OTL Extras logfile created on: 2011/4/14 11:38:33 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = F:\ Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16473) Locale: 00000478 | Country: Chińska Republika Ludowa | Language: III | Date Format: yyyy/M/d 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 69.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 85.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69.77 Gb Total Space | 50.93 Gb Free Space | 72.99% Space Free | Partition Type: NTFS Drive D: | 69.52 Gb Total Space | 0.81 Gb Free Space | 1.17% Space Free | Partition Type: NTFS Drive F: | 7.46 Gb Total Space | 5.34 Gb Free Space | 71.59% Space Free | Partition Type: FAT32 Computer Name: 1234-PC | User Name: 1234 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{24368811-638E-4AA5-AC42-291E8DD2CCB0}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | "{4ADF2998-3DCA-4A32-B24A-D5D7B7C20A99}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe | "{4D95F76E-2B5B-49AF-91F1-701BB17D6956}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{4E6EF43B-D83E-4170-8E22-AF1DA496E04C}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe | "{7A1383C7-2C9C-439B-A33A-CA3AFA12FD48}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe | "{9F2AADCE-62F7-4E05-9F9F-DE199C41E246}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe | "{CD3BA54C-B2E6-4A60-BC1D-3FE45DB0EA9B}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe | "{F2C39C05-B469-48A7-A9EA-1771F3F8B48D}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | "{F378526B-E04B-4BB0-A11C-93A5B918C177}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.4900 "{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet "{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security "{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon "{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security "{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component "{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Acer Crystal Eye "{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 "{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673}" = Treasures of the Deep "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497}" = Mystery Case Files - Prime Suspects "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111310630}" = Big Kahuna Reef 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111730193}" = Star Defender 3 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = Mystery Case Files Ravenhearst "{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour "{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC1ACE88-C471-494E-B5FA-0B7C21F22E4F}" = Orion "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0 "{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer 3.72 "{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management "{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component "{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component "{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye webcam "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security "{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security "{E9AD90C1-6281-45AB-9458-098D2EF770A1}" = Microsoft Works "{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore "{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE "AVGantiRootkit" = AVG Anti-Rootkit Free "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP "GridVista" = Acer GridVista "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation) "LManager" = Launch Manager "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation) "SynTPDeinstKey" = Synaptics Pointing Device Driver [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011/4/13 13:46:39 | Computer Name = 1234-PC | Source = WerSvc | ID = 5007 Description = Error - 2011/4/13 13:47:07 | Computer Name = 1234-PC | Source = EventSystem | ID = 4621 Description = Error - 2011/4/13 14:46:04 | Computer Name = 1234-PC | Source = WerSvc | ID = 5007 Description = Error - 2011/4/13 14:48:24 | Computer Name = 1234-PC | Source = EventSystem | ID = 4621 Description = Error - 2011/4/13 14:15:44 | Computer Name = 1234-PC | Source = WerSvc | ID = 5007 Description = Error - 2011/4/13 14:43:52 | Computer Name = 1234-PC | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 2011/4/13 14:44:30 | Computer Name = 1234-PC | Source = EventSystem | ID = 4621 Description = Error - 2011/4/13 14:53:30 | Computer Name = 1234-PC | Source = WerSvc | ID = 5007 Description = Error - 2011/4/13 17:26:13 | Computer Name = 1234-PC | Source = WerSvc | ID = 5007 Description = Error - 2011/4/14 5:35:49 | Computer Name = 1234-PC | Source = WerSvc | ID = 5007 Description = [ System Events ] Error - 2011/4/13 7:41:33 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = Error - 2011/4/13 8:51:08 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = Error - 2011/4/13 9:47:31 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = Error - 2011/4/13 11:50:09 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = Error - 2011/4/13 13:47:06 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = Error - 2011/4/13 14:48:23 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = Error - 2011/4/13 14:44:29 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = Error - 2011/4/13 16:33:12 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = Error - 2011/4/13 16:38:00 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = Error - 2011/4/13 17:52:42 | Computer Name = 1234-PC | Source = DCOM | ID = 10010 Description = < End of report >