OTL Extras logfile created on: 9/18/2011 3:14:54 AM - Run 1 OTL by OldTimer - Version 3.2.29.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.50 Gb Total Physical Memory | 0.68 Gb Available Physical Memory | 45.56% Memory free 3.35 Gb Paging File | 2.06 Gb Available in Paging File | 61.62% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 64.52 Gb Total Space | 45.52 Gb Free Space | 70.56% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 8.20 Gb Free Space | 82.00% Space Free | Partition Type: NTFS Drive F: | 3.74 Gb Total Space | 2.49 Gb Free Space | 66.63% Space Free | Partition Type: FAT32 Computer Name: HP45461619683 | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .reg [@ = regfile] -- regedit.exe "%1" [HKEY_USERS\S-1-5-21-3475736484-2603938691-1109610818-500\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 piffile [open] -- "%1" %* regfile [open] -- regedit.exe "%1" regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "5353:UDP" = 5353:UDP:*:Enabled:Bonjour Port 5353 "9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- () "C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group) "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" = C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company) "C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe" = C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company) "C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company) "C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company) "C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe" = C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company) "C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr "{38DD9AAA-A09A-42FF-A9EE-DA9C84B2E036}" = Dual-Core Optimizer "{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater "{4B92A11C-F48F-430A-AB8D-3F7CA80669CD}" = SDMSSplash "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3 "{56BA241F-580C-43D2-8403-947241AAE633}" = center "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{695B13B2-7919-4EC5-8601-092F0D2DE069}" = AVG 2011 "{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support "{727DAFCB-E3AF-46E3-8A38-EB9C3EAA0A88}" = AVG 2011 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90190409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Publisher 2003 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars "{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials "{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq "{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software "{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "AVG" = AVG 2011 "FrostWire" = FrostWire 4.21.8 "ie8" = Windows Internet Explorer 8 "Logitech Vid" = Logitech Vid HD "lvdrivers_12.10" = Logitech Webcam Software Driver Package "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "PDF Complete" = PDF Complete "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3475736484-2603938691-1109610818-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 7/13/2011 12:40:25 PM | Computer Name = HP45461619683 | Source = Userenv | ID = 1041 Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration. Error - 7/13/2011 12:40:25 PM | Computer Name = HP45461619683 | Source = Userenv | ID = 1041 Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration. Error - 8/6/2011 4:14:56 PM | Computer Name = HP45461619683 | Source = Application Error | ID = 1000 Description = Faulting application chrome.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x736f7263. Error - 8/22/2011 3:02:41 PM | Computer Name = HP45461619683 | Source = Application Hang | ID = 1002 Description = Hanging application WINWORD.EXE, version 11.0.8328.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/6/2011 12:12:24 AM | Computer Name = HP45461619683 | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash10u.ocx, version 10.3.181.34, fault address 0x000d8e45. Error - 9/10/2011 10:05:50 AM | Computer Name = HP45461619683 | Source = Application Hang | ID = 1002 Description = Hanging application explorer.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/10/2011 10:17:29 AM | Computer Name = HP45461619683 | Source = Application Hang | ID = 1002 Description = Hanging application msimn.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/15/2011 10:09:10 PM | Computer Name = HP45461619683 | Source = Application Hang | ID = 1002 Description = Hanging application wgasetup.exe, version 1.9.40.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/18/2011 4:13:34 AM | Computer Name = HP45461619683 | Source = Application Hang | ID = 1002 Description = Hanging application OTL.exe, version 3.2.29.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 9/18/2011 4:18:59 AM | Computer Name = HP45461619683 | Source = Application Error | ID = 1000 Description = Faulting application teatimer.exe, version 1.6.6.32, faulting module teatimer.exe, version 1.6.6.32, fault address 0x0006e66e. [ System Events ] Error - 7/26/2011 11:47:15 PM | Computer Name = HP45461619683 | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 7/26/2011 11:47:15 PM | Computer Name = HP45461619683 | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 8/4/2011 8:29:37 PM | Computer Name = HP45461619683 | Source = ati2mtag | ID = 44044 Description = I2c return failed Error - 8/4/2011 8:29:37 PM | Computer Name = HP45461619683 | Source = ati2mtag | ID = 44044 Description = I2c return failed Error - 8/6/2011 3:34:38 PM | Computer Name = HP45461619683 | Source = Service Control Manager | ID = 7034 Description = The Kodak AiO Network Discovery Service service terminated unexpectedly. It has done this 1 time(s). Error - 8/7/2011 4:32:19 PM | Computer Name = HP45461619683 | Source = ati2mtag | ID = 44044 Description = I2c return failed Error - 8/7/2011 4:32:19 PM | Computer Name = HP45461619683 | Source = ati2mtag | ID = 44044 Description = I2c return failed Error - 8/7/2011 4:34:15 PM | Computer Name = HP45461619683 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the Kodak AiO Device Service service to connect. Error - 8/7/2011 4:34:15 PM | Computer Name = HP45461619683 | Source = Service Control Manager | ID = 7000 Description = The Kodak AiO Device Service service failed to start due to the following error: %%1053 Error - 8/7/2011 4:34:15 PM | Computer Name = HP45461619683 | Source = Service Control Manager | ID = 7001 Description = The Kodak AiO Network Discovery Service service depends on the Kodak AiO Device Service service which failed to start because of the following error: %%1053 < End of report >