OTL Extras logfile created on: 1/21/2011 12:27:02 PM - Run 1 OTL by OldTimer - Version 3.2.20.3 Folder = C:\Documents and Settings\mlapointe\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 74.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.53 Gb Total Space | 50.39 Gb Free Space | 67.61% Space Free | Partition Type: NTFS Drive S: | 416.89 Gb Total Space | 376.13 Gb Free Space | 90.22% Space Free | Partition Type: NTFS Drive U: | 416.89 Gb Total Space | 376.13 Gb Free Space | 90.22% Space Free | Partition Type: NTFS Drive Z: | 416.89 Gb Total Space | 376.13 Gb Free Space | 90.22% Space Free | Partition Type: NTFS Computer Name: CHESIL-REVMGR | User Name: mlapointe | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "2001:TCP" = 2001:TCP:*:Enabled:DA Remote Management [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Altiris\AClient\AClntUsr.EXE" = C:\Program Files\Altiris\AClient\AClntUsr.EXE:*:Enabled:AClntUsr - AClient Interactive User Service [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A55CDBB-0566-4AA2-A15B-24C7F27C6FF4}" = BPD_Scan "{138BD312-3557-40F8-BC5E-6DFF00A6880D}" = BPDSoftware_Ini "{17E81C48-407E-499f-A105-1B49ACDB9BA4}" = ProductContext "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35748B06-FCFC-4700-8285-DAD41689E4FE}" = Broadcom TPM Driver Installer "{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{4AE80E7B-6633-4046-9C15-D3B281C4F73D}" = BPDSoftware "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{5BFE01FF-189F-4b75-8FA8-9B7CD7F9C529}" = L7500 "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential "{6DE9751D-3FFE-400E-8761-26A92DB734DE}" = BPD_HPSU "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7729A02E-D1AD-4830-8FC5-11853500D90D}" = HP Officejet Pro All-In-One Series "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes "{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc "{8C045626-4496-4238-B3B8-394CC6D46427}" = 7500_7600_7700_Help "{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{946E5E7D-6DB8-42B5-9306-841696082DE4}" = Attendance Enterprise "{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook "{9963C8D2-31E3-432a-882E-BF4901B3D1A0}" = ScriptLogic Desktop Authority: Computer Agent "{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0 "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = BPDfax "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D48AD533-BAD5-469B-A9AA-272C6D80E70B}" = MPM "{D989BCC0-757C-4FB6-893C-512DF4382656}" = MetaFrame Presentation Server Client "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{DF49D66D-D2D3-46DA-878B-F0BFC7795276}" = Flip "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations "{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}" = Broadcom Management Programs "ActiveTouchMeetingClient" = WebEx "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AVG9Uninstall" = AVG 9.0 "HDMI" = Intel(R) Graphics Media Accelerator Driver "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Customer Participation Program 7.0 "HPOCR" = OCR Software by I.R.I.S 7.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "KONICA MINOLTA Universal PCL" = KONICA MINOLTA Universal PCL "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "SysAid_is1" = SysAid Agent version 7.5.04 "WIC" = Windows Imaging Component "Windows XP Service Pack" = Windows XP Service Pack 3 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 1/20/2011 6:57:18 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: The connection with the server was terminated abnormally Error - 1/20/2011 6:57:19 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error - 1/20/2011 6:57:19 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error - 1/20/2011 6:57:20 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error - 1/20/2011 6:57:20 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error - 1/20/2011 7:08:06 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: The connection with the server was terminated abnormally Error - 1/20/2011 7:08:06 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error - 1/20/2011 7:08:33 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: The connection with the server was terminated abnormally Error - 1/21/2011 1:24:49 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: The connection with the server was terminated abnormally Error - 1/21/2011 1:24:49 PM | Computer Name = CHESIL-REVMGR | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. [ System Events ] Error - 1/20/2011 11:52:48 AM | Computer Name = CHESIL-REVMGR | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: CCDevice Error - 1/20/2011 12:39:32 PM | Computer Name = CHESIL-REVMGR | Source = Service Control Manager | ID = 7023 Description = The Network Security service terminated with the following error: %%126 Error - 1/20/2011 12:39:32 PM | Computer Name = CHESIL-REVMGR | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: CCDevice Error - 1/20/2011 1:17:11 PM | Computer Name = CHESIL-REVMGR | Source = sr | ID = 1 Description = The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. Error - 1/20/2011 1:18:37 PM | Computer Name = CHESIL-REVMGR | Source = Service Control Manager | ID = 7023 Description = The Network Security service terminated with the following error: %%126 Error - 1/20/2011 1:18:37 PM | Computer Name = CHESIL-REVMGR | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: CCDevice Error - 1/21/2011 11:09:53 AM | Computer Name = CHESIL-REVMGR | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error - 1/21/2011 12:47:49 PM | Computer Name = CHESIL-REVMGR | Source = DCOM | ID = 10010 Description = The server {D40DAF26-8F39-4430-97B9-D3E1A42426C8} did not register with DCOM within the required timeout. Error - 1/21/2011 12:52:41 PM | Computer Name = CHESIL-REVMGR | Source = Service Control Manager | ID = 7023 Description = The Network Security service terminated with the following error: %%126 Error - 1/21/2011 12:52:41 PM | Computer Name = CHESIL-REVMGR | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: CCDevice < End of report >