API tools faq
paste
Advertisement
jcraig4550

Extras.txt

jcraig4550
Mar 17th, 2014
34
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.61 KB | None | 0 0
raw download clone embed print report
  1. OTL Extras logfile created on: 3/17/2014 3:08:30 PM - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\mmurphy\Desktop
  3. Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.6001.18702)
  5. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  6.  
  7. 1.94 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 68.83% Memory free
  8. 2.44 Gb Paging File | 2.05 Gb Available in Paging File | 83.93% Paging File free
  9. Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
  12. Drive C: | 37.26 Gb Total Space | 13.80 Gb Free Space | 37.03% Space Free | Partition Type: NTFS
  13. Drive D: | 497.72 Mb Total Space | 11.75 Mb Free Space | 2.36% Space Free | Partition Type: FAT
  14. Drive U: | 68.23 Gb Total Space | 1.91 Gb Free Space | 2.79% Space Free | Partition Type: NTFS
  15.  
  16. Computer Name: JCRAIG | User Name: mmurphy | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: All users
  18. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
  19.  
  20. [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
  21.  
  22.  
  23. [color=#E56717]========== File Associations ==========[/color]
  24.  
  25. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
  26. .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
  27.  
  28. [color=#E56717]========== Shell Spawning ==========[/color]
  29.  
  30. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  31. batfile [open] -- "%1" %*
  32. cmdfile [open] -- "%1" %*
  33. comfile [open] -- "%1" %*
  34. cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
  35. exefile [open] -- "%1" %*
  36. piffile [open] -- "%1" %*
  37. regfile [merge] -- Reg Error: Key error.
  38. scrfile [config] -- "%1"
  39. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
  40. scrfile [open] -- "%1" /S
  41. txtfile [edit] -- Reg Error: Key error.
  42. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
  43. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  44. Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
  45. Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
  46. Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
  47. Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
  48. Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
  49. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  50.  
  51. [color=#E56717]========== Security Center Settings ==========[/color]
  52.  
  53. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
  54. "FirstRunDisabled" = 1
  55. "AntiVirusDisableNotify" = 0
  56. "FirewallDisableNotify" = 0
  57. "UpdatesDisableNotify" = 0
  58. "AntiVirusOverride" = 0
  59. "FirewallOverride" = 0
  60.  
  61. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
  62.  
  63. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
  64.  
  65. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
  66.  
  67. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
  68.  
  69. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
  70.  
  71. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
  72.  
  73. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
  74.  
  75. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
  76.  
  77. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
  78.  
  79. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
  80.  
  81. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
  82.  
  83. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
  84.  
  85. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
  86.  
  87. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
  88.  
  89. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
  90.  
  91. [color=#E56717]========== System Restore Settings ==========[/color]
  92.  
  93. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
  94. "DisableSR" = 0
  95.  
  96. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
  97. "Start" = 0
  98.  
  99. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
  100. "Start" = 2
  101.  
  102. [color=#E56717]========== Firewall Settings ==========[/color]
  103.  
  104. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
  105.  
  106. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
  107. "59152:UDP" = 59152:UDP:*:Enabled:SonicWALL Compliance 59152
  108. "59153:UDP" = 59153:UDP:*:Enabled:SonicWALL Compliance 59153
  109.  
  110. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
  111. "EnableFirewall" = 1
  112. "DisableNotifications" = 0
  113.  
  114. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
  115. "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
  116. "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
  117. "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
  118. "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
  119. "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
  120.  
  121. [color=#E56717]========== Authorized Applications List ==========[/color]
  122.  
  123. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
  124. "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
  125. "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:McAfee Managed Services Agent
  126. "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
  127.  
  128. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
  129. "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
  130. "C:\Program Files\Symantec\pcAnywhere\awhost32.exe" = C:\Program Files\Symantec\pcAnywhere\awhost32.exe:*:Enabled:pcAnywhere Host Service
  131. "C:\Documents and Settings\John Craig\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\John Craig\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
  132. "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
  133. "C:\RouteTracking\RouteTracking.exe" = C:\RouteTracking\RouteTracking.exe:*:Enabled:Copas Route Tracking -- (eCommerce Industries, Inc)
  134. "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
  135.  
  136.  
  137. [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
  138.  
  139. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  140. "{028BB5A9-6385-4CF6-A6FF-D512D5015DBA}" = Garmin Lifetime Updater
  141. "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
  142. "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
  143. "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
  144. "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
  145. "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
  146. "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
  147. "{402525B0-10B6-4DD9-8F5D-AA33055AD244}" = Copas Route Tracking
  148. "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
  149. "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
  150. "{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
  151. "{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
  152. "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
  153. "{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
  154. "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
  155. "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
  156. "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
  157. "{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
  158. "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
  159. "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
  160. "{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
  161. "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
  162. "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
  163. "{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
  164. "{CD392969-DEFB-4AB2-BA5D-2DAF65DCD432}" = Attendance Enterprise
  165. "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
  166. "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
  167. "Adobe AIR" = Adobe AIR
  168. "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
  169. "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
  170. "ATI Display Driver" = ATI Display Driver
  171. "FileZilla Client" = FileZilla Client 3.4.0
  172. "Fotosizer" = Fotosizer 1.31
  173. "GIMP-2_is1" = GIMP 2.8.2
  174. "ie8" = Windows Internet Explorer 8
  175. "InfoRad2001-076" = InfoRad® Wireless Office 2001 2001-076 (remove only)
  176. "LiveReg" = LiveReg (Symantec Corporation)
  177. "LiveUpdate1.6" = LiveUpdate 1.6 (Symantec Corporation)
  178. "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
  179. "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
  180. "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
  181. "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
  182. "Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)
  183. "MozillaMaintenanceService" = Mozilla Maintenance Service
  184. "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
  185. "Notepad++" = Notepad++
  186. "Pixel Ruler" = Pixel Ruler
  187. "Procomm Plus" = Symantec Procomm Plus
  188. "RoughDraft" = RoughDraft 3.0
  189. "WIC" = Windows Imaging Component
  190. "Winamp" = Winamp
  191. "Windows Media Format Runtime" = Windows Media Format 11 runtime
  192. "Windows Media Player" = Windows Media Player 11
  193. "Windows XP Service Pack" = Windows XP Service Pack 3
  194. "WMFDist11" = Windows Media Format 11 runtime
  195. "wmp11" = Windows Media Player 11
  196. "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
  197.  
