OTL:
OTL logfile created on: 28/07/2012 9:13:03 AM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Foung-Yang Family\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.99 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 55.20% Memory free
8.15 Gb Paging File | 6.25 Gb Available in Paging File | 76.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.86 Gb Total Space | 267.30 Gb Free Space | 59.03% Space Free | Partition Type: NTFS
Drive D: | 12.90 Gb Total Space | 2.33 Gb Free Space | 18.09% Space Free | Partition Type: NTFS
Computer Name: FOUNG-YANG-PC | User Name: Foung-Yang Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/07/28 09:10:27 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Foung-Yang Family\Desktop\OTL.exe
PRC - [2012/07/26 22:44:23 | 000,686,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/05/03 15:08:25 | 003,487,128 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012/02/24 03:29:58 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/02/23 12:22:56 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012/02/20 21:28:32 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/30 18:31:58 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2009/04/11 02:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2008/06/11 03:51:50 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
========== Modules (No Company Name) ========== MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:
64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2011/12/22 10:56:56 | 001,888,520 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV:
64bit: - [2011/12/22 10:56:46 | 003,291,912 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe -- (PDEngine)
SRV:
64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/07/26 23:44:21 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/25 00:27:35 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/11 03:51:50 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/06/29 18:54:16 | 000,073,728 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2012/04/23 07:26:26 | 000,154,272 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\idmwfp.sys -- (IDMWFP)
DRV:
64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:
64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2011/12/06 15:04:14 | 000,140,816 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DefragFs.sys -- (DefragFS)
DRV:
64bit: - [2011/10/25 23:50:49 | 000,230,864 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:
64bit: - [2011/09/28 07:52:50 | 000,080,400 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PDFsFilter.sys -- (PDFSFilter)
DRV:
64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:
64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009/05/09 02:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys -- (NuidFltr)
DRV:
64bit: - [2009/02/26 19:46:34 | 010,276,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2009/01/20 07:49:48 | 000,195,584 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:
64bit: - [2008/12/04 21:48:52 | 000,407,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:
64bit: - [2006/11/16 18:26:44 | 000,019,248 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\PdiPorts.sys -- (PdiPorts)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndtIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndtIE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:
64bit: - HKLM\..\SearchScopes\{70A85AB8-176F-4660-9502-ED960C42BC09}: "URL" =
http://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
IE:
64bit: - HKLM\..\SearchScopes\{7BCF998C-4964-4A74-8D9C-1872324F5DD3}: "URL" =
http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndtIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" =
http://search.imgag.com/?appid=kwtb&com ... 0ee7%7d&q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{70A85AB8-176F-4660-9502-ED960C42BC09}: "URL" =
http://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{7BCF998C-4964-4A74-8D9C-1872324F5DD3}: "URL" =
http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" =
http://search.imgag.com/?appid=kwtb&com ... 0ee7%7d&q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes\{70A85AB8-176F-4660-9502-ED960C42BC09}: "URL" =
http://search.yahoo.com/search?fr=chr-g ... =723823&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" =
http://search.imgag.com/?appid=kwtb&com ... 0ee7%7d&q={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\..\SearchScopes\{70A85AB8-176F-4660-9502-ED960C42BC09}: "URL" =
http://search.yahoo.com/search?fr=chr-g ... =723823&p={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://sympatico.msn.ca/default.aspx?lang=en-caIE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://www.live.com/ [binary data]
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.live.com/ [binary data]
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://sympatico.msn.ca/default.aspx?lang=en-caIE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" =
http://search.imgag.com/?appid=kwtb&com ... 0ee7%7d&q={searchTerms}
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\SearchScopes\{70A85AB8-176F-4660-9502-ED960C42BC09}: "URL" =
http://search.yahoo.com/search?fr=chr-g ... =723823&p={searchTerms}
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\SearchScopes\{7BCF998C-4964-4A74-8D9C-1872324F5DD3}: "URL" =
