Oh sorry I forgot to mention, I already went through the Malware and Spyware Cleaning guide, and I have all the text saved, I just read on another forum not to post it until asked cause it makes it hard to read, should I just post it now?
MBAM:
Here's my MBAM log:
Malwarebytes' Anti-Malware 1.44
Database version: 3601
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
1/19/2010 11:40:42 PM
mbam-log-2010-01-19 (23-40-42).txt
Scan type: Quick Scan
Objects scanned: 109593
Time elapsed: 7 minute(s), 15 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\H8SRTbxmiqjpciq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\H8SRTwbaroriphx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\H8SRTyxjecxkgsk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\H8SRT8fc7.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\H8SRT94c8.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\22A.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\H8SRT26ad.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\GLEF892V\z002102318801r0409J0f000601R0143fdeeX9a1eef63Yd14bdab0Z03007f350[1] (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\h8srtkrl32mainweq.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\H8SRTdnsiwcmqlv.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\H8SRT7e62.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
My GMER Log:
GMER 1.0.15.15281 -
http://www.gmer.netRootkit scan 2010-01-20 01:19:25
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\awrcyaod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)
Device -> \Driver\atapi \Device\Harddisk0\DR0 865EA856
---- Files - GMER 1.0.15 ----
File C:\WINDOWS\system32\drivers\atapi.sys suspicious modification
---- EOF - GMER 1.0.15 ----
OTL LOG:
OTL logfile created on: 1/19/2010 11:55:37 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 572.00 Mb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 216.03 Gb Free Space | 72.47% Space Free | Partition Type: NTFS
Drive D: | 7.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ERIC-COMPUTER
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/01/19 23:53:49 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2009/12/12 17:26:18 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/11/26 23:20:55 | 02,923,192 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/09/21 22:25:27 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/09/21 22:25:27 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/09/21 22:25:23 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/09/21 22:25:21 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/09/21 22:25:08 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/12/26 00:08:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/03/26 16:14:12 | 16,859,136 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/03/30 14:58:14 | 00,143,360 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2006/03/30 14:54:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006/03/30 14:54:18 | 00,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006/02/07 00:13:32 | 00,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2006/01/13 16:13:02 | 00,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
PRC - [2006/01/13 16:13:01 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2005/07/19 16:32:18 | 00,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/06/08 14:14:44 | 00,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 13:44:56 | 00,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe
PRC - [2004/08/03 14:56:58 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004/08/03 14:56:50 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/12/22 08:38:42 | 00,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
========== Modules (SafeList) ========== MOD - [2010/01/19 23:53:49 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
MOD - [2004/08/03 14:57:02 | 01,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - [2009/12/19 00:17:31 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/21 22:25:21 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/09/21 22:25:08 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/07/26 06:43:14 | 00,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/12/26 00:08:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/03/30 14:58:14 | 00,143,360 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2006/03/30 14:54:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006/03/30 14:54:18 | 00,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006/02/07 00:13:32 | 00,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2004/08/03 14:56:44 | 14,745,600 | -HS- | M] () [Auto | Running] -- C:\Program Files\Common Files\\System\icm64.dll -- (wmcmgc)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "
http://slirsredirect...fftrie7&query="FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {99E00A4C-D35E-11DD-BA95-9B6A56D89593}:2.0
FF - prefs.js..keyword.URL: "
http://www.google.co...ient&gfns=1&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/19 22:46:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/19 22:46:03 | 00,000,000 | ---D | M]
[2009/01/11 22:13:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/01/18 11:49:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1zl6dz0b.default\extensions
[2009/09/21 22:14:40 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1zl6dz0b.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/22 13:45:26 | 00,000,000 | ---D | M] (ooVoo Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1zl6dz0b.default\extensions\{99E00A4C-D35E-11DD-BA95-9B6A56D89593}
[2010/01/19 22:46:03 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/26 23:20:54 | 00,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2007/04/16 09:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
O1 HOSTS File: ([2001/08/23 04:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (ooVoo Toolbar) - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files\oovootb\oovoodx.dll ()
