OTL Extras logfile created on: 1/3/2010 4:01:34 PM - Run 1 OTL by OldTimer - Version 3.1.20.2 Folder = C:\Documents and Settings\bearyfaery\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 256.00 Mb Total Physical Memory | 38.00 Mb Available Physical Memory | 15.00% Memory free 620.00 Mb Paging File | 200.00 Mb Available in Paging File | 32.00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.53 Gb Total Space | 11.23 Gb Free Space | 15.07% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 74.52 Gb Total Space | 6.05 Gb Free Space | 8.12% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NATALIE Current User Name: bearyfaery Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services "2479:TCP" = 2479:TCP:*:Enabled:Services "6988:TCP" = 6988:TCP:*:Enabled:Services "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "3246:TCP" = 3246:TCP:*:Enabled:Services [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services "2479:TCP" = 2479:TCP:*:Enabled:Services "6988:TCP" = 6988:TCP:*:Enabled:Services "3246:TCP" = 3246:TCP:*:Enabled:Services [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe" = C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe:*:Enabled:SSL Network Extender Service -- (Check Point Software Technologies) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC) "C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- File not found "C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation) "C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found "C:\Program Files\Soulseek\slsk.exe" = C:\Program Files\Soulseek\slsk.exe:*:Disabled:SoulSeek -- File not found "C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe" = C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe:*:Enabled:SSL Network Extender Service -- (Check Point Software Technologies) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.) "C:\Documents and Settings\bearyfaery\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\bearyfaery\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon Camera WIA Driver "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{652C4ADF-0A29-4B02-9211-EE61675847DE}" = Canon Camera WIA Driver "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72dee693-a008-40dd-9ba2-e44aef2361a9}" = Check Point SSL Network Extender Service "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders "{83C03FBE-4492-4133-BBAB-421CD88ADA32}" = OpenOffice.org 2.3 "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4 "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver "{bdd1702c-bcf5-4a65-8cce-1dddb8a18d53}" = Check Point Deployment Shell "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "avast!" = avast! Antivirus "CCleaner" = CCleaner "DPP" = Canon Utilities Digital Photo Professional 3.0 "EOS Utility" = Canon Utilities EOS Utility "ERUNT_is1" = ERUNT 1.1j "FileZilla Client" = FileZilla Client 3.2.4.1 "InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}" = Canon EOS Kiss_N REBEL_XT 350D WIA Driver "InstallShield_{652C4ADF-0A29-4B02-9211-EE61675847DE}" = Canon EOS-1Ds Mark II WIA Driver "InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA Driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "ODSK" = Canon Utilities Original Data Security Tools "PhotoStitch" = Canon Utilities PhotoStitch "PowerISO" = PowerISO "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "Registry Mechanic_is1" = Registry Mechanic 7.0 "RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX "USB MP3 Player WIN98 Drivers" = USB MP3 Player WIN98 Drivers "VLC media player" = VideoLAN VLC media player 0.8.6c "WFTK" = Canon Utilities WFT-E1/E2 Utility "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Move Media Player" = Move Media Player "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 9/3/2009 9:32:35 PM | Computer Name = NATALIE | Source = Application Hang | ID = 1002 Description = Hanging application soffice.bin, version 2.3.9215.500, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/3/2009 9:32:38 PM | Computer Name = NATALIE | Source = Application Hang | ID = 1002 Description = Hanging application soffice.bin, version 2.3.9215.500, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/9/2009 11:57:47 PM | Computer Name = NATALIE | Source = Application Hang | ID = 1002 Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/10/2009 11:31:49 AM | Computer Name = NATALIE | Source = Application Hang | ID = 1002 Description = Hanging application magicJack.exe, version 1.80.499.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/11/2009 8:26:42 PM | Computer Name = NATALIE | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/11/2009 8:28:33 PM | Computer Name = NATALIE | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 1.9.0.3526, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/11/2009 9:40:14 PM | Computer Name = NATALIE | Source = Application Hang | ID = 1001 Description = Fault bucket 1442353534. Error - 9/13/2009 10:35:01 PM | Computer Name = NATALIE | Source = Application Hang | ID = 1002 Description = Hanging application soffice.bin, version 2.3.9215.500, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/13/2009 10:35:02 PM | Computer Name = NATALIE | Source = Application Hang | ID = 1002 Description = Hanging application soffice.bin, version 2.3.9215.500, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/17/2009 10:04:44 PM | Computer Name = NATALIE | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 1.9.0.3526, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 1/3/2010 12:47:39 PM | Computer Name = NATALIE | Source = Service Control Manager | ID = 7034 Description = The Error Reporting Service service terminated unexpectedly. It has done this 1 time(s). Error - 1/3/2010 12:47:39 PM | Computer Name = NATALIE | Source = Service Control Manager | ID = 7034 Description = The COM+ Event System service terminated unexpectedly. It has done this 1 time(s). Error - 1/3/2010 12:47:40 PM | Computer Name = NATALIE | Source = Service Control Manager | ID = 7034 Description = The Fast User Switching Compatibility service terminated unexpectedly. It has done this 1 time(s). Error - 1/3/2010 12:47:40 PM | Computer Name = NATALIE | Source = Service Control Manager | ID = 7031 Description = The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. Error - 1/3/2010 3:09:31 PM | Computer Name = NATALIE | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 1/3/2010 3:09:31 PM | Computer Name = NATALIE | Source = Service Control Manager | ID = 7034 Description = The Bonjour Service service terminated unexpectedly. It has done this 1 time(s). Error - 1/3/2010 3:09:31 PM | Computer Name = NATALIE | Source = Service Control Manager | ID = 7031 Description = The Check Point SSL Network Extender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service. Error - 1/3/2010 3:09:31 PM | Computer Name = NATALIE | Source = Service Control Manager | ID = 7034 Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). Error - 1/3/2010 3:09:31 PM | Computer Name = NATALIE | Source = VNA | ID = 1 Description = Check Point Virtual Network Adapter: Check Point Virtual Network Adapter: get_nextlog--> Error - 1/3/2010 3:09:31 PM | Computer Name = NATALIE | Source = VNA | ID = 1 Description = Check Point Virtual Network Adapter: -->: Unexpected IRP !!! < End of report >