i did the OTL scan, heres the things in the notepad:
OTL:
OTL logfile created on: 03/08/2011 11:51:28 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Alex Liu\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.75 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 73.55% Memory free
5.72 Gb Paging File | 5.19 Gb Available in Paging File | 90.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 296.40 Gb Total Space | 199.62 Gb Free Space | 67.35% Space Free | Partition Type: NTFS
Drive D: | 288.34 Gb Total Space | 279.87 Gb Free Space | 97.06% Space Free | Partition Type: NTFS
Drive Z: | 11.43 Gb Total Space | 0.50 Gb Free Space | 4.38% Space Free | Partition Type: NTFS
Computer Name: ALEX-PC | User Name: Alex Liu | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Alex Liu\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\Alex Liu\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Norton Internet Security) -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (FastUserSwitchingCompatibility) -- C:\Windows\Installer\AMDEx.msi ()
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdvancedSystemCareService) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (KMService) -- C:\Windows\System32\srvany.exe ()
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (sp_rssrv) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (EagleXNt) -- C:\Windows\System32\drivers\EagleXNt.sys (AhnLab, Inc.)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (sp_rsdrv2) -- C:\Windows\System32\drivers\sp_rsdrv2.sys ()
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (pwdrvio) -- C:\Windows\System32\pwdrvio.sys ()
DRV - (pwdspio) -- C:\Windows\System32\pwdspio.sys ()
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) -- C:\Program Files\PC-Doctor for Windows\pcd5srvc.pkms (PC-Doctor, Inc.)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
AOL.co.uk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
AOL.co.uk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
Search Assistant
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
Internet Explorer Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
AOL.co.uk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
%s - Crawler.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
Bing
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
Google
IE - HKCU\..\URLSearchHook: {1E315374-71A5-471A-B683-4C4ADB5C588B} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.co.uk"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: cfxHelper@Triton:1.2
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.7
FF - prefs.js..extensions.enabledItems:
[email protected]:6.0.1203
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.7896
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18
FF - prefs.js..extensions.enabledItems:
[email protected]:3.6.5
FF - prefs.js..extensions.enabledItems: cfxe@Triton:3.6.5
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60446&qkw="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\Users\ALEXLI~1\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/07/24 09:43:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/07/16 16:05:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/15 01:04:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/22 17:14:57 | 000,000,000 | ---D | M]
[2010/10/06 16:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Extensions
[2010/07/06 19:50:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/10/06 16:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Extensions\
[email protected]
[2011/08/02 11:46:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions
[2010/08/14 14:58:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/02 15:13:08 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/07/06 11:53:44 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2011/07/02 12:47:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/07/21 00:16:33 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/12/08 20:14:39 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010/08/14 14:58:37 | 000,000,000 | ---D | M] (Chromifox Extreme) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\cfxe@Triton
[2010/08/14 14:58:54 | 000,000,000 | ---D | M] (Chromifox Companion) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\cfxHelper@Triton
[2010/07/06 19:52:53 | 000,000,000 | ---D | M] (Chromifox Basic) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\
[email protected]
[2011/07/02 12:47:44 | 000,000,000 | ---D | M] (Tab Scope) -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\extensions\
[email protected]
[2010/12/04 14:33:35 | 000,001,540 | ---- | M] () -- C:\Users\Alex Liu\AppData\Roaming\Mozilla\Firefox\Profiles\j6nhl48u.default\searchplugins\swagbuckscom.xml