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (ooVoo Toolbar) - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files\oovootb\oovoodx.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/11 15:13:22 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/07/16 14:13:07 | 01,246,440 | R--- | M] (BioWare) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/04/13 19:17:18 | 00,000,058 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1b714917-e04a-11dd-9ade-f795b77d605f}\Shell - "" = AutoRun
O33 - MountPoints2\{1b714917-e04a-11dd-9ade-f795b77d605f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1b714917-e04a-11dd-9ade-f795b77d605f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{1b714918-e04a-11dd-9ade-f795b77d605f}\Shell\AutoRun\command - "" = yhh.bat
O33 - MountPoints2\{1b714918-e04a-11dd-9ade-f795b77d605f}\Shell\open\Command - "" = yhh.bat
O33 - MountPoints2\{5d8eae7f-1a7b-11de-8900-00508d931339}\Shell\´ò¿ª(&O)\command - "" = E:\RECYCLER\UcHelp.exe -- File not found
O33 - MountPoints2\{6ede6672-3e7f-11de-895e-00508d931339}\Shell\´ò¿ª(&O)\command - "" = E:\RECYCLER\UcHelp.exe -- File not found
O33 - MountPoints2\{c4db6657-e06f-11dd-9ae7-00508d931339}\Shell\´ò¿ª(&O)\command - "" = G:\RECYCLER\UcHelp.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: wmcmgc - C:\Program Files\Common Files\\System\icm64.dll ()
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/01/11 15:12:57 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891891626803200)
========== Files/Folders - Created Within 14 Days ========== [2010/01/19 23:38:30 | 00,439,808 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2010/01/19 23:32:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/01/19 23:32:16 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/19 23:32:15 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/19 23:32:15 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/19 23:32:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/19 23:30:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\GooredFix Backups
[2010/01/19 22:41:35 | 08,087,352 | ---- | C] (Mozilla) -- C:\Documents and Settings\Administrator\Desktop\Firefox Setup 3.5.7.exe
[2010/01/14 21:38:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010/01/14 21:37:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\BioWare
[2010/01/13 21:39:22 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010/01/13 21:39:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2010/01/13 21:39:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/01/13 21:21:38 | 00,000,000 | ---D | C] -- C:\Program Files\Dragon Age
[2010/01/13 21:21:06 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/01/13 21:20:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/01/13 21:19:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2009/01/11 20:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/01/11 20:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/01/11 15:13:15 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/01/11 15:13:15 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[1 C:\Documents and Settings\Administrator\Desktop\*.tmp files -> C:\Documents and Settings\Administrator\Desktop\*.tmp -> ]
========== Files - Modified Within 14 Days ========== [2010/01/19 23:55:08 | 03,670,016 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/01/19 23:50:04 | 00,206,492 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/01/19 23:49:47 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/19 23:49:43 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/19 23:41:36 | 04,811,222 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/01/19 23:38:42 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Step One.doc
[2010/01/19 23:38:30 | 00,439,808 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2010/01/19 23:32:19 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/19 22:46:05 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/19 22:41:35 | 08,087,352 | ---- | M] (Mozilla) -- C:\Documents and Settings\Administrator\Desktop\Firefox Setup 3.5.7.exe
[2010/01/19 22:24:21 | 48,053,597 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/01/19 22:24:21 | 00,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/01/19 22:21:59 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/15 14:58:32 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Abortion crime 1.doc
[2010/01/14 21:18:05 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Esssay promt 2.doc
[2010/01/13 21:39:01 | 00,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dragon Age Origins.lnk
[2010/01/13 21:21:34 | 00,410,892 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/13 21:21:34 | 00,397,390 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/13 21:21:34 | 00,059,736 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/11 15:51:50 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/11 02:08:55 | 00,044,544 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/09 21:28:08 | 00,067,584 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\crime notes.doc
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\Documents and Settings\Administrator\Desktop\*.tmp files -> C:\Documents and Settings\Administrator\Desktop\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/01/19 23:32:19 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/19 23:28:47 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Step One.doc
[2010/01/19 22:46:05 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/14 21:18:05 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Esssay promt 2.doc
[2010/01/14 21:17:55 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Abortion crime 1.doc
[2010/01/13 21:39:01 | 00,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dragon Age Origins.lnk
[2010/01/09 21:28:08 | 00,067,584 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\crime notes.doc
[2009/09/14 18:18:52 | 00,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/09/13 22:38:36 | 00,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/09/13 22:38:32 | 01,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2009/03/14 23:55:34 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/26 17:22:31 | 00,010,641 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2009/01/11 15:30:31 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/26 00:08:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/12/26 00:08:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/12/26 00:08:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/12/26 00:08:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004/08/03 14:56:44 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/07/17 01:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