http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://isearch.avg.com/search?cid={AA1FF530-7F29-41B3-B20C-EAB159E3F8B1}&mid=506b1621efd647d094f5d16a12e2e714-0dbb7f5879eb81d2c1a1a5451a2c10b307f49a34&lang=en&ds=AVG&pr=pr&d=2012-06-19 01:03:06&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\SearchScopes\{B453B70D-EAF8-4023-A2CC-2220CA6CA748}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=MS8TDF&pc=MS8TDF&src=IE-SearchBox
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\SearchScopes\{D6F61E1F-12FB-40CD-9AEF-1682EBDF0BB0}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&form=MS8TDF&pc=MS8TDF&src=IE-SearchBox
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/11/30 01:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/30 18:32:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/07/20 00:32:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 15:48:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files (x86)\DAP\DAPFireFox [2012/03/07 01:16:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Foung-Yang Family\AppData\Roaming\IDM\idmmzcc5 [2012/05/06 23:31:53 | 000,000,000 | ---D | M]
[2010/01/21 00:03:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Foung-Yang Family\AppData\Roaming\Mozilla\Extensions
[2010/01/21 00:03:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Foung-Yang Family\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
Hosts file not found
O2:
64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:
64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:
64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:
64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome\Application\21.0.1155.2\npchrome_frame.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:
64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:
64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:
64bit: - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\SysWow64\jureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000..\Run: [ClockPro] C:\Users\FOUNG-~1\AppData\Local\Temp\ClockPro.exe File not found
O4 - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000..\Run: [ClockWorks] C:\Users\FOUNG-~1\AppData\Local\Temp\ClockWorks.exe File not found
O4 - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3311650200-3552668205-1632925358-1000..\Run: [Skype] C:\Users\Foung-Yang Family\AppData\Roaming\skype\skyrpe.exe File not found
O4 - HKU\.DEFAULT..\RunOnce: [AutoLaunch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AutoLaunch.exe monthly File not found
O4 - HKU\S-1-5-18..\RunOnce: [AutoLaunch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AutoLaunch.exe monthly File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 61703 = C:\PROGRA~3\LOCALS~1\Temp\mstvfixe.cmd
O8:
64bit: - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm File not found
O8:
64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm File not found
O8:
64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm File not found
O8:
64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:
64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm File not found
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm File not found
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm File not found
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:
64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E145C617-85A0-405F-8197-5C915BD78D48}: DhcpNameServer = 192.168.2.1
O18:
64bit: - Protocol\Handler\gcf - No CLSID value found
O18:
64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome\Application\21.0.1155.2\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Users\Foung-Yang Family\AppData\Roaming\Google\Google Update.exe) - File not found
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Foung-Yang Family\Pictures\Hyomin-park-sun-young-24983157-684-1110.jpg
O24 - Desktop BackupWallPaper: C:\Users\Foung-Yang Family\Pictures\Hyomin-park-sun-young-24983157-684-1110.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2615d1b0-134b-11de-abfd-002354060ee7}\Shell\AutoRun\command - "" = .\Docs\print.exe
O33 - MountPoints2\{2615d1b0-134b-11de-abfd-002354060ee7}\Shell\explore\command - "" = .\\\\Docs/print.exe
O33 - MountPoints2\{2615d1b0-134b-11de-abfd-002354060ee7}\Shell\open\command - "" = Docs////print.exe
O33 - MountPoints2\{609868aa-8724-11e0-8a29-002354060ee7}\Shell - "" = AutoRun
O33 - MountPoints2\{609868aa-8724-11e0-8a29-002354060ee7}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O33 - MountPoints2\{aec475cb-de76-11dd-b05a-002354060ee7}\Shell\AutoRun\command - "" = F:\CMD.EXE
O33 - MountPoints2\{e4b83a8b-0c5f-11e0-b70a-002354060ee7}\Shell - "" = AutoRun
O33 - MountPoints2\{e4b83a8b-0c5f-11e0-b70a-002354060ee7}\Shell\AutoRun\command - "" = G:\PcOptions.exe
O33 - MountPoints2\{ea3bfb32-7077-11de-a205-002354060ee7}\Shell\AutoRun\command - "" = .\Docs\print.exe
O33 - MountPoints2\{ea3bfb32-7077-11de-a205-002354060ee7}\Shell\explore\command - "" = .\\\\Docs/print.exe
O33 - MountPoints2\{ea3bfb32-7077-11de-a205-002354060ee7}\Shell\open\command - "" = Docs////print.exe
O33 - MountPoints2\{ea548fa4-1c78-11de-8060-002354060ee7}\Shell\AutoRun\command - "" = .\Docs\print.exe
O33 - MountPoints2\{ea548fa4-1c78-11de-8060-002354060ee7}\Shell\explore\command - "" = .\\\\Docs/print.exe
O33 - MountPoints2\{ea548fa4-1c78-11de-8060-002354060ee7}\Shell\open\command - "" = Docs////print.exe