  198. [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
  199.  
  200. [ Application Events ]
  201. Error - 3/5/2014 4:05:04 AM | Computer Name = JCRAIG | Source = Application Error | ID = 1000
  202. Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
  203. module mshtml.dll, version 8.0.6001.23562, fault address 0x00088cc7.
  204.  
  205. Error - 3/5/2014 4:05:40 AM | Computer Name = JCRAIG | Source = Application Error | ID = 1000
  206. Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
  207. module mshtml.dll, version 8.0.6001.23562, fault address 0x00088cc7.
  208.  
  209. Error - 3/13/2014 5:38:09 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
  210. Description = Hanging application OUTLOOK.EXE, version 11.0.8326.0, hang module
  211. hungapp, version 0.0.0.0, hang address 0x00000000.
  212.  
  213. Error - 3/13/2014 6:58:44 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
  214. Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
  215. hungapp, version 0.0.0.0, hang address 0x00000000.
  216.  
  217. Error - 3/13/2014 10:29:37 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
  218. Description = Hanging application hjkzq.exe, version 1.2.1.1, hang module hungapp,
  219. version 0.0.0.0, hang address 0x00000000.
  220.  
  221. Error - 3/13/2014 10:29:44 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
  222. Description = Hanging application hjkzq.exe, version 1.2.1.1, hang module hungapp,
  223. version 0.0.0.0, hang address 0x00000000.
  224.  
  225. Error - 3/13/2014 10:29:50 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
  226. Description = Hanging application hjkzq.exe, version 1.2.1.1, hang module hungapp,
  227. version 0.0.0.0, hang address 0x00000000.
  228.  
  229. Error - 3/13/2014 10:29:50 AM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
  230. Description = Hanging application hjkzq.exe, version 1.2.1.1, hang module hungapp,
  231. version 0.0.0.0, hang address 0x00000000.
  232.  
  233. Error - 3/13/2014 3:32:44 PM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
  234. Description = Hanging application GarminLifetime.exe, version 2.1.6.0, hang module
  235. hungapp, version 0.0.0.0, hang address 0x00000000.
  236.  
  237. Error - 3/14/2014 2:01:01 PM | Computer Name = JCRAIG | Source = Application Hang | ID = 1002
  238. Description = Hanging application mbam.exe, version 1.75.0.1, hang module hungapp,
  239. version 0.0.0.0, hang address 0x00000000.
  240.  
  241. [ System Events ]
  242. Error - 3/13/2014 10:39:25 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7001
  243. Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
  244. failed to start because of the following error: %%31
  245.  
  246. Error - 3/13/2014 10:39:25 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7001
  247. Description = The IPSEC Services service depends on the IPSEC driver service which
  248. failed to start because of the following error: %%31
  249.  
  250. Error - 3/13/2014 10:39:25 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7026
  251. Description = The following boot-start or system-start driver(s) failed to load:
  252. AFD Fips intelppm IPSec mfehidk mfetdik MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
  253.  
  254. Error - 3/13/2014 10:40:07 AM | Computer Name = JCRAIG | Source = DCOM | ID = 10005
  255. Description = DCOM got error "%1084" attempting to start the service StiSvc with
  256. arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
  257.  
  258. Error - 3/13/2014 10:41:23 AM | Computer Name = JCRAIG | Source = DCOM | ID = 10005
  259. Description = DCOM got error "%1084" attempting to start the service EventSystem
  260. with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
  261.  
  262. Error - 3/13/2014 3:30:42 PM | Computer Name = JCRAIG | Source = sr | ID = 1
  263. Description = The System Restore filter encountered the unexpected error '0xC0000001'
  264. while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
  265. the volume.
  266.  
  267. Error - 3/14/2014 3:21:06 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7022
  268. Description = The Attendance Enterprise Service service hung on starting.
  269.  
  270. Error - 3/14/2014 3:24:49 AM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7034
  271. Description = The Attendance Enterprise Service service terminated unexpectedly.
  272. It has done this 1 time(s).
  273.  
  274. Error - 3/14/2014 5:35:58 PM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7022
  275. Description = The Attendance Enterprise Service service hung on starting.
  276.  
  277. Error - 3/14/2014 5:39:44 PM | Computer Name = JCRAIG | Source = Service Control Manager | ID = 7034
  278. Description = The Attendance Enterprise Service service terminated unexpectedly.
  279. It has done this 1 time(s).
  280.  
  281.  
  282. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!