OTL Extras logfile created on: 9/5/2011 7:41:44 PM - Run 1
OTL by OldTimer - Version 3.2.27.0     Folder = C:\Documents and Settings\Administrator\Desktop
Windows Server 2003 Standard Edition Service Pack 2 (Version = 5.2.3790) - Type = NTDomainController
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 3.01 Gb Available Physical Memory | 75.26% Memory free
6.76 Gb Paging File | 5.85 Gb Available in Paging File | 86.46% Paging File free
Paging file location(s): c:\pagefile.sys 3000 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.05 Gb Total Space | 18.44 Gb Free Space | 47.23% Space Free | Partition Type: NTFS
Drive D: | 80.02 Gb Total Space | 48.01 Gb Free Space | 59.99% Space Free | Partition Type: NTFS
Drive H: | 80.02 Gb Total Space | 48.01 Gb Free Space | 59.99% Space Free | Partition Type: NTFS
Drive M: | 80.02 Gb Total Space | 48.01 Gb Free Space | 59.99% Space Free | Partition Type: NTFS
 
Computer Name: NEWSERVER | User Name: administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{05DEE64C-B63B-495A-B36C-4277663FAAA0}" = Windows Small Business Server ActiveSync
"{0A3238D7-AB32-4E15-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 Workgroup (32-bit)
"{0BBBA9A9-02E8-467D-BE57-4797A50F7861}" = Intel(R) Network Connections 15.1.29.0
"{108BE742-0564-4734-AE54-74F81263FB04}" = Windows Small Business Server Licensing
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
"{26EC0C15-6DC3-4D63-8458-1F1584B992D3}" = PA095 / PA075 USB2.0 DOCK
"{274D220B-63B4-49E8-A549-9FB9BEF3BA0F}" = Melissa Address Data December 2008
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3CF8BDBC-DA0F-45FA-A4B9-3A31CCE774E9}" = Windows Small Business Server Backup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A0FDB29-20C9-4F68-A266-C05C679F75FA}" = BaselineData
"{5546F70C-0437-44EE-A923-7C23E6EFF689}" = Windows Small Business Server Monitoring
"{65657C59-23A8-4974-B8E0-BA04EBD04E4F}" = Microsoft SQL Server Desktop Engine (SHAREPOINT)
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7FB55E52-C72D-4165-85D0-383ED3D7253F}" = Windows Small Business Server Client Setup
"{8952E993-139E-4E71-881F-DD40E4DB8F81}" = Windows Small Business Server Admin
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{901C0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Access 2002 Runtime
"{91140409-7000-11D3-8CFE-0150048383C9}" = Microsoft Windows SharePoint Services 2.0
"{9189BADC-23A7-487D-B206-AD3A89A4F45D}" = Windows Small Business Server Fax
"{A2B40ABC-025A-4389-8148-86CED357B259}" = Microsoft Connector for POP3 Mailboxes
"{A5E98C65-585A-45AB-BFC3-8555305B9929}" = Windows Small Business Server Documents
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B58E39B9-12E2-4E9B-A01B-9B896C6A52A8}" = Windows Small Business Server Connectivity
"{B7300824-E68F-45F1-BAC1-5F15636C346F}" = Microsoft SQL Server Desktop Engine (SBSMonitoring)
"{C293E1D0-8085-4830-B806-1BA0FEF9C4A4}" = Windows Small Business Server Client Experience
"{C73E81BF-432C-44E2-831D-F46081CA6E28}" = Windows Small Business Server Remote Portal
"{CA3553E0-191B-4E2F-AD3C-82E33CB9D4E4}" = Microsoft Group Policy Management Console with SP1
"{D846DDEE-EDF2-445F-96A4-175544202D32}" = Windows Small Business Server Fax Cfg
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine
"{E721BEC1-887A-4D26-BE10-7E0336B7CAC7}" = Windows Small Business Server Common
"5717D53E-DD6D-4d1e-8A1F-C7BE620F65AA" = Windows Small Business Server 2003
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"CCleaner" = CCleaner
"FileZilla Client" = FileZilla Client 3.3.4.1
"ie8" = Windows Internet Explorer 8
"Image Accounting Premier 10 for Access 2002" = Image Accounting Premier 10 for Access 2002
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Management PLUS v5.7 Client" = Management PLUS v5.7 Client
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft Health Monitor 2.1" = Microsoft Health Monitor 2.1
"SyncBack_is1" = SyncBack
"Windows Server 2003 Service Pack" = Windows Server 2003 Service Pack 2
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"X Dispatch Server" = X Dispatch Server
"Yahoo! Software Update" = Yahoo! Software Update
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 9/1/2011 11:34:25 AM | Computer Name = NEWSERVER | Source = Perflib | ID = 1008
Description = The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll"
 failed.  Performance data for this service will not be available. The Status code
returned
 is the first DWORD in the attached data.
 
