Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- OTL Extras logfile created on: 2012.06.08. 22:47:43 - Run 1
- OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\QE\Desktop
- 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
- Internet Explorer (Version = 9.0.8112.16421)
- Locale: 00000426 | Country: Latvija | Language: LVI | Date Format: yyyy.MM.dd.
- 2,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,46% Memory free
- 4,00 Gb Paging File | 2,79 Gb Available in Paging File | 69,67% Paging File free
- Paging file location(s): ?:\pagefile.sys [binary data]
- %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
- Drive C: | 298,08 Gb Total Space | 226,10 Gb Free Space | 75,85% Space Free | Partition Type: NTFS
- Drive T: | 999,75 Mb Total Space | 330,81 Mb Free Space | 33,09% Space Free | Partition Type: NTFS
- Computer Name: QE-PC | User Name: QE | Logged in as Administrator.
- Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
- Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
- [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
- [color=#E56717]========== File Associations ==========[/color]
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
- .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
- .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
- [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
- .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
- [color=#E56717]========== Shell Spawning ==========[/color]
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
- batfile [open] -- "%1" %*
- cmdfile [open] -- "%1" %*
- comfile [open] -- "%1" %*
- exefile [open] -- "%1" %*
- helpfile [open] -- Reg Error: Key error.
- htmlfile [edit] -- Reg Error: Key error.
- htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
- inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
- InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
- InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
- piffile [open] -- "%1" %*
- regfile [merge] -- Reg Error: Key error.
- scrfile [config] -- "%1"
- scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
- scrfile [open] -- "%1" /S
- txtfile [edit] -- Reg Error: Key error.
- Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
- Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
- Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- Folder [explore] -- Reg Error: Value error.
- Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
- batfile [open] -- "%1" %*
- cmdfile [open] -- "%1" %*
- comfile [open] -- "%1" %*
- cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
- exefile [open] -- "%1" %*
- helpfile [open] -- Reg Error: Key error.
- htmlfile [edit] -- Reg Error: Key error.
- htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
- inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
- piffile [open] -- "%1" %*
- regfile [merge] -- Reg Error: Key error.
- scrfile [config] -- "%1"
- scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
- scrfile [open] -- "%1" /S
- txtfile [edit] -- Reg Error: Key error.
- Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
- Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
- Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- Folder [explore] -- Reg Error: Value error.
- Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- [color=#E56717]========== Security Center Settings ==========[/color]
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
- "cval" = 1
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
- "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
- "AntiVirusOverride" = 0
- "AntiSpywareOverride" = 0
- "FirewallOverride" = 0
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
- [color=#E56717]========== Firewall Settings ==========[/color]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
- "DisableNotifications" = 0
- "EnableFirewall" = 1
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
- "DisableNotifications" = 0
- "EnableFirewall" = 0
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
- "DisableNotifications" = 0
- "EnableFirewall" = 0
- [color=#E56717]========== Authorized Applications List ==========[/color]
- [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
- [color=#E56717]========== Vista Active Application Exception List ==========[/color]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
- "{0703569D-BF5F-4A53-8DE2-D75B366589FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
- "{7DF6DA11-FC7E-4CBA-9571-D0A5477D070D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
- "{97077D32-8A3E-4528-A90B-A9183F10080B}" = protocol=6 | dir=in | app=t:\pele\darkcomet.exe |
- "{EBE9E0D5-A608-4C59-B063-8FA0769CF43B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
- "{F546FC46-A33A-4799-BAA3-D4A1F152836B}" = protocol=17 | dir=in | app=t:\pele\darkcomet.exe |
- "TCP Query User{19B2FF81-BC48-4F58-8952-4B7AC4F09F52}T:\pele\darkcomet.exe" = protocol=6 | dir=in | app=t:\pele\darkcomet.exe |
- "TCP Query User{8963F876-8D42-4398-8D97-C4C512DDD3D0}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
- "TCP Query User{A9010678-6B5C-441F-ACDA-C97BB24B6032}C:\program files (x86)\steam\steamapps\neparsteidzmani\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\neparsteidzmani\team fortress 2\hl2.exe |
- "TCP Query User{BA4C3B08-B5E3-4038-B6AA-D8698DDA6C79}C:\program files (x86)\steam\steamapps\toms12346\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\toms12346\team fortress 2\hl2.exe |
- "TCP Query User{C5908935-410D-48F4-9088-EF15BD00B5C5}C:\users\qe\desktop\micro-pele\1.client\microrat.exe" = protocol=6 | dir=in | app=c:\users\qe\desktop\micro-pele\1.client\microrat.exe |
- "TCP Query User{F0DA3FF6-A443-4D94-8881-1D70287AD3B5}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
- "UDP Query User{42B6F34A-9DF9-4CAB-9121-843FBAF1A83F}C:\program files (x86)\steam\steamapps\neparsteidzmani\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\neparsteidzmani\team fortress 2\hl2.exe |
