Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- OTL Extras logfile created on: 3/17/2014 3:08:30 PM - Run 1
- OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\mmurphy\Desktop
- Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
- Internet Explorer (Version = 8.0.6001.18702)
- Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
- 1.94 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 68.83% Memory free
- 2.44 Gb Paging File | 2.05 Gb Available in Paging File | 83.93% Paging File free
- Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
- %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
- Drive C: | 37.26 Gb Total Space | 13.80 Gb Free Space | 37.03% Space Free | Partition Type: NTFS
- Drive D: | 497.72 Mb Total Space | 11.75 Mb Free Space | 2.36% Space Free | Partition Type: FAT
- Drive U: | 68.23 Gb Total Space | 1.91 Gb Free Space | 2.79% Space Free | Partition Type: NTFS
- Computer Name: JCRAIG | User Name: mmurphy | Logged in as Administrator.
- Boot Mode: Normal | Scan Mode: All users
- Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
- [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
- [color=#E56717]========== File Associations ==========[/color]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
- .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
- [color=#E56717]========== Shell Spawning ==========[/color]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
- batfile [open] -- "%1" %*
- cmdfile [open] -- "%1" %*
- comfile [open] -- "%1" %*
- cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
- exefile [open] -- "%1" %*
- piffile [open] -- "%1" %*
- regfile [merge] -- Reg Error: Key error.
- scrfile [config] -- "%1"
- scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
- scrfile [open] -- "%1" /S
- txtfile [edit] -- Reg Error: Key error.
- Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
- Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
- Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
- Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
- Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
- Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
- Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- [color=#E56717]========== Security Center Settings ==========[/color]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
- "FirstRunDisabled" = 1
- "AntiVirusDisableNotify" = 0
- "FirewallDisableNotify" = 0
- "UpdatesDisableNotify" = 0
- "AntiVirusOverride" = 0
- "FirewallOverride" = 0
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
- [color=#E56717]========== System Restore Settings ==========[/color]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
- "DisableSR" = 0
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
- "Start" = 0
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
- "Start" = 2
- [color=#E56717]========== Firewall Settings ==========[/color]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
- "59152:UDP" = 59152:UDP:*:Enabled:SonicWALL Compliance 59152
- "59153:UDP" = 59153:UDP:*:Enabled:SonicWALL Compliance 59153
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
- "EnableFirewall" = 1
- "DisableNotifications" = 0
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
- "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
- "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
- "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
- "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
- "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
- [color=#E56717]========== Authorized Applications List ==========[/color]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
- "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
- "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:McAfee Managed Services Agent
- "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
- "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
- "C:\Program Files\Symantec\pcAnywhere\awhost32.exe" = C:\Program Files\Symantec\pcAnywhere\awhost32.exe:*:Enabled:pcAnywhere Host Service
- "C:\Documents and Settings\John Craig\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\John Craig\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
- "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
- "C:\RouteTracking\RouteTracking.exe" = C:\RouteTracking\RouteTracking.exe:*:Enabled:Copas Route Tracking -- (eCommerce Industries, Inc)
- "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
- [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
- "{028BB5A9-6385-4CF6-A6FF-D512D5015DBA}" = Garmin Lifetime Updater
- "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
- "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
- "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
- "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
- "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
- "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
- "{402525B0-10B6-4DD9-8F5D-AA33055AD244}" = Copas Route Tracking
- "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
- "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
- "{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
- "{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
- "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
- "{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
- "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
- "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
- "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
- "{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
- "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
- "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
- "{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
- "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
- "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
- "{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
- "{CD392969-DEFB-4AB2-BA5D-2DAF65DCD432}" = Attendance Enterprise
- "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
- "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
- "Adobe AIR" = Adobe AIR
- "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
- "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
- "ATI Display Driver" = ATI Display Driver
- "FileZilla Client" = FileZilla Client 3.4.0
- "Fotosizer" = Fotosizer 1.31
- "GIMP-2_is1" = GIMP 2.8.2
- "ie8" = Windows Internet Explorer 8
- "InfoRad2001-076" = InfoRad® Wireless Office 2001 2001-076 (remove only)
- "LiveReg" = LiveReg (Symantec Corporation)
- "LiveUpdate1.6" = LiveUpdate 1.6 (Symantec Corporation)
- "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
- "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
- "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
- "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
- "Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)
- "MozillaMaintenanceService" = Mozilla Maintenance Service
- "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
- "Notepad++" = Notepad++
- "Pixel Ruler" = Pixel Ruler
- "Procomm Plus" = Symantec Procomm Plus
- "RoughDraft" = RoughDraft 3.0
- "WIC" = Windows Imaging Component
- "Winamp" = Winamp
- "Windows Media Format Runtime" = Windows Media Format 11 runtime
- "Windows Media Player" = Windows Media Player 11
- "Windows XP Service Pack" = Windows XP Service Pack 3
- "WMFDist11" = Windows Media Format 11 runtime
- "wmp11" = Windows Media Player 11
- "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
- [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
- [ Application Events ]
- Error - 3/5/2014 4:05:04 AM | Computer Name = JCRAIG | Source = Application Error | ID = 1000
- Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
- module mshtml.dll, version 8.0.6001.23562, fault address 0x00088cc7.
- Error - 3/5/2014 4:05:40 AM | Computer Name = JCRAIG | Source = Application Error | ID = 1000
- Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
- module mshtml.dll, version 8.0.6001.23562, fault address 0x00088cc7.
- Error - 3/13/2014 5:38:09 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
- Description = Hanging application OUTLOOK.EXE, version 11.0.8326.0, hang module
- hungapp, version 0.0.0.0, hang address 0x00000000.
- Error - 3/13/2014 6:58:44 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
- Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
- hungapp, version 0.0.0.0, hang address 0x00000000.
- Error - 3/13/2014 10:29:37 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
- Description = Hanging application hjkzq.exe, version 1.2.1.1, hang module hungapp,
- version 0.0.0.0, hang address 0x00000000.
- Error - 3/13/2014 10:29:44 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
- Description = Hanging application hjkzq.exe, version 1.2.1.1, hang module hungapp,
- version 0.0.0.0, hang address 0x00000000.
- Error - 3/13/2014 10:29:50 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
- Description = Hanging application hjkzq.exe, version 1.2.1.1, hang module hungapp,
- version 0.0.0.0, hang address 0x00000000.
- Error - 3/13/2014 10:29:50 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
- Description = Hanging application hjkzq.exe, version 1.2.1.1, hang module hungapp,
- version 0.0.0.0, hang address 0x00000000.
- Error - 3/13/2014 3:32:44 PM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
- Description = Hanging application GarminLifetime.exe, version 2.1.6.0, hang module
- hungapp, version 0.0.0.0, hang address 0x00000000.
- Error - 3/14/2014 2:01:01 PM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
- Description = Hanging application mbam.exe, version 1.75.0.1, hang module hungapp,
- version 0.0.0.0, hang address 0x00000000.
- [ System Events ]
- Error - 3/13/2014 10:39:25 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7001
- Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
- failed to start because of the following error: %%31
- Error - 3/13/2014 10:39:25 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7001
- Description = The IPSEC Services service depends on the IPSEC driver service which
- failed to start because of the following error: %%31
- Error - 3/13/2014 10:39:25 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7026
- Description = The following boot-start or system-start driver(s) failed to load:
- AFD Fips intelppm IPSec mfehidk mfetdik MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
- Error - 3/13/2014 10:40:07 AM | Computer Name = JCRAIG | Source = DCOM | ID = 10005
- Description = DCOM got error "%1084" attempting to start the service StiSvc with
- arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
- Error - 3/13/2014 10:41:23 AM | Computer Name = JCRAIG | Source = DCOM | ID = 10005
- Description = DCOM got error "%1084" attempting to start the service EventSystem
- with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
- Error - 3/13/2014 3:30:42 PM | Computer Name = JCRAIG | Source = sr | ID = 1
- Description = The System Restore filter encountered the unexpected error '0xC0000001'
- while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
- the volume.
- Error - 3/14/2014 3:21:06 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7022
- Description = The Attendance Enterprise Service service hung on starting.
- Error - 3/14/2014 3:24:49 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7034
- Description = The Attendance Enterprise Service service terminated unexpectedly.
- It has done this 1 time(s).
- Error - 3/14/2014 5:35:58 PM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7022
- Description = The Attendance Enterprise Service service hung on starting.
- Error - 3/14/2014 5:39:44 PM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7034
- Description = The Attendance Enterprise Service service terminated unexpectedly.
- It has done this 1 time(s).
- < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement