OTL Extras logfile created on: 10/23/2010 6:18:59 PM - Run 1 OTL by OldTimer - Version 3.2.17.0 Folder = E:\fix Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free 3.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.53 Gb Total Space | 28.42 Gb Free Space | 38.13% Space Free | Partition Type: NTFS Drive E: | 1.87 Gb Total Space | 1.33 Gb Free Space | 71.13% Space Free | Partition Type: FAT Computer Name: HUNTMASTER | User Name: Roger | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "1583:TCP" = 1583:TCP:*:Enabled:Pervasive DBEngine "3351:TCP" = 3351:TCP:*:Enabled:Pervasive DBEngine "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation) "C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation) "C:\pvsw\bin\w3dbsmgr.exe" = C:\pvsw\bin\w3dbsmgr.exe:*:Enabled:w3dbsmgr -- File not found "C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe" = C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- (Pervasive Software Inc.) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP2 Workgroup (32-bit) "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B304631-1355-4A32-BEA0-494DEFB3506D}" = Nancy Drew: The Final Scene "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}" = Intel Audio Studio 2.0 "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6798DD4E-BD16-4735-87EB-D712637CCB8C}" = Sage Message Center "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8BCB844B-0814-4354-A413-1063DB4618E9}" = PeachTree Signature Ready Forms "{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1 "{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A81BFACE-B1CF-4AF0-B4D7-1A1256512116}" = Intel Audio Studio 2.0 "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.3 "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FC87D80E-5BC6-4EE8-9B09-EBA4F9C0A1C2}" = Peachtree Accounting 2011 "{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "avast5" = avast! Free Antivirus "ERUNT_is1" = ERUNT 1.1j "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{FC87D80E-5BC6-4EE8-9B09-EBA4F9C0A1C2}" = Peachtree Accounting 2011 "Integration Services" = Sage Integration Services "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Essentials" = Microsoft Security Essentials "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Peachtree Pro Accounting" = Peachtree Pro Accounting 2008 "Peachtree Quantum Accountants' Edition" = Peachtree Quantum 2010 - Accountants' Edition "Pervasive Software PSQL v9.1 Workgroup_is1" = Pervasive Software PSQL v9.1 Client "Pervasive System Analyzer_is1" = Pervasive System Analyzer v9.1 "PROSet" = Intel(R) PRO Network Connections Drivers "ST6UNST #1" = Depreciation 4562 "ST6UNST #2" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) "ST6UNST #3" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #3 "ST6UNST #4" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #4 "ST6UNST #5" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #5 "ST6UNST #6" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #6 "ST6UNST #7" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #7 "Tax Forms Helper 2009_is1" = Tax Forms Helper 2009 9.0 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "WMCSetup" = Windows Media Connect "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "YInstHelper" = Yahoo! Install Manager [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 11/27/2008 10:15:46 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 11/27/2008 10:15:46 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 12/19/2008 11:13:04 AM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 12/28/2009 3:25:26 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 10/22/2010 1:32:39 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:37:04 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:37:49 PM | Computer Name = HUNTMASTER | Source = MSSecurityEssentials | ID = 5000 Description = Error - 10/22/2010 1:38:41 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:39:12 PM | Computer Name = HUNTMASTER | Source = MSSecurityEssentials | ID = 5000 Description = Error - 10/22/2010 1:44:28 PM | Computer Name = HUNTMASTER | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 smartpostingservice2011.exe, P2 2011.0.1.1127, P3 4c1250eb, P4 smartpostingservice2011, P5 2011.0.1.1127, P6 4c1250eb, P7 1c, P8 0, P9 system.io.filenotfoundexception, P10 NIL. Error - 10/22/2010 1:45:26 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:51:27 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/23/2010 1:46:25 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/23/2010 5:33:54 PM | Computer Name = HUNTMASTER | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 smartpostingservice2011.exe, P2 2011.0.1.1127, P3 4c1250eb, P4 smartpostingservice2011, P5 2011.0.1.1127, P6 4c1250eb, P7 1c, P8 0, P9 system.io.filenotfoundexception, P10 NIL. [ System Events ] Error - 10/23/2010 6:03:35 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 6:03:35 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 6:45:58 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7023 Description = The Automatic Updates service terminated with the following error: %%2147952450 Error - 10/23/2010 6:46:27 PM | Computer Name = HUNTMASTER | Source = DCOM | ID = 10010 Description = The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error - 10/23/2010 7:14:20 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 7:14:20 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 7:14:21 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 7:14:21 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 7:46:28 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7023 Description = The Automatic Updates service terminated with the following error: %%2147952450 Error - 10/23/2010 7:46:58 PM | Computer Name = HUNTMASTER | Source = DCOM | ID = 10010 Description = The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. < End of report > [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "1583:TCP" = 1583:TCP:*:Enabled:Pervasive DBEngine "3351:TCP" = 3351:TCP:*:Enabled:Pervasive DBEngine "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation) "C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation) "C:\pvsw\bin\w3dbsmgr.exe" = C:\pvsw\bin\w3dbsmgr.exe:*:Enabled:w3dbsmgr -- File not found "C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe" = C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- (Pervasive Software Inc.) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP2 Workgroup (32-bit) "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B304631-1355-4A32-BEA0-494DEFB3506D}" = Nancy Drew: The Final Scene "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}" = Intel Audio Studio 2.0 "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6798DD4E-BD16-4735-87EB-D712637CCB8C}" = Sage Message Center "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8BCB844B-0814-4354-A413-1063DB4618E9}" = PeachTree Signature Ready Forms "{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1 "{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A81BFACE-B1CF-4AF0-B4D7-1A1256512116}" = Intel Audio Studio 2.0 "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.3 "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FC87D80E-5BC6-4EE8-9B09-EBA4F9C0A1C2}" = Peachtree Accounting 2011 "{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "avast5" = avast! Free Antivirus "ERUNT_is1" = ERUNT 1.1j "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{FC87D80E-5BC6-4EE8-9B09-EBA4F9C0A1C2}" = Peachtree Accounting 2011 "Integration Services" = Sage Integration Services "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Essentials" = Microsoft Security Essentials "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Peachtree Pro Accounting" = Peachtree Pro Accounting 2008 "Peachtree Quantum Accountants' Edition" = Peachtree Quantum 2010 - Accountants' Edition "Pervasive Software PSQL v9.1 Workgroup_is1" = Pervasive Software PSQL v9.1 Client "Pervasive System Analyzer_is1" = Pervasive System Analyzer v9.1 "PROSet" = Intel(R) PRO Network Connections Drivers "ST6UNST #1" = Depreciation 4562 "ST6UNST #2" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) "ST6UNST #3" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #3 "ST6UNST #4" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #4 "ST6UNST #5" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #5 "ST6UNST #6" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #6 "ST6UNST #7" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #7 "Tax Forms Helper 2009_is1" = Tax Forms Helper 2009 9.0 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "WMCSetup" = Windows Media Connect "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "YInstHelper" = Yahoo! Install Manager [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 11/27/2008 10:15:46 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 11/27/2008 10:15:46 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 12/19/2008 11:13:04 AM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 12/28/2009 3:25:26 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 10/22/2010 1:37:04 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:37:49 PM | Computer Name = HUNTMASTER | Source = MSSecurityEssentials | ID = 5000 Description = Error - 10/22/2010 1:38:41 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:39:12 PM | Computer Name = HUNTMASTER | Source = MSSecurityEssentials | ID = 5000 Description = Error - 10/22/2010 1:44:28 PM | Computer Name = HUNTMASTER | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 smartpostingservice2011.exe, P2 2011.0.1.1127, P3 4c1250eb, P4 smartpostingservice2011, P5 2011.0.1.1127, P6 4c1250eb, P7 1c, P8 0, P9 system.io.filenotfoundexception, P10 NIL. Error - 10/22/2010 1:45:26 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:51:27 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/23/2010 1:46:25 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/23/2010 5:33:54 PM | Computer Name = HUNTMASTER | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 smartpostingservice2011.exe, P2 2011.0.1.1127, P3 4c1250eb, P4 smartpostingservice2011, P5 2011.0.1.1127, P6 4c1250eb, P7 1c, P8 0, P9 system.io.filenotfoundexception, P10 NIL. Error - 10/23/2010 8:29:53 PM | Computer Name = HUNTMASTER | Source = Application Hang | ID = 1002 Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 10/23/2010 7:14:20 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 7:14:20 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 7:14:21 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 7:14:21 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 7:46:28 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7023 Description = The Automatic Updates service terminated with the following error: %%2147952450 Error - 10/23/2010 7:46:58 PM | Computer Name = HUNTMASTER | Source = DCOM | ID = 10010 Description = The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error - 10/23/2010 8:31:11 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 8:31:11 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 8:31:15 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 8:31:15 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 < End of report > [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "1583:TCP" = 1583:TCP:*:Enabled:Pervasive DBEngine "3351:TCP" = 3351:TCP:*:Enabled:Pervasive DBEngine "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation) "C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation) "C:\pvsw\bin\w3dbsmgr.exe" = C:\pvsw\bin\w3dbsmgr.exe:*:Enabled:w3dbsmgr -- File not found "C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe" = C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- (Pervasive Software Inc.) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP2 Workgroup (32-bit) "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B304631-1355-4A32-BEA0-494DEFB3506D}" = Nancy Drew: The Final Scene "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}" = Intel Audio Studio 2.0 "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6798DD4E-BD16-4735-87EB-D712637CCB8C}" = Sage Message Center "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8BCB844B-0814-4354-A413-1063DB4618E9}" = PeachTree Signature Ready Forms "{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1 "{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A81BFACE-B1CF-4AF0-B4D7-1A1256512116}" = Intel Audio Studio 2.0 "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.3 "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FC87D80E-5BC6-4EE8-9B09-EBA4F9C0A1C2}" = Peachtree Accounting 2011 "{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "avast5" = avast! Free Antivirus "ERUNT_is1" = ERUNT 1.1j "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{FC87D80E-5BC6-4EE8-9B09-EBA4F9C0A1C2}" = Peachtree Accounting 2011 "Integration Services" = Sage Integration Services "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Essentials" = Microsoft Security Essentials "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Peachtree Pro Accounting" = Peachtree Pro Accounting 2008 "Peachtree Quantum Accountants' Edition" = Peachtree Quantum 2010 - Accountants' Edition "Pervasive Software PSQL v9.1 Workgroup_is1" = Pervasive Software PSQL v9.1 Client "Pervasive System Analyzer_is1" = Pervasive System Analyzer v9.1 "PROSet" = Intel(R) PRO Network Connections Drivers "ST6UNST #1" = Depreciation 4562 "ST6UNST #2" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) "ST6UNST #3" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #3 "ST6UNST #4" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #4 "ST6UNST #5" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #5 "ST6UNST #6" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #6 "ST6UNST #7" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #7 "Tax Forms Helper 2009_is1" = Tax Forms Helper 2009 9.0 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "WMCSetup" = Windows Media Connect "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "YInstHelper" = Yahoo! Install Manager [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 11/27/2008 10:15:46 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 11/27/2008 10:15:46 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 12/19/2008 11:13:04 AM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 12/28/2009 3:25:26 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 10/22/2010 1:37:04 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:37:49 PM | Computer Name = HUNTMASTER | Source = MSSecurityEssentials | ID = 5000 Description = Error - 10/22/2010 1:38:41 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:39:12 PM | Computer Name = HUNTMASTER | Source = MSSecurityEssentials | ID = 5000 Description = Error - 10/22/2010 1:44:28 PM | Computer Name = HUNTMASTER | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 smartpostingservice2011.exe, P2 2011.0.1.1127, P3 4c1250eb, P4 smartpostingservice2011, P5 2011.0.1.1127, P6 4c1250eb, P7 1c, P8 0, P9 system.io.filenotfoundexception, P10 NIL. Error - 10/22/2010 1:45:26 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:51:27 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/23/2010 1:46:25 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/23/2010 5:33:54 PM | Computer Name = HUNTMASTER | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 smartpostingservice2011.exe, P2 2011.0.1.1127, P3 4c1250eb, P4 smartpostingservice2011, P5 2011.0.1.1127, P6 4c1250eb, P7 1c, P8 0, P9 system.io.filenotfoundexception, P10 NIL. Error - 10/23/2010 8:29:53 PM | Computer Name = HUNTMASTER | Source = Application Hang | ID = 1002 Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 10/23/2010 7:14:20 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 7:14:20 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 7:14:21 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 7:14:21 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 7:46:28 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7023 Description = The Automatic Updates service terminated with the following error: %%2147952450 Error - 10/23/2010 7:46:58 PM | Computer Name = HUNTMASTER | Source = DCOM | ID = 10010 Description = The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error - 10/23/2010 8:31:11 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 8:31:11 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 8:31:15 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 8:31:15 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 < End of report > [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "1583:TCP" = 1583:TCP:*:Enabled:Pervasive DBEngine "3351:TCP" = 3351:TCP:*:Enabled:Pervasive DBEngine "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation) "C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation) "C:\pvsw\bin\w3dbsmgr.exe" = C:\pvsw\bin\w3dbsmgr.exe:*:Enabled:w3dbsmgr -- File not found "C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe" = C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe:*:Enabled:Database Service Manager -- (Pervasive Software Inc.) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP2 Workgroup (32-bit) "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B304631-1355-4A32-BEA0-494DEFB3506D}" = Nancy Drew: The Final Scene "{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics "{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}" = Intel Audio Studio 2.0 "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6798DD4E-BD16-4735-87EB-D712637CCB8C}" = Sage Message Center "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8BCB844B-0814-4354-A413-1063DB4618E9}" = PeachTree Signature Ready Forms "{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1 "{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A81BFACE-B1CF-4AF0-B4D7-1A1256512116}" = Intel Audio Studio 2.0 "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.3 "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FC87D80E-5BC6-4EE8-9B09-EBA4F9C0A1C2}" = Peachtree Accounting 2011 "{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "avast5" = avast! Free Antivirus "ERUNT_is1" = ERUNT 1.1j "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{FC87D80E-5BC6-4EE8-9B09-EBA4F9C0A1C2}" = Peachtree Accounting 2011 "Integration Services" = Sage Integration Services "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Essentials" = Microsoft Security Essentials "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Peachtree Pro Accounting" = Peachtree Pro Accounting 2008 "Peachtree Quantum Accountants' Edition" = Peachtree Quantum 2010 - Accountants' Edition "Pervasive Software PSQL v9.1 Workgroup_is1" = Pervasive Software PSQL v9.1 Client "Pervasive System Analyzer_is1" = Pervasive System Analyzer v9.1 "PROSet" = Intel(R) PRO Network Connections Drivers "ST6UNST #1" = Depreciation 4562 "ST6UNST #2" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) "ST6UNST #3" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #3 "ST6UNST #4" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #4 "ST6UNST #5" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #5 "ST6UNST #6" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #6 "ST6UNST #7" = Depreciation 4562 (C:\Program Files\Depreciation 4562\) #7 "Tax Forms Helper 2009_is1" = Tax Forms Helper 2009 9.0 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "WMCSetup" = Windows Media Connect "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "YInstHelper" = Yahoo! Install Manager [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 11/27/2008 10:15:46 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 11/27/2008 10:15:46 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 12/19/2008 11:13:04 AM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = Error - 12/28/2009 3:25:26 PM | Computer Name = HUNTMASTER | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 10/22/2010 1:37:04 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:37:49 PM | Computer Name = HUNTMASTER | Source = MSSecurityEssentials | ID = 5000 Description = Error - 10/22/2010 1:38:41 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:39:12 PM | Computer Name = HUNTMASTER | Source = MSSecurityEssentials | ID = 5000 Description = Error - 10/22/2010 1:44:28 PM | Computer Name = HUNTMASTER | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 smartpostingservice2011.exe, P2 2011.0.1.1127, P3 4c1250eb, P4 smartpostingservice2011, P5 2011.0.1.1127, P6 4c1250eb, P7 1c, P8 0, P9 system.io.filenotfoundexception, P10 NIL. Error - 10/22/2010 1:45:26 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/22/2010 1:51:27 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/23/2010 1:46:25 PM | Computer Name = HUNTMASTER | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4 2.1.6805.0, P5 mpsigdwn.dll, P6 2.1.6805.0, P7 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P8 NIL, P9 NIL, P10 NIL. Error - 10/23/2010 5:33:54 PM | Computer Name = HUNTMASTER | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 smartpostingservice2011.exe, P2 2011.0.1.1127, P3 4c1250eb, P4 smartpostingservice2011, P5 2011.0.1.1127, P6 4c1250eb, P7 1c, P8 0, P9 system.io.filenotfoundexception, P10 NIL. Error - 10/23/2010 8:29:53 PM | Computer Name = HUNTMASTER | Source = Application Hang | ID = 1002 Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 10/23/2010 7:14:20 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 7:14:20 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 7:14:21 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 7:14:21 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 7:46:28 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7023 Description = The Automatic Updates service terminated with the following error: %%2147952450 Error - 10/23/2010 7:46:58 PM | Computer Name = HUNTMASTER | Source = DCOM | ID = 10010 Description = The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error - 10/23/2010 8:31:11 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 8:31:11 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 Error - 10/23/2010 8:31:15 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7000 Description = The AFD service failed to start due to the following error: %%2 Error - 10/23/2010 8:31:15 PM | Computer Name = HUNTMASTER | Source = Service Control Manager | ID = 7001 Description = The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: %%2 < End of report >