- "UDP Query User{86BFE924-BB90-4FB6-99E7-43486E240E25}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
- "UDP Query User{9BD34D70-4888-40E1-93D9-0D73C0A89E88}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
- "UDP Query User{C9858F85-D313-407C-9F04-00EFD0AD5131}C:\program files (x86)\steam\steamapps\toms12346\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\toms12346\team fortress 2\hl2.exe |
- "UDP Query User{D3B22284-7CCF-4D4E-A525-BFD67E392E7B}C:\users\qe\desktop\micro-pele\1.client\microrat.exe" = protocol=17 | dir=in | app=c:\users\qe\desktop\micro-pele\1.client\microrat.exe |
- "UDP Query User{E1964D1D-F4CF-4BB1-BEEA-E3E1AD0B2244}T:\pele\darkcomet.exe" = protocol=17 | dir=in | app=t:\pele\darkcomet.exe |
- [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
- 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
- "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
- "{AAB8D5E4-22C4-4670-9457-5AD361D71C84}" = Latvian (Apostrofs v0.3; punkts)
- "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
- "{FD67869B-C97B-4F2C-AD80-ABF130238441}" = Oracle VM VirtualBox 4.1.16
- "CCleaner" = CCleaner
- "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
- "Sandboxie" = Sandboxie 3.70 (64-bit)
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
- "{0147A0F8-C239-4C0E-A6E5-0E04560267F8}" = DNSCrypt
- "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
- "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
- "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
- "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
- "{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
- "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
- "{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
- "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
- "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
- "{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
- "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
- "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
- "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
- "Mozilla Firefox 13.0 (x86 lv)" = Mozilla Firefox 13.0 (x86 lv)
- "MozillaMaintenanceService" = Mozilla Maintenance Service
- "NoIPDUC" = No-IP DUC
- "Notepad++" = Notepad++
- "OpenVPN" = OpenVPN 2.2.2
- "ResourceHacker_is1" = Resource Hacker Version 3.6.0
- "Steam App 440" = Team Fortress 2
- "TrueCrypt" = TrueCrypt
- "WinRAR archiver" = WinRAR 4.11 (32-bit)
- "xampp" = XAMPP 1.7.7
- [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
- "CodeBlocks" = CodeBlocks
- "Google Chrome" = Google Chrome
- [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
- [ Application Events ]
- Error - 2012.06.07. 4:19:19 | Computer Name = QE-PC | Source = ESENT | ID = 455
- Description = Windows (1812) Windows: Error -1811 occurred while opening logfile
- C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS000A5.log.
- Error - 2012.06.07. 4:19:20 | Computer Name = QE-PC | Source = Windows Search Service | ID = 9000
- Description =
- Error - 2012.06.07. 4:19:21 | Computer Name = QE-PC | Source = Windows Search Service | ID = 7040
- Description =
- Error - 2012.06.07. 4:19:21 | Computer Name = QE-PC | Source = Windows Search Service | ID = 7042
- Description =
- Error - 2012.06.07. 4:19:21 | Computer Name = QE-PC | Source = Windows Search Service | ID = 9002
- Description =
- Error - 2012.06.07. 4:19:21 | Computer Name = QE-PC | Source = Windows Search Service | ID = 3029
- Description =
- Error - 2012.06.07. 4:19:23 | Computer Name = QE-PC | Source = Windows Search Service | ID = 3029
- Description =
- Error - 2012.06.07. 4:19:23 | Computer Name = QE-PC | Source = Windows Search Service | ID = 3028
- Description =
- Error - 2012.06.07. 4:19:23 | Computer Name = QE-PC | Source = Windows Search Service | ID = 3058
- Description =
- Error - 2012.06.07. 4:19:23 | Computer Name = QE-PC | Source = Windows Search Service | ID = 7010
- Description =
- [ System Events ]
- Error - 2012.06.07. 4:19:23 | Computer Name = QE-PC | Source = Service Control Manager | ID = 7024
- Description = The Windows Search service terminated with service-specific error
- %%-1073473535.
- Error - 2012.06.07. 4:19:23 | Computer Name = QE-PC | Source = Service Control Manager | ID = 7031
- Description = The Windows Search service terminated unexpectedly. It has done this
- 1 time(s). The following corrective action will be taken in 30000 milliseconds:
- Restart the service.
- Error - 2012.06.07. 4:19:46 | Computer Name = QE-PC | Source = Service Control Manager | ID = 7009
- Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
- Search service to connect.
- Error - 2012.06.07. 4:19:46 | Computer Name = QE-PC | Source = Service Control Manager | ID = 7000
- Description = The Windows Search service failed to start due to the following error:
- %%1053
- Error - 2012.06.08. 8:22:44 | Computer Name = QE-PC | Source = DCOM | ID = 10010
- Description =
- Error - 2012.06.08. 8:23:04 | Computer Name = QE-PC | Source = DCOM | ID = 10005
- Description =
- Error - 2012.06.08. 8:23:04 | Computer Name = QE-PC | Source = Service Control Manager | ID = 7038
- Description = The upnphost service was unable to log on as NT AUTHORITY\LocalService
- with the currently configured password due to the following error: %%1352 To ensure
- that the service is configured properly, use the Services snap-in in Microsoft
- Management Console (MMC).
- Error - 2012.06.08. 8:23:04 | Computer Name = QE-PC | Source = Service Control Manager | ID = 7000
- Description = The UPnP Device Host service failed to start due to the following
- error: %%1069
- Error - 2012.06.08. 13:21:48 | Computer Name = QE-PC | Source = EventLog | ID = 6008
- Description = The previous system shutdown at 19:18:54 on ?2012.?06.?08. was unexpected.
- Error - 2012.06.08. 13:31:51 | Computer Name = QE-PC | Source = DCOM | ID = 10010
- Description =
- < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement