OTL Extras logfile created on: 4/23/2011 5:45:03 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Party Jumps\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.00 Mb Total Physical Memory | 208.00 Mb Available Physical Memory | 41.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.92 Gb Total Space | 5.91 Gb Free Space | 21.16% Space Free | Partition Type: NTFS
Drive E: | 1.87 Gb Total Space | 1.85 Gb Free Space | 99.04% Space Free | Partition Type: FAT
Computer Name: D161GQ21 | User Name: Party Jumps | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- C:\Documents and Settings\Party Jumps\Local Settings\Application Data\opd.exe ()
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"56685:TCP" = 56685:TCP:*:Enabled:Pando Media Booster
"56685:UDP" = 56685:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"135:TCP" = 135:TCP:*:Enabled:DCOM(135)
"1700:TCP" = 1700:TCP:*:Disabled:MioNet Remote Drive Access 0
"1701:TCP" = 1701:TCP:*:Disabled:MioNet Remote Drive Access 1
"1702:TCP" = 1702:TCP:*:Disabled:MioNet Remote Drive Access 2
"1703:TCP" = 1703:TCP:*:Disabled:MioNet Remote Drive Access 3
"1704:TCP" = 1704:TCP:*:Disabled:MioNet Remote Drive Access 4
"1705:TCP" = 1705:TCP:*:Disabled:MioNet Remote Drive Access 5
"1706:TCP" = 1706:TCP:*:Disabled:MioNet Remote Drive Access 6
"1707:TCP" = 1707:TCP:*:Disabled:MioNet Remote Drive Access 7
"1708:TCP" = 1708:TCP:*:Disabled:MioNet Remote Drive Access 8
"1709:TCP" = 1709:TCP:*:Disabled:MioNet Remote Drive Access 9
"1641:TCP" = 1641:TCP:*:Disabled:MioNet Remote Drive Verification
"1647:TCP" = 1647:TCP:*:Disabled:MioNet Storage Device Configuration
"5432:UDP" = 5432:UDP:*:Disabled:MioNet Storage Device Discovery
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56685:TCP" = 56685:TCP:*:Enabled:Pando Media Booster
"56685:UDP" = 56685:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\MioNet\jvm\bin\MioNet.exe" = C:\Program Files\MioNet\jvm\bin\MioNet.exe:*:Disabled:MioNet
"C:\Program Files\MioNet\MioNetManager.exe" = C:\Program Files\MioNet\MioNetManager.exe:*:Disabled:MioNetManager
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000000-785F-478A-BAA2-87F1A136068C}" = MSN Encarta Plus Support Files
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{14374621-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Basic 2005
"{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 22
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B0F52AC-EF5C-4831-B221-06C782E41280}" = Quicken 2008
"{468190DA-FB4C-45BA-8E40-4B165FF1A939}" = BACS
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4F1CECBC-670F-4daa-81D6-944B12450917}" = DIGReqEx
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{9F7FC79B-3059-4264-9450-39EB368E3220}" = Microsoft Picture It! Library 9
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600211}" = MSN Messenger 6.1
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B1C0D829-FE30-059E-E93F-CDC7A48235C0}" = FlipShare
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C769B501-2BE8-46ed-9E69-118F008A0917}" = DIGOpt
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD04643-5246-48AC-9D8C-F43A37BB8F36}" = WD Drive Manager (x86)
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}" = WinZip 15.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0900}" = Microsoft Picture It! Express 9
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"Adobe Acrobat Reader 3.01" = Adobe Acrobat Reader 3.01
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AdobeESD" = Adobe Download Manager 1.2 (Remove Only)
"BCM V.92 56K Modem" = BCM V.92 56K Modem
"CCleaner" = CCleaner
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DellSupport" = Dell Support 5.0.0 (766)
"Dsc Pro" = Dsc Pro
"ERUNT_is1" = ERUNT 1.1j
"hp psc 2100 series_Driver" = hp psc 2100 series
"ie8" = Windows Internet Explorer 8
"InstallShield_{468190DA-FB4C-45BA-8E40-4B165FF1A939}" = Broadcom Advanced Control Suite
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSNINST" = MSN
"PictureIt_POD_v9" = Microsoft Picture It! Library 9
"PictureIt_v9" = Microsoft Picture It! Express 9
"SearchSafe" = SearchSafe
"Shockwave" = Shockwave
"TurboTax Deluxe 2003" = TurboTax Deluxe 2003
"TurboTax Deluxe 2005" = TurboTax Deluxe 2005
"TurboTax Premier 2004" = TurboTax Premier 2004
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows XP Service Pack" = Windows XP Service Pack 3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger Explorer Bar" = Yahoo! Messenger Explorer Bar
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4/20/2011 11:59:40 PM | Computer Name = D161GQ21 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.
Error - 4/21/2011 3:15:32 AM | Computer Name = D161GQ21 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 4/21/2011 3:15:33 AM | Computer Name = D161GQ21 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.
Error - 4/21/2011 6:29:21 AM | Computer Name = D161GQ21 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 4/21/2011 9:16:33 AM | Computer Name = D161GQ21 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.4095, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/21/2011 9:43:03 AM | Computer Name = D161GQ21 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 4/21/2011 12:56:50 PM | Computer Name = D161GQ21 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 4/21/2011 4:10:38 PM | Computer Name = D161GQ21 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 4/21/2011 5:26:17 PM | Computer Name = D161GQ21 | Source = Application Hang | ID = 1002
Description = Hanging application AcroRd32.exe, version 9.4.0.195, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/21/2011 7:05:19 PM | Computer Name = D161GQ21 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80072efe, P2 endsearch, P3 search, P4 3.0.8107.0,
P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.
[ System Events ]
Error - 1/10/2011 2:16:24 AM | Computer Name = D161GQ21 | Source = System Error | ID = 1003
Description = Error code 0000004e, parameter1 00000099, parameter2 00008f74, parameter3
00000001, parameter4 00000000.
Error - 1/20/2011 10:23:03 AM | Computer Name = D161GQ21 | Source = System Error | ID = 1003
Description = Error code 0000004e, parameter1 00000099, parameter2 000829b6, parameter3
00000005, parameter4 00000000.
Error - 1/21/2011 10:50:18 AM | Computer Name = D161GQ21 | Source = System Error | ID = 1003
Description = Error code 000000f4, parameter1 00000003, parameter2 82d3d950, parameter3
82d3dac4, parameter4 805fb146.
Error - 1/21/2011 7:30:44 PM | Computer Name = D161GQ21 | Source = System Error | ID = 1003
Description = Error code 0000004e, parameter1 00000099, parameter2 00000000, parameter3
00000000, parameter4 00000000.
Error - 1/23/2011 5:18:10 PM | Computer Name = D161GQ21 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the FlipShare Service service.
Error - 2/11/2011 11:54:21 AM | Computer Name = D161GQ21 | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 ef68baa4, parameter3
ef5d5a44, parameter4 00000000.
Error - 2/23/2011 9:52:09 AM | Computer Name = D161GQ21 | Source = System Error | ID = 1003
Description = Error code 10000050, parameter1 8e34dcc8, parameter2 00000000, parameter3
805752a8, parameter4 00000000.
Error - 4/16/2011 12:20:54 PM | Computer Name = D161GQ21 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.2.3 for the Network Card with network
address 000BDB2659CB has been denied by the DHCP server 192.168.2.1 (The DHCP Server
sent a DHCPNACK message).
Error - 4/21/2011 7:05:14 PM | Computer Name = D161GQ21 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.103.160.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6802.0 Error
code: 0x80072efe Error description: The connection with the server was terminated
abnormally
Error - 4/23/2011 8:43:19 PM | Computer Name = D161GQ21 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.103.160.0 Update Source: %%859 Update Stage:
%%852 Source Path: Default URL Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM
Current
Engine Version: Previous Engine Version: 1.1.6802.0 Error code: 0x80070424 Error
description: The specified service does not exist as an installed service.
< End of report >