Extras.txt

1. OTL Extras logfile created on: 27/10/2012 17.52.12 - Run 1
2. OTL by OldTimer - Version 3.2.69.0 Folder = E:\OTL
3. Windows XP Windows XP Embedded Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
4. Internet Explorer (Version = 6.0.2900.2180)
5. Locale: 00000410 | Country: Italy | Language: ITA | Date Format: dd/MM/yyyy
6.  
7. 502,80 Mb Total Physical Memory | 321,01 Mb Available Physical Memory | 63,84% Memory free
8. 1,20 Gb Paging File | 1,05 Gb Available in Paging File | 87,33% Paging File free
9. Paging file location(s): C:\pagefile.sys 0 0 [binary data]
10.  
11. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
12. Drive C: | 37,31 Gb Total Space | 29,78 Gb Free Space | 79,83% Space Free | Partition Type: NTFS
13. Drive E: | 3,91 Gb Total Space | 0,92 Gb Free Space | 23,49% Space Free | Partition Type: FAT32
14.  
15. Computer Name: 9020_V01A | User Name: HEN | Logged in as Administrator.
16. Boot Mode: Normal | Scan Mode: All users
17. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
18.  
19. [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
20.  
21.  
22. [color=#E56717]========== File Associations ==========[/color]
23.  
24. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
25. .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL %1,%*
26. .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
27.  
28. [color=#E56717]========== Shell Spawning ==========[/color]
29.  
30. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
31. batfile [open] -- "%1" %*
32. cmdfile [open] -- "%1" %*
33. comfile [open] -- "%1" %*
34. cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL %1,%*
35. exefile [open] -- "%1" %*
36. htmlfile [edit] -- Reg Error: Key error.
37. InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
38. piffile [open] -- "%1" %*
39. regfile [merge] -- Reg Error: Key error.
40. scrfile [config] -- "%1"
41. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
42. scrfile [open] -- "%1" /S
43. txtfile [edit] -- Reg Error: Key error.
44. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
45. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
46. Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
47. Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
48. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
49.  
50. [color=#E56717]========== Security Center Settings ==========[/color]
51.  
52. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
53.  
54. [color=#E56717]========== System Restore Settings ==========[/color]
55.  
56. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
57. "DisableSR" = 0
58.  
59. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
60. "Start" = 0
61.  
62. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
63. "Start" = 2
64.  
65. [color=#E56717]========== Firewall Settings ==========[/color]
66.  
67. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
68. "EnableFirewall" = 1
69. "DoNotAllowExceptions" = 0
70. "DisableNotifications" = 0
71.  
72. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
73. "137:UDP" = 137:UDP:*:Enabled:NetBIOS Name Service
74. "138:UDP" = 138:UDP:*:Enabled:NetBIOS Datagram Service
75. "139:TCP" = 139:TCP:*:Enabled:NetBIOS Session Service
76. "445:TCP" = 445:TCP:*:Enabled:SMB over TCP
77. "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:SSDP
78. "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnp Framework over TCP
79. "3389:TCP" = 3389:TCP:LocalSubnet:Disabled:Remote Desktop
80.  
81. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
82. "EnableFirewall" = 1
83. "DoNotAllowExceptions" = 0
84. "DisableNotifications" = 0
85.  
86. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
87. "137:UDP" = 137:UDP:LocalSubNet:Enabled:NetBIOS Name Service
88. "138:UDP" = 138:UDP:LocalSubNet:Enabled:NetBIOS Datagram Service
89. "139:TCP" = 139:TCP:LocalSubNet:Enabled:NetBIOS Session Service
90. "445:TCP" = 445:TCP:LocalSubNet:Enabled:SMB over TCP
91. "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:SSDP
92. "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnp Framework over TCP
93. "3389:TCP" = 3389:TCP:LocalSubnet:Disabled:Remote Desktop
94. "3292:TCP" = 3292:TCP:*:Enabled:yjpxpjga
95.  
96. [color=#E56717]========== Authorized Applications List ==========[/color]
97.  
98. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
99. "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance -- (Microsoft Corporation)
100. "C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
101.  
102. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
103. "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance -- (Microsoft Corporation)
104. "C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
105. "C:\Program Files\Symantec\pcAnywhere\awhost32.exe" = C:\Program Files\Symantec\pcAnywhere\awhost32.exe:*:Enabled:pcAnywhere Host -- (Symantec Corporation)
106. "C:\Videoteca\Videoteca.exe" = C:\Videoteca\Videoteca.exe:*:Enabled:Videoteca -- (HEN s.r.l. - Kinetics Technology)
107.  
108.  
109. [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
110.  
111. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
112. "{115E8183-866A-11D3-97DF-0000F8D8F2E9}" = Symantec pcAnywhere
113. "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
114. "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
115. "{A8AD990E-355A-4413-8647-A9B168978423}_is1" = UltraVNC v1.0.1
116. "{AC76BA86-0000-7EC8-7489-000000000702}" = Adobe Acrobat 7.0.1 and Reader 7.0.1 Update
117. "{AC76BA86-0000-7EC8-7489-000000000703}" = Adobe Acrobat 7.0.2 and Reader 7.0.2 Update
118. "{AC76BA86-0000-7EC8-7489-000000000704}" = Adobe Acrobat 7.0.3 and Reader 7.0.3 Update
119. "{AC76BA86-7AD7-1040-7B44-A70000000000}" = Adobe Reader 7.0 - Italiano
120. "{C1C0717C-546A-11D7-9963-00A0C92C4EC3}" = Creative Modem Blaster V.92 DI5733
121. "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
122. "AdobeESD" = Adobe Download Manager 2.0 (solo rimozione)
123. "ClamWin Free Antivirus_is1" = ClamWin Free Antivirus 0.95.1
124. "LiveReg" = LiveReg (Symantec Corporation)
125. "LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
126. "Loc Ness_is1" = Loc Ness version 2.9
127. "Notepad++" = Notepad++
128. "Samsung ML-1610 Series" = Samsung ML-1610 Series
129. "ST6UNST #1" = Master Hen 97
130. "Stampante e utility EPSON" = Software per stampante EPSON
131. "WinRAR archiver" = WinRAR archiver
132.  
133. [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
134.  
135. [ Application Events ]
136. Error - 27/10/2012 5.19.30 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7023
137. Description =
138.  
139. Error - 27/10/2012 5.19.30 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7000
140. Description =
141.  
142. Error - 27/10/2012 7.33.21 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7003
143. Description =
144.  
145. Error - 27/10/2012 7.33.21 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7001
146. Description =
147.  
148. Error - 27/10/2012 7.33.21 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7023
149. Description =
150.  
151. Error - 27/10/2012 7.33.21 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7000
152. Description =
153.  
154. Error - 27/10/2012 12.38.49 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7003
155. Description =
156.  
157. Error - 27/10/2012 12.38.49 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7001
158. Description =
159.  
160. Error - 27/10/2012 12.38.49 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7023
161. Description =
162.  
163. Error - 27/10/2012 12.38.49 | Computer Name = 9020_V01A | Source = Service Control Manager | ID = 7000
164. Description =
165.  
166. [ System Events ]
167. Error - 31/12/2010 13.37.41 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
168. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
169. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
170.  
171. Error - 01/01/2011 13.25.16 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
172. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
173. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
174.  
175. Error - 02/01/2011 12.29.47 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
176. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
177. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
178.  
179. Error - 02/01/2011 13.47.49 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
180. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
181. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
182.  
183. Error - 12/01/2011 11.12.58 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
184. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
185. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
186.  
187. Error - 19/01/2011 12.28.03 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
188. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
189. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
190.  
191. Error - 09/03/2011 14.28.22 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
192. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
193. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
194.  
195. Error - 13/03/2011 12.34.42 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
196. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
197. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
198.  
199. Error - 18/03/2011 14.50.00 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
200. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
201. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
202.  
203. Error - 19/09/2011 4.55.36 | Computer Name = 9020_V01A | Source = Serial | ID = 393234
204. Description = Impossibile trovare la sottochiave Parameters per i dati definiti
205. dall'utente. Ciò significa anche che è impossibile trovare la configurazione utente.
206.  
207.  
208. < End of report >