OTL Extras logfile created on: 2010-06-28 12:41:03 - Run 2 OTL by OldTimer - Version 3.2.7.0 Folder = E:\Stuff Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,40 Gb Total Space | 7,47 Gb Free Space | 38,50% Space Free | Partition Type: NTFS Drive D: | 90,78 Gb Total Space | 53,28 Gb Free Space | 58,69% Space Free | Partition Type: NTFS Drive E: | 38,87 Gb Total Space | 21,65 Gb Free Space | 55,71% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: GATE Current User Name: PanMis Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "UacDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallDisableNotify" = 0 "FirewallOverride" = 0 "UacDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "22131:TCP" = 22131:TCP:*:Enabled:BitComet 22131 TCP "22131:UDP" = 22131:UDP:*:Enabled:BitComet 22131 UDP "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "9339:TCP" = 9339:TCP:*:Enabled:ZombiesTCP "9339:UDP" = 9339:UDP:*:Enabled:ZombiesUDP [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "E:\BitComet\BitComet.exe" = E:\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com) "D:\Colonization\Colonization.exe" = D:\Colonization\Colonization.exe:*:Enabled:Sid Meier's Civilization IV Colonization -- (Firaxis Games) "D:\Sacred 2\system\s2gs.exe" = D:\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server -- (Ascaron Entertainment GmbH) "D:\Sacred 2\system\sacred2.exe" = D:\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2 -- (Ascaron Entertainment GmbH) "D:\ProEvo\pes2010.exe" = D:\ProEvo\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.) "D:\Football Manager 2010\fm.exe" = D:\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010 -- File not found "D:\Steel Panthers World At War\MECH.EXE" = D:\Steel Panthers World At War\MECH.EXE:*:Disabled:MECH -- () "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" = C:\Program Files\Trend Micro\HijackThis\HijackThis.exe:*:Enabled:ipsec -- (Trend Micro Inc.) "C:\WINDOWS\system32\NeroCheck.exe" = C:\WINDOWS\system32\NeroCheck.exe:*:Enabled:ipsec -- (Nero AG) "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe:*:Enabled:ipsec -- (Advanced Micro Devices, Inc.) "E:\Fotki\PMBCore\SPUVolumeWatcher.exe" = E:\Fotki\PMBCore\SPUVolumeWatcher.exe:*:Enabled:ipsec -- (Sony Corporation) "D:\Mass Effect 2\Binaries\MassEffect2.exe" = D:\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 Gra -- (BioWare) "D:\Mass Effect 2\MassEffect2Launcher.exe" = D:\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 Program startowy -- (BioWare) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{020D5735-4A54-3578-1CE6-B67D193CB016}" = CCC Help Greek "{04E149A1-A533-5F39-BAE9-378F53B457A7}" = Catalyst Control Center Graphics Previews Common "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable "{07131DB0-A5D2-36CA-4BD1-D367033A614A}" = Catalyst Control Center Localization All "{0E3CCCDC-3BB2-B5D5-A547-5F157E1BADB8}" = Catalyst Control Center Core Implementation "{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2 "{131C976E-E991-40FA-163F-B29022346F01}" = CCC Help English "{1F1008AB-7129-AB4D-45C9-89A2B3433028}" = CCC Help French "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility "{21A8BF7D-C50D-E655-1E25-99C7924A69F6}" = ATI Catalyst Install Manager "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4589EF5B-1F2D-4027-F2CF-CF39EEDB063D}" = CCC Help Spanish "{45DA6BAD-0E4B-C9D3-ED06-444F55DF463A}" = CCC Help German "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A1BB898-4649-C20D-0702-473539D0FEB7}" = CCC Help Italian "{540D26F5-C8E3-C81F-284D-1DED24524D90}" = CCC Help Hungarian "{59971DBB-4102-03AE-441C-F54B0E583F2A}" = CCC Help Portuguese "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{5A53992C-48D6-D4DB-75A7-5D13388DAB9A}" = ccc-core-static "{5AD1B20F-AE09-D4A3-E9F2-FE79C79E7510}" = ccc-utility "{633804CD-3D77-77AD-DD97-5A976AFF340D}" = Catalyst Control Center InstallProxy "{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack "{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2 "{7AE858CD-7AD6-D9E6-627E-E452A71896E7}" = Catalyst Control Center Graphics Full Existing "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding "{8BC8DA36-302D-14FA-55AE-5CAAF1CA4F25}" = Catalyst Control Center Graphics Light "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A44C8D37-B36B-D378-2201-97137494E339}" = ccc-utility "{A561E34D-F64A-A4F7-0319-DDD83952A967}" = ccc-core-static "{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3 - Polish "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BB37C263-9B7F-6A1C-A1B8-333C3FB80614}" = ccc-core-preinstall "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DE5CD0E9-9296-788D-F082-54454791A65E}" = Catalyst Control Center Graphics Previews Common "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{EBB15EA8-B7CF-E90C-B977-18777AFC63F0}" = Catalyst Control Center HydraVision Full "{EC27630A-EAFB-AB2A-56CC-7F5189845D85}" = Catalyst Control Center Graphics Full New "{F0ACC504-574E-48D7-44F7-7291B186CC82}" = CCC