Error - 9/1/2011 11:38:01 AM | Computer Name = NEWSERVER | Source = dsrestor | ID = 1005
Description = The DSRestore Filter failed to connect to local SAM server. Error 
returned is <id:997>.
 
Error - 9/1/2011 12:01:50 PM | Computer Name = NEWSERVER | Source = dsrestor | ID = 1005
Description = The DSRestore Filter failed to connect to local SAM server. Error 
returned is <id:997>.
 
Error - 9/1/2011 12:02:50 PM | Computer Name = NEWSERVER | Source = VSS | ID = 8211
Description = Volume Shadow Copy Service error: Writer with name WMI Writer and 
ID {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} attempted to subscribe in safe mode.
 
Error - 9/1/2011 12:03:57 PM | Computer Name = NEWSERVER | Source = WINSCTRS | ID = 69850
Description = WINS Performance Monitor Counters could not get the WINS statistics.
 
Error - 9/1/2011 12:03:57 PM | Computer Name = NEWSERVER | Source = WmiAdapter | ID = 4099
Description = Open of service failed.
 
Error - 9/2/2011 1:58:10 AM | Computer Name = NEWSERVER | Source = Application Error | ID = 1000
Description = Faulting application HitmanPro35.exe, version 3.5.9.129, faulting 
module icm32.dll, version 5.2.3790.3959, fault address 0x000044fe.
 
Error - 9/2/2011 1:58:58 AM | Computer Name = NEWSERVER | Source = Application Error | ID = 1000
Description = Faulting application HitmanPro35.exe, version 3.5.9.129, faulting 
module icm32.dll, version 5.2.3790.3959, fault address 0x000044fe.
 
Error - 9/2/2011 2:02:39 AM | Computer Name = NEWSERVER | Source = Application Error | ID = 1000
Description = Faulting application HitmanPro35.exe, version 3.5.9.129, faulting 
module icm32.dll, version 5.2.3790.3959, fault address 0x000044fe.
 
Error - 9/2/2011 3:00:54 AM | Computer Name = NEWSERVER | Source = Windows SharePoint Services 2.0 | ID = 1000
Description = #50070: Unable to connect to the database STS_Config on NEWSERVER\SharePoint.
  Check the database connection information and make sure that the database server
 is running.
 
[ Directory Service Events ]
Error - 8/27/2011 6:30:19 PM | Computer Name = NEWSERVER | Source = NTDS General | ID = 1169
Description = Active Directory could not allocate the needed amount of memory.        Memory
 (bytes):  16384        Active Directory will continue to operate, but may not function correctly.



User
 Action    Restart this domain controller. If this condition continues, increase the
 available physical or virtual memory.        Additional Data    Internal ID:  30206e1
 
Error - 9/1/2011 11:32:58 AM | Computer Name = NEWSERVER | Source = NTDS General | ID = 1168
Description = Internal error: An Active Directory error has occurred.        Additional 
Data    Error value (decimal):  1053    Error value (hex):  41d    Internal ID:  30004f4
 
Error - 9/1/2011 11:32:58 AM | Computer Name = NEWSERVER | Source = NTDS General | ID = 1168
Description = Internal error: An Active Directory error has occurred.        Additional 
Data    Error value (decimal):  1053    Error value (hex):  41d    Internal ID:  3000502
 
Error - 9/1/2011 11:32:58 AM | Computer Name = NEWSERVER | Source = NTDS Backup | ID = 1913
Description = Internal error: The Active Directory backup and restore operation 
encountered an unexpected error.        Backup or restore will not succeed until this is
 corrected.          Additional Data    Error value:   1084 This service cannot be started in 
Safe Mode    Internal ID:   160200fa
 
Error - 9/1/2011 11:34:38 AM | Computer Name = NEWSERVER | Source = NTDS LDAP | ID = 1238
Description = Internal error: Active Directory was unable to initialize network 
connections for incoming LDAP requests.        Additional Data    Error value:  0
 
Error - 9/1/2011 11:34:38 AM | Computer Name = NEWSERVER | Source = NTDS General | ID = 1168
Description = Internal error: An Active Directory error has occurred.        Additional 
Data    Error value (decimal):  -1073741823    Error value (hex):  c0000001    Internal ID:  300051e
 
Error - 9/1/2011 12:02:51 PM | Computer Name = NEWSERVER | Source = NTDS Backup | ID = 1913
Description = Internal error: The Active Directory backup and restore operation 
encountered an unexpected error.        Backup or restore will not succeed until this is
 corrected.          Additional Data    Error value:   1084 This service cannot be started in 
Safe Mode    Internal ID:   160200fa
 
[ DNS Server Events ]
Error - 9/1/2011 11:30:57 AM | Computer Name = NEWSERVER | Source = DNS | ID = 4015
Description = The DNS server has encountered a critical error from the Active Directory.
Check
 that the Active Directory is functioning properly.  The extended error debug information
 (which may be empty) is "".  The event data contains the error.
 
Error - 9/1/2011 11:30:57 AM | Computer Name = NEWSERVER | Source = DNS | ID = 4004
Description = The DNS server was unable to complete directory service enumeration
 of zone  ..  This DNS server is configured to use information obtained from Active
Directory
 for this zone and is unable to load the zone without it.  Check  that the Active 
Directory is functioning properly and repeat enumeration  of the zone.  The extended
 error debug information (which may be empty) is "".  The event data contains the 
error.
 
Error - 9/1/2011 11:30:57 AM | Computer Name = NEWSERVER | Source = DNS | ID = 4004
Description = The DNS server was unable to complete directory service enumeration
 of zone  _msdcs.ADS2.local.  This DNS server is configured to use information obtained
 from Active  Directory for this zone and is unable to load the zone without it.  
Check  that the Active Directory is functioning properly and repeat enumeration  of 
the zone.  The extended error debug information (which may be empty) is "".  The event
 data contains the error.
 
Error - 9/1/2011 11:30:57 AM | Computer Name = NEWSERVER | Source = DNS | ID = 4004
Description = The DNS server was unable to complete directory service enumeration
 of zone  1.168.192.in-addr.arpa.  This DNS server is configured to use information
 obtained from Active  Directory for this zone and is unable to load the zone without
 it.  Check  that the Active Directory is functioning properly and repeat enumeration
of
 the zone.  The extended error debug information (which may be empty) is "".  The event
 data contains the error.
 
Error - 9/1/2011 11:30:57 AM | Computer Name = NEWSERVER | Source = DNS | ID = 4004
Description = The DNS server was unable to complete directory service enumeration
 of zone  ADS2.local.  This DNS server is configured to use information obtained from
 Active  Directory for this zone and is unable to load the zone without it.  Check
that
 the Active Directory is functioning properly and repeat enumeration  of the zone.
The
 extended error debug information (which may be empty) is "".  The event data contains
 the error.
 
Error - 9/1/2011 12:12:23 PM | Computer Name = NEWSERVER | Source = DNS | ID = 6702
Description = DNS server has updated its own host (A) records.  In order to ensure
 that its  DS-integrated peer DNS servers are able to replicate with this server, 
an attempt  was made to update them with the new records through dynamic update.  
An error  was encountered during this update, the record data is the error code.        If
 this DNS server does not have any DS-integrated peers, then this error    should be
 ignored.        If this DNS server's Active Directory replication partners do not have 
the  correct IP address(es) for this server, they will be unable to replicate with
 it.        To ensure proper replication:    1) Find this server's Active Directory replication
 partners that run the DNS  server.    2) Open DnsManager and connect in turn to each 
of the replication partners.    3) On each server, check the host (A record) registration
 for THIS server.    4) Delete any A records that do NOT correspond to IP addresses 
of this server.    5) If there are no A records for this server, add at least one A 
record  corresponding to an address on this server, that the replication partner can
contact.
  (In other words, if there multiple IP addresses for this DNS server,  add at least
 one that is on the same network as the Active Directory DNS server  you are updating.)

6)
 Note, that is not necessary to update EVERY replication partner.  It is  only necessary
 that the records are fixed up on enough replication partners so  that every server
 that replicates with this server will receive (through  replication) the new data.
 
Error - 9/2/2011 1:55:13 AM | Computer Name = NEWSERVER | Source = DNS | ID = 6702
Description = DNS server has updated its own host (A) records.  In order to ensure
 that its  DS-integrated peer DNS servers are able to replicate with this server, 
an attempt  was made to update them with the new records through dynamic update.  
An error  was encountered during this update, the record data is the error code.        If
 this DNS server does not have any DS-integrated peers, then this error    should be
 ignored.        If this DNS server's Active Directory replication partners do not have 
the  correct IP address(es) for this server, they will be unable to replicate with
 it.        To ensure proper replication:    1) Find this server's Active Directory replication
 partners that run the DNS  server.    2) Open DnsManager and connect in turn to each 
of the replication partners.    3) On each server, check the host (A record) registration
 for THIS server.    4) Delete any A records that do NOT correspond to IP addresses 
of this server.    5) If there are no A records for this server, add at least one A 
record  corresponding to an address on this server, that the replication partner can
contact.
  (In other words, if there multiple IP addresses for this DNS server,  add at least
 one that is on the same network as the Active Directory DNS server  you are updating.)

6)
 Note, that is not necessary to update EVERY replication partner.  It is  only necessary
 that the records are fixed up on enough replication partners so  that every server
 that replicates with this server will receive (through  replication) the new data.
 
[ System Events ]
Error - 7/28/2011 4:31:11 AM | Computer Name = NEWSERVER | Source = SBCore | ID = 1009
Description = The license store for the client access licenses is not valid and 
could not be restored from an automatic backup. Only the minimum number of client
 access licenses will be available until a valid license store is restored. For 
more information, see Help in the Licensing snap-in.
 
Error - 7/28/2011 6:31:11 AM | Computer Name = NEWSERVER | Source = SBCore | ID = 1009
Description = The license store for the client access licenses is not valid and 
could not be restored from an automatic backup. Only the minimum number of client
 access licenses will be available until a valid license store is restored. For 
more information, see Help in the Licensing snap-in.
 
Error - 7/28/2011 8:31:11 AM | Computer Name = NEWSERVER | Source = SBCore | ID = 1009
Description = The license store for the client access licenses is not valid and 
could not be restored from an automatic backup. Only the minimum number of client
 access licenses will be available until a valid license store is restored. For 
more information, see Help in the Licensing snap-in.
 
Error - 7/28/2011 10:31:11 AM | Computer Name = NEWSERVER | Source = SBCore | ID = 1009
Description = The license store for the client access licenses is not valid and 
could not be restored from an automatic backup. Only the minimum number of client
 access licenses will be available until a valid license store is restored. For 
more information, see Help in the Licensing snap-in.
 
Error - 7/28/2011 12:26:14 PM | Computer Name = NEWSERVER | Source = TermServDevices | ID = 1111
Description = Driver Microsoft Shared Fax Driver required for printer Fax is unknown.
 Contact the administrator to install the driver before you log in again.
 
Error - 7/28/2011 12:26:15 PM | Computer Name = NEWSERVER | Source = TermServDevices | ID = 1111
Description = Driver HP Universal Printing PS required for printer HP Color Laserjet
 4500 is unknown. Contact the administrator to install the driver before you log
 in again.
 
Error - 7/28/2011 12:27:55 PM | Computer Name = NEWSERVER | Source = TermServDevices | ID = 1111
Description = Driver Microsoft Shared Fax Driver required for printer Fax is unknown.
 Contact the administrator to install the driver before you log in again.
 
Error - 7/28/2011 12:27:56 PM | Computer Name = NEWSERVER | Source = TermServDevices | ID = 1111
Description = Driver HP Universal Printing PS required for printer HP Color Laserjet
 4500 is unknown. Contact the administrator to install the driver before you log
 in again.
 
Error - 7/28/2011 1:05:08 PM | Computer Name = NEWSERVER | Source = TermServDevices | ID = 1111
Description = Driver HP Universal Printing PS required for printer HP Color Laserjet
 4500 is unknown. Contact the administrator to install the driver before you log
 in again.
 
Error - 7/28/2011 1:05:08 PM | Computer Name = NEWSERVER | Source = TermServDevices | ID = 1111
Description = Driver Microsoft Shared Fax Driver required for printer Fax is unknown.
 Contact the administrator to install the driver before you log in again.
 
 
< End of report >