Author Topic: Appcrash in everything (Read 2891 times)

Aidan · « **on:** April 06, 2011, 05:15:11 PM »

I would appreciate input as I have had rotten luck googling the issue.

Today is the first time this happens.

I tried running mumble, I got:

Problem Event Name:   APPCRASH
Application Name:   mumble.exe
Application Version:   1.2.3.0
Application Timestamp:   4d603982
Fault Module Name:   ntdll.dll
Fault Module Version:   6.1.7601.17514
Fault Module Timestamp:   4ce7b96e
Exception Code:   c0000005
Exception Offset:   000575d2
OS Version:   6.1.7601.2.1.0.256.1
Locale ID:   4105
Additional Information 1:   8300
Additional Information 2:   83005aadfd2252dae2c0574327ca40be
Additional Information 3:   adf2
Additional Information 4:   adf2708c01a48c88952744cd5a2cffd3

I tried running windows live I got:

Problem Event Name:   APPCRASH
Application Name:   msnmsgr.exe
Application Version:   15.4.3508.1109
Application Timestamp:   4cda7240
Fault Module Name:   ntdll.dll
Fault Module Version:   6.1.7601.17514
Fault Module Timestamp:   4ce7b96e
Exception Code:   c00000fd
Exception Offset:   000571c6
OS Version:   6.1.7601.2.1.0.256.1
Locale ID:   4105
Additional Information 1:   54ee
Additional Information 2:   54ee8e53fdfa14c5eac7a42ee6cd909c
Additional Information 3:   25c4
Additional Information 4:   25c445aff560bc47cc2c2bd69c41a8b2

I tried running skype, I got:

Problem Event Name:   APPCRASH
Application Name:   Skype.exe
Application Version:   5.1.59.112
Application Timestamp:   4d6d325a
Fault Module Name:   Skype.exe
Fault Module Version:   5.1.59.112
Fault Module Timestamp:   4d6d325a
Exception Code:   c0000005
Exception Offset:   00005d26
OS Version:   6.1.7601.2.1.0.256.1
Locale ID:   4105
Additional Information 1:   c7d6
Additional Information 2:   c7d664f925bcc5f64c0a6b1f4cd780d1
Additional Information 3:   958c
Additional Information 4:   958ca79742f0ab8b89d23ce2f2cb10df

So what's the deal?

Thanks.

Aiden

guestolo · « **Reply #1 on:** April 06, 2011, 07:09:53 PM »

Download [color="#FF0000"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and double click on OTL.exe to run it
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.

Aidan · « **Reply #2 on:** April 06, 2011, 09:03:33 PM »

Here's the one that popped up:

OTL logfile created on: 06/04/2011 9:56:04 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Aiden\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 69.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 38.28 Gb Total Space | 13.01 Gb Free Space | 34.00% Space Free | Partition Type: NTFS
Drive D: | 38.28 Gb Total Space | 1.72 Gb Free Space | 4.50% Space Free | Partition Type: NTFS
Drive F: | 1.89 Gb Total Space | 0.47 Gb Free Space | 25.08% Space Free | Partition Type: FAT
Drive H: | 149.01 Gb Total Space | 100.25 Gb Free Space | 67.28% Space Free | Partition Type: FAT32

Computer Name: AIDEN-PC | User Name: Aiden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/06 21:55:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Aiden\Desktop\OTL.exe
PRC - [2011/01/26 18:55:54 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/01/26 18:55:24 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/01/20 05:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2011/01/07 02:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 02:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/06 16:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/06 13:00:06 | 000,109,728 | ---- | M] (Intel Corporation) -- C:\Windows\System32\IPROSetMonitor.exe
PRC - [2010/12/05 17:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 17:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 08:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 05:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/05/21 01:28:00 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 01:27:58 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010/04/22 00:20:00 | 000,883,200 | ---- | M] (Ray Adams) -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
PRC - [2009/03/12 13:53:46 | 000,483,422 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/03/12 13:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ef7356bc77a65e9e\stacsv.exe
PRC - [2007/05/29 17:14:08 | 000,183,064 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\atchksrv.exe
PRC - [2007/05/29 17:14:04 | 000,404,248 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\atchk.exe
PRC - [2007/05/29 17:14:02 | 000,105,240 | ---- | M] (Intel) -- C:\Program Files\Intel\AMT\LMS.exe

========== Modules (SafeList) ==========

MOD - [2011/04/06 21:55:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Aiden\Desktop\OTL.exe
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010/11/04 21:53:44 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
MOD - [2009/12/14 06:12:00 | 000,187,904 | ---- | M] () -- C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/02/21 16:51:48 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/26 18:55:24 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/12/06 13:00:06 | 000,109,728 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\IPROSetMonitor.exe -- (Intel(R) PROSet Monitoring Service) Intel(R)
SRV - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/12 13:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ef7356bc77a65e9e\stacsv.exe -- (STacSV)
SRV - [2007/05/29 17:14:08 | 000,183,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\atchksrv.exe -- (atchksrv) Intel(R)
SRV - [2007/05/29 17:14:02 | 000,105,240 | ---- | M] (Intel) [Auto | Running] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) Intel(R)

========== Driver Services (SafeList) ==========

DRV - [2011/03/20 20:38:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/01/26 19:36:14 | 007,566,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/01/26 19:36:14 | 007,566,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/01/26 18:13:10 | 000,238,592 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/12/08 07:34:30 | 000,030,368 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iqvw32.sys -- (NAL)
DRV - [2010/12/08 05:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/17 08:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010/11/12 14:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/10/21 16:11:02 | 000,081,680 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV - [2010/09/13 16:27:54 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 04:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 04:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 16:24:18 | 000,021,072 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 16:24:16 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 16:24:12 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/04/22 00:15:04 | 000,019,232 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2010/03/26 01:15:50 | 000,221,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6232.sys -- (e1express) Intel(R)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 19:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/03/12 13:53:46 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/08/29 23:47:46 | 000,043,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?lang=en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 22 F6 A4 4B 43 CE CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.9
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/03/29 16:41:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 11\components [2011/03/09 22:18:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 11\plugins

[2011/02/16 21:56:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aiden\AppData\Roaming\Mozilla\Extensions
[2011/04/06 18:08:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aiden\AppData\Roaming\Mozilla\Firefox\Profiles\oyysl5pi.default\extensions
[2011/02/16 22:05:37 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Aiden\AppData\Roaming\Mozilla\Firefox\Profiles\oyysl5pi.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2011/03/20 20:56:33 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Aiden\AppData\Roaming\Mozilla\Firefox\Profiles\oyysl5pi.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/04/06 18:08:17 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Aiden\AppData\Roaming\Mozilla\Firefox\Profiles\oyysl5pi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/06 23:49:49 | 000,000,000 | ---D | M] (Dictionnaire franﾃｧais ﾂｫModerneﾂｻ) -- C:\Users\Aiden\AppData\Roaming\Mozilla\Firefox\Profiles\oyysl5pi.default\extensions\[email protected]
[2011/03/20 20:56:34 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Aiden\AppData\Roaming\Mozilla\Firefox\Profiles\oyysl5pi.default\extensions\[email protected]
[2011/02/22 21:08:35 | 000,000,000 | ---D | M] (YesScript) -- C:\Users\Aiden\AppData\Roaming\Mozilla\Firefox\Profiles\oyysl5pi.default\extensions\[email protected]
[2011/03/29 16:41:01 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/01/14 01:07:35 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/01/13 03:03:55 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/22 18:59:05 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

O1 HOSTS File: ([2011/02/17 17:33:03 | 000,000,867 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 iDBO # LMS GENERATED LINE
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [atchk] C:\Program Files\Intel\AMT\atchk.exe (Intel Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [AtiTrayTools] C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Users\Aiden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/01/13 01:29:52 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{96d92042-3a3c-11e0-a843-0019d1757371}\Shell - "" = AutoRun
O33 - MountPoints2\{96d92042-3a3c-11e0-a843-0019d1757371}\Shell\AutoRun\command - "" = G:\g_setup.exe
O33 - MountPoints2\{b1843474-3a30-11e0-8cdf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b1843474-3a30-11e0-8cdf-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/06 21:55:38 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Aiden\Desktop\OTL.exe
[2011/04/06 21:27:07 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Users\Aiden\Desktop\ntdll.dll
[2011/04/06 18:01:32 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\ElevatedDiagnostics
[2011/04/05 16:13:23 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Roaming\Xfire
[2011/04/05 16:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2011/04/05 16:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2011/04/05 16:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2011/04/05 15:15:51 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{1939ADC2-EADA-4195-B4B2-07012368976E}
[2011/04/04 17:50:05 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{70375331-03D8-4844-862C-E57A143F9676}
[2011/04/02 20:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcribe!
[2011/04/02 20:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Transcribe!
[2011/04/02 20:54:15 | 001,996,992 | ---- | C] (Seventh String Software ) -- C:\Users\Aiden\Desktop\xscsetup.exe
[2011/04/02 20:13:25 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{9AB1853A-962B-4109-B48F-E3E3508537D8}
[2011/04/01 18:41:47 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{2A7EC3DE-2680-4841-8CAD-B64819C4EDA5}
[2011/04/01 12:42:06 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Roaming\Mumble
[2011/04/01 12:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[2011/04/01 12:41:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble
[2011/03/30 09:32:23 | 000,000,000 | ---D | C] -- C:\Users\Aiden\Desktop\Into the Woods audition
[2011/03/27 02:45:31 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{CF3EA937-00C3-4FAE-BFE3-4BBA607ACF8A}
[2011/03/26 13:28:35 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{2C57F417-DB6C-43DA-A142-3A8C073AB077}
[2011/03/25 18:27:53 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{AAFFDD31-42E2-48A1-AF15-4066C76D22C3}
[2011/03/24 21:57:44 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{E8C7EE09-1EED-4102-81AB-1044E8A3D8A2}
[2011/03/23 20:58:39 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{EE61D202-AC7B-490F-9404-6C89B2157694}
[2011/03/20 20:55:03 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{C9CE2A44-BE2E-4162-A3E7-90AE5CFFC588}
[2011/03/20 20:38:50 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011/03/20 03:46:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\win
[2011/03/20 03:25:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RW-Everything
[2011/03/20 03:25:05 | 000,000,000 | ---D | C] -- C:\Program Files\RW-Everything
[2011/03/20 03:16:03 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{CB3E43D7-0500-4F92-B563-8E74BBEE6E6A}
[2011/03/19 15:15:40 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{1865F530-37DB-4D8A-8D2D-22DDA276E1DE}
[2011/03/19 13:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011/03/19 13:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011/03/19 03:41:12 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Roaming\skypePM
[2011/03/19 03:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/03/19 03:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/03/19 03:39:30 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/03/19 03:39:29 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Roaming\Skype
[2011/03/19 03:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/03/19 03:15:04 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{FDD6B05E-5BA0-4FB9-B278-ACB0D57E883A}
[2011/03/17 15:14:55 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{AC93A03F-E1B1-4FD1-BEE4-68B9CF3A309F}
[2011/03/16 19:51:59 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{2390262F-EF4D-4342-AD68-338893BC71AA}
[2011/03/14 21:58:23 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{090FCEC5-82AA-4D73-96D3-6E56617413B4}
[2011/03/14 01:27:55 | 000,000,000 | ---D | C] -- C:\Users\Aiden\Documents\G-Senjou no Maou English Savedata
[2011/03/14 01:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKABEiSOFT2
[2011/03/14 01:27:25 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Roaming\savedata
[2011/03/14 01:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\あかべぇそふとつぅ
[2011/03/14 00:58:14 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/03/14 00:56:29 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Roaming\vlc
[2011/03/14 00:13:52 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{4EF9183A-7A4B-4B01-862D-3364D648A96D}
[2011/03/13 01:52:03 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{B8759DEB-8130-4D93-A7CB-51237E35628C}
[2011/03/12 21:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/03/12 21:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/12 21:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/12 13:51:27 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{3EDFBD75-A745-411B-B165-8CCAFC912356}
[2011/03/12 00:35:05 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
[2011/03/12 00:30:33 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{DC886718-BE52-4D2A-9B58-CE75FF9AF650}
[2011/03/12 00:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\U T A U
[2011/03/11 23:52:50 | 000,000,000 | ---D | C] -- C:\Program Files\UTAU
[2011/03/10 16:56:47 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{551B54E9-8972-4C4A-B7FE-AF7AA4667080}
[2011/03/09 22:46:22 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{3F9C0A67-AC79-484D-8F12-3AF826325EE5}
[2011/03/09 20:40:31 | 000,000,000 | ---D | C] -- C:\Gstring
[2011/03/09 19:35:56 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/09 19:35:56 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/03/09 19:35:50 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/09 19:35:50 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011/03/09 19:35:50 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/09 19:35:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/08 20:31:48 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{B588F2DA-1D2D-4604-BB7E-67A555FE4E2D}
[2011/03/08 08:31:24 | 000,000,000 | ---D | C] -- C:\Users\Aiden\AppData\Local\{AC8EB6AC-4EAC-45E2-98E6-36CBF8FB597A}

========== Files - Modified Within 30 Days ==========

[2011/04/06 21:55:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Aiden\Desktop\OTL.exe
[2011/04/06 21:46:43 | 000,021,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/06 21:46:43 | 000,021,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/06 21:39:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/06 21:39:02 | 2615,328,768 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/06 21:29:10 | 000,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/04/06 21:29:10 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/04/06 21:27:08 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\Users\Aiden\Desktop\ntdll.dll
[2011/04/06 21:22:19 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/06 21:22:19 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/06 17:45:08 | 111,823,162 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/04/05 16:13:22 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2011/04/05 16:12:52 | 007,065,112 | ---- | M] () -- C:\Users\Aiden\Desktop\xfire_installer_44036.exe
[2011/04/02 21:24:18 | 069,557,772 | ---- | M] () -- C:\Users\Aiden\Desktop\Soon.wav
[2011/04/02 21:18:26 | 000,001,815 | ---- | M] () -- C:\Users\Aiden\Desktop\Soon.xsc
[2011/04/02 20:55:01 | 000,000,938 | ---- | M] () -- C:\Users\Aiden\Desktop\Transcribe!.lnk
[2011/04/02 20:54:17 | 001,996,992 | ---- | M] (Seventh String Software ) -- C:\Users\Aiden\Desktop\xscsetup.exe
[2011/04/01 19:10:52 | 000,058,454 | ---- | M] () -- C:\Users\Aiden\Desktop\jajajaja-la-tengo-re-pilla.jpg
[2011/04/01 12:47:47 | 000,002,377 | ---- | M] () -- C:\Users\Aiden\Documents\MumbleAutomaticCertificateBackup.p12
[2011/04/01 12:41:23 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\Mumble.lnk
[2011/04/01 12:38:53 | 015,254,016 | ---- | M] () -- C:\Users\Aiden\Desktop\mumble-1.2.3.msi
[2011/04/01 11:22:45 | 000,501,634 | ---- | M] () -- C:\Users\Aiden\Desktop\lolfakku.png
[2011/03/31 18:04:28 | 000,000,089 | ---- | M] () -- C:\Users\Aiden\Desktop\Kimi no Iru Machi 101 Page 3, Read Kimi no Iru Machi Chapter 101 Online for Free.URL
[2011/03/31 02:10:12 | 000,000,089 | ---- | M] () -- C:\Users\Aiden\Desktop\Kimi no Iru Machi 97 Page 2, Read Kimi no Iru Machi Chapter 97 Online for Free.URL
[2011/03/27 12:58:46 | 004,187,268 | ---- | M] () -- C:\Users\Aiden\Desktop\47252813-demonssouls-ignpdf.pdf
[2011/03/27 00:09:06 | 000,848,960 | ---- | M] () -- C:\Users\Aiden\Desktop\MTM_IntoTheWoods_Audition_Male.pdf
[2011/03/23 22:03:44 | 000,000,093 | ---- | M] () -- C:\Users\Aiden\Desktop\Pheromomania Syndrome 4 Page 1, Read Pheromomania Syndrome Chapter 4 Online for Free.URL
[2011/03/23 18:30:11 | 000,000,092 | ---- | M] () -- C:\Users\Aiden\Desktop\DOYOK BLOG star wars tattoos girls.URL
[2011/03/21 07:26:39 | 000,044,799 | ---- | M] () -- C:\Users\Aiden\Desktop\Super Mario Bros 2 Theme (big band. alternate ending).mid
[2011/03/20 20:38:51 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011/03/19 13:27:32 | 000,016,935 | ---- | M] () -- C:\Users\Aiden\Desktop\CV GAbibo.odt
[2011/03/19 03:41:15 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2011/03/19 03:39:32 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/03/19 03:13:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2011/03/16 22:25:48 | 000,000,075 | ---- | M] () -- C:\Users\Aiden\Desktop\AlistairDialogue - Dragon Age Wiki.URL
[2011/03/16 21:16:34 | 000,000,092 | ---- | M] () -- C:\Users\Aiden\Desktop\YouTube - Sexy sax man serenade (prank feat. Sergio Flores).URL
[2011/03/15 00:26:54 | 086,185,519 | ---- | M] () -- C:\Users\Aiden\Desktop\Nujabes - Metaphorical Music [2003].zip
[2011/03/13 00:35:03 | 000,045,103 | ---- | M] () -- C:\Users\Aiden\Desktop\FF5_ahe2.mid
[2011/03/12 22:32:12 | 000,000,073 | ---- | M] () -- C:\Users\Aiden\Desktop\YouTube - The Return of the King pt. 1.URL
[2011/03/12 21:31:43 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/12 00:13:58 | 000,291,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/03/11 07:33:52 | 000,036,352 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2011/03/11 03:33:37 | 000,000,067 | ---- | M] () -- C:\Users\Aiden\Desktop\Lothering - Dragon Age Wiki.URL
[2011/03/10 17:03:31 | 000,075,275 | ---- | M] () -- C:\Users\Aiden\Desktop\Spécimen de chèque.xps
[2011/03/09 22:19:08 | 000,002,106 | ---- | M] () -- C:\Users\Aiden\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 11.lnk

========== Files Created - No Company Name ==========

[2011/04/06 21:29:09 | 000,001,890 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/04/06 21:29:09 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/04/05 16:13:22 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2011/04/05 16:12:47 | 007,065,112 | ---- | C] () -- C:\Users\Aiden\Desktop\xfire_installer_44036.exe
[2011/04/05 00:37:33 | 351,337,933 | ---- | C] () -- C:\Users\Aiden\Desktop\Genshiken 04 [001F8419].mkv
[2011/04/02 21:23:56 | 069,557,772 | ---- | C] () -- C:\Users\Aiden\Desktop\Soon.wav
[2011/04/02 21:18:26 | 000,001,815 | ---- | C] () -- C:\Users\Aiden\Desktop\Soon.xsc
[2011/04/02 20:55:01 | 000,000,938 | ---- | C] () -- C:\Users\Aiden\Desktop\Transcribe!.lnk
[2011/04/01 19:10:50 | 000,058,454 | ---- | C] () -- C:\Users\Aiden\Desktop\jajajaja-la-tengo-re-pilla.jpg
[2011/04/01 12:47:47 | 000,002,377 | ---- | C] () -- C:\Users\Aiden\Documents\MumbleAutomaticCertificateBackup.p12
[2011/04/01 12:41:23 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Mumble.lnk
[2011/04/01 12:37:33 | 015,254,016 | ---- | C] () -- C:\Users\Aiden\Desktop\mumble-1.2.3.msi
[2011/04/01 11:22:34 | 000,501,634 | ---- | C] () -- C:\Users\Aiden\Desktop\lolfakku.png
[2011/03/31 18:04:28 | 000,000,089 | ---- | C] () -- C:\Users\Aiden\Desktop\Kimi no Iru Machi 101 Page 3, Read Kimi no Iru Machi Chapter 101 Online for Free.URL
[2011/03/31 02:10:12 | 000,000,089 | ---- | C] () -- C:\Users\Aiden\Desktop\Kimi no Iru Machi 97 Page 2, Read Kimi no Iru Machi Chapter 97 Online for Free.URL
[2011/03/30 09:32:02 | 000,848,960 | ---- | C] () -- C:\Users\Aiden\Desktop\MTM_IntoTheWoods_Audition_Male.pdf
[2011/03/27 12:58:42 | 004,187,268 | ---- | C] () -- C:\Users\Aiden\Desktop\47252813-demonssouls-ignpdf.pdf
[2011/03/23 22:03:44 | 000,000,093 | ---- | C] () -- C:\Users\Aiden\Desktop\Pheromomania Syndrome 4 Page 1, Read Pheromomania Syndrome Chapter 4 Online for Free.URL
[2011/03/23 18:30:11 | 000,000,092 | ---- | C] () -- C:\Users\Aiden\Desktop\DOYOK BLOG star wars tattoos girls.URL
[2011/03/21 07:26:38 | 000,044,799 | ---- | C] () -- C:\Users\Aiden\Desktop\Super Mario Bros 2 Theme (big band. alternate ending).mid
[2011/03/19 13:24:28 | 000,016,935 | ---- | C] () -- C:\Users\Aiden\Desktop\CV GAbibo.odt
[2011/03/19 03:41:15 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/03/19 03:39:32 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/03/19 03:13:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2011/03/16 22:25:48 | 000,000,075 | ---- | C] () -- C:\Users\Aiden\Desktop\AlistairDialogue - Dragon Age Wiki.URL
[2011/03/16 21:16:34 | 000,000,092 | ---- | C] () -- C:\Users\Aiden\Desktop\YouTube - Sexy sax man serenade (prank feat. Sergio Flores).URL
[2011/03/15 00:24:21 | 086,185,519 | ---- | C] () -- C:\Users\Aiden\Desktop\Nujabes - Metaphorical Music [2003].zip
[2011/03/13 00:35:02 | 000,045,103 | ---- | C] () -- C:\Users\Aiden\Desktop\FF5_ahe2.mid
[2011/03/12 22:32:12 | 000,000,073 | ---- | C] () -- C:\Users\Aiden\Desktop\YouTube - The Return of the King pt. 1.URL
[2011/03/12 21:31:43 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/11 07:33:52 | 000,036,352 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011/03/11 03:33:37 | 000,000,067 | ---- | C] () -- C:\Users\Aiden\Desktop\Lothering - Dragon Age Wiki.URL
[2011/03/10 17:03:30 | 000,075,275 | ---- | C] () -- C:\Users\Aiden\Desktop\Spécimen de chèque.xps
[2011/02/22 18:26:10 | 000,003,584 | ---- | C] () -- C:\Users\Aiden\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/22 18:19:38 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/02/22 18:18:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/02/17 00:50:17 | 000,074,752 | ---- | C] () -- C:\Windows\System32\CLEyeDevices.dll
[2011/02/16 20:58:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/20 22:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/12/17 12:00:44 | 000,227,587 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,291,616 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >

Here's the file:

OTL Extras logfile created on: 06/04/2011 9:56:04 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Aiden\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 69.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 38.28 Gb Total Space | 13.01 Gb Free Space | 34.00% Space Free | Partition Type: NTFS
Drive D: | 38.28 Gb Total Space | 1.72 Gb Free Space | 4.50% Space Free | Partition Type: NTFS
Drive F: | 1.89 Gb Total Space | 0.47 Gb Free Space | 25.08% Space Free | Partition Type: FAT
Drive H: | 149.01 Gb Total Space | 100.25 Gb Free Space | 67.28% Space Free | Partition Type: FAT32

Computer Name: AIDEN-PC | User Name: Aiden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0006AB1D-9B22-43DF-8D14-6EBD18DED4EE}" = Intel(R) Network Connections 16.0.19.0
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5229C090-842B-1CB0-1676-43E421294B5C}" = AMD Drag and Drop Transcoding
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5968F27A-66E6-171E-5311-0A74D74AAD9B}" = ATI Catalyst Install Manager
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5C134C7E-537D-4BA2-913D-A6F163DF10D4}" = UTAU 歌声合成ツール
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85092B90-AEB2-2E30-0EF1-432EC61F6BD1}" = Catalyst Control Center InstallProxy
"{86B247F9-1D5E-CCC6-3280-71486D9A4E70}" = ATI Stream SDK v2 Developer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A17B9E-3901-400B-BCD7-2ACD8FFE328B}" = System Requirements Lab for Intel
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{B3AEF776-7FFF-4C50-A402-9119E3849EE0}" = AVG 2011
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{BA688606-4B20-4982-995E-EDADC6A6817E}" = League of Legends
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CD232781-26CA-4E18-BC70-4343A2F0D583}" = Microsoft IntelliPoint 8.0
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDD7B70D-36D0-694D-AA34-D566A13CE98D}" = WMV9/VC-1 Video Playback
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"AVG" = AVG 2011
"BitTorrent" = BitTorrent
"CL-Eye Driver" = CL-Eye Driver
"DAEMON Tools Lite" = DAEMON Tools Lite
"G-Senjou_no_Maou_Aegis" = G-Senjou no Maou English
"IrfanView" = IrfanView (remove only)
"MESOL" = Intel(R) Active Management Technology Device Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"Pianoteq23" = Pianoteq v2.3.0
"PROSetDX" = Intel(R) Network Connections 16.0.19.0
"rayatitray" = Ray Adams ATI Tray Tools
"RW-Everything_is1" = RW-Everything v1.4.9
"Transcribe!_is1" = Transcribe! 8.10
"WinLiveSuite" = Windows Live Essentials
"Xfire" = Xfire (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 06/04/2011 6:20:35 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: League of Legends.exe, version: 1.0.0.114,
time stamp: 0x4d90d773 Faulting module name: ntdll.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7b96e Exception code: 0xc00000fd Fault offset: 0x0005ce4c Faulting
process id: 0x68c Faulting application start time: 0x01cbf4a8d9555f48 Faulting application
path: C:\Riot Games\League of Legends\Game\League of Legends.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 1752fb16-609c-11e0-af60-0019d1757371

Error - 06/04/2011 6:20:44 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: League of Legends.exe, version: 1.0.0.114,
time stamp: 0x4d90d773 Faulting module name: ntdll.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7b96e Exception code: 0xc00000fd Fault offset: 0x0005ce4c Faulting
process id: 0x650 Faulting application start time: 0x01cbf4a8dee5c631 Faulting application
path: C:\Riot Games\League of Legends\Game\League of Legends.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 1ce33bd9-609c-11e0-af60-0019d1757371

Error - 06/04/2011 6:21:22 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: League of Legends.exe, version: 1.0.0.114,
time stamp: 0x4d90d773 Faulting module name: ntdll.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7b96e Exception code: 0xc00000fd Fault offset: 0x0005ce4c Faulting
process id: 0x14fc Faulting application start time: 0x01cbf4a8f5763596 Faulting application
path: C:\Riot Games\League of Legends\Game\League of Legends.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 3373ab3e-609c-11e0-af60-0019d1757371

Error - 06/04/2011 9:23:09 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 5.1.59.112, time stamp:
0x4d6d325a Faulting module name: Skype.exe, version: 5.1.59.112, time stamp: 0x4d6d325a
Exception
code: 0xc0000005 Fault offset: 0x00005d26 Faulting process id: 0xe08 Faulting application
start time: 0x01cbf4c2553a2785 Faulting application path: C:\Program Files\Skype\Phone\Skype.exe
Faulting
module path: C:\Program Files\Skype\Phone\Skype.exe Report Id: 986348bc-60b5-11e0-a6a9-0019d1757371

Error - 06/04/2011 9:23:31 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 5.1.59.112, time stamp:
0x4d6d325a Faulting module name: apphelp.dll, version: 6.1.7601.17514, time stamp:
0x4ce7b73e Exception code: 0xc0000005 Fault offset: 0x0000bb46 Faulting process id:
0xe08 Faulting application start time: 0x01cbf4c2553a2785 Faulting application path:
C:\Program Files\Skype\Phone\Skype.exe Faulting module path: C:\Windows\system32\apphelp.dll
Report
Id: a5a3fb02-60b5-11e0-a6a9-0019d1757371

Error - 06/04/2011 9:23:40 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mumble.exe, version: 1.2.3.0, time stamp:
0x4d603982 Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp:
0x4ce7b96e Exception code: 0xc0000005 Fault offset: 0x0005cfb4 Faulting process id:
0x112c Faulting application start time: 0x01cbf4c26ae673e6 Faulting application path:
C:\Program Files\Mumble\mumble.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: aadfe496-60b5-11e0-a6a9-0019d1757371