Help Polish "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F338987F-2621-0117-5D98-6ECD1FD507CE}" = CCC Help English "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AtcL1" = Attansic L1 Gigabit Ethernet Driver "ATI Display Driver" = ATI Display Driver "BitComet" = BitComet 1.17 "Graphical Enhancement Resources" = Graphical Enhancement Resources 2.5 "HijackThis" = HijackThis 2.0.2 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Full) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mount&Blade" = Mount&Blade "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "PunkBusterSvc" = PunkBuster Services "RAR Password Cracker" = RAR Password Cracker 4.12 "RealAlt_is1" = Real Alternative 2.0.2 "SkanerOnline" = Skaner on-line mks_vir "spwawv80" = Steel Panthers World At War v8.00 "Total Uninstall 4_is1" = Total Uninstall 4.6.0 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2009-09-07 12:09:15 | Computer Name = GATE | Source = Application Error | ID = 1000 Description = Faulting application ufo defense.exe, version 1.0.0.1, faulting module ufo defense.exe, version 1.0.0.1, fault address 0x0002064f. Error - 2009-09-07 12:10:28 | Computer Name = GATE | Source = Application Error | ID = 1000 Description = Faulting application ufo defense.exe, version 1.0.0.1, faulting module ufo defense.exe, version 1.0.0.1, fault address 0x0002064f. Error - 2009-09-07 12:20:11 | Computer Name = GATE | Source = Application Error | ID = 1000 Description = Faulting application ufo defense.exe, version 1.0.0.1, faulting module ufo defense.exe, version 1.0.0.1, fault address 0x0002064f. Error - 2009-09-07 12:49:46 | Computer Name = GATE | Source = Application Error | ID = 1000 Description = Faulting application ufo defense.exe, version 1.0.0.1, faulting module ufo defense.exe, version 1.0.0.1, fault address 0x0002064f. Error - 2009-09-07 13:31:55 | Computer Name = GATE | Source = Application Error | ID = 1000 Description = Faulting application ufo defense.exe, version 1.0.0.1, faulting module ufo defense.exe, version 1.0.0.1, fault address 0x0002064f. Error - 2009-09-08 07:30:47 | Computer Name = GATE | Source = Application Error | ID = 1000 Description = Faulting application ufo defense.exe, version 1.0.0.1, faulting module ufo defense.exe, version 1.0.0.1, fault address 0x000035ee. Error - 2009-09-08 17:25:20 | Computer Name = GATE | Source = Application Error | ID = 1000 Description = Faulting application fm.exe, version 9.2.0.30301, faulting module fm.exe, version 9.2.0.30301, fault address 0x009f9957. Error - 2009-09-11 08:00:51 | Computer Name = GATE | Source = Application Hang | ID = 1002 Description = Hanging application ASP95.EXE, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 2009-09-13 13:08:11 | Computer Name = GATE | Source = Application Error | ID = 1000 Description = Faulting application ufo defense.exe, version 1.0.0.1, faulting module ufo defense.exe, version 1.0.0.1, fault address 0x0002064f. Error - 2009-09-13 13:28:54 | Computer Name = GATE | Source = Application Error | ID = 1000 Description = Faulting application ufo defense.exe, version 1.0.0.1, faulting module ufo defense.exe, version 1.0.0.1, fault address 0x0002064f. [ System Events ] Error - 2010-04-28 18:02:09 | Computer Name = GATE | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2010-04-28 18:02:43 | Computer Name = GATE | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2010-04-28 18:03:25 | Computer Name = GATE | Source = DCOM | ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 2010-05-05 06:58:23 | Computer Name = GATE | Source = Dhcp | ID = 1002 Description = The IP address lease 0.0.0.0 for the Network Card with network address 001D60EAD2AB has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). Error - 2010-05-27 17:05:26 | Computer Name = GATE | Source = Dhcp | ID = 1002 Description = The IP address lease 10.0.0.14 for the Network Card with network address 001D60EAD2AB has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). Error - 2010-06-11 04:44:57 | Computer Name = GATE | Source = Dhcp | ID = 1002 Description = The IP address lease 0.0.0.0 for the Network Card with network address 001D60EAD2AB has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). Error - 2010-06-15 08:39:08 | Computer Name = GATE | Source = Dhcp | ID = 1002 Description = The IP address lease 10.0.0.14 for the Network Card with network address 001D60EAD2AB has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). Error - 2010-06-27 06:46:32 | Computer Name = GATE | Source = sr | ID = 1 Description = The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. Error - 2010-06-27 08:01:12 | Computer Name = GATE | Source = Service Control Manager | ID = 7034 Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). Error - 2010-06-27 08:51:57 | Computer Name = GATE | Source = PlugPlayManager | ID = 11 Description = The device Root\LEGACY_ASC3360PR\0000 disappeared from the system without first being prepared for removal. < End of report >