OTL Extras logfile created on: 7/16/2012 11:58:13 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\DAVID\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 78.18% Memory free
8.00 Gb Paging File | 7.06 Gb Available in Paging File | 88.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 186.85 Gb Free Space | 80.23% Space Free | Partition Type: NTFS
Computer Name: ASUS_DUAL-CORE | User Name: DAVID | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C5D136-CBB9-446F-ACBB-9F7C80728871}" = lport=138 | protocol=17 | dir=in | app=system |
"{0CD869D1-49C5-40BC-8EC2-CC5F079C9CF5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D332DBD-A894-47BB-A119-A6BE97AFBF0C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1DEF776B-67F5-4EA0-9178-6CA3B60BA206}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2EF59BF7-D154-46A8-99AF-8E4491B22063}" = lport=2869 | protocol=6 | dir=in | app=system |
"{333ADF0F-4266-4CE3-8E2A-72AFDB660052}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4625E1AB-05C5-46FD-81AC-58B5B45B2856}" = rport=139 | protocol=6 | dir=out | app=system |
"{92549C85-8896-4810-8156-57D572F33E3E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A7E750EC-03CE-40A4-AF31-E832DA01D166}" = rport=138 | protocol=17 | dir=out | app=system |
"{B60970E9-4514-4A42-8ADC-CF45769DEA07}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B62F202C-803E-4A45-A805-73BEEB961F25}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6F67DA9-8526-4E80-A195-FEA40E11E075}" = lport=139 | protocol=6 | dir=in | app=system |
"{B936565B-6E7F-4AFA-9FBE-60506A15511A}" = rport=137 | protocol=17 | dir=out | app=system |
"{C0E38C89-FD3D-4272-B429-A7AE55B13957}" = rport=445 | protocol=6 | dir=out | app=system |
"{C5C6D32B-2830-4665-96B7-C46D344F93FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD11F9A1-289F-476C-944F-815EAF3BD80E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E67D4542-9FDF-4744-9BD3-A36381A908ED}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EA1A09A6-537B-428A-8778-4EBE86FD8503}" = lport=137 | protocol=17 | dir=in | app=system |
"{F46AEFC5-7EF0-4913-9541-D92CC0FADE0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6C12633-3A09-4118-B768-CD75CE647CE6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F74CC97F-E8D4-4979-AAE1-5E3E1D897B2A}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0350A3F4-5CA6-4A87-B0C4-F96F4DA1B403}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{06E0CFF8-9A0D-42BC-940B-0E7435ED6F44}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1164C56B-DF67-4D68-8EEB-536B237854F0}" = protocol=6 | dir=out | app=system |
"{1FDEC630-0270-49B7-9E3D-1AF6BCEA9D4B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3D63F978-D025-4911-86B4-0281754DF46D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3D832E20-272D-4BB4-9E07-40C2D549E27A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E1D5B8D-CB01-4233-BB1C-19060B7CD00A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4EE2C4F3-C166-4064-8521-F9F96853E59A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50235FB5-F37D-421A-BC6D-D48629154FA0}" = protocol=6 | dir=in | app=c:\program files (x86)\lock poker\pokerclient.exe |
"{5120396A-C5FD-4CB3-A171-747CDEB8979E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{57A23856-83B4-4E03-9B59-84F1BA94C7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\lock poker\pokerclient.exe |
"{5DC7A44C-8050-44B6-8E59-CDED186556C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63224710-9792-419D-9DCD-CC76BD785A2C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6856D280-169F-44E8-9347-271776EF9C20}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{69A0B57B-06EE-4DE2-AAEF-1FC4513C23CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77BA0DC1-0CBC-4192-893F-11E002B185BE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A3FCC318-F961-4C67-899D-70BF165F0666}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{C87BCBE0-1E3E-4045-85BC-07D812B350A3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C99567F6-694F-4295-9724-98654A01AFAA}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{DFC00CD5-A3D0-4759-A14B-7F0B594DBDE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2055465-7DED-4ED5-BA72-3336EEC78876}" = protocol=58 | dir=in | app=system |
"{EB702C00-1F70-46D5-8404-69DC56A299C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2DF3994-5194-4800-A27E-476741732F36}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F6BCA7A6-B6D5-49D6-A375-080408E1C561}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{FA679DFE-7C0F-4B5E-9240-F5F1A74F6CC3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA77DB38-49AF-475D-965B-2B32B4DF54C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB067399-C246-4C83-909F-ADE3B2DC233D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{430F6233-B83B-46B5-84DA-7BF047E63CAB}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{9B46014E-0D65-42F6-83FF-F4B2BA949B3C}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe |
"TCP Query User{F56A26BE-1270-4C7D-94FB-9D39C007E503}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{633E0C1A-5E82-47DA-B991-7668B6CF5BA0}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{7D087458-A331-4971-AEB5-F16F1FB0F228}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{7DD6475D-33E1-4D10-87DE-C06086E87BE2}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"HDMI" = Intel(R) Graphics Media Accelerator Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0f6a4080-a890-4d08-873f-ca211f828a6c}" = Cool Cat Casino
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2A82EBFC-89AB-41EA-80E8-A07C73C752A0}" = WorldWinner Games
"{3BB33344-3179-49A4-B6EB-22D2A390764D}" = HP Webcam User's Guide
"{41B44041-D45D-41EB-A1EF-A12BB5C6996B}" = ArcSoft Magic-i Visual Effects 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{740ed830-8014-4714-abc4-dd98b8549419}" = Virtual Casino
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8b250990-e347-403b-834e-6073f512efe7}" = Cirrus Casino
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{94406bd7-d0fc-45b2-9a59-e3f58f869397}" = Planet7 Casino
"{a29a4380-8992-43f5-b9f2-792309a08e6e}" = HighNoon Casino
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{c7026669-c53b-4ae4-85a3-56d7ca426744}" = CatsEye Casino
"{cd18be10-99c1-4a70-ad3a-3ca88606edb8}" = Club Player Casino
"{e264d6fa-ba78-4c53-96a6-7c899c09f129}" = Free Spin
"{E92E462A-700D-4949-B24B-789AEDDA3B88}" = ArcSoft ShowBiz
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFEFD86B-5D4F-4A2D-8D4E-ECD7D9AD925E}" = ArcSoft WebCam Companion 3
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bejeweled 31.0" = Bejeweled 3
"Blackdiamond" = Black Diamond
"ENTERPRISE" = Microsoft Office Enterprise 2007
"foobar2000" = foobar2000 v1.1.11
"InstallShield_{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"Lock Poker" = Lock Poker
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PokerStars.net" = PokerStars.net
"Red Light Center 3D Client" = Red Light Center 3D Client
"Updater Service" = Updater Service
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CF1AA97-47BC-41D8-B8DF-EE79C86B1573}" = Treasure Island Jackpots
"{88458270-ef4a-11e0-be50-0800200c9a66}" = Atlantis Gold Casino
"Google Chrome" = Google Chrome
"magicJack" = magicJack
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/16/2012 2:36:18 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x15c8 Faulting application
start time: 0x01cd631d4ea183c4 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 8c534e64-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:36:37 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x4634 Faulting application
start time: 0x01cd631d59d4f362 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 97853763-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:37:19 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x2c84 Faulting application
start time: 0x01cd631d727c9b09 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: b02cdf09-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:47:58 AM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
Error - 7/16/2012 3:03:05 AM | Computer Name = ASUS_DUAL-CORE | Source = Avira Antivirus | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 7/16/2012 3:03:11 AM | Computer Name = ASUS_DUAL-CORE | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 7/16/2012 3:04:33 AM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
Error - 7/16/2012 11:41:45 PM | Computer Name = ASUS_DUAL-CORE | Source = Avira Antivirus | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 7/16/2012 11:42:26 PM | Computer Name = ASUS_DUAL-CORE | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 7/16/2012 11:43:20 PM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 7/8/2012 4:44:55 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2688338).
Error - 7/8/2012 4:44:59 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2660649).
Error - 7/8/2012 4:44:59 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2644615).
Error - 7/8/2012 5:37:08 AM | Computer Name = ASUS_DUAL-CORE | Source = DCOM | ID = 10005
Description =
Error - 7/8/2012 5:37:08 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7000
Description = The Windows Activation Technologies Service service failed to start
due to the following error: %%5
Error - 7/8/2012 6:59:03 PM | Computer Name = ASUS_DUAL-CORE | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:45:54 AM on ?7/?8/?2012 was unexpected.
Error - 7/16/2012 2:48:01 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891
Error - 7/16/2012 2:48:01 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891
Error - 7/16/2012 3:03:05 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7024
Description = The Avira Realtime Protection service terminated with service-specific
error %%306.
Error - 7/16/2012 11:41:45 PM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7024
Description = The Avira Realtime Protection service terminated with service-specific
error %%306.
< End of report >
OTL Extras logfile created on: 7/16/2012 11:58:13 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\DAVID\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 78.18% Memory free
8.00 Gb Paging File | 7.06 Gb Available in Paging File | 88.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 186.85 Gb Free Space | 80.23% Space Free | Partition Type: NTFS
Computer Name: ASUS_DUAL-CORE | User Name: DAVID | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C5D136-CBB9-446F-ACBB-9F7C80728871}" = lport=138 | protocol=17 | dir=in | app=system |
"{0CD869D1-49C5-40BC-8EC2-CC5F079C9CF5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D332DBD-A894-47BB-A119-A6BE97AFBF0C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1DEF776B-67F5-4EA0-9178-6CA3B60BA206}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2EF59BF7-D154-46A8-99AF-8E4491B22063}" = lport=2869 | protocol=6 | dir=in | app=system |
"{333ADF0F-4266-4CE3-8E2A-72AFDB660052}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4625E1AB-05C5-46FD-81AC-58B5B45B2856}" = rport=139 | protocol=6 | dir=out | app=system |
"{92549C85-8896-4810-8156-57D572F33E3E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A7E750EC-03CE-40A4-AF31-E832DA01D166}" = rport=138 | protocol=17 | dir=out | app=system |
"{B60970E9-4514-4A42-8ADC-CF45769DEA07}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B62F202C-803E-4A45-A805-73BEEB961F25}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6F67DA9-8526-4E80-A195-FEA40E11E075}" = lport=139 | protocol=6 | dir=in | app=system |
"{B936565B-6E7F-4AFA-9FBE-60506A15511A}" = rport=137 | protocol=17 | dir=out | app=system |
"{C0E38C89-FD3D-4272-B429-A7AE55B13957}" = rport=445 | protocol=6 | dir=out | app=system |
"{C5C6D32B-2830-4665-96B7-C46D344F93FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD11F9A1-289F-476C-944F-815EAF3BD80E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E67D4542-9FDF-4744-9BD3-A36381A908ED}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EA1A09A6-537B-428A-8778-4EBE86FD8503}" = lport=137 | protocol=17 | dir=in | app=system |
"{F46AEFC5-7EF0-4913-9541-D92CC0FADE0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6C12633-3A09-4118-B768-CD75CE647CE6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F74CC97F-E8D4-4979-AAE1-5E3E1D897B2A}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0350A3F4-5CA6-4A87-B0C4-F96F4DA1B403}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{06E0CFF8-9A0D-42BC-940B-0E7435ED6F44}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1164C56B-DF67-4D68-8EEB-536B237854F0}" = protocol=6 | dir=out | app=system |
"{1FDEC630-0270-49B7-9E3D-1AF6BCEA9D4B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3D63F978-D025-4911-86B4-0281754DF46D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3D832E20-272D-4BB4-9E07-40C2D549E27A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E1D5B8D-CB01-4233-BB1C-19060B7CD00A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4EE2C4F3-C166-4064-8521-F9F96853E59A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50235FB5-F37D-421A-BC6D-D48629154FA0}" = protocol=6 | dir=in | app=c:\program files (x86)\lock poker\pokerclient.exe |
"{5120396A-C5FD-4CB3-A171-747CDEB8979E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{57A23856-83B4-4E03-9B59-84F1BA94C7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\lock poker\pokerclient.exe |
"{5DC7A44C-8050-44B6-8E59-CDED186556C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63224710-9792-419D-9DCD-CC76BD785A2C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6856D280-169F-44E8-9347-271776EF9C20}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{69A0B57B-06EE-4DE2-AAEF-1FC4513C23CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77BA0DC1-0CBC-4192-893F-11E002B185BE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A3FCC318-F961-4C67-899D-70BF165F0666}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{C87BCBE0-1E3E-4045-85BC-07D812B350A3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C99567F6-694F-4295-9724-98654A01AFAA}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{DFC00CD5-A3D0-4759-A14B-7F0B594DBDE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2055465-7DED-4ED5-BA72-3336EEC78876}" = protocol=58 | dir=in | app=system |
"{EB702C00-1F70-46D5-8404-69DC56A299C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2DF3994-5194-4800-A27E-476741732F36}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F6BCA7A6-B6D5-49D6-A375-080408E1C561}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{FA679DFE-7C0F-4B5E-9240-F5F1A74F6CC3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA77DB38-49AF-475D-965B-2B32B4DF54C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB067399-C246-4C83-909F-ADE3B2DC233D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{430F6233-B83B-46B5-84DA-7BF047E63CAB}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{9B46014E-0D65-42F6-83FF-F4B2BA949B3C}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe |
"TCP Query User{F56A26BE-1270-4C7D-94FB-9D39C007E503}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{633E0C1A-5E82-47DA-B991-7668B6CF5BA0}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{7D087458-A331-4971-AEB5-F16F1FB0F228}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{7DD6475D-33E1-4D10-87DE-C06086E87BE2}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"HDMI" = Intel(R) Graphics Media Accelerator Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0f6a4080-a890-4d08-873f-ca211f828a6c}" = Cool Cat Casino