[2011/08/02 11:46:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/23 01:29:32 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/06/22 17:14:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/12/06 23:44:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/13 00:35:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/07/16 16:05:02 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/06/22 17:14:54 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2011/06/22 17:14:54 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/07/27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2011/06/22 17:14:56 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2011/06/07 12:35:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2010/06/26 08:47:04 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/06/26 08:47:04 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2010/06/26 08:47:04 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2007/07/26 14:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2010/06/26 08:47:04 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2010/06/26 08:47:04 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/06/26 08:47:04 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2010/06/26 08:47:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2010/06/26 08:47:04 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ctfmon.exe] C:\Windows\System32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 111222.cn (
[list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pps.tv ([kan] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pps.tv (
[list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pps.tv ([tvguide] http in Trusted sites)
O15 - HKCU\..Trusted Domains: pps.tv ([vodguide] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com (
[list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([notice] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([xml1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([xml2] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.com ([xml3] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstream.net (
[list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstv.com (
[list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ppstv.net (
[list1] http in Trusted sites)
O15 - HKCU\..Trusted Domains: security_PPStream.exe ([]about in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{79990606-014d-11e0-ab63-00248c4b7693}\Shell - "" = AutoRun
O33 - MountPoints2\{79990606-014d-11e0-ab63-00248c4b7693}\Shell\AutoRun\command - "" = F:\DPFMate.exe
O33 - MountPoints2\{9a487b14-d159-11df-be1d-00248c4b7693}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe
O33 - MountPoints2\{d12b056f-72a3-11e0-a691-00248c4b7693}\Shell - "" = AutoRun
O33 - MountPoints2\{d12b056f-72a3-11e0-a691-00248c4b7693}\Shell\AutoRun\command - "" = F:\DPFMate.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/08/03 11:32:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/07/29 11:56:10 | 000,484,064 | ---- | C] (AhnLab, Inc.) -- C:\Windows\System32\drivers\EagleXNt.sys
[2011/07/28 01:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4
[2011/07/25 16:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2011/07/25 16:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\AutoHotkey
[2011/07/24 17:53:25 | 000,000,000 | ---D | C] -- C:\Users\Alex Liu\Documents\RSBot
[2011/07/23 01:29:48 | 000,000,000 | ---D | C] -- C:\Users\Alex Liu\AppData\Roaming\Skype
[2011/07/23 01:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/07/23 01:29:14 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/07/23 01:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/07/15 15:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2011/07/15 15:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\Left 4 Dead 2
[2011/07/14 21:10:50 | 000,000,000 | ---D | C] -- C:\Users\Alex Liu\{fd08e1bd-ba42-4c5d-8213-8797fd5f5dc5}
[2011/07/14 21:08:37 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011/07/14 21:08:36 | 000,000,000 | ---D | C] -- C:\Users\Alex Liu\AppData\Roaming\SystemRequirementsLab
[2011/07/13 18:05:42 | 000,000,000 | ---D | C] -- C:\Users\Alex Liu\AppData\Local\{CFE71322-034E-4A8A-9163-6BF7FF5FA11A}
[2011/07/13 05:53:39 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/13 05:53:37 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/13 05:53:37 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/07/09 13:12:52 | 000,839,680 | ---- | C] (
www) -- C:\Windows\System32\LameACM.acm
[2011/07/06 14:22:01 | 000,000,000 | ---D | C] -- C:\Users\Alex Liu\AppData\Local\{78E34C42-C29B-450F-AFAB-9D609C99DBCA}
[2011/07/06 12:17:26 | 000,000,000 | ---D | C] -- C:\Users\Alex Liu\AppData\Local\NVIDIA Corporation
[2011/07/06 12:16:02 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA nTune Performance Application
