API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 16th, 2012
112
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.87 KB | None | 0 0
raw download clone embed print report
  1. OTL Extras logfile created on: 11/16/2012 6:59:33 PM - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Korisnik\My Documents\Downloads
  3. Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.6001.18702)
  5. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  6.  
  7. 1015.23 Mb Total Physical Memory | 515.98 Mb Available Physical Memory | 50.82% Memory free
  8. 2.39 Gb Paging File | 1.98 Gb Available in Paging File | 82.86% Paging File free
  9. Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
  12. Drive C: | 78.13 Gb Total Space | 33.98 Gb Free Space | 43.49% Space Free | Partition Type: NTFS
  13. Drive E: | 70.91 Gb Total Space | 68.30 Gb Free Space | 96.32% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: COMPUTER | User Name: Korisnik | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user
  17. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
  20.  
  21.  
  22. [color=#E56717]========== File Associations ==========[/color]
  23.  
  24. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
  25. .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
  26. .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
  27.  
  28. [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
  29. .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
  30.  
  31. [color=#E56717]========== Shell Spawning ==========[/color]
  32.  
  33. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  34. batfile [open] -- "%1" %*
  35. cmdfile [open] -- "%1" %*
  36. comfile [open] -- "%1" %*
  37. cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
  38. exefile [open] -- "%1" %*
  39. http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
  40. https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
  41. piffile [open] -- "%1" %*
  42. regfile [merge] -- Reg Error: Key error.
  43. scrfile [config] -- "%1"
  44. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
  45. scrfile [open] -- "%1" /S
  46. txtfile [edit] -- Reg Error: Key error.
  47. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
  48. Directory [ACDSee 11.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
  49. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  50. Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
  51. Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
  52. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  53.  
  54. [color=#E56717]========== Security Center Settings ==========[/color]
  55.  
  56. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
  57. "FirstRunDisabled" = 1
  58. "AntiVirusDisableNotify" = 1
  59. "FirewallDisableNotify" = 1
  60. "UpdatesDisableNotify" = 1
  61. "AntiVirusOverride" = 0
  62. "FirewallOverride" = 0
  63.  
  64. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
  65.  
  66. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
  67.  
  68. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
  69.  
  70. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
  71.  
  72. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
  73.  
  74. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
  75.  
  76. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
  77.  
  78. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
  79.  
  80. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
  81.  
  82. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
  83.  
  84. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
  85.  
  86. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
  87.  
  88. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
  89.  
  90. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
  91.  
  92. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
  93.  
  94. [color=#E56717]========== System Restore Settings ==========[/color]
  95.  
  96. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
  97. "DisableSR" = 1
  98.  
  99. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
  100. "Start" = 0
  101.  
  102. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
  103. "Start" = 2
  104.  
  105. [color=#E56717]========== Firewall Settings ==========[/color]
  106.  
  107. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
  108.  
  109. [color=#E56717]========== Authorized Applications List ==========[/color]
  110.  
  111. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
  112. "Host-process Windows (Rundll32.exe)" = C:\Documents and Settings\Korisnik\Application Data\System32\csrss.exe -- ()
  113. "Client Server Runtime Process" = C:\Documents and Settings\Korisnik\Application Data\csrss.exe -- ()
  114. "Service Host Process for Windows" = C:\Documents and Settings\Korisnik\Application Data\System32\svchost.exe -- ()
  115.  
  116.  
  117. [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
  118.  
  119. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  120. "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
  121. "{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
  122. "{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
  123. "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
  124. "{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 5.10
  125. "{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
  126. "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
  127. "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
  128. "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
  129. "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
  130. "{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Photo Manager 2009
  131. "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
  132. "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
  133. "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
  134. "{44D02D8B-FFB3-4245-8D26-68D10B4C4023}" = Canyon USB PC Camera
  135. "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
  136. "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
  137. "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
  138. "{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
  139. "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Service Pack 1 Redistributable
  140. "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
  141. "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
  142. "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
  143. "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
  144. "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
  145. "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
  146. "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
  147. "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
  148. "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
  149. "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
  150. "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
  151. "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
  152. "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
  153. "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
  154. "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
  155. "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{471159EB-BECC-453C-B6F2-FE4FAB29B3F3}" =
  156. "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
  157. "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
  158. "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
  159. "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
  160. "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
  161. "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
  162. "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
  163. "{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
  164. "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
  165. "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
  166. "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Service Pack 1 Redistributable
  167. "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
  168. "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
  169. "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
  170. "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
  171. "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
  172. "{D0C04904-ED13-4DB3-ACCA-A41079EBA23C}" = Opera 9.60
  173. "{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
  174. "{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
  175. "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
  176. "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
  177. "Adobe AIR" = Adobe AIR
  178. "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
  179. "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
  180. "AIMP2" = AIMP2
  181. "CCleaner" = CCleaner
  182. "Counter Strike 1.6 FULL v44" = Counter Strike 1.6 FULL v44
  183. "ENTERPRISE" = Microsoft Office Enterprise 2007
  184. "Glary Utilities_is1" = Glary Utilities 2.47.0.1539
  185. "GOM Player" = GOM Player
  186. "HP OrderReminder" = HP OrderReminder
  187. "HP-LaserJet 1018" = LaserJet 1018
  188. "ie8" = Windows Internet Explorer 8
  189. "KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full)
  190. "Microsoft Security Client" = Microsoft Security Essentials
  191. "Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
  192. "MozillaMaintenanceService" = Mozilla Maintenance Service
  193. "Nero8110_Micro_is1" = Nero 8 Micro v8.1.1.0
  194. "Opera 12.02.1578" = Opera 12.02
  195. "Picasa 3" = Picasa 3
  196. "PowerISO" = PowerISO
  197. "Speccy" = Speccy
  198. "Unlocker" = Unlocker 1.8.7
  199. "Updater Service" = Updater Service
  200. "VideoPerformer" = VideoPerformer
  201. "Winamp" = Winamp
  202. "WinRAR archiver" = WinRAR archiver
  203. "Yahoo! Companion" = Yahoo! Toolbar
  204.  
  205. [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
  206.  
  207. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  208. "Google Chrome" = Google Chrome
  209. "uTorrent" = µTorrent
  210. "Winamp Detect" = Winamp Detector Plug-in
  211.  
  212. [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
  213.  
  214. [ Application Events ]
  215. Error - 11/5/2012 2:24:13 PM | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
  216. Description = Task Scheduling Error: m->NextScheduledSPRetry 5281
  217.  
  218. Error - 11/5/2012 2:24:16 PM | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
  219. Description = Task Scheduling Error: Continuously busy for more than a second
  220.  
  221. Error - 11/5/2012 2:24:16 PM | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
  222. Description = Task Scheduling Error: m->NextScheduledEvent 8715937
  223.  
  224. Error - 11/5/2012 2:24:16 PM | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
  225. Description = Task Scheduling Error: m->NextScheduledSPRetry 8715937
  226.  
  227. Error - 11/5/2012 2:24:18 PM | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
  228. Description = Task Scheduling Error: Continuously busy for more than a second
  229.  
  230. Error - 11/5/2012 2:24:18 PM | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
  231. Description = Task Scheduling Error: m->NextScheduledEvent 8718281
  232.  
  233. Error - 11/5/2012 2:24:18 PM | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
  234. Description = Task Scheduling Error: m->NextScheduledSPRetry 8718281
  235.  
  236. Error - 11/6/2012 3:58:51 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
  237. Description = Hanging application firefox.exe, version 16.0.2.4680, hang module
  238. hungapp, version 0.0.0.0, hang address 0x00000000.
  239.  
  240. Error - 11/7/2012 2:10:24 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
  241. Description = Hanging application WinRAR.exe, version 3.80.0.0, hang module hungapp,
  242. version 0.0.0.0, hang address 0x00000000.
  243.  
  244. Error - 11/7/2012 2:10:36 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
  245. Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
  246. hungapp, version 0.0.0.0, hang address 0x00000000.
  247.  
  248. [ System Events ]
  249. Error - 11/13/2012 5:16:51 AM | Computer Name = COMPUTER | Source = Dhcp | ID = 1002
  250. Description = The IP address lease 192.168.1.2 for the Network Card with network
  251. address 001A922113A5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
  252. sent a DHCPNACK message).
  253.  
  254. Error - 11/14/2012 2:33:17 PM | Computer Name = COMPUTER | Source = Microsoft Antimalware | ID = 1119
  255. Description = %%860 has encountered a critical error when taking action on malware
  256. or other potentially unwanted software. For more information please see the following:
  257. http://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Win32/Pdfjsc.AEB&threatid=2147666592
  258.  
  259. Name:
  260. Exploit:Win32/Pdfjsc.AEB ID: 2147666592 Severity: Severe Category: Exploit Path: file:_C:\Documents
  261. and Settings\Korisnik\Local Settings\Temporary Internet Files\Content.IE5\A6KVK37F\ce60c[1].pdf
  262.  
  263. Detection
  264. Origin: %%847 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM
  265.  
  266. Process
  267. Name: E:\games\CS1.6v44\hl.exe Action: %%809 Action Status: No additional actions
  268. required Error Code: 0x80070490 Error description: Element not found. Signature Version:
  269. AV: 1.139.1999.0, AS: 1.139.1999.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.8904.0,
  270. NIS: 0.0.0.0
  271.  
  272. Error - 11/16/2012 3:38:16 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7009
  273. Description = Timeout (30000 milliseconds) waiting for the AMService service to
  274. connect.
  275.  
  276. Error - 11/16/2012 3:38:16 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
  277. Description = The Computer Browser service terminated with the following error:
  278. %%1060
  279.  
  280. Error - 11/16/2012 4:55:27 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7009
  281. Description = Timeout (30000 milliseconds) waiting for the AMService service to
  282. connect.
  283.  
  284. Error - 11/16/2012 4:55:27 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
  285. Description = The Computer Browser service terminated with the following error:
  286. %%1060
  287.  
  288. Error - 11/16/2012 5:35:11 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7009
  289. Description = Timeout (30000 milliseconds) waiting for the AMService service to
  290. connect.
  291.  
  292. Error - 11/16/2012 5:35:11 AM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
  293. Description = The Computer Browser service terminated with the following error:
  294. %%1060
  295.  
  296. Error - 11/16/2012 1:22:16 PM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7009
  297. Description = Timeout (30000 milliseconds) waiting for the AMService service to
  298. connect.
  299.  
  300. Error - 11/16/2012 1:22:16 PM | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
  301. Description = The Computer Browser service terminated with the following error:
  302. %%1060
  303.  
  304.  
  305. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!