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2012/07/28 09:11:39 | 000,955,888 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/07/28 09:11:39 | 000,839,152 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/07/28 09:11:39 | 000,268,784 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/07/28 09:10:59 | 000,189,424 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/07/28 09:10:59 | 000,188,912 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/07/28 09:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/07/28 09:10:25 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Foung-Yang Family\Desktop\OTL.exe
[2012/07/27 18:58:11 | 000,000,000 | ---D | C] -- C:\Users\Foung-Yang Family\AppData\Roaming\AVG2012
[2012/07/20 00:32:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/07/11 00:02:46 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/11 00:02:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/11 00:02:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/11 00:02:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/11 00:02:43 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/11 00:02:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/11 00:02:43 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/11 00:02:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/11 00:02:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/11 00:02:41 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/11 00:02:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/11 00:02:40 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/11 00:02:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/10 16:57:11 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/07 11:42:51 | 000,000,000 | ---D | C] -- C:\Users\Foung-Yang Family\Desktop\Day By Day [Mini Album]
[2012/06/06 21:04:12 | 000,032,064 | ---- | C] (Microsoft Corporation) -- C:\Users\Foung-Yang Family\AppData\Roaming\Q8RNYZBCTS.exe
[2012/06/05 12:22:06 | 000,068,096 | ---- | C] (Open Source Software community LGPL) -- C:\Users\Foung-Yang Family\AppData\Roaming\pthreadGC2-w32.dll
[2012/06/05 12:22:06 | 000,068,096 | ---- | C] (Open Source Software community LGPL) -- C:\Users\Foung-Yang Family\AppData\Roaming\pthreadGC2.dll
[2012/06/05 12:22:05 | 000,177,207 | ---- | C] (libusbx.org) -- C:\Users\Foung-Yang Family\AppData\Roaming\libusb-1.0.dll
[2012/06/05 12:22:05 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Users\Foung-Yang Family\AppData\Roaming\OpenCL.dll
[2012/06/05 12:22:01 | 000,336,896 | ---- | C] (Ufasoft) -- C:\Users\Foung-Yang Family\AppData\Roaming\usft_ext.dll
[2012/06/04 12:53:57 | 000,032,064 | ---- | C] (Microsoft Corporation) -- C:\Users\Foung-Yang Family\AppData\Roaming\NILSLTHTHH.exe
[2010/05/10 01:40:18 | 001,830,536 | ---- | C] (IObit ) -- C:\Program Files (x86)\defragsetup.exe
[2010/05/08 19:47:08 | 000,562,864 | ---- | C] (Google Inc.) -- C:\Program Files (x86)\GoogleEarthPluginSetup.exe
[2009/04/25 16:09:41 | 002,400,784 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\WLinstaller.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/07/28 09:10:42 | 000,268,784 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/07/28 09:10:41 | 000,955,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/07/28 09:10:41 | 000,839,152 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/07/28 09:10:41 | 000,189,424 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/07/28 09:10:41 | 000,188,912 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/07/28 09:10:27 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Foung-Yang Family\Desktop\OTL.exe
[2012/07/28 09:05:15 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/07/28 09:05:10 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/28 09:05:04 | 000,004,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/28 09:05:04 | 000,004,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/28 09:04:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/28 09:04:46 | 4284,719,104 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/28 08:51:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/28 08:43:59 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/27 19:05:23 | 000,000,114 | ---- | M] () -- C:\Users\Foung-Yang Family\updateall.cfg
[2012/07/26 23:44:21 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/26 23:44:21 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/26 21:31:59 | 000,000,054 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/07/26 21:31:59 | 000,000,039 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/07/25 21:34:47 | 000,046,080 | ---- | M] () -- C:\Users\Foung-Yang Family\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/25 21:25:17 | 000,717,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/25 21:25:17 | 000,618,356 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/25 21:25:17 | 000,112,506 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/21 21:59:39 | 000,004,653 | ---- | M] () -- C:\Users\Foung-Yang Family\Documents\Attach.zip
[2012/07/21 21:46:48 | 000,014,740 | ---- | M] () -- C:\Users\Foung-Yang Family\Documents\default.htm
[2012/07/17 18:07:38 | 000,000,680 | ---- | M] () -- C:\Users\Foung-Yang Family\AppData\Local\d3d9caps.dat
[2012/07/16 17:10:49 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/11 22:01:39 | 000,424,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/28 20:21:02 | 000,000,496 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/07/27 19:05:23 | 000,000,114 | ---- | C] () -- C:\Users\Foung-Yang Family\updateall.cfg