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/08/03 11:48:00 | 000,612,604 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/03 11:48:00 | 000,109,322 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/03 11:46:56 | 000,459,264 | ---- | M] () -- C:\Users\Alex Liu\Desktop\CKScanner.exe
[2011/08/03 11:43:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/03 11:35:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/03 11:35:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/03 11:31:35 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/08/03 11:30:04 | 000,000,129 | ---- | M] () -- C:\Users\Alex Liu\jagex_runescape_preferences2.dat
[2011/08/03 11:26:47 | 000,000,046 | ---- | M] () -- C:\Users\Alex Liu\jagex_runescape_preferences.dat
[2011/08/03 03:08:30 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2011/08/01 22:32:29 | 000,484,064 | ---- | M] (AhnLab, Inc.) -- C:\Windows\System32\drivers\EagleXNt.sys
[2011/07/30 11:35:31 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/07/28 19:48:20 | 000,000,010 | ---- | M] () -- C:\Users\Alex Liu\AppData\Roaming\RSBuddy Login.ini
[2011/07/25 16:16:41 | 000,000,088 | ---- | M] () -- C:\Users\Alex Liu\Documents\
www.ahk
[2011/07/25 16:14:15 | 000,000,187 | ---- | M] () -- C:\Users\Alex Liu\Documents\sss.ahk
[2011/07/25 16:13:43 | 000,001,351 | ---- | M] () -- C:\Users\Alex Liu\Documents\AutoHotkey.ahk
[2011/07/25 13:23:41 | 000,000,090 | ---- | M] () -- C:\Users\Alex Liu\AppData\Roaming\RSBuddy_poolwizard.ini
[2011/07/25 01:33:04 | 000,012,800 | ---- | M] () -- C:\Users\Alex Liu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/24 18:34:16 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/07/24 17:54:10 | 000,000,034 | ---- | M] () -- C:\Users\Alex Liu\AppData\Roaming\RSBot_Accounts.ini
[2011/07/23 16:50:28 | 327,961,402 | ---- | M] () -- C:\Users\Alex Liu\Documents\clip0002.avi
[2011/07/23 16:48:48 | 321,242,210 | ---- | M] () -- C:\Users\Alex Liu\Documents\clip0001.avi
[2011/07/16 16:15:04 | 000,001,799 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/07/16 16:15:03 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/07/14 19:59:46 | 000,420,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/12 18:53:45 | 000,000,774 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/07/09 13:13:22 | 000,000,918 | ---- | M] () -- C:\Users\Public\Desktop\CAE Report Generator.lnk
[2011/07/09 13:12:58 | 000,067,863 | ---- | M] () -- C:\Windows\System32\x264vfw-uninstall.exe
[2011/07/08 17:00:06 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Defraggler Volume C Task.job
[2011/07/04 12:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/07/04 12:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/07/04 12:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/07/04 12:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/07/04 12:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/07/04 12:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/07/04 12:32:20 | 000,054,104 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/07/04 12:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/08/03 11:46:56 | 000,459,264 | ---- | C] () -- C:\Users\Alex Liu\Desktop\CKScanner.exe
[2011/08/03 11:32:07 | 000,001,778 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/07/28 19:48:20 | 000,000,010 | ---- | C] () -- C:\Users\Alex Liu\AppData\Roaming\RSBuddy Login.ini
[2011/07/25 16:16:41 | 000,000,088 | ---- | C] () -- C:\Users\Alex Liu\Documents\
www.ahk
[2011/07/25 16:14:15 | 000,000,187 | ---- | C] () -- C:\Users\Alex Liu\Documents\sss.ahk
[2011/07/25 16:13:43 | 000,001,351 | ---- | C] () -- C:\Users\Alex Liu\Documents\AutoHotkey.ahk
[2011/07/25 13:23:41 | 000,000,090 | ---- | C] () -- C:\Users\Alex Liu\AppData\Roaming\RSBuddy_poolwizard.ini
[2011/07/24 17:54:02 | 000,000,034 | ---- | C] () -- C:\Users\Alex Liu\AppData\Roaming\RSBot_Accounts.ini
[2011/07/23 16:49:13 | 327,961,402 | ---- | C] () -- C:\Users\Alex Liu\Documents\clip0002.avi
[2011/07/23 16:47:30 | 321,242,210 | ---- | C] () -- C:\Users\Alex Liu\Documents\clip0001.avi
[2011/07/23 01:29:21 | 000,002,337 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/07/16 16:15:04 | 000,001,799 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/07/12 18:53:45 | 000,000,774 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/07/09 13:12:52 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2011/05/07 23:45:38 | 000,046,658 | ---- | C] () -- C:\Users\Alex Liu\AppData\Roaming\room.dat
[2011/05/07 17:58:05 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011/04/10 16:06:14 | 000,012,800 | ---- | C] () -- C:\Users\Alex Liu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/09 21:30:29 | 000,009,784 | -HS- | C] () -- C:\Users\Alex Liu\AppData\Local\5tp0jtoe6u6hrfanp5a74iam6f2067y4l
[2011/04/09 21:30:29 | 000,009,784 | -HS- | C] () -- C:\ProgramData\5tp0jtoe6u6hrfanp5a74iam6f2067y4l
[2011/04/09 21:30:09 | 000,004,152 | ---- | C] () -- C:\Users\Alex Liu\AppData\Roaming\BFB0.551