Error - 06/04/2011 9:41:25 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 5.1.59.112, time stamp:
0x4d6d325a Faulting module name: Skype.exe, version: 5.1.59.112, time stamp: 0x4d6d325a
Exception
code: 0xc0000005 Fault offset: 0x00005d26 Faulting process id: 0xbe8 Faulting application
start time: 0x01cbf4c4d25958f0 Faulting application path: C:\Program Files\Skype\Phone\Skype.exe
Faulting
module path: C:\Program Files\Skype\Phone\Skype.exe Report Id: 25c307c7-60b8-11e0-9c8b-0019d1757371

Error - 06/04/2011 9:41:27 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 5.1.59.112, time stamp:
0x4d6d325a Faulting module name: apphelp.dll, version: 6.1.7601.17514, time stamp:
0x4ce7b73e Exception code: 0xc0000005 Fault offset: 0x0000bb46 Faulting process id:
0xbe8 Faulting application start time: 0x01cbf4c4d25958f0 Faulting application path:
C:\Program Files\Skype\Phone\Skype.exe Faulting module path: C:\Windows\system32\apphelp.dll
Report
Id: 2704e53d-60b8-11e0-9c8b-0019d1757371

Error - 06/04/2011 9:48:30 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mumble.exe, version: 1.2.3.0, time stamp:
0x4d603982 Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp:
0x4ce7b96e Exception code: 0xc0000005 Fault offset: 0x0005cea0 Faulting process id:
0x334 Faulting application start time: 0x01cbf4c5e3380dcf Faulting application path:
C:\Program Files\Mumble\mumble.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 23127fed-60b9-11e0-9c8b-0019d1757371

Error - 06/04/2011 9:51:05 PM | Computer Name = Aiden-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mumble.exe, version: 1.2.3.0, time stamp:
0x4d603982 Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp:
0x4ce7b96e Exception code: 0xc0000005 Fault offset: 0x0005cfa8 Faulting process id:
0xbdc Faulting application start time: 0x01cbf4c6407be2f2 Faulting application path:
C:\Program Files\Mumble\mumble.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 7fa12258-60b9-11e0-9c8b-0019d1757371

[ System Events ]
Error - 22/03/2011 5:51:54 PM | Computer Name = Aiden-PC | Source = volsnap | ID = 393245
Description = The shadow copies of volume C: were aborted during detection.

Error - 24/03/2011 3:33:01 PM | Computer Name = Aiden-PC | Source = volsnap | ID = 393245
Description = The shadow copies of volume C: were aborted during detection.

Error - 24/03/2011 9:57:18 PM | Computer Name = Aiden-PC | Source = Microsoft-Windows-Application-Experience | ID = 205
Description = The Program Compatibility Assistant service failed to perform the
phase two initialization.

Error - 25/03/2011 5:50:00 PM | Computer Name = Aiden-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:02:53 AM on ?25/?03/?2011 was unexpected.

Error - 25/03/2011 5:49:46 PM | Computer Name = Aiden-PC | Source = volsnap | ID = 393245
Description = The shadow copies of volume C: were aborted during detection.

Error - 26/03/2011 11:12:59 PM | Computer Name = Aiden-PC | Source = volsnap | ID = 393245
Description = The shadow copies of volume C: were aborted during detection.

Error - 30/03/2011 8:40:57 AM | Computer Name = Aiden-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 31/03/2011 3:04:14 PM | Computer Name = Aiden-PC | Source = volsnap | ID = 393245
Description = The shadow copies of volume C: were aborted during detection.

Error - 02/04/2011 3:49:23 PM | Computer Name = Aiden-PC | Source = volsnap | ID = 393245
Description = The shadow copies of volume C: were aborted during detection.

Error - 06/04/2011 9:39:16 PM | Computer Name = Aiden-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:29:27 PM on ?06/?04/?2011 was unexpected.

< End of report >

Thanks.

guestolo · « **Reply #3 on:** April 06, 2011, 09:57:16 PM »

Can you boot your computer into "Safe mode with Networking"
Try running Skype, Mumble, Messenger
Do you get the same errors?

Aidan · « **Reply #4 on:** April 07, 2011, 03:40:48 PM »

So I just rebooted in safe mode with networking, and all the aforementioned programs start and work without a hitch. Except MSN, which starts but cannot connect. (I think there was something about how Data Execution Prevention had to be enabled with msn.)

In an attempt to stop win7 from pinging me to approve running applications all the time, I messed with the DEP in that I clicked on the setting to make it stop everything except the exceptions you chose, but when I set it back to only affect the system files, nothing was working anymore. Maybe this is related to the issue I'm having? Or is ntdll.dll not being used in safe mode or something...

I hope this issue is something that can be resolved. My XP installation is giving me trouble now too.

guestolo · « **Reply #5 on:** April 09, 2011, 12:14:38 PM »

I don't think it's anything malicious, but can we do the following
Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!

Right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately.

Back in Windows
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Aidan · « **Reply #6 on:** April 09, 2011, 05:47:10 PM »

TFC cleared 79mb of cache and, as expected, no malware was found.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6321

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

09/04/2011 6:38:00 PM
mbam-log-2011-04-09 (18-38-00).txt

Scan type: Quick scan
Objects scanned: 144636
Time elapsed: 3 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Thanks

guestolo · « **Reply #7 on:** April 09, 2011, 07:40:24 PM »

Can you try running a clean boot of the machine, try running those same programs, any errors?

Here's Microsoft's instructions on performing a clean boot
Step 1: Start the System Configuration Utility

1. Click Start, click Run, type msconfig, and then click OK.
2. The System Configuration Utility dialog box is displayed.

Step 2: Configure selective startup options

1. In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
2. Click to clear the Process SYSTEM.INI File check box.
3. Click to clear the Process WIN.INI File check box.
4. Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.
5. Click the Services tab.
6. Click to select the Hide All Microsoft Services check box.
7. Click Disable All, and then click OK.
8. When you are prompted, click Restart to restart the computer.

Back in Windows, the System config window will appear, you can choose not to show again

Aidan · « **Reply #8 on:** April 10, 2011, 04:36:50 PM »

[quote name='guestolo' date='09 April 2011 - 07:40 PM' timestamp='1302396024' post='477877']
Can you try running a clean boot of the machine, try running those same programs, any errors?

Here's Microsoft's instructions on performing a clean boot
Step 1: Start the System Configuration Utility

1. Click Start, click Run, type msconfig, and then click OK.
2. The System Configuration Utility dialog box is displayed.

Step 2: Configure selective startup options

1. In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
2. Click to clear the Process SYSTEM.INI File check box.
3. Click to clear the Process WIN.INI File check box.
4. Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.
5. Click the Services tab.
6. Click to select the Hide All Microsoft Services check box.
7. Click Disable All, and then click OK.
8. When you are prompted, click Restart to restart the computer.

Back in Windows, the System config window will appear, you can choose not to show again
[/quote]

Do you think AVG is interfering with the programs?

I followed the steps and the programs that were having trouble worked fine. Steps 2 and 3 were not available though, they didn't even exist on my msconfig.
If it isn't AVG, is there another application that might be interfering ?

guestolo · « **Reply #9 on:** April 10, 2011, 09:56:38 PM »

Quote

Steps 2 and 3 were not available though

Woops, sorry about that, that is XP instructions

It could very well be AVG causing problems
I would opt to try the following, this is up to you, but worth a try
Go back into msconfig, select Normal Startup
Apply and Close, restart the computer

Download and save the AVG Remover to desktop from this link
http://download.avg.com/filedir/util/support/avg_remover_stf_x86_2011_1184.exe
Don't run it yet

Uninstall AVG completely, reboot the computer afterwards
Back in Windows, Right click on AVG Remover and run as Administrator, follow the prompts and reboot once again

See if you still have errors running your programs
Let me know please

Aidan · « **Reply #10 on:** April 11, 2011, 08:03:53 AM »

So I tried to uninstall AVG and I got this error and log:

Severity: Error
Error code: 0xC0070643
Error message: General internal error
Additional message: Driver installation failed (0x000000000)
Context: MSI action failed

Log attached, due to it being too large for the forum post.

Wow nvm, it's a 2mb file hah, besides, I wouldn't want to inflict reading it upon you.

Do you think running a clean boot will let me uninstall it without a problem?

EDIT: I did all that, and AVG is gone, your uninstaller didn't find all that much and I didn't have to reboot.
Well, seems like it's not AVG OR iTunes.

The problem is still there though.

Do you think iTunes is the one that is interfering? I'm just saying that because I have read that before while looking at appcrash errors, that peolpe got rid of itunes and it fixed the problem. Sounded like lies to me though but who knows.

It wasn't iTunes.

guestolo · « **Reply #11 on:** April 12, 2011, 12:02:50 AM »

time to do some trial and error trouble shooting
Why not do another Clean boot
Everything work fine? it did before, should again
Start a couple startup entries/and or services, reboot the computer
Everything work fine?

Trial and error, see what is causing the trouble, get it???

Aidan · « **Reply #12 on:** April 12, 2011, 11:21:49 PM »

[quote name='guestolo' date='12 April 2011 - 12:02 AM' timestamp='1302584570' post='477913']
time to do some trial and error trouble shooting
Why not do another Clean boot
Everything work fine? it did before, should again
Start a couple startup entries/and or services, reboot the computer
Everything work fine?

Trial and error, see what is causing the trouble, get it???
[/quote]

jaja. Thanks for the helpderp.

Aiden

TheTechGuide Forum

News:

Author Topic: Appcrash in everything (Read 2891 times)

Aidan

Appcrash in everything

guestolo

Appcrash in everything

Aidan

Appcrash in everything

guestolo

Appcrash in everything

Aidan

Appcrash in everything

guestolo

Appcrash in everything

Aidan

Appcrash in everything

guestolo

Appcrash in everything

Aidan

Appcrash in everything

guestolo

Appcrash in everything

Aidan

Appcrash in everything

guestolo

Appcrash in everything

Aidan

Appcrash in everything