[2012/07/21 21:59:39 | 000,004,653 | ---- | C] () -- C:\Users\Foung-Yang Family\Documents\Attach.zip
[2012/07/21 21:46:48 | 000,014,740 | ---- | C] () -- C:\Users\Foung-Yang Family\Documents\default.htm
[2012/07/21 16:18:34 | 4284,719,104 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/19 13:14:00 | 000,034,764 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Local\dt.dat
[2012/06/05 18:14:13 | 000,000,680 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Local\d3d9caps.dat
[2012/06/05 17:02:30 | 000,000,000 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\ZFCXHJ5AJGMVYFgvberqwjiyQ.exe
[2012/06/05 16:52:04 | 000,000,000 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\74HH0RQLEPVYFgvberqwjiyQ.exe
[2012/06/05 12:22:06 | 000,044,730 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\poclbm120327.cl
[2012/06/05 12:22:05 | 000,013,648 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\phatk120223.cl
[2012/06/05 12:22:04 | 000,249,344 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\libcurl-4.dll
[2012/06/05 10:21:52 | 000,000,000 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\6738CMGPKAPBXZsvdll32.exe
[2012/06/05 02:26:05 | 000,000,299 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\YEFBw
[2012/06/02 19:30:24 | 000,000,996 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\DAVID
[2012/06/02 19:03:04 | 000,001,444 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\data.bin
[2011/07/22 10:20:19 | 000,000,711 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Roaming\burnaware.ini
[2011/06/28 12:17:14 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/06/18 10:09:42 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/06/18 10:09:42 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2011/05/02 23:27:47 | 023,819,180 | ---- | C] () -- C:\Users\Foung-Yang Family\Hotmail.zip
[2011/03/24 20:22:25 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/03/24 20:22:25 | 000,000,039 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2010/05/12 19:51:52 | 506,746,066 | ---- | C] () -- C:\Program Files (x86)\MoMoLove-01(Digital)_1.rmvb.dap
[2010/05/12 19:50:47 | 387,638,194 | ---- | C] () -- C:\Program Files (x86)\MoMoLove-02(Digital).rmvb.dap
[2010/05/12 19:49:49 | 506,746,066 | ---- | C] () -- C:\Program Files (x86)\MoMoLove-01(Digital).rmvb.dap
[2010/05/08 19:52:39 | 262,360,330 | ---- | C] () -- C:\Program Files (x86)\[SUBlimes]Corner With Love - 16.mp4.dap
[2008/12/28 19:37:10 | 000,046,080 | ---- | C] () -- C:\Users\Foung-Yang Family\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== LOP Check ========== [2009/01/12 18:46:10 | 000,000,000 | -HSD | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\.#
[2012/06/19 11:31:31 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\6 5
[2012/06/05 21:55:58 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\7 8
[2009/01/25 16:36:01 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\agi
[2010/10/28 00:58:41 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Akre
[2010/06/19 08:04:14 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\AnvSoft
[2010/11/16 00:30:47 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Ashampoo
[2012/07/27 18:58:11 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\AVG2012
[2009/01/31 15:54:24 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Canneverbe_Limited
[2009/03/20 17:47:42 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\COWON
[2012/06/04 18:13:43 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\dclogs
[2009/10/31 02:57:15 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Desktopicon
[2011/02/08 13:37:08 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\DisplayTune
[2012/07/27 19:01:59 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\DMCache
[2010/10/13 00:23:46 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Edniv
[2010/11/16 22:32:26 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\FreeBurner
[2010/08/21 16:48:43 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\GenieSoft
[2012/06/06 22:02:34 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Graboid Inc
[2012/07/10 20:59:09 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\IDM
[2012/03/07 01:13:43 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\IObit
[2010/04/11 19:44:31 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Leawo
[2009/05/20 12:28:09 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Opera
[2009/05/16 15:32:48 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\PlayFirst
[2010/03/16 18:00:38 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Red Kawa
[2012/06/05 21:55:58 | 000,000,000 | -H-D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\Security
[2012/07/26 01:23:45 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\SPlayer
[2012/06/05 17:05:52 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\System
[2012/06/05 18:29:19 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\TestApp
[2011/10/25 23:54:32 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\TrueCrypt
[2009/07/24 23:38:27 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\uTorrent
[2009/01/03 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\Foung-Yang Family\AppData\Roaming\WildTangent
[2012/06/28 20:21:02 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/07/28 09:03:40 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/21 02:42:55 | 000,000,432 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