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2A82EBFC-89AB-41EA-80E8-A07C73C752A0}" = WorldWinner Games
"{3BB33344-3179-49A4-B6EB-22D2A390764D}" = HP Webcam User's Guide
"{41B44041-D45D-41EB-A1EF-A12BB5C6996B}" = ArcSoft Magic-i Visual Effects 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{740ed830-8014-4714-abc4-dd98b8549419}" = Virtual Casino
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8b250990-e347-403b-834e-6073f512efe7}" = Cirrus Casino
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{94406bd7-d0fc-45b2-9a59-e3f58f869397}" = Planet7 Casino
"{a29a4380-8992-43f5-b9f2-792309a08e6e}" = HighNoon Casino
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{c7026669-c53b-4ae4-85a3-56d7ca426744}" = CatsEye Casino
"{cd18be10-99c1-4a70-ad3a-3ca88606edb8}" = Club Player Casino
"{e264d6fa-ba78-4c53-96a6-7c899c09f129}" = Free Spin
"{E92E462A-700D-4949-B24B-789AEDDA3B88}" = ArcSoft ShowBiz
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFEFD86B-5D4F-4A2D-8D4E-ECD7D9AD925E}" = ArcSoft WebCam Companion 3
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bejeweled 31.0" = Bejeweled 3
"Blackdiamond" = Black Diamond
"ENTERPRISE" = Microsoft Office Enterprise 2007
"foobar2000" = foobar2000 v1.1.11
"InstallShield_{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"Lock Poker" = Lock Poker
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PokerStars.net" = PokerStars.net
"Red Light Center 3D Client" = Red Light Center 3D Client
"Updater Service" = Updater Service
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CF1AA97-47BC-41D8-B8DF-EE79C86B1573}" = Treasure Island Jackpots
"{88458270-ef4a-11e0-be50-0800200c9a66}" = Atlantis Gold Casino
"Google Chrome" = Google Chrome
"magicJack" = magicJack
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/16/2012 2:36:18 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x15c8 Faulting application
start time: 0x01cd631d4ea183c4 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 8c534e64-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:36:37 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x4634 Faulting application
start time: 0x01cd631d59d4f362 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 97853763-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:37:19 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x2c84 Faulting application
start time: 0x01cd631d727c9b09 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: b02cdf09-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:47:58 AM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
Error - 7/16/2012 3:03:05 AM | Computer Name = ASUS_DUAL-CORE | Source = Avira Antivirus | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 7/16/2012 3:03:11 AM | Computer Name = ASUS_DUAL-CORE | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 7/16/2012 3:04:33 AM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
Error - 7/16/2012 11:41:45 PM | Computer Name = ASUS_DUAL-CORE | Source = Avira Antivirus | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 7/16/2012 11:42:26 PM | Computer Name = ASUS_DUAL-CORE | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 7/16/2012 11:43:20 PM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 7/8/2012 4:44:55 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2688338).
Error - 7/8/2012 4:44:59 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2660649).
Error - 7/8/2012 4:44:59 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2644615).
Error - 7/8/2012 5:37:08 AM | Computer Name = ASUS_DUAL-CORE | Source = DCOM | ID = 10005
Description =
Error - 7/8/2012 5:37:08 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7000
Description = The Windows Activation Technologies Service service failed to start
due to the following error: %%5
Error - 7/8/2012 6:59:03 PM | Computer Name = ASUS_DUAL-CORE | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:45:54 AM on ?7/?8/?2012 was unexpected.
Error - 7/16/2012 2:48:01 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891
Error - 7/16/2012 2:48:01 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891
Error - 7/16/2012 3:03:05 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7024
Description = The Avira Realtime Protection service terminated with service-specific
error %%306.
Error - 7/16/2012 11:41:45 PM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7024
Description = The Avira Realtime Protection service terminated with service-specific
error %%306.
< End of report >
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-17 01:21:26
-----------------------------
01:21:26.337 OS Version: Windows x64 6.1.7601 Service Pack 1
01:21:26.337 Number of processors: 2 586 0x404
01:21:26.338 ComputerName: ASUS_DUAL-CORE UserName: DAVID
01:21:27.482 Initialize success
01:21:48.344 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
01:21:48.344 Disk 0 Vendor: ST3250310AS 3.AAC Size: 238474MB BusType: 3
01:21:48.360 Disk 0 MBR read successfully
01:21:48.360 Disk 0 MBR scan
01:21:48.375 Disk 0 Windows 7 default MBR code
01:21:48.375 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238472 MB offset 2048
01:21:48.391 Disk 0 scanning C:\Windows\system32\drivers
01:21:52.962 Service scanning
01:22:03.788 Modules scanning
01:22:03.788 Disk 0 trace - called modules:
01:22:03.804 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
01:22:03.804 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048e25d0]
01:22:03.819 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa80043b5580]
01:22:03.819 5 ACPI.sys[fffff88000ee87a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80043b7060]
01:22:04.334 Scan finished successfully
01:23:39.357 Disk 0 MBR has been saved successfully to "C:\Users\DAVID\Desktop\MBR.dat"
01:23:39.364 The log file has been saved successfully to "C:\Users\DAVID\Desktop\aswMBR.txt"
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\DAVID\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 78.18% Memory free
8.00 Gb Paging File | 7.06 Gb Available in Paging File | 88.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 186.85 Gb Free Space | 80.23% Space Free | Partition Type: NTFS
Computer Name: ASUS_DUAL-CORE | User Name: DAVID | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C5D136-CBB9-446F-ACBB-9F7C80728871}" = lport=138 | protocol=17 | dir=in | app=system |
"{0CD869D1-49C5-40BC-8EC2-CC5F079C9CF5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D332DBD-A894-47BB-A119-A6BE97AFBF0C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1DEF776B-67F5-4EA0-9178-6CA3B60BA206}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2EF59BF7-D154-46A8-99AF-8E4491B22063}" = lport=2869 | protocol=6 | dir=in | app=system |
"{333ADF0F-4266-4CE3-8E2A-72AFDB660052}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4625E1AB-05C5-46FD-81AC-58B5B45B2856}" = rport=139 | protocol=6 | dir=out | app=system |
"{92549C85-8896-4810-8156-57D572F33E3E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A7E750EC-03CE-40A4-AF31-E832DA01D166}" = rport=138 | protocol=17 | dir=out | app=system |
"{B60970E9-4514-4A42-8ADC-CF45769DEA07}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B62F202C-803E-4A45-A805-73BEEB961F25}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6F67DA9-8526-4E80-A195-FEA40E11E075}" = lport=139 | protocol=6 | dir=in | app=system |
"{B936565B-6E7F-4AFA-9FBE-60506A15511A}" = rport=137 | protocol=17 | dir=out | app=system |
"{C0E38C89-FD3D-4272-B429-A7AE55B13957}" = rport=445 | protocol=6 | dir=out | app=system |
"{C5C6D32B-2830-4665-96B7-C46D344F93FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD11F9A1-289F-476C-944F-815EAF3BD80E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E67D4542-9FDF-4744-9BD3-A36381A908ED}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EA1A09A6-537B-428A-8778-4EBE86FD8503}" = lport=137 | protocol=17 | dir=in | app=system |
"{F46AEFC5-7EF0-4913-9541-D92CC0FADE0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6C12633-3A09-4118-B768-CD75CE647CE6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F74CC97F-E8D4-4979-AAE1-5E3E1D897B2A}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0350A3F4-5CA6-4A87-B0C4-F96F4DA1B403}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{06E0CFF8-9A0D-42BC-940B-0E7435ED6F44}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1164C56B-DF67-4D68-8EEB-536B237854F0}" = protocol=6 | dir=out | app=system |
"{1FDEC630-0270-49B7-9E3D-1AF6BCEA9D4B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3D63F978-D025-4911-86B4-0281754DF46D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3D832E20-272D-4BB4-9E07-40C2D549E27A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E1D5B8D-CB01-4233-BB1C-19060B7CD00A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4EE2C4F3-C166-4064-8521-F9F96853E59A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50235FB5-F37D-421A-BC6D-D48629154FA0}" = protocol=6 | dir=in | app=c:\program files (x86)\lock poker\pokerclient.exe |
"{5120396A-C5FD-4CB3-A171-747CDEB8979E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{57A23856-83B4-4E03-9B59-84F1BA94C7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\lock poker\pokerclient.exe |
"{5DC7A44C-8050-44B6-8E59-CDED186556C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63224710-9792-419D-9DCD-CC76BD785A2C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6856D280-169F-44E8-9347-271776EF9C20}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{69A0B57B-06EE-4DE2-AAEF-1FC4513C23CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77BA0DC1-0CBC-4192-893F-11E002B185BE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A3FCC318-F961-4C67-899D-70BF165F0666}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{C87BCBE0-1E3E-4045-85BC-07D812B350A3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C99567F6-694F-4295-9724-98654A01AFAA}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{DFC00CD5-A3D0-4759-A14B-7F0B594DBDE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2055465-7DED-4ED5-BA72-3336EEC78876}" = protocol=58 | dir=in | app=system |
"{EB702C00-1F70-46D5-8404-69DC56A299C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2DF3994-5194-4800-A27E-476741732F36}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F6BCA7A6-B6D5-49D6-A375-080408E1C561}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{FA679DFE-7C0F-4B5E-9240-F5F1A74F6CC3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA77DB38-49AF-475D-965B-2B32B4DF54C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB067399-C246-4C83-909F-ADE3B2DC233D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{430F6233-B83B-46B5-84DA-7BF047E63CAB}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{9B46014E-0D65-42F6-83FF-F4B2BA949B3C}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe |
"TCP Query User{F56A26BE-1270-4C7D-94FB-9D39C007E503}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{633E0C1A-5E82-47DA-B991-7668B6CF5BA0}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{7D087458-A331-4971-AEB5-F16F1FB0F228}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{7DD6475D-33E1-4D10-87DE-C06086E87BE2}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"HDMI" = Intel(R) Graphics Media Accelerator Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0f6a4080-a890-4d08-873f-ca211f828a6c}" = Cool Cat Casino
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2A82EBFC-89AB-41EA-80E8-A07C73C752A0}" = WorldWinner Games
"{3BB33344-3179-49A4-B6EB-22D2A390764D}" = HP Webcam User's Guide
"{41B44041-D45D-41EB-A1EF-A12BB5C6996B}" = ArcSoft Magic-i Visual Effects 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{740ed830-8014-4714-abc4-dd98b8549419}" = Virtual Casino
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8b250990-e347-403b-834e-6073f512efe7}" = Cirrus Casino
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{94406bd7-d0fc-45b2-9a59-e3f58f869397}" = Planet7 Casino
"{a29a4380-8992-43f5-b9f2-792309a08e6e}" = HighNoon Casino
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{c7026669-c53b-4ae4-85a3-56d7ca426744}" = CatsEye Casino
"{cd18be10-99c1-4a70-ad3a-3ca88606edb8}" = Club Player Casino
"{e264d6fa-ba78-4c53-96a6-7c899c09f129}" = Free Spin
"{E92E462A-700D-4949-B24B-789AEDDA3B88}" = ArcSoft ShowBiz
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFEFD86B-5D4F-4A2D-8D4E-ECD7D9AD925E}" = ArcSoft WebCam Companion 3
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bejeweled 31.0" = Bejeweled 3
"Blackdiamond" = Black Diamond
"ENTERPRISE" = Microsoft Office Enterprise 2007
"foobar2000" = foobar2000 v1.1.11
"InstallShield_{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"Lock Poker" = Lock Poker
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PokerStars.net" = PokerStars.net
"Red Light Center 3D Client" = Red Light Center 3D Client
"Updater Service" = Updater Service
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CF1AA97-47BC-41D8-B8DF-EE79C86B1573}" = Treasure Island Jackpots
"{88458270-ef4a-11e0-be50-0800200c9a66}" = Atlantis Gold Casino
"Google Chrome" = Google Chrome
"magicJack" = magicJack
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/16/2012 2:36:18 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x15c8 Faulting application
start time: 0x01cd631d4ea183c4 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 8c534e64-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:36:37 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x4634 Faulting application
start time: 0x01cd631d59d4f362 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 97853763-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:37:19 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x2c84 Faulting application
start time: 0x01cd631d727c9b09 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: b02cdf09-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:47:58 AM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
Error - 7/16/2012 3:03:05 AM | Computer Name = ASUS_DUAL-CORE | Source = Avira Antivirus | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 7/16/2012 3:03:11 AM | Computer Name = ASUS_DUAL-CORE | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 7/16/2012 3:04:33 AM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
Error - 7/16/2012 11:41:45 PM | Computer Name = ASUS_DUAL-CORE | Source = Avira Antivirus | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 7/16/2012 11:42:26 PM | Computer Name = ASUS_DUAL-CORE | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 7/16/2012 11:43:20 PM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 7/8/2012 4:44:55 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2688338).
Error - 7/8/2012 4:44:59 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2660649).
Error - 7/8/2012 4:44:59 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2644615).
Error - 7/8/2012 5:37:08 AM | Computer Name = ASUS_DUAL-CORE | Source = DCOM | ID = 10005
Description =
Error - 7/8/2012 5:37:08 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7000
Description = The Windows Activation Technologies Service service failed to start
due to the following error: %%5
Error - 7/8/2012 6:59:03 PM | Computer Name = ASUS_DUAL-CORE | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:45:54 AM on ?7/?8/?2012 was unexpected.
Error - 7/16/2012 2:48:01 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891
Error - 7/16/2012 2:48:01 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891
Error - 7/16/2012 3:03:05 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7024
Description = The Avira Realtime Protection service terminated with service-specific
error %%306.
Error - 7/16/2012 11:41:45 PM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7024
Description = The Avira Realtime Protection service terminated with service-specific
error %%306.
