3ad922ae}\Shell - "" = AutoRun
O33 - MountPoints2\{3c481c2e-93ba-11de-a65d-001f3ad922ae}\Shell\AutoRun\command - "" = H:\start.exe
O33 - MountPoints2\{3e8ae999-aeed-11dd-9814-001ec9070864}\Shell\AutoRun\command - "" = RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
O33 - MountPoints2\{3e8ae999-aeed-11dd-9814-001ec9070864}\Shell\open\command - "" = RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
O33 - MountPoints2\{6ade7edd-67b3-11dd-b77b-001f3ad922ae}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL system.exe
O33 - MountPoints2\{6ade7edd-67b3-11dd-b77b-001f3ad922ae}\Shell\Explore\command - "" = system.exe
O33 - MountPoints2\{6ade7edd-67b3-11dd-b77b-001f3ad922ae}\Shell\Open\command - "" = system.exe
O33 - MountPoints2\{6ade7ee2-67b3-11dd-b77b-001f3ad922ae}\Shell - "" = AutoRun
O33 - MountPoints2\{6ade7ee2-67b3-11dd-b77b-001f3ad922ae}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{9c3ebd17-3618-11df-9df2-001f3ad922ae}\Shell - "" = AutoRun
O33 - MountPoints2\{9c3ebd17-3618-11df-9df2-001f3ad922ae}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{a832cba9-d234-11dd-a5c9-001ec9070864}\Shell\AutoRun\command - "" = I:\ph.com
O33 - MountPoints2\{a832cba9-d234-11dd-a5c9-001ec9070864}\Shell\explore\Command - "" = I:\ph.com
O33 - MountPoints2\{a832cba9-d234-11dd-a5c9-001ec9070864}\Shell\open\Command - "" = I:\ph.com
O33 - MountPoints2\{ad13588d-01b2-11df-a3e7-001f3ad922ae}\Shell\AutoRun\command - "" = boot/ldr.exe
O33 - MountPoints2\{ad13588d-01b2-11df-a3e7-001f3ad922ae}\Shell\explore\command - "" = boot//ldr.exe
O33 - MountPoints2\{ad13588d-01b2-11df-a3e7-001f3ad922ae}\Shell\open\command - "" = boot/ldr.exe
O33 - MountPoints2\{d801fe64-f42d-11de-bc83-001f3ad922ae}\Shell\AutoRun\command - "" = F:\WDSetup.exe
O33 - MountPoints2\{ef098ffa-f70c-11dd-b368-001ec9070864}\Shell - "" = AutoRun
O33 - MountPoints2\{ef098ffa-f70c-11dd-b368-001ec9070864}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{f8525ceb-2cca-11dd-81c9-001ec9070864}\Shell - "" = AutoRun
O33 - MountPoints2\{f8525ceb-2cca-11dd-81c9-001ec9070864}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{fc2f82fd-cfde-11dd-bb99-001ec9070864}\Shell - "" = AutoRun
O33 - MountPoints2\{fc2f82fd-cfde-11dd-bb99-001ec9070864}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:)
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/08 17:51:24 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Dell\Desktop\OTL.exe
[2012/06/04 08:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegistryFix8
[2012/06/03 00:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
[2012/06/02 00:13:25 | 000,000,000 | ---D | C] -- C:\Users\Dell\Desktop\registry
[2012/06/01 23:42:05 | 000,000,000 | ---D | C] -- C:\Program Files\RegistryFix8
[2012/06/01 23:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RegInOut
[2012/06/01 23:23:20 | 000,000,000 | ---D | C] -- C:\Windows\RegInOut System Utilities
[2012/05/26 17:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012/05/26 17:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar
[2012/05/21 09:13:38 | 000,000,000 | ---D | C] -- C:\Users\Dell\Desktop\NAME LIST OF HOMEGUARD KAWASAN PARLIMEN TG PIAI N LISTS OF 3 APPLICANT UNDER PER 15A
[2012/05/19 16:54:36 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/13 21:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Dell\Desktop\*.tmp files -> C:\Users\Dell\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/08 17:51:29 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Dell\Desktop\OTL.exe
[2012/06/08 14:59:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/08 14:32:37 | 000,700,580 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/08 14:32:37 | 000,144,236 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/08 14:29:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/08 14:28:17 | 000,223,603 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/06/08 14:28:17 | 000,223,603 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/06/08 14:27:32 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/08 14:26:20 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/08 14:26:20 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/08 14:24:25 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/06/08 14:13:09 | 000,000,558 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-253632338-3965019026-1984280192-1000UA.job
[2012/06/06 12:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/06 12:01:53 | 323,431,663 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/06/06 00:09:38 | 000,034,816 | ---- | M] () -- C:\Users\Dell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/05 23:12:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-253632338-3965019026-1984280192-1000Core.job
[2012/06/03 03:00:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\RegInOut Scheduled Scan - Dell.job
[2012/06/02 15:33:28 | 000,116,938 | ---- | M] () -- C:\Users\Dell\Desktop\[HDzone]地心历险记1-2合集.torrent
[2012/06/02 15:33:13 | 000,022,645 | ---- | M] () -- C:\Users\Dell\Desktop\[HDzone]建筑学概论.torrent
[2012/06/01 19:14:26 | 000,001,356 | ---- | M] () -- C:\Users\Dell\AppData\Local\d3d9caps.dat
[2012/05/28 17:14:53 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\At1.job
[2012/05/26 11:06:44 | 000,045,194 | ---- | M] () -- C:\Users\Dell\AppData\Roaming\room_v3.dat
[2012/05/13 11:10:01 | 002,471,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Dell\Desktop\*.tmp files -> C:\Users\Dell\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/06/06 12:01:53 | 323,431,663 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/06/02 15:33:24 | 000,116,938 | ---- | C] () -- C:\Users\Dell\Desktop\[HDzone]地心历险记1-2合集.torrent
[2012/06/02 15:33:12 | 000,022,645 | ---- | C] () -- C:\Users\Dell\Desktop\[HDzone]建筑学概论.torrent
[2012/06/01 23:23:26 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\RegInOut Scheduled Scan - Dell.job
[2011/05/26 18:09:17 | 000,045,194 | ---- | C] () -- C:\Users\Dell\AppData\Roaming\room_v3.dat
[2011/03/24 14:30:22 | 000,046,658 | ---- | C] () -- C:\Users\Dell\AppData\Roaming\room.dat
[2011/02/10 06:51:54 | 000,357,376 | ---- | C] () -- C:\Windows\System32\MFHEAACdec.dll
[2010/07/25 20:04:08 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
========== LOP Check ==========
[2012/05/28 17:14:53 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2012/06/03 03:00:00 | 000,000,330 | ---- | M] () -- C:\Windows\Tasks\RegInOut Scheduled Scan - Dell.job
[2012/06/02 01:20:04 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Sign In
Create Account