========== LOP Check ========== [2009/01/11 22:21:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\acccore
[2009/10/27 21:04:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EmailNotifier
[2010/01/18 22:13:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FrostWire
[2009/11/17 22:32:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GetRightToGo
[2009/01/22 18:54:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nexon
[2009/10/11 18:23:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\NJStar
[2009/09/07 20:22:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ooVoo Details
[2009/12/30 22:20:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\oovootb
[2009/06/17 18:17:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Red Alert 3 Uprising
[2010/01/13 22:55:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2009/07/16 19:57:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Viewpoint
[2009/09/21 22:27:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Webcammax
[2009/12/02 17:36:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Xilisoft Corporation
[2009/01/11 22:19:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/01/14 21:38:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2009/10/27 16:54:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2009/11/27 13:55:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2009/07/06 19:18:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2009/11/26 23:23:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009/06/20 12:30:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/09/14 18:19:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebcamMax
[2009/01/11 22:48:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS >[2004/08/03 15:05:44 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\79123dd72d0f61d4ed8c7a816ed338d7\agp440.sys
< MD5 for: ATAPI.SYS >[2004/08/03 15:05:44 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\79123dd72d0f61d4ed8c7a816ed338d7\atapi.sys
[2004/08/03 12:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 12:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\79123dd72d0f61d4ed8c7a816ed338d7\eventlog.dll
[2004/08/03 14:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/03 14:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\79123dd72d0f61d4ed8c7a816ed338d7\netlogon.dll
[2004/08/03 14:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/03 14:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >[2006/03/16 18:51:32 | 00,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\Documents and Settings\Administrator\Desktop\Installation Stuff\drivers\9152kxp32\IDE\WinXP\sata_ide\nvata.sys
[2006/03/16 18:51:32 | 00,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\system32\drivers\nvata.sys
< MD5 for: NVATABUS.SYS >[2006/03/16 18:51:32 | 00,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\Documents and Settings\Administrator\Desktop\Installation Stuff\drivers\9152kxp32\IDE\WinXP\sataraid\nvatabus.sys
< MD5 for: SCECLI.DLL >[2004/08/03 14:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/03 14:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\79123dd72d0f61d4ed8c7a816ed338d7\scecli.dll
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles >< End of report >
OTL Extra:
OTL EXTRAS TEXT FILE:
OTL Extras logfile created on: 1/19/2010 11:55:37 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 572.00 Mb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 216.03 Gb Free Space | 72.47% Space Free | Partition Type: NTFS
Drive D: | 7.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ERIC-COMPUTER
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56389:TCP" = 56389:TCP:*:Enabled:Pando Media Booster
"56389:UDP" = 56389:UDP:*:Enabled:Pando Media Booster
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675
"56557:TCP" = 56557:TCP:*:Enabled:Pando Media Booster
"56557:UDP" = 56557:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.EXE" = C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.EXE:*:Enabled:Age of Empires II -- File not found
"C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe" = C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- File not found
"C:\Program Files\ooVoo\ooVoo.exe" = C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo -- (ooVoo LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare)
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare)
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 15
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A3B909-55A0-4AE2-A5A8-2C92595D15A0}" = MapleStory
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B1591C79-1C35-4E09-AA15-F7D6923AFB96}" = HP Deskjet 3840
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B81023A5-71ED-46EB-BE3B-9F974D1155F1}" = HP Software Update
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Age of Wonders Shadow Magic" = Age of Wonders Shadow Magic
"AIM_6" = AIM 6
"Audacity_is1" = Audacity 1.2.6
"AVG8Uninstall" = AVG Free 8.5
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms" = Combat Arms
"FrostWire" = FrostWire 4.17.2
"hon" = Heroes of Newerth
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NJStar Chinese WP" = NJStar Chinese WP
"NVIDIA Drivers" = NVIDIA Drivers
"oovootb" = ooVoo Toolbar (Remove Toolbar Only)
"QcDrv" = Logitech® Camera Driver
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebcamMax" = WebcamMax
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver
"Xilisoft MP4 Converter" = Xilisoft MP4 Converter
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Electric Field Hockey - derived from work by Ruth Chabay" = Electric Field Hockey - derived from work by Ruth Chabay
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 6/16/2009 9:26:47 PM | Computer Name = ERIC-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application aowsminstaller.exe, version 0.0.0.0, faulting
module kernel32.dll, version 5.1.2600.2180, fault address 0x0001eb33.
Error - 6/18/2009 3:17:02 PM | Computer Name = ERIC-COMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: MapleStory -- Error 1706.No valid source could be found for
product MapleStory. The Windows Installer cannot continue.
Error - 6/18/2009 3:17:40 PM | Computer Name = ERIC-COMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: MapleStory -- Error 1706.No valid source could be found for
product MapleStory. The Windows Installer cannot continue.
Error - 6/21/2009 1:49:02 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application ra3ep1_1.0.game, version 1.0.3313.38400, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/12/2009 8:41:25 PM | Computer Name = ERIC-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application engine.exe, version 0.0.0.0, faulting module
, version 7.10.3077.0, fault address 0x0000497a.
Error - 8/18/2009 2:50:47 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application uTorrent.exe, version 1.8.2.14458, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/18/2009 2:51:18 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application FrostWire.exe, version 1.0.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 8/20/2009 7:03:07 PM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application aim6.exe, version 1.4.9.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare IP service service terminated unexpectedly. It has
done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare Intelligent Application Manager (IAM) service terminated
unexpectedly. It has done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare user log service service terminated unexpectedly. It
has done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The AVG Free8 E-mail Scanner service terminated unexpectedly. It
has done this 1 time(s).
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
9, function 0. Please contact your system vendor for technical assistance.
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 1/20/2010 3:50:40 AM | Computer Name = ERIC-COMPUTER | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
< End of report >
OTL EXTRAS TEXT FILE:
OTL Extras logfile created on: 1/19/2010 11:55:37 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 572.00 Mb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 216.03 Gb Free Space | 72.47% Space Free | Partition Type: NTFS
Drive D: | 7.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ERIC-COMPUTER
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56389:TCP" = 56389:TCP:*:Enabled:Pando Media Booster
"56389:UDP" = 56389:UDP:*:Enabled:Pando Media Booster
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675
"56557:TCP" = 56557:TCP:*:Enabled:Pando Media Booster
"56557:UDP" = 56557:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.EXE" = C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.EXE:*:Enabled:Age of Empires II -- File not found
"C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe" = C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- File not found
"C:\Program Files\ooVoo\ooVoo.exe" = C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo -- (ooVoo LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare)
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare)
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 15
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A3B909-55A0-4AE2-A5A8-2C92595D15A0}" = MapleStory
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B1591C79-1C35-4E09-AA15-F7D6923AFB96}" = HP Deskjet 3840
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B81023A5-71ED-46EB-BE3B-9F974D1155F1}" = HP Software Update
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Age of Wonders Shadow Magic" = Age of Wonders Shadow Magic
"AIM_6" = AIM 6
"Audacity_is1" = Audacity 1.2.6
"AVG8Uninstall" = AVG Free 8.5
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms" = Combat Arms
"FrostWire" = FrostWire 4.17.2
"hon" = Heroes of Newerth
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NJStar Chinese WP" = NJStar Chinese WP
"NVIDIA Drivers" = NVIDIA Drivers
"oovootb" = ooVoo Toolbar (Remove Toolbar Only)
"QcDrv" = Logitech® Camera Driver
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebcamMax" = WebcamMax
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver
"Xilisoft MP4 Converter" = Xilisoft MP4 Converter
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Electric Field Hockey - derived from work by Ruth Chabay" = Electric Field Hockey - derived from work by Ruth Chabay
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 6/16/2009 9:26:47 PM | Computer Name = ERIC-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application aowsminstaller.exe, version 0.0.0.0, faulting
module kernel32.dll, version 5.1.2600.2180, fault address 0x0001eb33.
Error - 6/18/2009 3:17:02 PM | Computer Name = ERIC-COMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: MapleStory -- Error 1706.No valid source could be found for
product MapleStory. The Windows Installer cannot continue.
Error - 6/18/2009 3:17:40 PM | Computer Name = ERIC-COMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: MapleStory -- Error 1706.No valid source could be found for
product MapleStory. The Windows Installer cannot continue.
Error - 6/21/2009 1:49:02 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application ra3ep1_1.0.game, version 1.0.3313.38400, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/12/2009 8:41:25 PM | Computer Name = ERIC-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application engine.exe, version 0.0.0.0, faulting module
, version 7.10.3077.0, fault address 0x0000497a.
Error - 8/18/2009 2:50:47 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application uTorrent.exe, version 1.8.2.14458, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/18/2009 2:51:18 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application FrostWire.exe, version 1.0.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 8/20/2009 7:03:07 PM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application aim6.exe, version 1.4.9.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare IP service service terminated unexpectedly. It has
done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare Intelligent Application Manager (IAM) service terminated
unexpectedly. It has done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare user log service service terminated unexpectedly. It
has done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The AVG Free8 E-mail Scanner service terminated unexpectedly. It
has done this 1 time(s).
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
9, function 0. Please contact your system vendor for technical assistance.
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 1/20/2010 3:50:40 AM | Computer Name = ERIC-COMPUTER | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
< End of report >
OTL EXTRAS TEXT FILE:
OTL Extras logfile created on: 1/19/2010 11:55:37 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 572.00 Mb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 216.03 Gb Free Space | 72.47% Space Free | Partition Type: NTFS
Drive D: | 7.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ERIC-COMPUTER
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56389:TCP" = 56389:TCP:*:Enabled:Pando Media Booster
"56389:UDP" = 56389:UDP:*:Enabled:Pando Media Booster
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675
"56557:TCP" = 56557:TCP:*:Enabled:Pando Media Booster
"56557:UDP" = 56557:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.EXE" = C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.EXE:*:Enabled:Age of Empires II -- File not found
"C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe" = C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- File not found
"C:\Program Files\ooVoo\ooVoo.exe" = C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo -- (ooVoo LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare)
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare)
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 15
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A3B909-55A0-4AE2-A5A8-2C92595D15A0}" = MapleStory
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B1591C79-1C35-4E09-AA15-F7D6923AFB96}" = HP Deskjet 3840
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B81023A5-71ED-46EB-BE3B-9F974D1155F1}" = HP Software Update
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Age of Wonders Shadow Magic" = Age of Wonders Shadow Magic
"AIM_6" = AIM 6
"Audacity_is1" = Audacity 1.2.6
"AVG8Uninstall" = AVG Free 8.5
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms" = Combat Arms
"FrostWire" = FrostWire 4.17.2
"hon" = Heroes of Newerth
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NJStar Chinese WP" = NJStar Chinese WP
"NVIDIA Drivers" = NVIDIA Drivers
"oovootb" = ooVoo Toolbar (Remove Toolbar Only)
"QcDrv" = Logitech® Camera Driver
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebcamMax" = WebcamMax
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver
"Xilisoft MP4 Converter" = Xilisoft MP4 Converter
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Electric Field Hockey - derived from work by Ruth Chabay" = Electric Field Hockey - derived from work by Ruth Chabay
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 6/16/2009 9:26:47 PM | Computer Name = ERIC-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application aowsminstaller.exe, version 0.0.0.0, faulting
module kernel32.dll, version 5.1.2600.2180, fault address 0x0001eb33.
Error - 6/18/2009 3:17:02 PM | Computer Name = ERIC-COMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: MapleStory -- Error 1706.No valid source could be found for
product MapleStory. The Windows Installer cannot continue.
Error - 6/18/2009 3:17:40 PM | Computer Name = ERIC-COMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: MapleStory -- Error 1706.No valid source could be found for
product MapleStory. The Windows Installer cannot continue.
Error - 6/21/2009 1:49:02 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application ra3ep1_1.0.game, version 1.0.3313.38400, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/12/2009 8:41:25 PM | Computer Name = ERIC-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application engine.exe, version 0.0.0.0, faulting module
, version 7.10.3077.0, fault address 0x0000497a.
Error - 8/18/2009 2:50:47 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application uTorrent.exe, version 1.8.2.14458, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/18/2009 2:51:18 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application FrostWire.exe, version 1.0.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 8/20/2009 7:03:07 PM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application aim6.exe, version 1.4.9.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare IP service service terminated unexpectedly. It has
done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare Intelligent Application Manager (IAM) service terminated
unexpectedly. It has done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare user log service service terminated unexpectedly. It
has done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The AVG Free8 E-mail Scanner service terminated unexpectedly. It
has done this 1 time(s).
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
9, function 0. Please contact your system vendor for technical assistance.
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 1/20/2010 3:50:40 AM | Computer Name = ERIC-COMPUTER | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
< End of report >
OTL EXTRA:
OTL EXTRAS TEXT FILE:
OTL Extras logfile created on: 1/19/2010 11:55:37 PM - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 572.00 Mb Available Physical Memory | 56.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 216.03 Gb Free Space | 72.47% Space Free | Partition Type: NTFS
Drive D: | 7.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ERIC-COMPUTER
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56389:TCP" = 56389:TCP:*:Enabled:Pando Media Booster
"56389:UDP" = 56389:UDP:*:Enabled:Pando Media Booster
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675
"56557:TCP" = 56557:TCP:*:Enabled:Pando Media Booster
"56557:UDP" = 56557:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.EXE" = C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.EXE:*:Enabled:Age of Empires II -- File not found
"C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe" = C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- File not found
"C:\Program Files\ooVoo\ooVoo.exe" = C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo -- (ooVoo LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare)
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare)
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 15
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A3B909-55A0-4AE2-A5A8-2C92595D15A0}" = MapleStory
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B1591C79-1C35-4E09-AA15-F7D6923AFB96}" = HP Deskjet 3840
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B81023A5-71ED-46EB-BE3B-9F974D1155F1}" = HP Software Update
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Age of Wonders Shadow Magic" = Age of Wonders Shadow Magic
"AIM_6" = AIM 6
"Audacity_is1" = Audacity 1.2.6
"AVG8Uninstall" = AVG Free 8.5
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms" = Combat Arms
"FrostWire" = FrostWire 4.17.2
"hon" = Heroes of Newerth
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NJStar Chinese WP" = NJStar Chinese WP
"NVIDIA Drivers" = NVIDIA Drivers
"oovootb" = ooVoo Toolbar (Remove Toolbar Only)
"QcDrv" = Logitech® Camera Driver
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebcamMax" = WebcamMax
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver
"Xilisoft MP4 Converter" = Xilisoft MP4 Converter
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Electric Field Hockey - derived from work by Ruth Chabay" = Electric Field Hockey - derived from work by Ruth Chabay
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 6/16/2009 9:26:47 PM | Computer Name = ERIC-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application aowsminstaller.exe, version 0.0.0.0, faulting
module kernel32.dll, version 5.1.2600.2180, fault address 0x0001eb33.
Error - 6/18/2009 3:17:02 PM | Computer Name = ERIC-COMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: MapleStory -- Error 1706.No valid source could be found for
product MapleStory. The Windows Installer cannot continue.
Error - 6/18/2009 3:17:40 PM | Computer Name = ERIC-COMPUTER | Source = MsiInstaller | ID = 11706
Description = Product: MapleStory -- Error 1706.No valid source could be found for
product MapleStory. The Windows Installer cannot continue.
Error - 6/21/2009 1:49:02 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application ra3ep1_1.0.game, version 1.0.3313.38400, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/12/2009 8:41:25 PM | Computer Name = ERIC-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application engine.exe, version 0.0.0.0, faulting module
, version 7.10.3077.0, fault address 0x0000497a.
Error - 8/18/2009 2:50:47 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application uTorrent.exe, version 1.8.2.14458, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/18/2009 2:51:18 AM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application FrostWire.exe, version 1.0.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 8/20/2009 7:03:07 PM | Computer Name = ERIC-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application aim6.exe, version 1.4.9.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare IP service service terminated unexpectedly. It has
done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare Intelligent Application Manager (IAM) service terminated
unexpectedly. It has done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The ForceWare user log service service terminated unexpectedly. It
has done this 1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
Error - 1/20/2010 3:47:38 AM | Computer Name = ERIC-COMPUTER | Source = Service Control Manager | ID = 7034
Description = The AVG Free8 E-mail Scanner service terminated unexpectedly. It
has done this 1 time(s).
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
9, function 0. Please contact your system vendor for technical assistance.
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.
Error - 1/20/2010 3:49:46 AM | Computer Name = ERIC-COMPUTER | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 1/20/2010 3:50:40 AM | Computer Name = ERIC-COMPUTER | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
< End of report >