< End of report >
OTL Extras logfile created on: 7/16/2012 11:58:13 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\DAVID\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 78.18% Memory free
8.00 Gb Paging File | 7.06 Gb Available in Paging File | 88.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 186.85 Gb Free Space | 80.23% Space Free | Partition Type: NTFS
Computer Name: ASUS_DUAL-CORE | User Name: DAVID | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C5D136-CBB9-446F-ACBB-9F7C80728871}" = lport=138 | protocol=17 | dir=in | app=system |
"{0CD869D1-49C5-40BC-8EC2-CC5F079C9CF5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D332DBD-A894-47BB-A119-A6BE97AFBF0C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1DEF776B-67F5-4EA0-9178-6CA3B60BA206}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2EF59BF7-D154-46A8-99AF-8E4491B22063}" = lport=2869 | protocol=6 | dir=in | app=system |
"{333ADF0F-4266-4CE3-8E2A-72AFDB660052}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4625E1AB-05C5-46FD-81AC-58B5B45B2856}" = rport=139 | protocol=6 | dir=out | app=system |
"{92549C85-8896-4810-8156-57D572F33E3E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A7E750EC-03CE-40A4-AF31-E832DA01D166}" = rport=138 | protocol=17 | dir=out | app=system |
"{B60970E9-4514-4A42-8ADC-CF45769DEA07}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B62F202C-803E-4A45-A805-73BEEB961F25}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6F67DA9-8526-4E80-A195-FEA40E11E075}" = lport=139 | protocol=6 | dir=in | app=system |
"{B936565B-6E7F-4AFA-9FBE-60506A15511A}" = rport=137 | protocol=17 | dir=out | app=system |
"{C0E38C89-FD3D-4272-B429-A7AE55B13957}" = rport=445 | protocol=6 | dir=out | app=system |
"{C5C6D32B-2830-4665-96B7-C46D344F93FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD11F9A1-289F-476C-944F-815EAF3BD80E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E67D4542-9FDF-4744-9BD3-A36381A908ED}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EA1A09A6-537B-428A-8778-4EBE86FD8503}" = lport=137 | protocol=17 | dir=in | app=system |
"{F46AEFC5-7EF0-4913-9541-D92CC0FADE0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6C12633-3A09-4118-B768-CD75CE647CE6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F74CC97F-E8D4-4979-AAE1-5E3E1D897B2A}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0350A3F4-5CA6-4A87-B0C4-F96F4DA1B403}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{06E0CFF8-9A0D-42BC-940B-0E7435ED6F44}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1164C56B-DF67-4D68-8EEB-536B237854F0}" = protocol=6 | dir=out | app=system |
"{1FDEC630-0270-49B7-9E3D-1AF6BCEA9D4B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3D63F978-D025-4911-86B4-0281754DF46D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3D832E20-272D-4BB4-9E07-40C2D549E27A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E1D5B8D-CB01-4233-BB1C-19060B7CD00A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4EE2C4F3-C166-4064-8521-F9F96853E59A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50235FB5-F37D-421A-BC6D-D48629154FA0}" = protocol=6 | dir=in | app=c:\program files (x86)\lock poker\pokerclient.exe |
"{5120396A-C5FD-4CB3-A171-747CDEB8979E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{57A23856-83B4-4E03-9B59-84F1BA94C7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\lock poker\pokerclient.exe |
"{5DC7A44C-8050-44B6-8E59-CDED186556C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63224710-9792-419D-9DCD-CC76BD785A2C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6856D280-169F-44E8-9347-271776EF9C20}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{69A0B57B-06EE-4DE2-AAEF-1FC4513C23CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77BA0DC1-0CBC-4192-893F-11E002B185BE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A3FCC318-F961-4C67-899D-70BF165F0666}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{C87BCBE0-1E3E-4045-85BC-07D812B350A3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C99567F6-694F-4295-9724-98654A01AFAA}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{DFC00CD5-A3D0-4759-A14B-7F0B594DBDE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2055465-7DED-4ED5-BA72-3336EEC78876}" = protocol=58 | dir=in | app=system |
"{EB702C00-1F70-46D5-8404-69DC56A299C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2DF3994-5194-4800-A27E-476741732F36}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F6BCA7A6-B6D5-49D6-A375-080408E1C561}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{FA679DFE-7C0F-4B5E-9240-F5F1A74F6CC3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA77DB38-49AF-475D-965B-2B32B4DF54C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB067399-C246-4C83-909F-ADE3B2DC233D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{430F6233-B83B-46B5-84DA-7BF047E63CAB}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{9B46014E-0D65-42F6-83FF-F4B2BA949B3C}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe |
"TCP Query User{F56A26BE-1270-4C7D-94FB-9D39C007E503}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{633E0C1A-5E82-47DA-B991-7668B6CF5BA0}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{7D087458-A331-4971-AEB5-F16F1FB0F228}C:\users\david\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\david\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{7DD6475D-33E1-4D10-87DE-C06086E87BE2}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"HDMI" = Intel(R) Graphics Media Accelerator Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0f6a4080-a890-4d08-873f-ca211f828a6c}" = Cool Cat Casino
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2A82EBFC-89AB-41EA-80E8-A07C73C752A0}" = WorldWinner Games
"{3BB33344-3179-49A4-B6EB-22D2A390764D}" = HP Webcam User's Guide
"{41B44041-D45D-41EB-A1EF-A12BB5C6996B}" = ArcSoft Magic-i Visual Effects 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{740ed830-8014-4714-abc4-dd98b8549419}" = Virtual Casino
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8b250990-e347-403b-834e-6073f512efe7}" = Cirrus Casino
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{94406bd7-d0fc-45b2-9a59-e3f58f869397}" = Planet7 Casino
"{a29a4380-8992-43f5-b9f2-792309a08e6e}" = HighNoon Casino
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{c7026669-c53b-4ae4-85a3-56d7ca426744}" = CatsEye Casino
"{cd18be10-99c1-4a70-ad3a-3ca88606edb8}" = Club Player Casino
"{e264d6fa-ba78-4c53-96a6-7c899c09f129}" = Free Spin
"{E92E462A-700D-4949-B24B-789AEDDA3B88}" = ArcSoft ShowBiz
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFEFD86B-5D4F-4A2D-8D4E-ECD7D9AD925E}" = ArcSoft WebCam Companion 3
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bejeweled 31.0" = Bejeweled 3
"Blackdiamond" = Black Diamond
"ENTERPRISE" = Microsoft Office Enterprise 2007
"foobar2000" = foobar2000 v1.1.11
"InstallShield_{F96B04F9-26A9-4384-AA17-77EACA1BA40B}" = HP Button Manager
"Lock Poker" = Lock Poker
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PokerStars.net" = PokerStars.net
"Red Light Center 3D Client" = Red Light Center 3D Client
"Updater Service" = Updater Service
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CF1AA97-47BC-41D8-B8DF-EE79C86B1573}" = Treasure Island Jackpots
"{88458270-ef4a-11e0-be50-0800200c9a66}" = Atlantis Gold Casino
"Google Chrome" = Google Chrome
"magicJack" = magicJack
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/16/2012 2:36:18 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x15c8 Faulting application
start time: 0x01cd631d4ea183c4 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 8c534e64-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:36:37 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x4634 Faulting application
start time: 0x01cd631d59d4f362 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 97853763-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:37:19 AM | Computer Name = ASUS_DUAL-CORE | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7572c9f1 Faulting process id: 0x2c84 Faulting application
start time: 0x01cd631d727c9b09 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: b02cdf09-cf10-11e1-8d68-001e2a3a61b9
Error - 7/16/2012 2:47:58 AM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
Error - 7/16/2012 3:03:05 AM | Computer Name = ASUS_DUAL-CORE | Source = Avira Antivirus | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 7/16/2012 3:03:11 AM | Computer Name = ASUS_DUAL-CORE | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 7/16/2012 3:04:33 AM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
Error - 7/16/2012 11:41:45 PM | Computer Name = ASUS_DUAL-CORE | Source = Avira Antivirus | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 7/16/2012 11:42:26 PM | Computer Name = ASUS_DUAL-CORE | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 7/16/2012 11:43:20 PM | Computer Name = ASUS_DUAL-CORE | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 7/8/2012 4:44:55 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2688338).
Error - 7/8/2012 4:44:59 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2660649).
Error - 7/8/2012 4:44:59 AM | Computer Name = ASUS_DUAL-CORE | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2644615).
Error - 7/8/2012 5:37:08 AM | Computer Name = ASUS_DUAL-CORE | Source = DCOM | ID = 10005
Description =
Error - 7/8/2012 5:37:08 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7000
Description = The Windows Activation Technologies Service service failed to start
due to the following error: %%5
Error - 7/8/2012 6:59:03 PM | Computer Name = ASUS_DUAL-CORE | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:45:54 AM on ?7/?8/?2012 was unexpected.
Error - 7/16/2012 2:48:01 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891
Error - 7/16/2012 2:48:01 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891
Error - 7/16/2012 3:03:05 AM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7024
Description = The Avira Realtime Protection service terminated with service-specific
error %%306.
Error - 7/16/2012 11:41:45 PM | Computer Name = ASUS_DUAL-CORE | Source = Service Control Manager | ID = 7024
Description = The Avira Realtime Protection service terminated with service-specific
error %%306.
< End of report >
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-17 01:21:26
-----------------------------
01:21:26.337 OS Version: Windows x64 6.1.7601 Service Pack 1
01:21:26.337 Number of processors: 2 586 0x404
01:21:26.338 ComputerName: ASUS_DUAL-CORE UserName: DAVID
01:21:27.482 Initialize success
01:21:48.344 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
01:21:48.344 Disk 0 Vendor: ST3250310AS 3.AAC Size: 238474MB BusType: 3
01:21:48.360 Disk 0 MBR read successfully
01:21:48.360 Disk 0 MBR scan
01:21:48.375 Disk 0 Windows 7 default MBR code
01:21:48.375 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238472 MB offset 2048
01:21:48.391 Disk 0 scanning C:\Windows\system32\drivers
01:21:52.962 Service scanning
01:22:03.788 Modules scanning
01:22:03.788 Disk 0 trace - called modules:
01:22:03.804 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
01:22:03.804 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048e25d0]
01:22:03.819 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa80043b5580]
01:22:03.819 5 ACPI.sys[fffff88000ee87a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80043b7060]
01:22:04.334 Scan finished successfully
01:23:39.357 Disk 0 MBR has been saved successfully to "C:\Users\DAVID\Desktop\MBR.dat"
01:23:39.364 The log file has been saved successfully to "C:\Users\DAVID\Desktop\aswMBR.txt"