OTL Extras logfile created on: 11/1/2009 3:04:11 PM - Run 1 OTL by OldTimer - Version 3.1.2.0 Folder = C:\Documents and Settings\Shane\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.25 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 71.26% Memory free 2.98 Gb Paging File | 2.75 Gb Available in Paging File | 92.04% Paging File free Paging file location(s): C:\pagefile.sys 1920 3840 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.21 Gb Total Space | 27.55 Gb Free Space | 74.04% Space Free | Partition Type: NTFS Drive D: | 24.24 Gb Total Space | 7.59 Gb Free Space | 31.32% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SHANE-NEW122806 Current User Name: Shane Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer -- (LimeWire) "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- () "C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus -- (Azureus, Inc) "C:\Program Files\Steam\steamapps\crazyaznpower\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\crazyaznpower\counter-strike source\hl2.exe:*:Enabled:hl2 -- File not found "C:\Program Files\Steam\steamapps\crazyaznpower\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\crazyaznpower\condition zero\hl.exe:*:Enabled:Half-Life Launcher -- File not found "C:\WINDOWS\system32\yvawkxkx.exe" = C:\WINDOWS\system32\yvawteamapps\crazyaznpower\ "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- File not found "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26595B84-25F5-43E2-9696-B1720E813850}" = WZCBDL Service "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16 "{2CA94ED4-F38D-44B4-A79D-E5835E276EFC}" = Air USB Utility "{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{8A508AAA-3B69-4326-B89E-A6166FA05D3C}" = Canon MultiPASS Suite 4.00 "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2 "{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers "{BCF4E5BE-C249-4ED3-BA3B-C4257C743995}" = NIOC Service "{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Azureus 3.0" = Azureus 3.0 "BCM V.92 56K Modem" = BCM V.92 56K Modem "Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0 "ERUNT_is1" = ERUNT 1.1j "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{26595B84-25F5-43E2-9696-B1720E813850}" = WZCBDL Service "InstallShield_{2CA94ED4-F38D-44B4-A79D-E5835E276EFC}" = Air USB Utility "InstallShield_{BCF4E5BE-C249-4ED3-BA3B-C4257C743995}" = NIOC Service "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "Office8.0" = Microsoft Office 97, Professional Edition "PROSet" = Intel(R) PRO Network Adapters and Drivers "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "Spyware Doctor_is1" = Spyware Doctor 4.0 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 2 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Worms Armageddon" = Worms Armageddon "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2/1/2008 11:34:55 PM | Computer Name = SHANE-NEW122806 | Source = SecurityCenter | ID = 1802 Description = The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall. Error - 2/1/2008 11:39:52 PM | Computer Name = SHANE-NEW122806 | Source = SecurityCenter | ID = 1802 Description = The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall. Error - 2/1/2008 11:47:34 PM | Computer Name = SHANE-NEW122806 | Source = SecurityCenter | ID = 1802 Description = The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall. Error - 2/6/2008 9:13:18 PM | Computer Name = SHANE-NEW122806 | Source = SecurityCenter | ID = 1802 Description = The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall. Error - 2/13/2008 7:09:14 AM | Computer Name = SHANE-NEW122806 | Source = SecurityCenter | ID = 1802 Description = The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall. Error - 4/9/2008 7:09:28 AM | Computer Name = SHANE-NEW122806 | Source = SecurityCenter | ID = 1802 Description = The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall. Error - 5/28/2008 6:07:53 AM | Computer Name = SHANE-NEW122806 | Source = SecurityCenter | ID = 1802 Description = The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall. Error - 6/9/2008 12:32:32 PM | Computer Name = SHANE-NEW122806 | Source = SecurityCenter | ID = 1802 Description = The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall. Error - 6/9/2008 12:34:30 PM | Computer Name = SHANE-NEW122806 | Source = Application Error | ID = 1000 Description = Faulting application ism.exe, version 0.0.0.0, faulting module ism.exe, version 0.0.0.0, fault address 0x00002553. Error - 6/9/2008 12:34:31 PM | Computer Name = SHANE-NEW122806 | Source = Application Error | ID = 1000 Description = Faulting application winable.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x001401bd. [ System Events ] Error - 11/1/2009 2:00:00 PM | Computer Name = SHANE-NEW122806 | Source = Schedule | ID = 7901 Description = The At35.job command failed to start due to the following error: %%2147942402 Error - 11/1/2009 6:32:09 PM | Computer Name = SHANE-NEW122806 | Source = Service Control Manager | ID = 7000 Description = The PC Tools Spyware Doctor service failed to start due to the following error: %%2 Error - 11/1/2009 6:39:30 PM | Computer Name = SHANE-NEW122806 | Source = Service Control Manager | ID = 7034 Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). Error - 11/1/2009 6:39:30 PM | Computer Name = SHANE-NEW122806 | Source = Service Control Manager | ID = 7034 Description = The MpService service terminated unexpectedly. It has done this 1 time(s). Error - 11/1/2009 6:39:30 PM | Computer Name = SHANE-NEW122806 | Source = Service Control Manager | ID = 7034 Description = The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). Error - 11/1/2009 6:39:30 PM | Computer Name = SHANE-NEW122806 | Source = Service Control Manager | ID = 7034 Description = The WZCBDL Service service terminated unexpectedly. It has done this 1 time(s). Error - 11/1/2009 6:42:21 PM | Computer Name = SHANE-NEW122806 | Source = Service Control Manager | ID = 7000 Description = The PC Tools Spyware Doctor service failed to start due to the following error: %%2 Error - 11/1/2009 6:52:26 PM | Computer Name = SHANE-NEW122806 | Source = Service Control Manager | ID = 7000 Description = The PC Tools Spyware Doctor service failed to start due to the following error: %%2 Error - 11/1/2009 7:00:00 PM | Computer Name = SHANE-NEW122806 | Source = Schedule | ID = 7901 Description = The At16.job command failed to start due to the following error: %%2147942402 Error - 11/1/2009 7:00:00 PM | Computer Name = SHANE-NEW122806 | Source = Schedule | ID = 7901 Description = The At40.job command failed to start due to the following error: %%2147942402 < End of report >