[2009/09/08 23:09:46 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{DE20CE39-03A7-47DC-A152-17401C11DF57}.job
========== Purity Check ========== ========== Files - Unicode (All) ==========[2011/04/15 02:06:19 | 000,011,835 | ---- | M] ()(C:\Users\Foung-Yang Family\Documents\?????????????.docx) -- C:\Users\Foung-Yang Family\Documents\我認為每個人的記憶像遊樂場.docx
[2011/04/15 02:06:19 | 000,011,835 | ---- | C] ()(C:\Users\Foung-Yang Family\Documents\?????????????.docx) -- C:\Users\Foung-Yang Family\Documents\我認為每個人的記憶像遊樂場.docx
[2011/04/15 02:03:40 | 000,026,624 | ---- | M] ()(C:\Users\Foung-Yang Family\Documents\2C???-???????.doc) -- C:\Users\Foung-Yang Family\Documents\2C湯秀娥-記一件難忘的事.doc
[2011/04/15 02:03:40 | 000,026,624 | ---- | C] ()(C:\Users\Foung-Yang Family\Documents\2C???-???????.doc) -- C:\Users\Foung-Yang Family\Documents\2C湯秀娥-記一件難忘的事.doc
[2011/04/15 02:03:28 | 000,016,957 | ---- | M] ()(C:\Users\Foung-Yang Family\Documents\????.docx) -- C:\Users\Foung-Yang Family\Documents\在生活中.docx
[2011/04/15 02:03:28 | 000,016,957 | ---- | C] ()(C:\Users\Foung-Yang Family\Documents\????.docx) -- C:\Users\Foung-Yang Family\Documents\在生活中.docx
[2011/04/15 02:03:23 | 000,015,709 | ---- | M] ()(C:\Users\Foung-Yang Family\Documents\?????????????????.docx) -- C:\Users\Foung-Yang Family\Documents\在我的生活中曾經發生許許多多的事情.docx
[2011/04/15 02:03:23 | 000,015,709 | ---- | C] ()(C:\Users\Foung-Yang Family\Documents\?????????????????.docx) -- C:\Users\Foung-Yang Family\Documents\在我的生活中曾經發生許許多多的事情.docx
[2010/01/09 16:02:32 | 000,027,169 | ---- | M] ()(C:\Users\Foung-Yang Family\Documents\???????.docx) -- C:\Users\Foung-Yang Family\Documents\在人的一生當中.docx
[2010/01/09 16:02:32 | 000,027,169 | ---- | C] ()(C:\Users\Foung-Yang Family\Documents\???????.docx) -- C:\Users\Foung-Yang Family\Documents\在人的一生當中.docx
[2010/01/09 02:34:47 | 000,013,395 | ---- | M] ()(C:\Users\Foung-Yang Family\Documents\???.docx) -- C:\Users\Foung-Yang Family\Documents\前几天.docx
[2010/01/09 02:34:47 | 000,013,395 | ---- | C] ()(C:\Users\Foung-Yang Family\Documents\???.docx) -- C:\Users\Foung-Yang Family\Documents\前几天.docx
========== Alternate Data Streams ========== @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:9AB338B9
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
-----------------------------------------------
Extras:
OTL Extras logfile created on: 28/07/2012 9:13:03 AM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Foung-Yang Family\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.99 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 55.20% Memory free
8.15 Gb Paging File | 6.25 Gb Available in Paging File | 76.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.86 Gb Total Space | 267.30 Gb Free Space | 59.03% Space Free | Partition Type: NTFS
Drive D: | 12.90 Gb Total Space | 2.33 Gb Free Space | 18.09% Space Free | Partition Type: NTFS
Computer Name: FOUNG-YANG-PC | User Name: Foung-Yang Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 5A D0 BF F4 77 F8 C9 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3311650200-3552668205-1632925358-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Foung-Yang Family\AppData\Roaming\Q8RNYZBCTS.exe" = C:\Users\Foung-Yang Family\AppData\Roaming\Q8RNYZBCTS.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)
"C:\Users\Foung-Yang Family\AppData\Roaming\NILSLTHTHH.exe" = C:\Users\Foung-Yang Family\AppData\Roaming\NILSLTHTHH.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Users\Foung-Yang Family\AppData\Roaming\Q8RNYZBCTS.exe" = C:\Users\Foung-Yang Family\AppData\Roaming\Q8RNYZBCTS.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)
"C:\Users\Foung-Yang Family\AppData\Roaming\NILSLTHTHH.exe" = C:\Users\Foung-Yang Family\AppData\Roaming\NILSLTHTHH.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E32E116-2735-479C-BC81-C06B673F8152}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1FCA6B89-A946-4DBE-8EF6-C1729EFE24D9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2EA8373D-3CCA-4D60-9646-B4C102023283}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{338A4B67-760C-48B6-8CC6-EC11F7439D12}" = lport=139 | protocol=6 | dir=in | app=system |
"{34DBA224-5911-4BE2-869D-6B3A4CE8F529}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3631E397-B552-4F44-BEC9-2544DA66C39B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3AAC3C59-15B5-42F6-A27C-AD8DA583D352}" = lport=2869 | protocol=6 | dir=in | app=system |
"{425423B7-2E08-4241-AC3D-8D540C9F628D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4436A174-464E-4FC0-93C9-734B70F89F74}" = lport=9265 | protocol=6 | dir=in | name=bitcomet 9265 tcp |
"{5C0EAEC5-4C64-4608-8E71-E9225FA86167}" = rport=445 | protocol=6 | dir=out | app=system |
"{5CCFF424-AC4E-4740-A40F-6C7498F0CC9E}" = rport=137 | protocol=17 | dir=out | app=system |
"{63A3440A-569E-44E1-A407-69DE51F54B51}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6626DFFA-B9EE-4F3B-8F3B-B2E335D3646A}" = rport=138 | protocol=17 | dir=out | app=system |
"{68C71837-CA45-4858-9799-DDA275D09C85}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{6B8D04EA-F70E-462E-9237-0593D3BA94E6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C895742-0658-4638-9A44-23969CBB25AE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{87159E2E-39A1-45D4-8280-805B8017CF02}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{88B1CBD4-BF3D-48F1-A2D1-71310EB3698C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8C33E9F7-D93A-42AB-9FA2-E8F18C34EF28}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8D9C5ED4-3E89-420E-A1BB-F1D3EDCD7B99}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A7E61602-7E13-4E41-B32B-AA13CE825B1B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{ADCED681-8AB8-4CAD-8150-CC41D98BD442}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C007B283-7F3D-4FC1-8330-38C917AD7BD2}" = lport=9265 | protocol=17 | dir=in | name=bitcomet 9265 udp |
