OTL Extras logfile created on: 29/09/2014 18:21:42 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Rupert Legge\My Documents\Downloads Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy 1.97 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 72.25% Memory free 2.48 Gb Paging File | 1.92 Gb Available in Paging File | 77.40% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 70.22 Gb Total Space | 59.19 Gb Free Space | 84.28% Space Free | Partition Type: NTFS Drive E: | 180.29 Gb Total Space | 180.00 Gb Free Space | 99.84% Space Free | Partition Type: NTFS Drive G: | 30.46 Gb Total Space | 4.57 Gb Free Space | 15.00% Space Free | Partition Type: FAT32 Computer Name: RUPERT | User Name: Rupert Legge | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hta [@ = ] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l .js [@ = HateML Pro JS file] -- "C:\Program Files\Migajek Software\HateML\HateML.exe" "%1" .vbs [@ = HateML Pro VBS file] -- "C:\Program Files\Migajek Software\HateML\HateML.exe" "%1" [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "C:\Documents and Settings\Rupert Legge\Local Settings\Temp\Ins275\Setup.exe" = C:\Documents and Settings\Rupert Legge\Local Settings\Temp\Ins275\Setup.exe:*:Enabled:Samsung Universal Print Driver Installer "C:\Program Files\GoforFiles\goforfilesdl.exe" = C:\Program Files\GoforFiles\goforfilesdl.exe:*:Enabled:Go for Files "C:\Program Files\GoforFiles\GoforFiles.exe" = C:\Program Files\GoforFiles\GoforFiles.exe:*:Enabled:Go for Files "C:\Program Files\ExpressFiles\expressdl.exe" = C:\Program Files\ExpressFiles\expressdl.exe:*:Enabled:Express Files "C:\Program Files\ExpressFiles\ExpressFiles.exe" = C:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:Express Files "C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation) "C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager "C:\Program Files\uTorrent.exe" = C:\Program Files\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\SpottyFiles\Downloader.exe" = C:\Program Files\SpottyFiles\Downloader.exe:*:Enabled:SpottyFiles "C:\Program Files\SpottyFiles\SpottyFiles.exe" = C:\Program Files\SpottyFiles\SpottyFiles.exe:*:Enabled:SpottyFiles [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{38DFF723-C0B1-44AB-A927-62EDB033908F}" = Belkin 54g USB Network Adapter "{3DE3E4EE-F270-4A31-AB76-475515C661BD}" = TextPad 7 "{40A2D170-A4EB-4611-8181-63127606BAEF}" = Speech Redistributables "{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works "{481EA8F8-CAC0-4137-9CF8-DD0297593E61}" = TP-LINK Wireless Client Utility "{537E9349-D9C6-4075-8CC2-6C1DA729B892}" = VoIPVoice Integration "{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4 "{6EE738C2-0ECE-4917-B62D-D3061A6B29E7}" = Skype Integration "{6FDBDD16-B82F-46D0-A935-84DCBF62413B}" = Brother HL-2030 "{79166E9D-4D2B-405A-B8F5-B43E0C795FF2}" = Local Cooling Setup "{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Roxio Burn Engine "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{BFCBB837-5A78-4123-8188-61BA623ED1E6}" = Dependency Viewer 1.1.0 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "BHODemon_is1" = BHODemon 2.0.0.23 "BhoScanner_is1" = BhoScanner 1.8 "BleachBit" = BleachBit "Colasoft Capsa 7 Free_is1" = Colasoft Capsa 7 Free "DriverEasy_is1" = DriverEasy 4.7.8 "HijackThis" = HijackThis 2.0.2 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 32.0.3 (x86 en-US)" = Mozilla Firefox 32.0.3 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "MWSnap 3" = MWSnap 3 "NTREGOPT_is1" = NTREGOPT 1.1j "OnlineArmor_is1" = Online Armor 5.0 "Samsung ML-2010 Series" = Samsung ML-2010 Series "UChromeP" = VIA/S3G UniChrome Family Win2K/XP/Server2003 Display "VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WGA" = Windows Genuine Advantage Validation Tool "WIC" = Windows Imaging Component "Windows Media Player" = Windows Media Player 10 "WinPcapInst" = WinPcap 4.1.2 "winusb0200" = Microsoft WinUsb 2.0 "WisePixel HandySnap_is1" = WisePixel HandySnap 1.4 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 25/11/2012 08:23:16 | Computer Name = RUPERT | Source = MsiInstaller | ID = 1013 Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2 cannot be uninstalled because it will affect other applications that are installed. For more information, see http://go.microsoft.com/fwlink/?LinkId=91126. Error - 30/12/2012 14:08:29 | Computer Name = RUPERT | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 freeytvdownloader.exe, P2 3.1.42.1212, P3 50c89d79, P4 system.drawing, P5 2.0.0.0, P6 4889dec2, P7 7c4, P8 31, P9 system.typeinitialization, P10 NIL. Error - 07/03/2013 16:14:39 | Computer Name = RUPERT | Source = ESENT | ID = 494 Description = Catalog Database (820) Database recovery failed with error -1216 because it encountered references to a database, 'C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb', which is no longer present. The database was not brought to a consistent state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, please contact PSS for further instructions regarding the steps required in order to allow recovery to proceed without this database. Error - 07/03/2013 16:14:39 | Computer Name = RUPERT | Source = ESENT | ID = 454 Description = Catalog Database (820) Database recovery/restore failed with unexpected error -1216. Error - 22/06/2013 05:47:11 | Computer Name = RUPERT | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 22/06/2013 05:47:11 | Computer Name = RUPERT | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 22/06/2013 15:56:53 | Computer Name = RUPERT | Source = MsiInstaller | ID = 1013 Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2 cannot be uninstalled because it will affect other applications that are installed. For more information, see http://go.microsoft.com/fwlink/?LinkId=91126. Error - 23/06/2013 16:04:10 | Computer Name = RUPERT | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 23/06/2013 16:04:10 | Computer Name = RUPERT | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. [ System Events ] Error - 24/09/2014 15:55:00 | Computer Name = RUPERT | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69} Error - 25/09/2014 11:44:57 | Computer Name = RUPERT | Source = Service Control Manager | ID = 7000 Description = The SSPORT service failed to start due to the following error: %%2 Error - 25/09/2014 11:44:57 | Computer Name = RUPERT | Source = Service Control Manager | ID = 7024 Description = The Routing and Remote Access service terminated with service-specific error 711 (0x2C7). Error - 28/09/2014 07:17:05 | Computer Name = RUPERT | Source = Service Control Manager | ID = 7000 Description = The SSPORT service failed to start due to the following error: %%2 Error - 28/09/2014 07:17:05 | Computer Name = RUPERT | Source = Service Control Manager | ID = 7024 Description = The Routing and Remote Access service terminated with service-specific error 711 (0x2C7). Error - 29/09/2014 11:15:16 | Computer Name = RUPERT | Source = Service Control Manager | ID = 7000 Description = The SSPORT service failed to start due to the following error: %%2 Error - 29/09/2014 11:15:17 | Computer Name = RUPERT | Source = Service Control Manager | ID = 7024 Description = The Routing and Remote Access service terminated with service-specific error 711 (0x2C7). Error - 29/09/2014 12:03:36 | Computer Name = RUPERT | Source = Service Control Manager | ID = 7034 Description = The Online Armor service terminated unexpectedly. It has done this 1 time(s). Error - 29/09/2014 12:19:03 | Computer Name = RUPERT | Source = Service Control Manager | ID = 7000 Description = The SSPORT service failed to start due to the following error: %%2 Error - 29/09/2014 12:19:04 | Computer Name = RUPERT | Source = Service Control Manager | ID = 7024 Description = The Routing and Remote Access service terminated with service-specific error 711 (0x2C7). < End of report >