Tech Problem Aggregator


Q: Gameguard

Hello.I came home from work today and noticed that my computer was running much slower than normal. I noticed a new shortcut on the desktop and asked my son what it was.He had installed a game called Shaiya earlier in the day. A program called GameGuard was also automatically installed with the game. After looking into both of these subjects it seems that the GameGuard program is problematic for many people and I am now assuming that it is what has made the sudden change in my computers speed. It also seems that uninstalling the programs is difficult and involves manually modifying registry items. I am not comfortable doing this and I am posting this topic to get some professional help. The only other info in this forum I could find on this topic mentioned needing to post a HJT log so that is what I am doing here.Below I have pasted the following txt files per the instructions in the forum intro. I hope I have done this right.1. Kapersky scan results.2. DSS results 13. DSS results 2.Thanks in advance for your help and I look forward to hearing from you.--------------------------------------------------------------------------------KASPERSKY ONLINE SCANNER 7 REPORT Tuesday, June 10, 2008 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: Program database last update: Wednesday, June 11, 2008 02:24:21 Records in database: 849818--------------------------------------------------------------------------------Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yesScan area - My Computer: C:\ D:\ E:\Scan statistics: Files scanned: 71473 Threat name: 0 Infected objects: 0 Suspicious objects: 0 Duration of the scan: 00:42:34No malware has been detected. The scan area is clean.The selected area was scanned.----------------------------------------------------------------------Deckard's System Scanner v20071014.68Run by Andy on 2008-06-10 23:34:44Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --58: 2008-06-11 04:34:49 UTC - RP58 - Deckard's System Scanner Restore Point57: 2008-06-11 02:21:12 UTC - RP57 - Software Distribution Service 3.056: 2008-06-10 15:50:28 UTC - RP56 - Installed Install(US)255: 2008-06-09 17:32:05 UTC - RP55 - Update to an unsigned driver54: 2008-06-08 17:50:58 UTC - RP54 - System Checkpoint-- First Restore Point -- 1: 2008-05-19 10:09:00 UTC - RP1 - System CheckpointBacked up registry hives.Performed disk cleanup.-- HijackThis (run as Andy.exe) ------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:36:42 PM, on 6/10/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exeC:\Program Files\HP\hpcoretech\hpcmpmgr.exeC:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Mediafour\XPlay 3\XPlay.exeC:\Program Files\Java\jre1.6.0_06\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\System32\svchost.exeC:\Documents and Settings\Andy\Desktop\dss.exeC:\WINDOWS\system32\wscntfy.exeC:\PROGRA~1\TRENDM~1\HIJACK~1\Andy.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =" target="_blank" class="invilink"> - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =" target="_blank" class="invilink"> - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exeO4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [{914C5BF8-EEDD-4F3A-A8BE-34EE71CF1B29}] "C:\Program Files\Mediafour\XPlay 3\XPlay.exe"O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLLO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dllO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: M4iPodWPDService - Mediafour Corporation - C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exeO23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe--End of file - 7748 bytes-- File Associations -----------------------------------------------------------.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------R0 MDFSYSNT (MacDrive file system driver) - c:\windows\system32\drivers\mdfsysnt.sys <Not Verified; Mediafour Corporation; Mediafour MacDrive>R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>R2 M4iPodWPDService - "c:\program files\common files\mediafour\ipod\m4ipodwpdservice.exe" <Not Verified; Mediafour Corporation; Mediafour XPlay>R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe-- Device Manager: Disabled ----------------------------------------------------No disabled devices found.-- Files created between 2008-05-10 and 2008-06-10 -----------------------------2008-06-10 23:36:27 0 d-------- C:\Program Files\Trend Micro2008-06-10 11:14:52 0 d-------- C:\Program Files\Common Files\INCA Shared2008-06-10 11:14:38 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>2008-06-10 10:50:29 0 d-------- C:\AeriaGames2008-06-10 10:49:59 0 d-------- C:\Documents and Settings\Harrison\Application Data\InstallShield2008-06-09 12:21:24 0 d-------- C:\Documents and Settings\Deb\Application Data\Apple Computer2008-06-08 14:48:04 0 d-------- C:\Documents and Settings\Georgia\Application Data\Sun2008-06-06 23:35:26 0 d-------- C:\Documents and Settings\Harrison\Application Data\vlc2008-06-06 23:34:51 0 d-------- C:\Program Files\VideoLAN2008-06-06 09:39:13 0 d-------- C:\Documents and Settings\Andy\Application Data\U32008-05-29 21:56:27 0 d-------- C:\Program Files\Microsoft CAPICOM 20:04:27 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com2008-05-29 20:04:20 0 d-------- C:\Program Files\SUPERAntiSpyware2008-05-29 20:04:20 0 d-------- C:\Documents and Settings\Andy\Application Data\SUPERAntiSpyware.com2008-05-29 19:59:05 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP2008-05-29 19:58:59 0 d-------- C:\Program Files\SpywareBlaster2008-05-27 22:11:29 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet2008-05-27 22:06:18 0 d-------- C:\Program Files\Common Files\Control Panels2008-05-27 21:41:58 0 d-------- C:\Program Files\Common Files\Macrovision Shared2008-05-27 20:37:20 0 d-------- C:\Program Files\Common Files\Mediafour2008-05-27 20:37:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Mediafour2008-05-27 20:36:47 0 d-------- C:\Program Files\Mediafour2008-05-27 20:19:10 0 d-------- C:\Documents and Settings\Georgia\Application Data\Apple Computer2008-05-25 14:24:58 0 d-------- C:\Documents and Settings\Harrison\Application Data\Apple Computer2008-05-23 17:37:56 0 d-------- C:\Program Files\AIM62008-05-23 17:12:43 0 d-------- C:\Program Files\Ventrilo2008-05-23 17:12:23 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard2008-05-23 16:40:59 0 d-------- C:\Documents and Settings\Andy\Application Data\Ventrilo2008-05-23 13:01:59 0 d-------- C:\Program Files\Microsoft Works2008-05-23 13:01:54 0 d-------- C:\Program Files\MSBuild2008-05-23 12:59:22 0 d-------- C:\WINDOWS\SHELLNEW2008-05-23 12:59:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help2008-05-23 12:58:46 0 dr-h----- C:\MSOCache2008-05-23 12:53:35 44544 -ra------ C:\WINDOWS\system32\MSXML4a.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1>2008-05-23 12:53:35 626960 -ra------ C:\WINDOWS\system32\hpvaut32.dll <Not Verified; Microsoft Corporation; >2008-05-23 12:53:25 0 d-------- C:\Program Files\Hewlett-Packard2008-05-23 12:53:14 0 d-------- C:\Program Files\HP2008-05-21 20:34:34 0 d-------- C:\Documents and Settings\Harrison\Application Data\acccore2008-05-21 18:32:07 2829 --a------ C:\WINDOWS\War3Unin.pif2008-05-21 18:32:07 55446 --a------ C:\WINDOWS\War3Unin.dat2008-05-21 18:32:06 139264 --a------ C:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller>2008-05-21 18:28:48 0 d-------- C:\Program Files\Warcraft III2008-05-21 16:08:07 0 d-------- C:\Documents and Settings\Deb\Application Data\Sun2008-05-21 09:37:58 0 d-------- C:\Documents and Settings\Deb\Application Data\Macromedia2008-05-21 09:37:58 0 d-------- C:\Documents and Settings\Deb\Application Data\Adobe2008-05-21 09:36:17 0 d-------- C:\Documents and Settings\Deb\Application Data\Mozilla2008-05-21 09:34:59 0 d-------- C:\Documents and Settings\Deb\Application Data\Identities2008-05-21 09:34:53 0 dr------- C:\Documents and Settings\Deb\Favorites2008-05-21 09:34:53 0 d-------- C:\Documents and Settings\Deb\Desktop2008-05-21 09:34:53 0 d--hs---- C:\Documents and Settings\Deb\Cookies2008-05-21 09:34:53 0 dr-h----- C:\Documents and Settings\Deb\Application Data2008-05-21 09:34:53 0 d---s---- C:\Documents and Settings\Deb\Application Data\Microsoft2008-05-21 09:34:52 0 d--h----- C:\Documents and Settings\Deb\Templates2008-05-21 09:34:52 0 dr------- C:\Documents and Settings\Deb\Start Menu2008-05-21 09:34:52 0 dr-h----- C:\Documents and Settings\Deb\SendTo2008-05-21 09:34:52 0 dr-h----- C:\Documents and Settings\Deb\Recent2008-05-21 09:34:52 0 d--h----- C:\Documents and Settings\Deb\PrintHood2008-05-21 09:34:52 1572864 --ah----- C:\Documents and Settings\Deb\NTUSER.DAT2008-05-21 09:34:52 0 d--h----- C:\Documents and Settings\Deb\NetHood2008-05-21 09:34:52 0 dr------- C:\Documents and Settings\Deb\My Documents2008-05-21 09:34:52 0 d--h----- C:\Documents and Settings\Deb\Local Settings2008-05-20 18:47:31 0 d-------- C:\Documents and Settings\Georgia\Application Data\acccore2008-05-20 18:46:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint2008-05-20 18:46:23 0 d-------- C:\Program Files\Viewpoint2008-05-20 18:46:13 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL2008-05-20 18:46:13 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP2008-05-20 18:45:56 0 d-------- C:\Program Files\Common Files\AOL2008-05-20 18:30:53 0 d-------- C:\Documents and Settings\Georgia\Application Data\Macromedia2008-05-20 18:30:53 0 d-------- C:\Documents and Settings\Georgia\Application Data\Adobe2008-05-20 18:30:34 0 d-------- C:\Documents and Settings\Georgia\Application Data\Mozilla2008-05-20 18:29:53 0 d-------- C:\Documents and Settings\Georgia\Application Data\Identities2008-05-20 18:29:43 0 d--h----- C:\Documents and Settings\Georgia\Templates2008-05-20 18:29:43 0 dr------- C:\Documents and Settings\Georgia\Start Menu2008-05-20 18:29:43 0 dr-h----- C:\Documents and Settings\Georgia\SendTo2008-05-20 18:29:43 0 dr-h----- C:\Documents and Settings\Georgia\Recent2008-05-20 18:29:43 0 d--h----- C:\Documents and Settings\Georgia\PrintHood2008-05-20 18:29:43 1835008 --ah----- C:\Documents and Settings\Georgia\NTUSER.DAT2008-05-20 18:29:43 0 d--h----- C:\Documents and Settings\Georgia\NetHood2008-05-20 18:29:43 0 dr------- C:\Documents and Settings\Georgia\My Documents2008-05-20 18:29:43 0 d--h----- C:\Documents and Settings\Georgia\Local Settings2008-05-20 18:29:43 0 dr------- C:\Documents and Settings\Georgia\Favorites2008-05-20 18:29:43 0 d-------- C:\Documents and Settings\Georgia\Desktop2008-05-20 18:29:43 0 d--hs---- C:\Documents and Settings\Georgia\Cookies2008-05-20 18:29:43 0 dr-h----- C:\Documents and Settings\Georgia\Application Data2008-05-20 18:29:43 0 d---s---- C:\Documents and Settings\Georgia\Application Data\Microsoft2008-05-20 18:27:27 0 d-------- C:\WINDOWS\system32\appmgmt2008-05-20 17:35:17 0 d-------- C:\Logs2008-05-20 17:21:48 0 d-------- C:\Documents and Settings\Harrison\Application Data\Ventrilo2008-05-20 16:45:42 0 d-------- C:\Program Files\World of Warcraft2008-05-20 16:45:42 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment2008-05-20 16:34:32 0 d-------- C:\Documents and Settings\Harrison\Application Data\Macromedia2008-05-20 16:34:32 0 d-------- C:\Documents and Settings\Harrison\Application Data\Adobe2008-05-20 16:34:30 1169 --a------ C:\WINDOWS\mozver.dat2008-05-20 16:32:55 0 d-------- C:\Documents and Settings\Harrison\Application Data\Mozilla2008-05-20 16:32:32 0 d-------- C:\Documents and Settings\Harrison\Application Data\Identities2008-05-20 16:32:26 0 d--h----- C:\Documents and Settings\Harrison\Templates2008-05-20 16:32:26 0 dr------- C:\Documents and Settings\Harrison\Start Menu2008-05-20 16:32:26 0 dr-h----- C:\Documents and Settings\Harrison\SendTo2008-05-20 16:32:26 0 dr-h----- C:\Documents and Settings\Harrison\Recent2008-05-20 16:32:26 0 d--h----- C:\Documents and Settings\Harrison\PrintHood2008-05-20 16:32:26 1572864 --ah----- C:\Documents and Settings\Harrison\NTUSER.DAT2008-05-20 16:32:26 0 d--h----- C:\Documents and Settings\Harrison\NetHood2008-05-20 16:32:26 0 dr------- C:\Documents and Settings\Harrison\My Documents2008-05-20 16:32:26 0 d--h----- C:\Documents and Settings\Harrison\Local Settings2008-05-20 16:32:26 0 dr------- C:\Documents and Settings\Harrison\Favorites2008-05-20 16:32:26 0 d-------- C:\Documents and Settings\Harrison\Desktop2008-05-20 16:32:26 0 d--hs---- C:\Documents and Settings\Harrison\Cookies2008-05-20 16:32:26 0 dr-h----- C:\Documents and Settings\Harrison\Application Data2008-05-20 16:32:26 0 d---s---- C:\Documents and Settings\Harrison\Application Data\Microsoft2008-05-19 23:34:03 0 d-------- C:\Documents and Settings\Andy\Application Data\Apple Computer2008-05-19 23:33:53 0 d-------- C:\Program Files\iPod2008-05-19 23:33:49 0 d-------- C:\Program Files\iTunes2008-05-19 23:33:41 0 d-------- C:\Program Files\Bonjour2008-05-19 23:33:18 0 d-------- C:\Program Files\QuickTime2008-05-19 23:33:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer2008-05-19 23:33:10 0 d-------- C:\Program Files\Apple Software Update2008-05-19 23:32:25 0 d-------- C:\Program Files\Common Files\Apple2008-05-19 23:32:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple2008-05-19 22:18:13 13004832 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat2008-05-19 22:15:24 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier2008-05-19 22:15:20 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat2008-05-19 22:15:16 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows NT™ Operating System>2008-05-19 22:14:59 0 d-------- C:\WINDOWS\system32\ZoneLabs2008-05-19 22:13:54 0 d-------- C:\WINDOWS\Internet Logs2008-05-19 21:34:32 0 d-------- C:\Program Files\Alwil Software2008-05-19 21:09:04 0 --a------ C:\WINDOWS\nsreg.dat2008-05-19 21:09:03 0 d-------- C:\Documents and Settings\Andy\Application Data\Mozilla2008-05-19 13:48:05 0 d-------- C:\Documents and Settings\Andy\Application Data\InstallShield2008-05-19 12:00:25 0 d-------- C:\Program Files\Windows Media Connect 22008-05-19 12:00:08 0 d-------- C:\e807fa1355f1884e6f2008-05-19 11:59:46 0 d-------- C:\3a804cd09432ad17d817132008-05-19 11:59:44 0 d-------- C:\WINDOWS\system32\LogFiles2008-05-19 11:59:44 0 d-------- C:\WINDOWS\system32\drivers\UMDF2008-05-19 11:59:29 0 d-------- C:\14ac678d6a772e3e3df5b519982008-05-19 11:11:33 0 d-------- C:\WINDOWS\Prefetch2008-05-19 11:07:17 0 d-------- C:\WINDOWS\system32\scripting2008-05-19 11:07:17 0 d-------- C:\WINDOWS\l2schemas2008-05-19 11:07:16 0 d-------- C:\WINDOWS\system32\en2008-05-19 11:07:16 0 d-------- C:\WINDOWS\system32\bits2008-05-19 11:06:16 0 d-------- C:\WINDOWS\ServicePackFiles2008-05-19 11:04:53 0 d-------- C:\WINDOWS\network diagnostic2008-05-19 09:06:53 0 d-------- C:\Program Files\MSXML 4.02008-05-19 09:03:20 0 d-------- C:\WINDOWS\nvidia icons2008-05-19 09:03:14 0 d-------- C:\WINDOWS\NV33403348.TMP2008-05-19 09:02:45 0 d-------- C:\NVIDIA2008-05-19 09:01:41 0 d-------- C:\Program Files\SystemRequirementsLab2008-05-19 08:54:01 0 d-------- C:\Documents and Settings\Andy\Application Data\CyberLink2008-05-19 08:23:28 143360 -r------- C:\WINDOWS\system32\xRaidAPI.dll <Not Verified; JMicron Technology Corp.; JMB36X RAID API Dynamic Link Library>2008-05-19 08:23:27 1957888 -r------- C:\WINDOWS\system32\xRaidSetup.exe <Not Verified; JMicron Technology Corp.; JMicron JMB36X RAID Configurer>2008-05-19 08:23:27 0 d-------- C:\RaidTool2008-05-19 08:23:23 0 d-------- C:\WINDOWS\RaidTool2008-05-19 08:07:25 0 d-------- C:\Documents and Settings\Andy\Application Data\Macromedia2008-05-19 08:07:09 0 d-------- C:\Documents and Settings\Andy\Application Data\Adobe2008-05-19 08:01:24 0 d-------- C:\WINDOWS\pss2008-05-19 08:01:20 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles2008-05-19 07:56:09 0 d-------- C:\Documents and Settings\Andy\Application Data\Identities2008-05-19 07:55:55 0 d--h----- C:\Documents and Settings\Andy\Templates2008-05-19 07:55:55 0 dr------- C:\Documents and Settings\Andy\Start Menu2008-05-19 07:55:55 0 dr-h----- C:\Documents and Settings\Andy\SendTo2008-05-19 07:55:55 0 dr-h----- C:\Documents and Settings\Andy\Recent2008-05-19 07:55:55 0 d--h----- C:\Documents and Settings\Andy\PrintHood2008-05-19 07:55:55 0 d--h----- C:\Documents and Settings\Andy\NetHood2008-05-19 07:55:55 0 dr------- C:\Documents and Settings\Andy\My Documents2008-05-19 07:55:55 0 d--h----- C:\Documents and Settings\Andy\Local Settings2008-05-19 07:55:55 0 dr------- C:\Documents and Settings\Andy\Favorites2008-05-19 07:55:55 0 d-------- C:\Documents and Settings\Andy\Desktop2008-05-19 07:55:55 0 d--hs---- C:\Documents and Settings\Andy\Cookies2008-05-19 07:55:55 0 dr-h----- C:\Documents and Settings\Andy\Application Data2008-05-19 07:55:54 2883584 --ah----- C:\Documents and Settings\Andy\NTUSER.DAT2008-05-19 07:33:01 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink2008-05-19 07:20:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage2008-05-19 06:58:36 0 d-------- C:\Program Files\CyberLink2008-05-19 06:50:44 0 d-------- C:\Documents and Settings\Andy\Application Data\Ahead2008-05-19 06:50:43 0 d-------- C:\Documents and Settings\All Users\Application Data\LightScribe2008-05-19 06:48:04 0 d-------- C:\Program Files\Common Files\LightScribe2008-05-19 06:47:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead2008-05-19 06:45:55 0 d-------- C:\Program Files\Nero2008-05-19 06:45:55 0 d-------- C:\Program Files\Common Files\Ahead2008-05-19 06:45:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero2008-05-19 06:45:34 0 d-------- C:\WINDOWS\RegisteredPackages2008-05-19 06:41:37 0 d-------- C:\WINDOWS\Sun2008-05-19 06:41:37 0 d-------- C:\Documents and Settings\Andy\Application Data\Sun2008-05-19 06:41:17 0 d-------- C:\Program Files\Java2008-05-19 06:41:10 0 d-------- C:\Program Files\Common Files\Java2008-05-19 05:29:33 0 d-------- C:\WINDOWS\system32\PreInstall2008-05-19 05:28:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe2008-05-19 05:28:11 0 d-------- C:\Program Files\Common Files\Adobe2008-05-19 05:21:24 0 d-------- C:\WINDOWS\nview2008-05-19 05:21:23 0 d-------- C:\WINDOWS\NV16761612.TMP2008-05-19 05:17:30 0 d-------- C:\WINDOWS\system32\SoftwareDistribution2008-05-19 05:15:59 0 d-------- C:\WINDOWS\system32\Lang2008-05-19 05:15:59 73728 --a------ C:\WINDOWS\ALCFDRTM.