"{C07DC730-0E5F-4EDC-B01D-5E4C64B717C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C152F229-E9BC-4CDC-99B0-AF61DAA08E84}" = lport=137 | protocol=17 | dir=in | app=system |
"{C42C8AC8-FE30-4102-A0D1-5AB82CBCB2F0}" = lport=138 | protocol=17 | dir=in | app=system |
"{C8B0D3EC-60E4-4AB2-98A8-C28ECB94AA3F}" = lport=445 | protocol=6 | dir=in | app=system |
"{CAB9B298-CE53-4601-9BFD-855B7A9B5DCF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CACF0E37-3BB1-4C56-8BA7-32376D73D2A2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D9F8D992-0A51-429C-804E-988A6C1FEEE4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD86EB07-1236-4D7E-9388-CE1CC0EF33E7}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E288FB95-87FB-49B2-A005-B72FC1100FA8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E640BDE7-658D-4AE9-A792-298C44A614F8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EC9DF7AC-0FE6-4E67-B017-EF71736BF042}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06D9EEC7-623E-4366-8903-76906867F502}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0EE5516B-F002-4DF1-AF4C-1F3CE73B913B}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{1082562E-93A5-4326-837B-387670639970}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{1117C258-31C0-4E09-B203-B750581602CB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{12B9E6EB-B57E-4F24-8E58-7BB1761D2457}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1597E3E9-FD40-482F-A02D-430E0193DE3D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{18BF9689-5CA7-4CBB-9278-902D766F8D8A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1C1E44AA-D4BE-42EC-9F02-776C5B2CC97D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1FE72BA2-8A1B-4A72-AB61-DDEBF6E0C21D}" = protocol=6 | dir=out | app=system |
"{21196F7F-7DEC-4E10-A0DA-E8617EDDECB6}" = protocol=17 | dir=in | app=c:\nexon\combat arms\engine.exe |
"{21833C17-84E9-4DE5-8E9A-4ADB1F64F41C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{22299619-72B5-4D51-8DF2-410DA234D174}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{29F50BBB-DB6D-49FE-80CF-09BCE573A806}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{326D50B0-9C70-4D71-B29D-8026F89D4F25}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38474B91-2F4C-4418-8628-EDB433303831}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40215346-A52A-4910-BA16-A6395CF41ED8}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{43E61D2B-F832-45BD-8DE9-5F45474726B9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{45B84766-BB75-47CE-B7CA-AAA99095FB8F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{460730FA-6370-4639-B335-FF05FD11220A}" = protocol=6 | dir=in | app=c:\nexon\combat arms\combatarms.exe |
"{4C00708B-40E1-4397-8123-62C45B80C6DA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4F0A8DC2-38B9-40A9-8142-316C27D085E6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4FFD0CA2-E61E-499F-A814-607193E7FEEF}" = protocol=6 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{50A37A28-D277-4465-A92D-644786E9FC4E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{53A905AB-4977-4D6E-8E43-97CCB574E31A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{557A53B3-BB96-4D1E-BE03-99C8F0AD981C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5BAC18D3-A2F2-4B43-A8DA-058A89049B19}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5EB3036E-04E3-4BF0-9D19-B3AB381E6542}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{60FC73EF-563C-4593-8767-EDECF2FB0223}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{61A4C81E-A19A-4B60-815D-7ABDF13DE8D9}" = protocol=17 | dir=in | app=c:\nexon\combat arms\combatarms.exe |
"{6389D62F-F7DD-4C6F-944F-C583188DE4F2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{65A25D2A-872B-4579-81A9-FD2A658AD671}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{74CAC31D-E47A-430A-A5E3-200A98B99019}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7C3662EB-330E-4C1D-B397-868D88047DCE}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{826CA2DC-9CAA-4349-B827-478A25AE4E57}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{8283214D-2909-44A1-B33E-B9E2CBCCDB82}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{82B1D85E-CC98-44D0-ACC1-7E42C3A95139}" = protocol=17 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{86A1B34C-8AEA-48AE-9D20-B03E1484FA4E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{8DD00AE3-B5D1-4E78-901F-0709431095EE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9E5C46CC-1759-4A84-A354-868D46191DC4}" = protocol=17 | dir=in | app=c:\nexon\combat arms\combatarms.exe |
"{9F0CEA16-F469-49C0-8E39-EFB500399614}" = protocol=6 | dir=in | app=c:\nexon\combat arms\combatarms.exe |