[2011/02/26 00:57:00 | 000,000,019 | ---- | C] () -- C:\Windows\powerlist.ini
[2011/02/23 16:43:47 | 000,000,306 | ---- | C] () -- C:\Windows\powerplayer.ini
[2011/02/23 16:43:47 | 000,000,116 | ---- | C] () -- C:\Windows\psnetwork.ini
[2011/02/02 17:41:11 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/01/30 17:58:02 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
[2011/01/07 18:33:55 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/01/07 18:33:55 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/01/07 18:33:49 | 000,067,863 | ---- | C] () -- C:\Windows\System32\x264vfw-uninstall.exe
[2010/09/11 16:29:54 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2010/08/17 22:21:02 | 000,535,624 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2010/08/17 22:21:02 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2010/08/17 22:20:52 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2010/08/03 23:38:36 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/08/03 23:37:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/07/14 07:55:38 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/07/06 19:50:22 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/07/06 19:46:13 | 000,000,680 | ---- | C] () -- C:\Users\Alex Liu\AppData\Local\d3d9caps.dat
[2010/07/06 19:42:45 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2010/02/17 07:44:36 | 000,014,848 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2010/02/17 07:44:32 | 000,073,728 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/29 07:35:54 | 002,378,752 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2009/03/17 12:05:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/03/17 05:00:23 | 000,000,428 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2009/03/17 04:26:26 | 000,354,816 | ---- | C] () -- C:\Windows\System32\pythoncom26.dll
[2009/03/17 04:26:26 | 000,108,032 | ---- | C] () -- C:\Windows\System32\pywintypes26.dll
[2008/10/22 06:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,420,368 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,612,604 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,109,322 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== LOP Check ==========
[2010/09/06 18:23:00 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\CAE_Report_Generator
[2011/01/30 17:23:25 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\Canon
[2011/07/16 19:28:37 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\EpicBot
[2011/05/28 12:33:39 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\GameRanger
[2011/04/26 09:18:28 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\ijjigame
[2011/07/28 01:59:52 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\IObit
[2010/10/28 11:26:15 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\Leadertech
[2011/01/30 20:07:41 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\muvee Technologies
[2011/04/07 22:49:20 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\PPLive
[2011/04/07 23:21:50 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\PPStream
[2011/02/15 23:44:27 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\RoboForm
[2011/03/23 17:28:51 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\Spyware Terminator
[2011/07/17 00:58:48 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\SystemRequirementsLab
[2011/08/03 11:48:02 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\TeraCopy
[2010/10/06 16:23:56 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\TomTom
[2011/06/17 07:39:56 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\uTorrent
[2010/07/07 17:19:26 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\WinBatch
[2011/05/21 16:16:22 | 000,000,000 | ---D | M] -- C:\Users\Alex Liu\AppData\Roaming\WinFF
[2011/08/03 03:08:30 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\AWC Update.job
[2011/07/08 17:00:06 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\Defraggler Volume C Task.job
[2011/05/12 15:55:41 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2011/08/03 03:17:24 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Extras:
OTL Extras logfile created on: 03/08/2011 11:51:28 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Alex Liu\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.75 Gb Total Physical Memory | 2.02 Gb Available Physical Memory | 73.55% Memory free
5.72 Gb Paging File | 5.19 Gb Available in Paging File | 90.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 296.40 Gb Total Space | 199.62 Gb Free Space | 67.35% Space Free | Partition Type: NTFS
Drive D: | 288.34 Gb Total Space | 279.87 Gb Free Space | 97.06% Space Free | Partition Type: NTFS
Drive Z: | 11.43 Gb Total Space | 0.50 Gb Free Space | 4.38% Space Free | Partition Type: NTFS
Computer Name: ALEX-PC | User Name: Alex Liu | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- Reg Error: Value error.
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03ECB1E6-C7DA-4EB4-AB0E-EDB27450A405}" = lport=45682 | protocol=6 | dir=in | name=utorrent fast dl speed 456 |
"{04298C5D-585D-4FE2-A264-2D77D4B46F22}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0B082FA7-2271-4785-959F-931F0388167C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{0EF2EC94-0C3A-4A3E-B1F8-C2B8665FB0A8}" = lport=445 | protocol=6 | dir=in | app=system |
"{0FBD4740-D5BB-4E84-83BA-F691FD500653}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{152AAA7B-7431-4D3A-85DB-BFE9143E5C8F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{1B30FA79-AF97-4D5A-8851-E68853318EDA}" = rport=138 | protocol=17 | dir=out | app=system |
"{1E7BAA91-9539-4B43-916A-590CD5B63172}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{2395BF87-C69B-4858-ADE5-985A68905AE0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{2813E387-298F-4F47-9487-2ABA69157035}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2AFF6F63-8DB2-43AA-AC51-52582D0B4987}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{33652882-7158-4328-9FDA-B5997C2E38B0}" = rport=137 | protocol=17 | dir=out | app=system |
"{3E601F71-A1B4-4CB5-A14E-F9C800BEE803}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{40A33D9C-5BB7-4EAB-B350-DC4113771B70}" = lport=138 | protocol=17 | dir=in | app=system |
"{40F4F03F-0F55-468A-B94F-530DBBA9ADAB}" = lport=45682 | protocol=17 | dir=in | name=utorrent fast dl speed 456 |
"{4B10A00C-4926-4063-9A12-7409373F2D10}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4B6D1421-1B3D-4476-A1F9-70A4C1324724}" = lport=138 | protocol=17 | dir=in | app=system |
"{4CC0CEAF-7EB8-472E-A397-470BBF848C2A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{581D0942-321F-49EF-8A89-34F6253303BD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{5D5B3500-0249-4190-B1CE-598AFAEECD6C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{63CB72B4-3CDC-4CCF-A47A-F59CB7A93A76}" = lport=5358 | protocol=6 | dir=in | app=system |
"{78847704-3D25-4EEA-AD83-3AFB47B0CC35}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{87B295AD-A84D-4618-B165-56C53304506D}" = lport=139 | protocol=6 | dir=in | app=system |
"{89F51377-DCAA-4E32-AD5A-443C8B56193E}" = lport=137 | protocol=17 | dir=in | app=system |
"{8A59BDC5-9C39-4B2F-AC17-E655B5979B98}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{97791781-45C4-4DDE-BA81-CF87B68197A4}" = rport=5358 | protocol=6 | dir=out | app=system |
"{A5EA6027-6DEC-4FC1-98EF-8839D4E7ED15}" = lport=5357 | protocol=6 | dir=in | app=system |
"{B543BF3A-F1B1-406C-A535-48CEE6D24331}" = rport=139 | protocol=6 | dir=out | app=system |
"{C9615D0F-FBEF-47D9-BCCE-C88BCFDD8AB1}" = lport=137 | protocol=17 | dir=in | app=system |
"{CC289D70-D000-4EB0-8B16-2CF11BBBB313}" = rport=137 | protocol=17 | dir=out | app=system |
"{DEED6D8A-F8F4-41F8-8EAE-58AEFF5F301F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E97E3D94-AA54-4C06-ABDA-C75F10146DCB}" = rport=138 | protocol=17 | dir=out | app=system |
"{EA8A4483-FB78-49B1-83BA-26223EDC509F}" = rport=445 | protocol=6 | dir=out | app=system |
"{F29E5B14-759D-4BF2-BD72-5F05B616E2F9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{FD32F624-0DFE-4A6E-AFF7-F01B1C59B1BA}" = rport=5357 | protocol=6 | dir=out | app=system |
"{FE1DA784-6121-4188-B275-6E891228F926}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08F79167-3E36-46A6-80DF-7209C62C9525}" = protocol=17 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe |
"{0A7C3FBC-23F3-4039-8CF6-7E5205FCC39D}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0C278299-1876-4A05-9069-C9891C641616}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{16BA9FE1-7C73-4B13-909D-DBDB39B04163}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{16C11291-0F2E-44EF-98B3-20AB0B555B84}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{17F90C47-71FE-405C-9E67-7988610C03A4}" = protocol=6 | dir=out | app=system |
"{2E8C56D5-3DC2-4CFC-AF51-243B438FAEC3}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{37489F24-A5D6-45CE-B9D6-A61BD79133BB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{3910B69C-F5FF-4F8E-A9F0-2A9397E1131B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3CC2EB98-306F-4257-A597-37506E2BB08B}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{3D87B443-A08A-4654-8A5B-4DD12AC12D76}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{3E5C907C-D1F3-4405-8703-EC053784F8BB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{45DA34FE-1A13-49C2-93E2-A512EBDD3C40}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\combatarms.exe |
"{48C57F4F-D89B-4AEF-96CE-C273F112167C}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{5004926E-EDC6-4E62-AAFD-C636C53B7068}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{5171AD13-933E-43DA-B9B0-A3A62A904063}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{56630BA3-67BB-46D8-AC5B-4561C1AF41F7}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{57C92EAF-4FAC-472E-B26E-66F2CF593478}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{58CCABCE-2FE5-435D-82FB-1EB07B80BD4E}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{5AB11638-F5E4-4F25-ADCF-ED974E9BF141}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6835DE15-E11F-4C9D-8090-BC5277960673}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{69BB76D1-D6BE-4E48-9EA6-BD0405C14D71}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{6D5075E4-AE85-48D3-BB8B-5812B7A355E7}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{746C3747-CC26-4CF2-A6F8-7A338F8CBCE2}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{81C26EFB-6950-443D-8E88-A303F70C79A0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{8B0B2E06-19F0-4085-9F79-2CBBC905086D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{934E08E6-A6D4-4463-9683-309EA1A5516C}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{94F46DAF-507A-4087-916A-C40433F0E939}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{97071492-EA9C-4720-AB9E-2C6BE7E98E19}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{97279D71-4916-45D0-9A65-5EAF92CBA268}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{A0298182-8882-4BDA-9BB2-1885A4E3C7EC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{AA27A728-C7DC-406B-BA41-675425ED2E46}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{AB7331E6-5A3B-430A-9B7D-47E91B920144}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C80441E1-A0D6-4E57-A0E6-263C69F7C1B8}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{D38C23DF-009E-41C0-A4A8-D4EE2A391FAF}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{D7BE8FBC-3120-4C28-B647-3C7098115924}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{DACBDC6D-9D52-48D7-B14E-F5914BFEB359}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{DF476873-C749-4A46-A91A-7BD7E91D6A6F}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{DF5E623B-127C-4621-B88C-A20F56806045}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E846130B-2692-46CE-BA31-089C636FF7A3}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\combatarms.exe |
"{F7773322-7CAE-41ED-BC87-EC50313E912F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{F9E91079-6C0E-4054-BEB7-A7CFD9851DEA}" = protocol=6 | dir=in | app=c:\program files\reactor\ijjioptimizer.exe |
"{FAAFA4F8-A9BB-4D11-BC34-F87320F5B3B3}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"TCP Query User{05133DF5-596F-4E2C-9D7E-84D9AE5BA8C9}C:\users\alex liu\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe" = protocol=6 | dir=in | app=c:\users\alex liu\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe |
"TCP Query User{0F994954-C87E-4152-9E73-17F7D85CA8F5}C:\program files\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - black ops\blackops.exe |
"TCP Query User{1BF59AAE-F611-4133-98D3-674F017024AF}C:\users\alex liu\desktop\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\alex liu\desktop\left 4 dead 2\left4dead2.exe |
"TCP Query User{1E60B82A-111A-44C2-A4EC-3AFAAD64D833}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{36CA3F61-4BF8-45FE-B604-29311EEBC53C}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{58D19E61-E121-4123-A50C-272070BF9888}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{5EE7CF08-A869-4203-83B3-5203B475CC2D}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{673BE8B2-FB0E-4322-A7F8-A1B042A30E37}C:\program files\windows media player\wmplayer.exe" = protocol=6 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"TCP Query User{7512CED8-C77A-4528-B6DF-A1994A5CB9C9}C:\program files\jghdtv\kernel\pplive\pplive.exe" = protocol=6 | dir=in | app=c:\program files\jghdtv\kernel\pplive\pplive.exe |
"TCP Query User{8437E410-27A6-47DD-8C6A-6F7DF91F0D4E}C:\program files\jghdtv\jghdtv.exe" = protocol=6 | dir=in | app=c:\program files\jghdtv\jghdtv.exe |
"TCP Query User{893A8BB8-63A3-4A72-BD2E-5AB72C50E2F2}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{93134232-F9EA-4342-AC1A-31FD2762693C}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{94DAB03C-4E46-4B9A-AB2F-609BCE5D38E1}C:\users\alex liu\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\alex liu\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{9F0EC9CA-D3CB-41FE-AD5E-EE59E4C8EEE4}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{A2C18269-8655-4753-8B7F-10947A9295AD}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{BC291EA5-51B9-4FBA-B87F-4BDB01798839}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{C044AC80-0D85-45B1-8E24-833B7FC6B4D9}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{C332089F-1FD5-41BB-AEE1-17531A6809F0}C:\program files\jghdtv\kernel\pipi\jfcachemgr.exe" = protocol=6 | dir=in | app=c:\program files\jghdtv\kernel\pipi\jfcachemgr.exe |
"TCP Query User{C89280C3-661E-4C28-87B7-AA6E57FFB775}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{CDA088A1-1B8C-4C43-8C2B-6808BCC43FB3}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"TCP Query User{D9749E52-CB36-47F2-BD23-360AEB4AC359}C:\program files\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files\reactor\reactor.exe |
"TCP Query User{DB6CE6BC-BC0E-4E71-959F-F9FFB07368B7}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{ECD6D185-DFBE-4047-9713-0DEF2ADA36E8}C:\program files\jghdtv\kernel\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\jghdtv\kernel\sopcast\adv\sopadver.exe |
"TCP Query User{FCBB4E58-4241-4785-BA11-90210E5E0FCD}C:\program files\activision\call of duty - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - black ops\blackopsmp.exe |
"UDP Query User{045E3184-2734-4CEB-ABD6-E650B5A91365}C:\program files\activision\call of duty - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - black ops\blackopsmp.exe |
"UDP Query User{08F50852-2BEE-4EEC-BD91-E4A022415C8A}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{0B019FF1-F2DB-4046-BB8E-82EEFD1A1232}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{0D4A38FA-3505-47FE-8527-3C394321DB62}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{0E620060-F80A-452B-8BD0-BD363BFEBB47}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{1BFD4A5B-3EFD-4CAF-8B61-0F898168F128}C:\program files\jghdtv\jghdtv.exe" = protocol=17 | dir=in | app=c:\program files\jghdtv\jghdtv.exe |
"UDP Query User{1C5D25A8-AF03-4B6C-A8EE-8F3752CDD78C}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{231EB901-0807-4F96-AB65-EFB310F75356}C:\program files\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - black ops\blackops.exe |
"UDP Query User{30788178-04A6-434C-98ED-E378DAE34A1F}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"UDP Query User{3C663AAF-892C-4F4F-A616-400BE9AB5EF7}C:\program files\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files\reactor\reactor.exe |
"UDP Query User{448C9354-7F61-49C5-8B3E-5B67E600D8E7}C:\users\alex liu\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\alex liu\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{58F8F5CB-16FC-4BDA-AB0D-28520996D5A3}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{6956E085-C7BD-4287-A242-E45E860B9452}C:\program files\windows media player\wmplayer.exe" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"UDP Query User{7540BBCA-06E5-429B-A4C6-271990DCA17D}C:\program files\jghdtv\kernel\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\jghdtv\kernel\sopcast\adv\sopadver.exe |
"UDP Query User{7E937F8E-8106-420A-A639-88AAA941E9A9}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{8315B340-95FE-4C2B-8A2F-798FCD37B56C}C:\program files\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{A89E8455-4658-4C01-8BF7-A1587126376D}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"UDP Query User{AB25E870-975C-47A2-BE04-17AAB389CE35}C:\users\alex liu\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe" = protocol=17 | dir=in | app=c:\users\alex liu\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe |
"UDP Query User{ABDDA524-337D-48A7-90DB-3EB965D44AEA}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{AEBC5A20-B3CE-472B-9B15-5B7A3F69ED35}C:\users\alex liu\desktop\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\alex liu\desktop\left 4 dead 2\left4dead2.exe |
"UDP Query User{C78C8FD6-A30C-48CF-AA21-A388472EFABC}C:\program files\jghdtv\kernel\pipi\jfcachemgr.exe" = protocol=17 | dir=in | app=c:\program files\jghdtv\kernel\pipi\jfcachemgr.exe |
"UDP Query User{D4A255B5-C99F-4FC4-A572-F7B9216BC2E1}C:\program files\jghdtv\kernel\pplive\pplive.exe" = protocol=17 | dir=in | app=c:\program files\jghdtv\kernel\pplive\pplive.exe |
"UDP Query User{DED19C27-1B47-4F4C-B78A-99428C53CA3F}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{E656F94B-FAEB-4B30-8BFD-0BC29352D30D}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{7A181D43-86AE-4362-91BF-5C01A19653D7}_is1" = MiniTool Partition Wizard Professional Edition 6.0
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9FE59F0-5BFA-4FDF-84C6-F45457715379}" = InstallIQ Updater
"{AA468551-1794-42FE-B504-C41D75EEBDF2}_is1" = Partition Wizard Home Edition 5.0
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF3D8718-EF21-4408-AE38-A6DA98E1E2B6}" = LightScribe System Software 1.14.32.1
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D722CF4B-4B06-BF11-FDEA-BD1B319FEA57}" = muvee Reveal
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1591139-8B44-411B-A81B-D35F83A0565A}" = HP Customer Experience Enhancements
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7849D41-0A46-457D-827D-00FF47AF2D85}_is1" = CAE Report Generator v1.092
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"¼«¹â¸ßÇåµçÓ°µçÊÓ JGHDTV 2009" = ¼«¹â¸ßÇåµçÓ°µçÊÓ JGHDTV 2009 v1.0.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"AutoHotkey" = AutoHotkey 1.1.00.01
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BT Broadband Desktop Help" = BT Broadband Desktop Help
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CCleaner" = CCleaner
"Combat Arms EU" = Combat Arms EU
"Defraggler" = Defraggler
"Duke Nukem Forever_is1" = Duke Nukem Forever
"EpicBot" = EpicBot
"Fraps" = Fraps (remove only)
"Garena" = Garena 2010
"HyperCam 2" = HyperCam 2
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"L4D2SP" = Left 4 Dead 2 Standalone Patch™
"L4D2SPUC" = Left 4 Dead 2 Standalone Patch™
"LameACM" = Lame ACM MP3 Codec
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"PowerISO" = PowerISO
"pywin32-py2.6" = Python 2.6 pywin32-212
"SMAC 2.0" = SMAC 2.0
"SpeedFan" = SpeedFan (remove only)
"SystemRequirementsLab" = System Requirements Lab
"TeraCopy_is1" = TeraCopy 2.12
"TMACv5.0R3" = Technitium MAC Address Changer v5.0 Release 3
"TomTom HOME" = TomTom HOME 2.7.6.2056
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"x264vfw" = x264vfw - H.264/MPEG-4 AVC codec (remove only)
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Power Loader" = Power Challenge Game Plugin
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 25/07/2011 06:34:55 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
Error - 25/07/2011 16:46:55 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
Error - 26/07/2011 07:07:08 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
Error - 27/07/2011 06:34:05 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
Error - 28/07/2011 06:28:27 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
Error - 29/07/2011 06:22:00 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
Error - 29/07/2011 17:51:39 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
Error - 30/07/2011 06:35:43 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
Error - 30/07/2011 23:04:18 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
Error - 31/07/2011 19:47:08 | Computer Name = Alex-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 07/07/2010 12:14:28 | Computer Name = Alex-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
[ System Events ]
Error - 03/08/2011 06:34:55 | Computer Name = Alex-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 03/08/2011 06:35:08 | Computer Name = Alex-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:33:44 on 03/08/2011 was unexpected.
Error - 03/08/2011 06:43:12 | Computer Name = Alex-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 03/08/2011 06:43:20 | Computer Name = Alex-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 03/08/2011 06:43:33 | Computer Name = Alex-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:38:08 on 03/08/2011 was unexpected.
Error - 03/08/2011 06:43:48 | Computer Name = Alex-PC | Source = DCOM | ID = 10005
Description =
Error - 03/08/2011 06:43:56 | Computer Name = Alex-PC | Source = DCOM | ID = 10005
Description =
Error - 03/08/2011 06:43:58 | Computer Name = Alex-PC | Source = DCOM | ID = 10005
Description =
Error - 03/08/2011 06:45:08 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 03/08/2011 06:45:08 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >