OTL Extras logfile created on: 27/01/2011 23:40:27 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Liam Bradley\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1,023.00 Mb Total Physical Memory | 366.00 Mb Available Physical Memory | 36.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 18.55 Gb Total Space | 7.42 Gb Free Space | 39.98% Space Free | Partition Type: NTFS Drive F: | 7.40 Gb Total Space | 5.46 Gb Free Space | 73.83% Space Free | Partition Type: NTFS Drive G: | 10.33 Gb Total Space | 7.75 Gb Free Space | 75.04% Space Free | Partition Type: NTFS Drive H: | 86.82 Gb Total Space | 86.19 Gb Free Space | 99.27% Space Free | Partition Type: NTFS Drive Q: | 58.49 Gb Total Space | 51.98 Gb Free Space | 88.87% Space Free | Partition Type: NTFS Computer Name: LIAMSDESKTOP | User Name: Liam Bradley | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\6.0\ACDSee6.exe" "%1" (ACD Systems Ltd.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "FirstRunDisabled" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "F:\Program Files 2\drst.exe" = F:\Program Files 2\drst.exe:*:Enabled:Dr SpeedTouch "C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.) "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "F:\Program Files\eMule\emule.exe" = F:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011 "{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster "{1C263E36-DF93-436F-9F0A-F41D82F490CB}" = Palm Desktop "{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}" = ACDSee 6.0 PowerPack "{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth "{42095863-98D1-4A49-BDF8-638DE8A5F316}" = Sound Blaster Audigy 2 "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{48B0F38D-1913-44F3-99AA-D4C55A2B038E}" = Drive Manager "{4E7E8E6A-15F1-4E26-9352-26AD235131E9}" = Documents To Go "{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource "{581CE7EA-A30D-0000-1211-088635773309}" = Cable & Wireless 802.11g Series Wireless LAN USB "{5B6455A4-E812-479B-A762-C2356244CF97}" = EZ Grabber "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.0 "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{87FC2972-8A1D-40EE-B75A-4A72D251A296}" = JumpDrive TouchGuard V1.0 "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9AED1657-9F0F-48E0-9FB5-F98199590ACD}" = JumpDrive TouchGuard V1.0 "{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2 "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A276502A-8979-44FB-8090-90CF72F22ABC}" = AVG 2011 "{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan "{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1 "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{BA3BC81F-0035-4D62-8AB4-6F83D7C1F480}" = Tweak-XP Pro "{C0271B80-4B2F-480D-BBFC-1217EDAA3BF6}" = OM 809 Mouse Driver "{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{D43C63E0-0BDC-498B-B7E9-7DCF902D8610}" = Rave-MP Digital Audio Player "{D43F13A1-1E39-4BD4-9682-DF889FE75421}" = Creative PC-CAM Center "{DA13BA57-3F22-469A-A616-B06FFE8A207F}" = WinPVR "{DA71A94B-3617-4935-8BBE-1566B2174C95}" = Drv "{DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1" = Uniblue SystemTweaker "{E2D201C4-92AF-4544-A5CC-1419F8D5618B}" = ArcSoft VideoImpression 2 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F4C68898-EBA5-46A9-82B3-2D30426086BF}" = AVG 2011 "{F540A6CC-AE36-4A55-8DDE-94D8A0429882}" = EFI PrintMe Toolbar "{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "AdobeESD" = Adobe Download Manager 1.2 (Remove Only) "AVG" = AVG 2011 "Belarc Advisor 2.0" = Belarc Advisor 6.1 "Card Classics" = Card Classics "CCleaner" = CCleaner "CheckIt Diagnostics" = CheckIt Diagnostics "Copy+" = Copy+ "Creative PC-CAM 880 Manual English" = Creative PC-CAM 880 Manual (English) "Creative WebCam Monitor" = Creative WebCam Monitor "DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility "DivXCodec" = DivX 4.02 Codec "eMule" = eMule "Handmark Solitaire" = Handmark Solitaire "HP Photo & Imaging" = HP Image Zone 4.2 "ie8" = Windows Internet Explorer 8 "InstallShield_{48B0F38D-1913-44F3-99AA-D4C55A2B038E}" = Drive Manager "InstallShield_{5B6455A4-E812-479B-A762-C2356244CF97}" = EZ Grabber "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 "InstallShield_{C0271B80-4B2F-480D-BBFC-1217EDAA3BF6}" = OM 809 Mouse Driver "Kinoma Producer for Palm, Inc." = Kinoma Producer for Palm, Inc. "Macromedia Shockwave Player" = Macromedia Shockwave Player "MovieJoiner" = Movie Joiner "Nero - Burning Rom" = Nero - Burning Rom "NeroMultiInstaller!UninstallKey" = Nero Suite "NVIDIA Drivers" = NVIDIA Drivers "Outlook Express Backup_is1" = Outlook Express Backup V6.5 "QuickTime" = QuickTime "Rapport_msi" = Rapport "RealPlayer 6.0" = RealPlayer "RedShift3" = RedShift 3 "Shockwave" = Shockwave "SLAMRNTV" = Uninstall HAMR 5600 Voice Modem "SLD CODEC PACK 1.4" = SLD CODEC PACK 1.4 "Speccy" = Speccy "The Best Movie Player_is1" = The Best Movie Player 1.55 "Uniblue RegistryBooster" = Uniblue RegistryBooster "VCDCutter" = VCDCutter "WebPost" = Microsoft Web Publishing Wizard 1.52 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Windows Media Player 10 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.00 beta 4 (32-bit) "WinZip" = WinZip [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "PocketMirror" = PocketMirror 3.1.3 (Standard Edition) [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 21/01/2011 11:25:33 | Computer Name = LIAM-QN3S6UF3LX | Source = crypt32 | ID = 131077 Description = Failed auto update retrieval of third-party root certificate from: with error: This operation returned because the timeout period expired. Error - 21/01/2011 11:25:36 | Computer Name = LIAM-QN3S6UF3LX | Source = crypt32 | ID = 131077 Description = Failed auto update retrieval of third-party root certificate from: with error: This operation returned because the timeout period expired. Error - 21/01/2011 11:25:48 | Computer Name = LIAM-QN3S6UF3LX | Source = crypt32 | ID = 131077 Description = Failed auto update retrieval of third-party root certificate from: with error: This operation returned because the timeout period expired. Error - 21/01/2011 16:23:24 | Computer Name = LIAM-QN3S6UF3LX | Source = Application Error | ID = 1000 Description = Faulting application devdetect.exe, version 2.0.0.12, faulting module mfc70.dll, version 7.0.9466.0, fault address 0x0000f442. Error - 21/01/2011 22:42:19 | Computer Name = LIAM-QN3S6UF3LX | Source = Application Error | ID = 1000 Description = Faulting application devdetect.exe, version 2.0.0.12, faulting module mfc70.dll, version 7.0.9466.0, fault address 0x0000f442. Error - 24/01/2011 05:54:42 | Computer Name = LIAMSDESKTOP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 24/01/2011 06:37:13 | Computer Name = LIAMSDESKTOP | Source = Application Hang | ID = 1002 Description = Hanging application OUTLOOK.EXE, version 10.0.6863.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 24/01/2011 17:50:49 | Computer Name = LIAMSDESKTOP | Source = Application Hang | ID = 1002 Description = Hanging application WINWORD.EXE, version 10.0.6866.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 24/01/2011 19:53:28 | Computer Name = LIAMSDESKTOP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 24/01/2011 23:15:36 | Computer Name = LIAMSDESKTOP | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This operation returned because the timeout period expired. [ System Events ] Error - 27/01/2011 19:10:56 | Computer Name = LIAMSDESKTOP | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error - 27/01/2011 19:10:56 | Computer Name = LIAMSDESKTOP | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error - 27/01/2011 19:10:56 | Computer Name = LIAMSDESKTOP | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 27/01/2011 19:10:56 | Computer Name = LIAMSDESKTOP | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 27/01/2011 19:14:24 | Computer Name = LIAMSDESKTOP | Source = Service Control Manager | ID = 7000 Description = The PC Tools Spyware Doctor service failed to start due to the following error: %%3 Error - 27/01/2011 19:15:17 | Computer Name = LIAMSDESKTOP | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 27/01/2011 19:15:17 | Computer Name = LIAMSDESKTOP | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 27/01/2011 19:15:17 | Computer Name = LIAMSDESKTOP | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error - 27/01/2011 19:15:17 | Computer Name = LIAMSDESKTOP | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error - 27/01/2011 19:15:33 | Computer Name = LIAMSDESKTOP | Source = ipnathlp | ID = 32003 Description = The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code. < End of report >