"{A003F1F8-EEBF-42B7-97ED-349ABDAC0BEF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{A39E2417-39A3-4FC1-AC38-F3D553015C3D}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{AB1FA717-8472-4A0B-BF78-A87893882B1D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{ABA7EC99-80EB-4876-828F-22C65B5008D1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ABBF1682-7D4A-4F12-86D5-F4DE646C53BB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B23D1E3C-A151-425E-A16B-F25B609DF170}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B343E3E6-F69C-4A89-9006-87EABAFA00A4}" = protocol=6 | dir=in | app=c:\nexon\combat arms\engine.exe |
"{B80A92C4-07C5-4F55-A3D9-E49C44E5D048}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{BF0BA2B1-3C19-4AE6-B610-C6C51383B259}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C4CE9A62-86BF-4180-A530-42AE4F3EAA59}" = protocol=17 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{C5F098D5-EC59-4070-9196-7E229AF8F5E6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C91135DE-9944-4D42-9AF1-F850E7053669}" = protocol=17 | dir=in | app=c:\nexon\combat arms\engine.exe |
"{C96D5BCF-C9FB-49B6-9ABB-EEA9E0FE916A}" = protocol=6 | dir=in | app=c:\nexon\combat arms\engine.exe |
"{CA156E71-0588-43FD-A85F-23384E6C774C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CCD6B275-78D6-49B3-B24C-6F7D00507FD0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CDA6D151-738D-4470-88E8-D03CC6C8B878}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{CDB38E73-1FA3-45B7-8F08-44C9FBADB67D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E4FD9EEF-C7E8-481E-BAB5-4268A250C04D}" = protocol=6 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{E6EB3D08-0ACE-43A7-ADFE-AF99903DD4E0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ED9A385A-DB83-4A2E-8E42-419EF4D8F0CE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{F0F663F4-5C45-41CE-B29C-0B29D7CCA837}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F236DB51-BF09-4BE2-BB52-CEBA4C97841B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F4949FBA-7F07-4435-A9BE-829A0B3ED4AA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F85E1DEF-AB01-4E18-81DE-8663E18870A9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{F89F7CCA-F642-42C4-9F3D-A770F1E50AB8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FBE4AB01-ADDA-4E92-9910-3AB576652E91}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FD8E7420-7E90-401A-B31A-E1FA214EA108}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{1AB25DEC-171B-44BD-BC9E-4265DF4F8B14}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{40169E22-9CB9-4063-90DC-80EF68A463C2}C:\program files (x86)\steam\steamapps\clem_97\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\clem_97\team fortress 2\hl2.exe |
"TCP Query User{4877A136-2571-4C70-9963-EA55EC6C1864}C:\program files (x86)\steam\steamapps\cf_97\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\cf_97\team fortress 2\hl2.exe |
"TCP Query User{8838D26D-84BD-414E-AC31-248CA17308D4}C:\program files (x86)\dap\dap.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dap\dap.exe |
"TCP Query User{905AC8B3-E3FB-494B-A3D9-BC6A831DE0C6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{296791F7-0F88-4169-9650-1D7B2E7DAA67}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"UDP Query User{384CFD80-688D-42F4-AAB9-111FE2AB10A7}C:\program files (x86)\steam\steamapps\cf_97\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\cf_97\team fortress 2\hl2.exe |
"UDP Query User{7E5B7C1F-2A98-497D-9E6C-D3F014A049BF}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{AF7ECF68-375D-45D3-9BC5-A6363FE9F6E0}C:\program files (x86)\dap\dap.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dap\dap.exe |
"UDP Query User{B5B709B2-8F8F-442C-BAC3-69E54ADFE30E}C:\program files (x86)\steam\steamapps\clem_97\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\clem_97\team fortress 2\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF5020D9-116A-46AC-A922-087592F37EC9}" = MobileMe Control Panel
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD310764-B3E5-430F-980E-D6C0016B2660}" = PerfectDisk 12.5 Server
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{15733AD1-1CEF-459A-9245-0924FC63BDD5}" = HP My Display
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}" = muvee autoProducer 6.1
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Basic VX
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}" = HP Easy Setup - Frontend
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Any Video Converter_is1" = Any Video Converter 3.0.1
"AviSynth" = AviSynth 2.5
"Combat Arms" = Combat Arms
"DirectVobSub" = DirectVobSub (remove only)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome Frame" = Google Chrome Frame
"Internet Download Manager" = Internet Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"New app2009" = New app2009
"OpenSubtitlesPlayer_is1" = OpenSubtitlesPlayer V4.X
"Opera 11.61.1250" = Opera 11.61
"Overture 4 Demo" = Overture 4 Demo
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"RealPlayer 15.0" = RealPlayer
"SPlayer" = SPlayer
"ST6UNST #1" = AutoReussite
"TrueCrypt" = TrueCrypt
"Video to iPod Converter" = Video to iPod Converter
"Videora iPod Converter" = Videora iPod Converter 5.04
"Videora iPod touch Converter" = Videora iPod touch Converter 5.04
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3311650200-3552668205-1632925358-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 27/07/2012 7:04:38 PM | Computer Name = Foung-Yang-PC | Source = WinMgmt | ID = 10
Description =
Error - 27/07/2012 7:05:37 PM | Computer Name = Foung-Yang-PC | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.Mapi2Handler.1 cannot be loaded. Error
description: Class not registered .
Error - 27/07/2012 7:06:03 PM | Computer Name = Foung-Yang-PC | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.Mapi2Handler.1 cannot be loaded. Error
description: Class not registered .
Error - 27/07/2012 7:10:19 PM | Computer Name = Foung-Yang-PC | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.Mapi2Handler.1 cannot be loaded. Error
description: Class not registered .
Error - 28/07/2012 9:01:59 AM | Computer Name = Foung-Yang-PC | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.Mapi2Handler.1 cannot be loaded. Error
description: Class not registered .
Error - 28/07/2012 9:02:00 AM | Computer Name = Foung-Yang-PC | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.Mapi2Handler.1 cannot be loaded. Error
description: Class not registered .
Error - 28/07/2012 9:06:15 AM | Computer Name = Foung-Yang-PC | Source = WinMgmt | ID = 10
Description =
Error - 28/07/2012 9:08:00 AM | Computer Name = Foung-Yang-PC | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.Mapi2Handler.1 cannot be loaded. Error
description: Class not registered .
Error - 28/07/2012 9:08:01 AM | Computer Name = Foung-Yang-PC | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.Mapi2Handler.1 cannot be loaded. Error
description: Class not registered .
Error - 28/07/2012 9:11:52 AM | Computer Name = Foung-Yang-PC | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.Mapi2Handler.1 cannot be loaded. Error
description: Class not registered .
Error - 28/07/2012 9:21:17 AM | Computer Name = Foung-Yang-PC | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.Mapi2Handler.1 cannot be loaded. Error
description: Class not registered .
[ Media Center Events ]
Error - 09/06/2009 4:01:20 PM | Computer Name = Foung-Yang-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 07/09/2010 12:29:02 AM | Computer Name = Foung-Yang-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.WaitForUploadComplete failed. Please
try to ping
www.msn.com prior to filing a bug.; Win32 GetLastError returned 10000109
Process: DefaultDomain Object Name: Media Center Guide
[ OSession Events ]
Error - 22/06/2009 10:15:10 PM | Computer Name = Foung-Yang-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 13/07/2009 5:22:21 PM | Computer Name = Foung-Yang-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 09/03/2010 11:48:24 PM | Computer Name = Foung-Yang-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 48
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25/04/2010 7:41:07 PM | Computer Name = Foung-Yang-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 19764 seconds with 360 seconds of active time. This session ended with a
crash.
Error - 28/10/2010 12:42:35 AM | Computer Name = Foung-Yang-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 10 seconds with 0 seconds of active time. This session ended with a crash.
Error - 28/10/2010 12:46:07 AM | Computer Name = Foung-Yang-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.
Error - 28/10/2010 12:55:58 AM | Computer Name = Foung-Yang-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 27/07/2012 12:22:08 AM | Computer Name = Foung-Yang-PC | Source = bowser | ID = 8003
Description = The master browser has received a server announcement from the computer
TIFFANY-ASUS that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{E145C617-85A0-405F-8197-5C915BD78D48}. The master browser is stopping
or an election is being forced.
Error - 27/07/2012 12:46:10 AM | Computer Name = Foung-Yang-PC | Source = bowser | ID = 8003
Description = The master browser has received a server announcement from the computer
TIFFANY-ASUS that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{E145C617-85A0-405F-8197-5C915BD78D48}. The master browser is stopping
or an election is being forced.
Error - 27/07/2012 7:02:48 PM | Computer Name = Foung-Yang-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 27/07/2012 7:02:53 PM | Computer Name = Foung-Yang-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 27/07/2012 7:04:39 PM | Computer Name = Foung-Yang-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 27/07/2012 7:06:51 PM | Computer Name = Foung-Yang-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 28/07/2012 9:04:21 AM | Computer Name = Foung-Yang-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 28/07/2012 9:04:27 AM | Computer Name = Foung-Yang-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 28/07/2012 9:06:16 AM | Computer Name = Foung-Yang-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 28/07/2012 9:08:32 AM | Computer Name = Foung-Yang-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >