OTL Extras logfile created on: 5/15/2012 12:07:18 AM - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.75 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 62.09% Memory free 4.59 Gb Paging File | 3.31 Gb Available in Paging File | 72.04% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 117.19 Gb Total Space | 30.30 Gb Free Space | 25.86% Space Free | Partition Type: NTFS Drive D: | 115.69 Gb Total Space | 44.27 Gb Free Space | 38.27% Space Free | Partition Type: NTFS Drive E: | 7.39 Gb Total Space | 5.88 Gb Free Space | 79.54% Space Free | Partition Type: FAT32 Computer Name: SAMGIBSON | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-583907252-1801674531-735574201-500\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3 "{016F4227-D7D0-2CC0-A670-8B4A6B5613D0}" = Catalyst Control Center Localization Finnish "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{06388BAD-2116-9B30-CC94-CC708AB405A0}" = CCC Help Norwegian "{079C00FC-BC90-20CB-3369-8C4D5CD203F3}" = Catalyst Control Center Localization Polish "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0C687C56-81C1-210D-0661-F608C71CFCBB}" = CCC Help Chinese Traditional "{165795A1-C9C8-2E70-B49A-4A74A2848217}" = CCC Help Italian "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{192CA383-F3AF-B048-023A-09F345B5DD74}" = Catalyst Control Center Localization Chinese Traditional "{1AD9B214-5E68-8B8F-46DF-FCED7CB413F9}" = CCC Help Danish "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{208A9189-5034-EFB7-9405-05AF6C266962}" = Catalyst Control Center Localization Japanese "{220688FD-4E64-4810-B31A-32C3895DFDFA}_is1" = Auto Shutdown "{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes "{287C65AC-2B43-2842-F330-FD10D8CA6F20}" = CCC Help French "{28C66F14-7324-1B36-E00C-1E59A0E581D3}" = Catalyst Control Center Localization Italian "{29DB3FC9-FFA2-F72B-2960-6093E2BDEB8B}" = Catalyst Control Center Localization Danish "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{30925C52-0EE3-EA31-BF27-9B06007DDC99}" = CCC Help Czech "{320A6FD8-6EEF-0C2F-42E2-E689DE07A60E}" = CCC Help Spanish "{3243DB98-F864-2CB7-58F8-0B3CB9956D2D}" = CCC Help Turkish "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36EE2A56-D58D-5553-1307-E06E6C237F81}" = CCC Help Dutch "{423799F1-0BD5-4B2D-8BD6-2A49BCEA583B}" = Atheros Wireless LAN Client Adapter "{456890ED-15C1-8F42-A7A1-52FB7052458B}" = Catalyst Control Center Localization Russian "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{4A7CA44D-A3B1-2FD3-0E86-CB5EA88002B1}" = Catalyst Control Center Localization Norwegian "{4BD58BD3-DF9B-61C9-A3EE-C34394CA740A}" = Catalyst Control Center Localization Portuguese "{4E7FD5D7-A74C-D2EB-5C50-45D88A3D0ED3}" = CCC Help Japanese "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{52CE8BF2-A574-BD83-07CF-AAB3C634D5EB}" = ccc-core-preinstall "{537598EB-9DB6-C94F-C065-853BDCE0DFC9}" = CCC Help Korean "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{550FFA41-10CB-EC6D-27A1-AE38DBBABF11}" = Catalyst Control Center Localization Korean "{641BF3A4-0E2B-A41F-F3C8-6BF8C4B65F4A}" = Catalyst Control Center Localization Turkish "{6425F910-7BDF-6D78-254F-A27E11D24309}" = ccc-core-static "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6B5708E0-D61F-1A51-5C7C-40CFCBFCA889}" = CCC Help Thai "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{802F0F4E-A0A5-4E4D-9D7B-1933913EF7B6}" = Catalyst Control Center - Branding "{8296CF93-2EF1-11C7-541A-27FE03E2D674}" = CCC Help German "{82FCED4D-AF4D-14F9-6F1E-983E74B782E1}" = Catalyst Control Center Localization Spanish "{852C8062-BFFB-3A2A-0433-5470309158F9}" = CCC Help Hungarian "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8FE9B6C7-3377-7A97-D04B-9E2697E4907C}" = Catalyst Control Center Localization Swedish "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{928CF3BE-7F6F-EABC-100C-619FF950D4C7}" = CCC Help English "{9494E7AC-03C4-AB93-F072-527F18F13EF5}" = Catalyst Control Center Graphics Light "{95354F6D-DDBB-61F3-2FD8-AD00466B244F}" = CCC Help Polish "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{9A17F381-E4F6-45A3-8F88-2E434EDADED9}" = ccc-utility "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A3030F99-1E93-2CFC-B15C-5430FDD216DC}" = Catalyst Control Center Localization Hungarian "{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AB8BE1DE-8915-F756-939C-1697379EB124}" = Catalyst Control Center Localization German "{ABA73159-A808-7FBA-76E3-B61E53AA7443}" = Catalyst Control Center Localization Czech "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{B14D9409-FB9B-39CF-9B6C-1B7CE6FFD93B}" = Catalyst Control Center Graphics Full Existing "{B19F9155-9337-4807-B5EF-ED471DDB2CCE}" = hph_software_req "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B5781BDA-B239-9AC1-07EB-34CF995B96F5}" = CCC Help Swedish "{B6F753ED-87E9-0D33-9648-FB4EBB0D2ED4}" = Catalyst Control Center Localization Greek "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{C13CFA2F-441C-9FD5-4216-621FCB0FEF35}" = Catalyst Control Center Graphics Full New "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C78CFC6E-A7D8-E22F-6F1C-DA43E8D45F10}" = CCC Help Portuguese "{CD4A2120-5D75-2266-042B-1471A257EA13}" = CCC Help Greek "{CE5E14C7-2E93-B8CA-567E-415F71D91B66}" = Catalyst Control Center Localization Thai "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D1AE6D4D-C37A-487d-83D8-C333125B2459}" = HP Photosmart and Deskjet 7.0 Software "{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365 "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{DE251A1E-D1EE-55CB-8F8E-903F343FE6D9}" = Catalyst Control Center Localization French "{E15C57CE-3D30-0B45-E0DD-D48915EA191A}" = Catalyst Control Center Localization Dutch "{E3F133F1-067C-2CF2-729B-2CB9F24D2B53}" = Catalyst Control Center Localization Chinese Standard "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E82A57BC-E9B8-42F9-BDC7-4950BD73EA32}_is1" = Pazera Free FLV to AVI Converter 1.5 "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EC52A0EF-5F3E-1F7E-14A8-618C7DCA93B8}" = Catalyst Control Center Core Implementation "{ECB3A4B6-322F-04F2-7FD4-4B20394C800C}" = CCC Help Russian "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F141E2B8-4636-5A11-3991-C1736EB8DB76}" = CCC Help Chinese Standard "{FEF63139-152C-6604-CECF-0BEE95B030C3}" = CCC Help Finnish "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3 "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "avast" = avast! Pro Antivirus "AVG Secure Search" = AVG Security Toolbar "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP "DAEMON Tools Pro" = DAEMON Tools Pro "Foxit Reader_is1" = Foxit Reader "Free RAR Extract Frog" = Free RAR Extract Frog "Google Chrome" = Google Chrome "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0 "Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US) "Picasa 3" = Picasa 3 "uTorrent" = µTorrent "Vector Magic" = Vector Magic "VLC media player" = VLC media player 2.0.1 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 4/27/2012 7:00:04 PM | Computer Name = SAMGIBSON | Source = LoadPerf | ID = 3001 Description = The performance counter name string value in the registry is incorrectly formatted. The bogus string is 2272, the bogus index value is the first DWORD in Data section while the last valid index values are the second and third DWORD in Data section. Error - 4/27/2012 7:00:04 PM | Computer Name = SAMGIBSON | Source = LoadPerf | ID = 3011 Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The Error code is the first DWORD in Data section. Error - 4/27/2012 7:00:07 PM | Computer Name = SAMGIBSON | Source = LoadPerf | ID = 3001 Description = The performance counter name string value in the registry is incorrectly formatted. The bogus string is 2272, the bogus index value is the first DWORD in Data section while the last valid index values are the second and third DWORD in Data section. Error - 5/10/2012 5:29:20 PM | Computer Name = SAMGIBSON | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 12.0.0.4493, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 5/11/2012 2:39:48 PM | Computer Name = SAMGIBSON | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 ccc.exe, P2 2.0.0.0, P3 469cdc9c, P4 mscorlib, P5 2.0.0.0, P6 4333ab80, P7 10ed, P8 0, P9 system.objectdisposedexception, P10 NIL. Error - 5/15/2012 1:04:13 AM | Computer Name = SAMGIBSON | Source = Application Hang | ID = 1002 Description = Hanging application OTL.exe, version 3.2.43.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 4/30/2012 2:39:13 PM | Computer Name = SAMGIBSON | Source = Service Control Manager | ID = 7000 Description = The XAudioService service failed to start due to the following error: %%193 Error - 5/2/2012 10:41:28 AM | Computer Name = SAMGIBSON | Source = Dhcp | ID = 1000 Description = Your computer has lost the lease to its IP address 192.168.0.10 on the Network Card with network address 0017C44649FC. Error - 5/3/2012 8:38:06 AM | Computer Name = SAMGIBSON | Source = Dhcp | ID = 1000 Description = Your computer has lost the lease to its IP address 192.168.0.11 on the Network Card with network address 0017C44649FC. Error - 5/4/2012 12:23:39 AM | Computer Name = SAMGIBSON | Source = Service Control Manager | ID = 7000 Description = The XAudioService service failed to start due to the following error: %%193 Error - 5/6/2012 1:24:59 PM | Computer Name = SAMGIBSON | Source = Dhcp | ID = 1001 Description = Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0017C44649FC. The following error occurred: %%1223. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. Error - 5/6/2012 1:24:59 PM | Computer Name = SAMGIBSON | Source = Dhcp | ID = 1001 Description = Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0017C44649FC. The following error occurred: %%1223. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. < End of report >