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek ALCFDRTM>2008-05-19 05:14:45 0 d-------- C:\WINDOWS\OPTIONS2008-05-19 05:14:34 49152 --a------ C:\WINDOWS\system32\ChCfg.exe2008-05-19 05:14:21 0 d-------- C:\WINDOWS\system32\RTCOM2008-05-19 05:13:51 0 d-------- C:\Program Files\Realtek2008-05-19 05:13:51 0 d--h----- C:\Program Files\InstallShield Installation Information2008-05-19 05:13:50 520192 --a------ C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>2008-05-19 05:13:50 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>2008-05-19 05:13:48 0 d-------- C:\Program Files\Common Files\InstallShield2008-05-19 05:12:42 0 d-------- C:\WINDOWS\system32\ReinstallBackups2008-05-19 05:12:41 0 d------c- C:\WINDOWS\system32\DRVSTORE2008-05-19 05:12:41 0 d-------- C:\Program Files\Intel2008-05-19 05:12:38 0 d-------- C:\Intel2008-05-19 05:08:39 0 d-------- C:\WINDOWS\SoftwareDistribution2008-05-19 05:08:37 0 d---s---- C:\WINDOWS\system32\Microsoft2008-05-19 05:08:35 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT2008-05-19 05:08:35 0 d--h----- C:\Documents and Settings\LocalService\Local Settings2008-05-19 05:08:35 0 d--hs---- C:\Documents and Settings\LocalService\Cookies2008-05-19 05:08:35 0 d-------- C:\Documents and Settings\LocalService\Application Data2008-05-19 05:08:35 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft2008-05-19 05:03:41 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings2008-05-19 05:03:41 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies2008-05-19 05:03:41 0 d-------- C:\Documents and Settings\NetworkService\Application Data2008-05-19 05:03:41 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft2008-05-19 05:03:40 225280 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT2008-05-19 05:01:48 0 d-------- C:\WINDOWS\system32\xircom2008-05-19 05:01:48 0 d-------- C:\Program Files\microsoft frontpage2008-05-19 05:01:08 262144 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT2008-05-19 05:01:06 0 d--h----- C:\WINDOWS\$hf_mig$2008-05-19 05:00:54 0 -rahs---- C:\MSDOS.SYS2008-05-19 05:00:54 0 -rahs---- C:\IO.SYS2008-05-19 05:00:54 0 --a------ C:\CONFIG.SYS2008-05-19 05:00:54 0 --a------ C:\AUTOEXEC.BAT2008-05-19 05:00:12 0 d--hs---- C:\Documents and Settings\All Users\DRM2008-05-19 05:00:04 0 dr------- C:\WINDOWS\Offline Web Pages2008-05-19 05:00:04 0 d---s---- C:\WINDOWS\Downloaded Program Files2008-05-19 04:59:57 0 d--h----- C:\Program Files\WindowsUpdate2008-05-19 04:59:38 0 d-------- C:\WINDOWS\system32\DirectX2008-05-19 04:59:03 0 d---s---- C:\WINDOWS\Tasks2008-05-19 04:59:02 0 d-------- C:\Program Files\Common Files\MSSoap2008-05-19 04:58:58 0 d-------- C:\WINDOWS\srchasst2008-05-19 04:58:57 0 d-------- C:\WINDOWS\system32\Macromed2008-05-19 04:58:49 0 d-------- C:\Program Files\Movie Maker2008-05-19 04:58:41 0 d-------- C:\WINDOWS\system32\Restore2008-05-19 04:58:10 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat2008-05-19 04:57:57 0 d-------- C:\WINDOWS\Registration2008-05-19 04:57:50 0 d-------- C:\Program Files\Online Services2008-05-19 04:57:45 0 d-------- C:\Program Files\Messenger2008-05-19 04:57:41 0 d-------- C:\Program Files\MSN Gaming Zone2008-05-19 04:57:00 0 d-------- C:\Program Files\Windows NT2008-05-19 04:56:57 0 d-------- C:\WINDOWS\system32\MsDtc2008-05-19 04:56:55 0 d-------- C:\WINDOWS\system32\Com2008-05-18 21:51:10 0 d--hs---- C:\WINDOWS\Installer2008-05-18 21:51:09 0 d-------- C:\Program Files\Common Files\ODBC2008-05-18 21:51:06 0 dr------- C:\Program Files2008-05-18 21:51:06 0 d-------- C:\Program Files\Common Files2008-05-18 21:51:06 0 d-------- C:\Program Files\Common Files\SpeechEngines2008-05-18 21:50:42 0 d--h----- C:\Documents and Settings\Default User\Templates2008-05-18 21:50:42 0 dr------- C:\Documents and Settings\Default User\Start Menu2008-05-18 21:50:42 0 dr-h----- C:\Documents and Settings\Default User\SendTo2008-05-18 21:50:42 0 d--h----- C:\Documents and Settings\Default User\Recent2008-05-18 21:50:42 0 d--h----- C:\Documents and Settings\Default User\PrintHood2008-05-18 21:50:42 0 d--h----- C:\Documents and Settings\Default User\NetHood2008-05-18 21:50:42 0 d-------- C:\Documents and Settings\Default User\My Documents2008-05-18 21:50:42 0 dr-h----- C:\Documents and Settings\Default User\Local Settings2008-05-18 21:50:42 0 d-------- C:\Documents and Settings\Default User\Favorites2008-05-18 21:50:42 0 d-------- C:\Documents and Settings\Default User\Desktop2008-05-18 21:50:42 0 d---s---- C:\Documents and Settings\Default User\Cookies2008-05-18 21:50:42 0 d--h----- C:\Documents and Settings\All Users\Templates2008-05-18 21:50:42 0 dr------- C:\Documents and Settings\All Users\Start Menu2008-05-18 21:50:42 0 d-------- C:\Documents and Settings\All Users\Favorites2008-05-18 21:50:42 0 dr------- C:\Documents and Settings\All Users\Documents2008-05-18 21:50:42 0 d-------- C:\Documents and Settings\All Users\Desktop2008-05-18 21:50:31 0 d-------- C:\WINDOWS\system32\CatRoot22008-05-18 21:50:31 0 d-------- C:\WINDOWS\system32\CatRoot2008-05-18 21:50:26 0 dr-h----- C:\Documents and Settings\Default User\Application Data2008-05-18 21:50:26 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft2008-05-18 21:50:25 0 dr-h----- C:\Documents and Settings\All Users\Application Data2008-05-18 21:50:25 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft2008-05-18 21:49:57 0 d--hs---- C:\System Volume Information2008-05-18 21:49:57 0 d-------- C:\Documents and Settings2008-05-18 21:44:42 0 d-------- C:\WINDOWS2008-05-18 21:44:42 0 d-------- C:\WINDOWS\WinSxS2008-05-18 21:44:42 0 dr------- C:\WINDOWS\Web2008-05-18 21:44:42 0 d-------- C:\WINDOWS\twain_322008-05-18 21:44:42 0 d-------- C:\WINDOWS\system322008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\wins2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\wbem2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\usmt2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\spool2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\ShellExt2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\Setup2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\ras2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\oobe2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\npp2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\mui2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\inetsrv2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\IME2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\icsxml2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\ias2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\export2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\drivers2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\drivers\etc2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\drivers\disdn2008-05-18 21:44:42 0 dr-hs--c- C:\WINDOWS\system32\dllcache2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\dhcp2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\config2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\3com_dmi2008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\30762008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\20522008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\10542008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\10422008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\10412008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\10372008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\10332008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\10312008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\10282008-05-18 21:44:42 0 d-------- C:\WINDOWS\system32\10252008-05-18 21:44:42 0 d-------- C:\WINDOWS\system2008-05-18 21:44:42 0 d-------- C:\WINDOWS\security2008-05-18 21:44:42 0 d-------- C:\WINDOWS\Resources2008-05-18 21:44:42 0 d-------- C:\WINDOWS\repair2008-05-18 21:44:42 0 d-------- C:\WINDOWS\Provisioning2008-05-18 21:44:42 0 d-------- C:\WINDOWS\PeerNet2008-05-18 21:44:42 0 d-------- C:\WINDOWS\pchealth2008-05-18 21:44:42 0 d-------- C:\WINDOWS\mui2008-05-18 21:44:42 0 d-------- C:\WINDOWS\msapps2008-05-18 21:44:42 0 d-------- C:\WINDOWS\msagent2008-05-18 21:44:42 0 d-------- C:\WINDOWS\Media2008-05-18 21:44:42 0 d-------- C:\WINDOWS\java2008-05-18 21:44:42 0 d--h----- C:\WINDOWS\inf2008-05-18 21:44:42 0 d-------- C:\WINDOWS\ime2008-05-18 21:44:42 0 d-------- C:\WINDOWS\Help2008-05-18 21:44:42 0 dr--s---- C:\WINDOWS\Fonts2008-05-18 21:44:42 0 d-------- C:\WINDOWS\ehome2008-05-18 21:44:42 0 d-------- C:\WINDOWS\Driver Cache2008-05-18 21:44:42 0 d-------- C:\WINDOWS\Debug2008-05-18 21:44:42 0 d-------- C:\WINDOWS\Cursors2008-05-18 21:44:42 0 d-------- C:\WINDOWS\Connection Wizard2008-05-18 21:44:42 0 d-------- C:\WINDOWS\Config2008-05-18 21:44:42 0 d-------- C:\WINDOWS\AppPatch2008-05-18 21:44:42 0 d-------- C:\WINDOWS\addins-- Find3M Report ---------------------------------------------------------------2008-05-18 21:50:42 62 --ahs---- C:\Documents and Settings\Andy\Application Data\desktop.ini2008-05-02 22:46:00 1630208 --a------ C:\WINDOWS\system32\nwiz.exe2008-05-02 22:46:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll2008-05-02 22:46:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll2008-05-02 22:46:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll2008-05-02 22:46:00 1486848 --a------ C:\WINDOWS\system32\nview.dll2008-05-02 22:46:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe2008-05-02 22:46:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe2008-05-02 22:46:00 425984 --a------ C:\WINDOWS\system32\keystone.exe-- Registry Dump ---------------------------------------------------------------*Note* empty entries & legit default entries are not shown[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/02/2008 10:46 PM]"nwiz"="nwiz.exe" [05/02/2008 10:46 PM C:\WINDOWS\system32\nwiz.exe]"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05/02/2008 10:46 PM]"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [05/15/2008 06:19 PM]"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [04/02/2008 08:07 PM]"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [03/04/2004 09:46 AM]"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [12/22/2003 08:38 AM]"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [02/18/2004 12:55 PM]"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM]"{914C5BF8-EEDD-4F3A-A8BE-34EE71CF1B29}"="C:\Program Files\Mediafour\XPlay 3\XPlay.exe" [03/06/2008 09:36 PM]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/13/2008 07:12 PM]"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/03/2008 07:18 PM][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/30/2008 04:37 AM 77824][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 12:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] C:\WINDOWS\System32\dimsntfy.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]@="Volume shadow copy"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\36X Raid Configurer]C:\WINDOWS\system32\xRaidSetup.exe boot[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]ALCMTR.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]C:\WINDOWS\system32\ctfmon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]C:\WINDOWS\RaidTool\xInsIDE.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]nwiz.exe /install[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]RTHDCPL.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]SkyTel.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]eapsvcs eaphostdot3svc dot3svcHKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsnapagenthkmsvc[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]AutoRun\command- E:\LaunchU3.exe -a[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56f77e1b-33d5-11dd-9b49-00508dbbcf24}]AutoRun\command- E:\LaunchU3.exe -a[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"-- End of Deckard's System Scanner: finished at 2008-06-10 23:38:14 ------------Deckard's System Scanner v20071014.68Extra logfile - please post this as an attachment with your post.---------------------------------------------------------------------------------- System Information ----------------------------------------------------------Microsoft Windows XP Professional (build 2600) SP 3.0Architecture: X86; Language: EnglishCPU 0: Intel® Core™2 Duo CPU E6750 @ 2.66GHzPercentage of Memory in Use: 19%Physical Memory (total/avail): 3326.42 MiB / 2688.82 MiBPagefile Memory (total/avail): 5210.05 MiB / 4703.3 MiBVirtual Memory (total/avail): 2047.88 MiB / 1873 MiBC: is Fixed (NTFS) - 465.75 GiB total, 423.59 GiB free. D: is CDROM (No Media)E: is Fixed (FAT32) - 232.83 GiB total, 207.38 GiB free. \\.\PHYSICALDRIVE0 - ST3500320AS - 465.76 GiB - 1 partition \PARTITION0 (bootable) - Installable File System - 465.75 GiB - C:\\.\PHYSICALDRIVE1 - WD 2500BEA External USB Device - 232.88 GiB - 1 partition \PARTITION0 - Unknown - 232.88 GiB - E:-- Security Center -------------------------------------------------------------AUOptions is scheduled to auto-install.-- Environment Variables -------------------------------------------------------ALLUSERSPROFILE=C:\Documents and Settings\All UsersAPPDATA=C:\Documents and Settings\Andy\Application DataCLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zipCLIENTNAME=ConsoleCommonProgramFiles=C:\Program Files\Common FilesCOMPUTERNAME=OWNER-A30298A2CComSpec=C:\WINDOWS\system32\cmd.exeFP_NO_HOST_CHECK=NOHOMEDRIVE=C:HOMEPATH=\Documents and Settings\AndyLOGONSERVER=\\OWNER-A30298A2CNUMBER_OF_PROCESSORS=2OS=Windows_NTPath=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSHPROCESSOR_ARCHITECTURE=x86PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntelPROCESSOR_LEVEL=6PROCESSOR_REVISION=0f0bProgramFiles=C:\Program FilesPROMPT=$P$GQTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zipSESSIONNAME=ConsoleSystemDrive=C:SystemRoot=C:\WINDOWSTEMP=C:\DOCUME~1\Andy\LOCALS~1\TempTMP=C:\DOCUME~1\Andy\LOCALS~1\Temptvdumpflags=8USERDOMAIN=OWNER-A30298A2CUSERNAME=AndyUSERPROFILE=C:\Documents and Settings\Andywindir=C:\WINDOWS-- User Profiles ---------------------------------------------------------------Andy (admin)Harrison (admin)Georgia (admin)Deb (admin)Administrator (admin)-- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.infAdobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exeAdobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}Adobe InDesign CS3 --> C:\Program Files\Common Files\Adobe\Installers\05ba3a63f36684fe0c5dde2ebe6f8f5\Setup.exeAdobe InDesign CS3 --> MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}Adobe InDesign CS3 Icon Handler --> MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}Adobe Setup --> MsiExec.exe /I{56B8B892-317E-4FDE-9E4D-44B189848A27}Adobe SING CS3 --> MsiExec.exe /I{3F9B2FD2-1C83-4401-9967-C3636638E958}Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}AIM 6 --> C:\Program Files\AIM6\uninst.exeApple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetupBonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}DVD Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstallHigh Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"HP Deskjet 5700 --> msiexec /x{85B1BEF2-2357-4C27-ABBE-15A1AE3AF78D}HP Software Update --> MsiExec.exe /X{B81023A5-71ED-46EB-BE3B-9F974D1155F1}Install(US)2 --> C:\Program Files\InstallShield Installation Information\{8A4D41F3-3EDA-4DAC-9403-839708EA0667}\setup.exe -runfromtemp -l0x0009 -removeonlyiTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}Java™ 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}JMB36X Raid Configurer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x9 -removeonlyMicrosoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLLMicrosoft Office Enterprise 2007 --> MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"Mozilla Firefox ( --> C:\Program Files\Mozilla Firefox\uninstall\helper.exeNero 7 Essentials --> MsiExec.exe /X{69589221-D76E-4C88-8388-A7943C851033}neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUIPDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstallQuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}REALTEK GbE & FE Ethernet PCI NIC Driver --> C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x0009 -removeonlyRealtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonlySecurity Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}Security Update for Office 2007 (KB934062) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}Security Update for Outlook 2007 (KB946983) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exeUpdate for Office 2007 (KB932080) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}Update for Office 2007 (KB9466

A: Gameguard

Welcome to the BleepingComputer Forums. Since it has been a few days, please post a new HijackThis log. Thank you for your patience.If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

14 more replies
Answer Match 44.94%

hello so there is this gameguard application for games basically any game using GamGuard protection when I press to launch it says "GameGuard initial error please kill any other conflict apps and restart the game" do you have any ideas?

Thank you waiting for answer


Try this maybe...

1 more replies
Answer Match 44.94%

anyone know how to fix the gameguard 104 error? I needa restart my computer everytime i close the game. =/ its pretty annoyin

More replies
Answer Match 44.1%

Ok, so I go into any game with nProtect GameGuard (FlyFF, ijji Gunz) and I get the same two errors when GameGuard tries to Authenticate.

"Program Error
GameMon.des.exe has generated errors and will be closed by
Windows. You will need to restart the program
An error log is being created."

"GameGuard execute error : 114
GameGuard initialization error. Try rebooting and executing the game or close the program considered to cause a collision."

Now of course the first thing I do is restart the program, then reboot and try again, after that didn't work I closed all other applications that I could, when that failed I looked around and found out it could be a virus, used Spy Sweeper and cleared 3 trojans that AVG didn't know existed, and I still get the errors when I try to start the game.

My drivers are up to date, I've turned off my Anti-virus, I've remade accounts, and yet it still doesn't run.

I've played before, so I know the games work, but here are my specs anyways.

System Information
Time of this report: 8/27/2007, 14:18:53
Machine name: PARADYME-UHL9Y8
Operating System: Windows 2000 Professional (5.0, Build 2195) Service Pack 4
Language: English (Regional Setting: English)
System Manufacturer: INTELR
System Model: AWRDACPI
BIOS: Phoenix - AwardBIOS v6.00PG
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz (2 CPUs), ~3.2GHz
Memory: 1024MB RAM
Page File: 430MB used, 2030MB available
Window... Read more

More replies
Answer Match 44.1%

Yea, I get that whenever I try to play a game involving GameGuard (mainly Ijji games).
Any ideas?

A:Gameguard error 114?

11 more replies
Answer Match 44.1%

Hi guys, I recently started playing Trickster Online again and was upset to find out that their version of nProtect GameGuard won't let me use internet browsers while it's running. I was hoping someone would be able to help me out and I hope this problem is fixable. Thanks in advance, and by the way I'm using my laptop.

A:GameGuard on Vista

hope this helps you

its the website for it where you should be able to download the program and update the game files from there (if its anything like battlefield 2 and punkbuster)

I dont play the game nor any games that use it but from what i see thats what I gather

1 more replies
Answer Match 44.1%

This is a heads up for anyone playing games that run Gameguard, such as Maplestory Mabinogi or Gunbound.
For anyone who read my thread a few days ago, my computer was crashing during gameplay of a few games, Maplestory most notably. The probably was diagnosed as and agreed apon by the responses as a Graphics Card overheat error, which concerned me as it hasn't happened before. I may now have found the problem, to which I would like to inform my fellow gamers.

The problem started when my girlfriend's brand new computer started having the same issue last night out of the blue. I decided to scour the web for possible problems with the game. I found a thread somewhere describing an error with gameguard BSODing when there was a critical error in the program. Doing more homework, I found out that gameguard's error handler is tied right into the kernal process of windows and activated a BSOD instead of crashing just the game. Wondering what could have possibly done that, I decided to check gameguard's website WHEN I remembered: I have other gameguard games.

I uninstalled them all(including maplestory) did a system search for gameguard anything and manually deleted it. Ran CCleaner to get rid of leftover files(probably was unneccesary). Redownloaded Maplestory and ran the program. It's been running(and still is) error free for the last hour and a half(twice as long as I've made it in the last 3 weeks). I was gonna try it on my girlfriend's compute... Read more

More replies
Answer Match 44.1%

So when I play games like CrossFire... well online games that has to do with Gameguard it doesnt work! Can someone HELP ME!
HERE'S WHAT HAPPENS(CrossFire and this happens on other MMO's to) : First I start the game, then wait for it then then the GameGuard BOX pops up. It tell's that gameguard is Loading. Then AFTER the box dissappears, THIS another box appears's saying nothing. No text or anything, the only option i could do is "OK". So I press "OK" and It leads me to the gameguard website saying an error (114) occured! I've try EVERYTHING (suggestion) it says to do but NONE of them WORK!


More replies
Answer Match 44.1%

I get it when I play ANY game using Gameguard, such as Soldier Front or Maple Story..

It tells me to close the application causing the problem. What am I supposed to do?

A:Gameguard error 114?

12 more replies
Answer Match 44.1%

As of yesterday any games that have Game Guard do not work. They all give me error message 114.

The games I play with gameguard are Grand Chase and Gunz. I have contacted my ISP, Dell and the game providers via help desk. My ISP and Dell said it was the game, Gunz said it was my computer, I haven't recieved a response from Grand Chase.

Now, I have tried all solutions I have found on the internet. I do not have a firewall. Nothing has changed since the day before yesterday on my computer. It happened over night basically, when my computer wasn't even on.

I do have AVG anti-virus, however that NEVER caused this before. I've been playing this games along side AVG for a long time. I even have AVG disabled when I play, it still doesn't work.
It is really frustrating me, and honestly I am really tempted to throw this computer out my door.

A:GameGuard Error 114

I would try contacting the game provider..........

and then again you could get bumped up to a level 3 tech that still knows less than you lol

2 more replies
Answer Match 44.1%

:Hello,Well when i play a free mmo game like flyff and gunbound then i try to logg in and after i log in either 30 secs or 1 min later it shutsdown and i have to restart my computer after this happens. This only happens when then game uses nprotect gameguard. please help

More replies
Answer Match 44.1%

guys i have like 2 weeks wit this error i cant fix it.
i play soldier front when is loading the game appear this message
"game guard initialization. try rebooting nd executing the game or close
the program considered colliton"

ps: i shut down my firewall reinstall again the game no works.
os: win xp

A:error gameguard 114

i dunno....maybe you have a file on your computer it doesn't like.....try scanning your computer for viruses......if you have a file that may look like a virus, as several hacks do so, sometimes anti-cheat systems will cut you off.

or you may have an external process it may not like...

i really don't know otherwise...
manually make sure all lthe files are deleted
and reinstall
..... i dunno otherwise.

1 more replies
Answer Match 44.1%

ok so you've heard of gunz etc etc and how while launching Gunz.exe it also starts up gameguard.exe anti hacking prevention system created by ijji to well...prevent hackers, now dont say to shut down gamguard cause u cant run gunz without it. Anyways they've jsut recently upgraded gameguard because of some bugs etc, and ever since over 70% of gunz players have been experiencing FPS lag. now heres the link of the gunzfactor forum. its just to give u an overview of the main program, (already linked to the main thread about it) and everyone has already mention that it isn't the CPU of video card its something with the gameguard anti-virus, but maybe you guys might know?


thanks again xD

More replies
Answer Match 44.1%

hi all the problems i have occur with game gaurd on such games as albatross18,and rakion.

as for both of these games there was a time when i was able to play them, then gradualy i started to get errors and no longer could play.

rakion loads up the nprotect/gameguard then acts like its going to start but i get no screen or anything.then when i try to run it again it says "the game is overlapped,or gamegaurd is already in execution.Please try again after you terminate the game" or this "this is game guard initilization error.please try again after you re-boot or close any other program that may be coliding" well ive checked and the game isnt running, and no processes of the game or gameguard are running,and i also cant find anything that would colide with it.. some people said it might be spyware of some sort,but i scanned with 3 different programs and im clean according to them.

any help is appreciated thank you

More replies
Answer Match 44.1%

i got some problems regarding with my online game with is RANONLINE which has game guard, the game guard keeps giving me error 100 as i search at internet they sey it is a VIRUS thats why i came up in here. i had removed and installed the game many times, i had scanned my pc using norton, then which to avira but still problem exist. then i found this combo fix and run it. then it gives me the log after combo fix has finished. BUT still problem exist. please help me. i don't know what to do..


Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please>>> Double-click on TDSSKiller.exe to run the application.Click on the Start Scan button and wait for the scan and disinfection process to be over.If an infected file is detected, the default action will be Cure, click on Continue
If a suspicious file is detected, the default action will be Skip, click on Continue
If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.Download (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it Click the "Scan" button to start scan. Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANTPlease post the contents of that log in your next reply.There shall also be a file on your desktop named MBR.dat. Righ... Read more

2 more replies
Answer Match 44.1%

I'm trying to play Trickster Online. It has never worked since I installed it a few weeks ago and their tech support never answered my email. It has this anti-hacking software called nProtect Gameguard. You have to go through its updating process in order to play. The problem is I keep getting error 380 and so it exits. Every guide I find is in bad English (nProtect is Korean) and doens't tell you how to fix it. I'm not using a proxy or anything. Can anyone help me out?

A:GameGuard error 380

Look at this forum maybe they can help you out.

1 more replies
Answer Match 44.1%

Hi hi.So I play ijji's Gunz: The Duel. I tried playing Exteel (both of which games use Nprotect GameGuard). Exteel's gameguard would always come up with an error message, and as such, I couldn't play the game. So I gave up on it, and went back to Gunz. It seems the Gunz gameguard was overwritten with the Exteel gameguard, as the same error message now occured whenever I tried to play Gunz.So I uninstalled Exteel, reinstalled Gunz, deleted GameGuard, only to find that GameGuard is, in fact, a rootkit, and all that technical stuff is beyond me.So I deleted the GameGuard that installs with Gunz, knowing that upon trying to play the game, it would re-download and reinstall (with the hopes of re-overwriting Exteel's gameguard), but it came up with an error message saying:"GameGuard initialization error. Try rebooting and executing the game or close the program considered to cause a collision."Basically, I want to be able to play Gunz: The Duel again, without formatting my computer.Here are my DSS Logs:Deckard's System Scanner v20071014.68Run by Brian Collins on 2008-04-13 12:18:17Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --75: 2008-04-13 04:18:32 UTC - RP852 - Deckard's System Scanner Restore Point74: 2008-04-12 08:23:15 UTC - RP851 - Syst... Read more

A:Gameguard Clash

Hello WyreZI apologize for the delay in response as we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.Thanks and again sorry for the delay.Please download Deckard's System Scanner (DSS) and save to your Desktop.alternate download siteDSS will do the following:Create a new System Restore point in Windows XP and Vista.Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.Check some important areas of your system and produce a report for an analyst to review.Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.You must be logged onto an account with administrator privileges when using.Close all applications and windows.Double-click on dss.exe to run it and follow the prompts.If your anti-virus or firewall complains, please allow this script to run as it is not
malicious.When the scan is complete, two text files will open in Notepad:main.txt <- this one will be maximizedextra.txt <- this one will be minimizedIf not, they both can be found in the C:\Deckard\System Scanner folder.Please copy (Ctrl+C) and paste (C... Read more

2 more replies
Answer Match 44.1%

Read the title... enough said. I'm just curious how many people have thought "YES! NO MORE HACKERS IN *insert game here*!" Then, there are still thousands of hackers. The games I play, like Gunz, Gunbound, and Soldier Front are filled with hackers. Even Rakion. GameGuard does absolutely nothing... post your ideas here!

A:nProtect GameGuard

6 more replies
Answer Match 43.68%

So i went to play maplestory last night and well it did not work my internet connection was excellant but the game would not connect it would not even show the adveirtisment. I installed and reinstalled but that did not work in case my comp has not been updated but i have an acer aspire 5100 vista

Plz Help

More replies
Answer Match 43.68%

So here's this game Ran Online and I have Windows 8 Pro 32-bit.

I always get this error saying that there are programs that conflict with gameguard. I already allowed the game and the gameguard.des and gamemon.des in windows defender and firewall. And I also allowed the entire drive.

So any idea what would these programs be that conflict with game guard?

Thanks in advance.

A:Windows 8 Gameguard Error

I am assuming Game Guard is anti-cheat software for the game just like S4 League's xtrap.

It is dangerous to allow the whole drive and I recommend you undo that. The bad news you can't do anything until they update Game Guard to work with Windows 8

Similar case happen with xtrap and within a month they updated to allow Windows 8.

I am assuming and I don't know Game Guard is thinking your cheating because it only checks the approve OS in its definitions list and windows 8 is not on it.

You can probably sent a email to the company or post on their forums or send a ticket to get them to make a small update to add Windows 8 as a approve OS

I think the actual game runs fine if it ran in Windows 7 just the anti-cheat software needs a update.

The Ticket page:
RAN WORLD : The Frontier of Ran Online

Forum page:
RAN WORLD : The Frontier of Ran Online

Check there.

2 more replies
Answer Match 43.68%

all of the free mmorpg's i have downloaded that use nprotect gameguard are crashing after giving this message:

GameGuard.des - Application Error
The instruction at "0x458c3be8" referenced memory at "0x5f05001e". The memory could not be "read".

Click on OK to terminate the program


A:nProtect GameGuard crashing

7 more replies
Answer Match 43.68%

I am sick and tired of this worthless security software. I used to play Mabinogi, a Korean MMO from Nexon, and of course they use that infernal GameGuard BS. Fool that I was, I tolerated its presence since I liked the game more than most. Well, trust me, I paid for it. Who knows how much it has altered the registry.

Worse, it has disabled my keyboard! I use Vista and a Logitech Wave Keyboard. Once in a while, Mabinogi fails to load up and I see a white screen instead of the title. My mouse works but my keyboard is disabled and I have to do a hard reboot. Upon reboot, it still doesn't work. I switch the USB to another port... voila, it works. But it will never work for that previous port again!

I didn't suspect anything until it happened a second time. Now I have two ports on my PC that refuse to work with my keyboard. Any other device works fine, just not the keyboard. This is BS of the highest degree.

I can only guess that it has modified my registry in some way, but I don't even know where to begin. Can anyone help me recover the use of my two USB ports for the keyboard?

A:GameGuard killing my keyboard and USB

I've since uninstalled Mabinogi, deleted the GameGuard folder, deleted the two hidden files it inserted into my system folder and deleted a registry key to no avail. Someone has suggested that GameGuard is using an "input hook", which I've never heard of.

1 more replies
Answer Match 43.68%


A couple of weeks ago, I installed wolfteam on my computer, started playing and when I finish playing and get back to the desktop, I cannot open any programs anymore, cannot open my computer or anything. When I double click icons, nothing happens.

I thought it was the game, so I uninstalled and reinstalled with the same problem.

Yesterday, I downloaded 2 new games, Huxley and Pandora saga, both games and wolfteam all come with gameguard. And all these games now do the same thing when I close them. So I guess the problem was not with wolfteam, but rather with gameguard, maybe I'm just jumping to conclusions...

I have over 50 games installed on my computer, online and single player games, and the only 3 games that use gameguard give me this problem.

I did not try uninstalling gameguard and reinstalling because im not sure if I would have to redownload and reinstall the whole games by doing that, Huxley is 4GB, I do not want to redownload if not necessary.

So to repeat myself, the problem is that I cannot open any programs, or windows or do anything anymore on my computer after I close the games. My desktop is there, everything is normal, I can open the start menu, but that's about it.

I tried to attach my Dxdiag file, but it wouldn't let me, so let me know what info you need on my computer other than what I will give...

System Information
Time of this report: 8/8/2009, 01:16:42
Machine name: FASHION-FREAK
Oper... Read more

A:Issue with games with gameguard...

11 more replies
Answer Match 43.68%

Ok so i was playing this game called 2moons for about a month it was awesome and i got addicted to it. its kinda like WOW but free. so anyway, one i clicked the launcher and it did nothing for awhile then a error poped up and said connection error. i was like ok w/e and tried again the same thing happened. so i decided to just play a different game. and i tried to log into it (Gunz Online hosted by and it came up with a connection error as well it said "Gameguard execute error 380 failed to connect to gameguard update server. please try again later or check personal firewall settings" so i tried again later (1.5 weeks now) and im still getting that message. i did some research on this to try and fix the problem all the sites i went to said to turn off my firewall while playing the game so i turned it off and i still get the same msg. they also said to delete gameguard and when u run the game again it will update it and ull b fine. that also didnt work. I would be really really greatful if some1 knew how to fix this and tell me. thanks!

A:gameguard error 380 (2 moons)

14 more replies
Answer Match 43.68%

DDS (Ver_09-03-16.01) - NTFSx86
Run by Santero Famiglia at 12:08:38.85 on Sun 05/03/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.895.367 [GMT 8:00]

AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Genius\ioCentre\gAutoPan.... Read more

A:Need Help. The GameGuard is not working properly.

I dont know if this is a addtional information, but when I start my PC, before the Windows logo there appear a two choice: Microsoft Windows Recovery console and Microsoft XP Media Center Edition(this is the highlighted one). it automatically choice the highlighted for 1-2 secs mabye.

3 more replies
Answer Match 43.68%


I am new here and I have a problem. I have recently installed Cabal Online and after playing it I noticed something was not right. After trying to find a solution I have decided to uninstall the game and forget about it but then I found out on the internet that GameGuard, which this game uses, is a rootkit and thus a threat to my and my computer's security. I read you have to manually remove it from the computer so I followed some instructions. I deleted the GameGuard folder after uninstalling the game and I also found npptnt2.dll and nppt9x.vxd files but I can't find the place in registry all those people on the internet mentioned. Is it possible that there is nothing left of GameGuard? How big a threat is GameGuard really? Can you please help or give information or something? You would make a guy's life easyer

P.S. I believe that when I found this site & forum I found a goldmine. I bet there is a lot of good information here

A:How Can I Completely Remove Gameguard?

If there is a "rootkit" on your computer, the best chance of finding it and removing it is by posting a Hijack This log.Post a Hijack This log in the Hijack This Forum by following the directions in the link below. DO NOT post the log in this forum.

1 more replies
Answer Match 43.68%

I try to launch the game and it was fine then when it try to start it pop up 380 error and I tried to reinstall but it didn't work. I have two laptop and both have the same problem I dont know if it was a network problem or not. please help me fix the problemT_T

More replies
Answer Match 43.26%

I just switch from windows 7 ultimate to windows 8 pro, my problem is I can't run ragnarok online and every time I open ragnarok online the gameguard always has a problem.. It says gameguard error 114.. Any update on this? Any fix?

A:gameguard error 114 can't run ragnarok online

I don't think GameGuard has updated their anti-cheat system to work with Windows 8 yet.

2 more replies
Answer Match 43.26%

Hi I'm not sure if this should be posted in the games section, but it seems more like a virus is causing an issue in this case.

When I run Iris online, a new mmorpg which uses gameguard hack protection, nothing else but the game can connect to the internet. Prior to gameguard loading I can use either browser (IE or firefox) and they work absolutely fine.

However this all stops after I load the game, yet I can still connect to the game and it runs, but nothing else can connect to the internet despite being able to ping websites and that works and the internet says it is connected but never loads a page.

One or two times however I could run the browser and load sites fine whilst playing Iris and gameguard was running then too, but these times are rare and often when i close the game, the browsers stop working.

This only happens on this one game using gameguard, other times in the past playing other mmos with the same hack protection it worked fine. A simple way to fix this would be to stop playing the game, but it's a really fun game! Also another reason why I'm concerned and want to get to the bottom of this issue is no one else i spoke to on the game has this problem so it must be something wrong with my computer which I would like to fix.

I have avg spybot ad-aware malwarebytes webroot spy sweeper and have scanned my pc a few times and found nothing that could be causing this. If it is a network problem I would like some help figuring out how to fix it to... Read more

More replies
Answer Match 43.26%

Each time I start up a game that uses GameGuard, my PC BSODs before the actual game is loaded.
The BSOD that seems to occur when it happens is 0x000000D6 and the file that causes it is dump_wmimmc.sys.

I have tried uninstalling the games and re-installing them, which does not fix the BSOD.

A:BSOD playing game that uses gameguard

Hi fuzzah,

Your logs show dump_wmimmc.sys:


* *
* Bugcheck Analysis *
* *
Use !analyze -v to get detailed debugging information.
BugCheck D6, {fffff980613b7000, 1, fffff88008438124, 0}
Unable to load image \??\C:\Program Files\PHANTASYSTARONLINE2
\pso2_bin\GameGuard\dump_wmimmc.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for dump_wmimmc.sys
*** ERROR: Module load completed but symbols could not be loaded for dump_wmimmc.sys
Faulting Driver: dump_wmimmc.sys
Related to GameGuard: Usually buried deep in a game's folder structure.
For example: C:\gPotato\GV Online Eg\GameGuard\dump_wmimmc.sys

Suggested Action:

I suggest removing any games that utilize Gameguard from your system.
The developers didn't store the driver in the proper place (C:\Windows\System32\drivers)
nor did they name it using a normal convention:
(the dump_ prefix is usually reserved for copies that the OS makes of storage drivers in case of a crash)

As Gameguard is integrated into the games, this is the only remedy to stop the BSOD's.

I would also suggest to remove Advanced System Care 6 and Free Windo... Read more

9 more replies
Answer Match 43.26%

I'm posting here because I'm not getting any response on the Virus Malware board. I play an online game from GamesCampus, and I had to install Gameguard. I constantly get error messages from AVG.
avwsc.exe encountered a problem and needs to close
Exception in modul AVGNT.EXE
I turned off Avira while I play this game, but I still get booted out of a game all of a sudden, with error messages from Gameguard. I tried several solutions from gameguard and nothing seems to correct this problem. Initially I thought I had a virus, which I still don't know. Then I thought it may be a conflict with my antivirus. Now I am so frustrated and don't know where to turn to figure this out. My girlfriend has the same set up as me, Avira free, and gameguard, and she plays the same game but has never had this problem. The only difference is she has ZoneAlarm firewall, and I'm using Wins firewall.

I am attaching the DxDiag report.
Thank you I hope someone can help.

More replies
Answer Match 43.26%

Well, this computer is about 2 weeks old, and whenever i try to play games that use gameguard, gameguard gets to the point were it exits, and the game is supposed to load up, but when gameguard exits, my computer freezes up, completely, i cant do anything on it, i have to manually re-boot it using the power button. ~_~

More replies
Answer Match 42.84%

Im 19 years old, i live in massachussetts, and im fairly good managing a computer.
Recently, ive been having this problem with GameGuard. Gameguard is a program used to prevent hacking, using 3rd party programs in a game etc. Ive downloaded 2 different kinds of games that have gameguard. the first is darkeden. Darkeden is a low memory, not very good graphics kind of game. Im running a Dell pent4 2.66ghz 512 ram Nvidea GeForce FX 4200 - 128. Whenever i try and start this game, after Nguard runs, it brings me to a blue screen of death, every time. It gives me the error 0x0000008e. This is supposedly a graphical error. maybe hardware isnt installed properly and whatnot. Ive tried a lot of different things to try and correct this problem. Ive come to the conclusion it is not my graphics card. Ive reinstalled the driver.. updated .. everything. Now lets move on... bear w/ me for a second. I also play another game called Lineage 2 w/ a few buddies on a private server. This game puts my graphic driver to its limits. Still runable tho.... Now letss move onto the other game. The other game is called Silkroad Online. I just downloaded this game and found that it has Nguard on it. This game also gives me the same error. If i can run a game that creates much more graphics, why wouldnt i be able to play this. Ive come to that maybe theres something wrong with some other part of my computer... To try and correct this, i turned off write debugging information. Now all that happens when i tr... Read more

A:Gameguard Blue Screen Of deaths Issue

9 more replies
Answer Match 42.84%

I got this recently
i have tried to change UAC, redownload gameguard, turnoff anti-virus and turnoff firewall and i still don't have any clue how to solve this problem
Problem Event Name:    BEX64
  Application Name:    GameMon64.des
  Application Version:    2015.10.15.1
  Application Timestamp:    56205b36
  Fault Module Name:    nvinitx.dll
  Fault Module Version:
  Fault Module Timestamp:    521fbdfc
  Exception Offset:    000000000000d88d
  Exception Code:    c0000417
  Exception Data:    0000000000000000
  OS Version:    6.1.7601.
  Locale ID:    3081
  Additional Information 1:    4d78
  Additional Information 2:    4d786dbd8016c944ddbb1e4ed4cbc217
  Additional Information 3:    000f
  Additional Information 4:    000fd2bb259f66c51b9642e16359ca20

thanks in advance to those tried to solve this problem

More replies
Answer Match 42.84%

Any time I'm playing Rose i'll be able to play fine for an hour or so and then suddenly i get an error. It closes out the game and has a pop-up that says Gameguard Initialize Error 230. Don't know if this helps but im using Zonealarm and i didnt know if i had to add a Gameguard file to my firewall possibly? Not sure, just looking for some help because its frustrating.

More replies
Answer Match 42.84%

It all started last night, Some of my google searches (not all) get re-directed and any game i try to run that uses GameGuard (anti cheat program) wont load. All this happened after i went to download Americas Army 3 from their site last night. Ran all scans (SpyBot, AVG, and AdWare) and nothing showed up. I also noticed, my System Restore is on, but all my Restore points are gone! You guys helped me before....let do it again!

Here's my DDS.txt

DDS (Ver_09-05-14.01) - NTFSx86
Run by Shane at 13:00:08.90 on Mon 06/22/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2558.1852 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\syst... Read more

A:Searches re-directing, GameGuard wont load

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.


One or more of the identified infections is a backdoor trojan.

This type of infection allows hackers to remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Please read this: How Do I Handle Possible Identify Theft, Internet Fraud, and CC Fraud?


Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

----... Read more

2 more replies
Answer Match 42.42%

Hi, you guys helped me save this computer from a string of really annoying BSODs a year ago and it's been great since, although I can't seem to find the actual thread. Anyway I've been trying to play this game, Phantasy Star Online 2

However, every time I try to start it and GameGuard finishes initializing/updating, I get a BSOD. The actual BSOD that pops up doesn't say the actual error message, but from BlueScreenView, it says PAGE_FAULT BEYOND_END_OF_ALLOCATION.

This is a BSOD that can be reproduced every time I start the game, although I recently did a system restore to before GameGuard was installed and thus deleted the later mini-dumps, but I still have one from an earlier attempt 11 days ago. Other than the PSO2 BSODs, this computer has had zero problems, especially when playing other games like Warframe and Path of Exile.

I can kinda guess and say that GameGuard is to blame, but I'd like an expert opinion on what is behind these BSODs, and if possible, try and get this game working so I can play.

EDIT: I forgot to mention that I was able to play this game on this same PC when it had Vista, before I upgraded to Windows 7.

A:BSOD when starting Phantasy Star Online 2. GameGuard?

* *
* Bugcheck Analysis *
* *

Use !analyze -v to get detailed debugging information.

BugCheck CD, {fffff98017ed1000, 1, fffff80002cce7bb, 0}

*** WARNING: Unable to verify timestamp for dump_wmimmc.sys
*** ERROR: Module load completed but symbols could not be loaded for dump_wmimmc.sys

Could not read faulting driver name
Probably caused by : dump_wmimmc.sys ( dump_wmimmc+24c5b )

Followup: MachineOwner
This is a known problem with GameGuard on Windows 7 & 8. I recommend uninstalling the game as there is no known fix.

Driver Reference Table - dump_wmimmc.sys

2 more replies
Answer Match 42.42%

i really have no idea what to do about this one... malwarebytes didnt find it i did the full scan and the fast scan (both after most recent update).
i got hijackthis but i really dont wanna mess with it alone..

a friend suggested the use of combofix (did that but it didnt seem to change anything..).

ohh forgot to mention - it only happens when im trying to run an online game through the ijji reactor, gameguard loads and than it finds this virus and the shutdown thingy start (with 60sec timer) bcuz of "c:\windows\system32\services.exe" and some others.

sry for the messy post, thx allot in advance.

A:Gameguard finds a virus and begins "system shutdown"

--bump--, running on winXP 32 bit pro

1 more replies
Answer Match 42.42%

Hello, Past 1 Year, I've had a problem. Sometimes When I play game that uses Gameguard, Pictures of the character/Font/Etc disappears/Reappears. If I have play games with another different kind of Anti hacking system, There would be no disappearing font/Character/bars.


Shot at 2007-07-20

This screenshot there's a disappearing Charcarter

Blur Bar


More replies
Answer Match 42.42%

I think the gameguard error is also associated with the rootkit avg found but cannot remove. The rootkit changes name when I restart my computer. Also if any of you have an idea about the gameguard error: default setup error, close programs that confilct or restart the computer.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:13:47 AM, on 12/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Cerience\RepliGo\RepliGoMon.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ThreatFire\TFTray.exe... Read more

More replies
Answer Match 42.42%

So after not playing for awhile I decided to redownload everything and after that I got a problem.

(Excluding the fact DC is now owned by GC and my lvl 50 account was deleted >.>)

After you press play and it goes through Nguard and does it's normal installation of files as soon as that opens windows 7 comes up with the error you usally get when application stops working.

"Nguard Game Launcher has stopped working, Attempting to fix and find solutions"

It does not do this anymore but it does come up with the image I have said with the error 3221225477.

Just to inform some of you who do not know what NGuard/GameGuard is, it is a game protection application that is ran to PREVENT hacking the game so it's not the game that doesn't work it's the NGuard/GameGuard that is not updating or causing something to stop. Again this is something that's force-runned via game start this is the problem I am having not with Drift City the game.

Now I don't know whether Windows is stopping it or it's not updating properly I'm not sure.

Something in Windows 7 is causing the program to stop processing.. Has anyone else had this same problem specifically and fixed it?

P.S (Checked Nguard Stickies for this and didn't find the error discussed correct me if I'm wrong)

I'd really like to play this again but this is stopping me from playing..

Until this is fixed I can't play DC or GUNZ

I have submitted threads on nu... Read more

A:GameGuard Execute Error: 3221225477 (Drift City)

I fixed it all i had to do was disable uac!!!!!!!!!!!

1 more replies
Answer Match 42%

Hi normally my internet works fine, that is I can connect to pages and they load without trouble in both firefox and internet explorer or anything else that uses the internet.

However, I recently downloaded a new game called IRIS online which uses a hack protection called gameguard which apparently acts like a rootkit.

Now whenever I run the game, it will connect to the game but restricts anything else that uses the internet from working. So when the game is running, I can ping sites and still get a response as the internet is still connected, but pages never load in internet explorer or firefox until I reboot the computer.

A reboot fixes it and there is nothing else that is wrong with my connection (afaik) other than that when gameguard runs, nothing else wants to work.

Apparently other people are fine with gameguard and it doesn't affect them at all so I'm looking for some help as to why it stops my internet from working!

If anyone could help I'd greatly appreciate it thanks

here are my ipconfig/all results if needed:

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.


Windows IP Configuration

Host Name . . . . . . . . . . . . : User-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan

Ethernet adapter Local Area Connection 3:
... Read more

A:Solved: Internet connected but won't load pages after gameguard starts

How did u fix this problem as i have the same

3 more replies
Answer Match 41.58%

Hey guys, always when I play a game which GameGuard has been put to prevent hacks, it always comes up with this Windows Host Process Error. When GameGuard launches, an error pops up and says "Host process has stopped working and will close". The game still works but I'm wondering if this is a problem. It seems nothing is affected by this error, however I would still like to get rid of it because it basically spams my event log with a bunch of error logs. I am running Windows Vista Home Premium.

A:Host Process For Windows Services Has Stopped Working - GameGuard Problem

6 more replies