OTL Extras logfile created on: 16.02.2010 21:16:37 - Run 1 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Administrator\Desktop\GeekstoGo Windows Server 2003 Standard Edition Service Pack 2 (Version = 5.2.3790) - Type = NTDomainController Internet Explorer (Version = 8.0.6001.18702) Locale: 00000414 | Country: Norway | Language: NOR | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 48,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 24,42 Gb Total Space | 5,92 Gb Free Space | 24,26% Space Free | Partition Type: NTFS Drive D: | 112,28 Gb Total Space | 42,28 Gb Free Space | 37,65% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DC01 Current User Name: administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\VERITAS\Backup Exec\beremote.exe" = C:\Program Files\VERITAS\Backup Exec\beremote.exe:*:Enabled:Backup Exec Remote Agent for Windows Servers -- (Symantec Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04DDF575-93A4-4682-A4F1-ABD29ECDFE04}" = HP Insight Diagnostics Online Edition for Windows "{05B15731-0E40-4433-9F0E-FF5F966B2C0F}" = HP Lights-Out Online Configuration Utility "{05DEE64C-B63B-495A-B36C-4277663FAAA0}" = Windows Small Business Server ActiveSync "{108BE742-0564-4734-AE54-74F81263FB04}" = Windows Small Business Server Licensing "{12650598-D7B9-4FB5-91B2-2CAA641AC589}" = Trend Micro RUBotted "{20608BFA-6068-48FE-A410-400F2A124C27}" = Microsoft SQL Server Management Studio Express "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 17 "{2AC7A984-9B28-46C4-9D63-5CCF5EE97B36}" = HP Power Manager "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types "{34D6E797-AA32-455D-8E65-4EBD1AC9DED7}" = HP ProLiant PCI-express Power Management Update for Windows "{38ADB9A6-798C-11D6-A855-00105A80791C}" = OKI Network Extension "{3C4DF0FD-95CF-4F7B-A816-97CEF616948F}" = HP System Management Homepage "{3CE06D54-72B1-44B2-AB60-E4277EC80EF4}" = Microsoft XML Parser "{3CF8BDBC-DA0F-45FA-A4B9-3A31CCE774E9}" = Windows Small Business Server Backup "{42A6C8F8-1DB5-4A0B-8841-7423C4C5BC54}" = HP StorageWorks Library and Tape Tools "{4E5563B6-DE0A-4F3B-A5D6-15789FD12D9B}" = Headless Server Registry Update "{53BE2241-531B-49FB-B03D-06C377179548}" = Windows Small Business Server IE Client App "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{5546F70C-0437-44EE-A923-7C23E6EFF689}" = Windows Small Business Server Monitoring "{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer "{5A5F45AE-0250-4C34-9D89-F10BDDEE665F}" = HP Version Control Agent "{5DB0ECA1-4C56-488B-9BF1-FB300D9E1F54}" = Trend Micro Plug-in Manager "{65657C59-23A8-4974-B8E0-BA04EBD04E4F}" = Microsoft SQL Server Desktop Engine (SHAREPOINT) "{671E4E4D-4798-4F66-9C9E-C5762E73179E}" = Microsoft XML Parser "{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7CAE1C03-89D9-4C32-B346-7FFBCDE8DFB5}" = Visma Lønn "{7F82FE45-E5B5-45D5-AD1D-2CF381E0512F}" = Cisco ASDM Launcher "{7FB55E52-C72D-4165-85D0-383ED3D7253F}" = Windows Small Business Server Client Setup "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8952E993-139E-4E71-881F-DD40E4DB8F81}" = Windows Small Business Server Admin "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components "{90E00409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Outlook 2003 "{91140409-7000-11D3-8CFE-0150048383C9}" = Microsoft Windows SharePoint Services 2.0 "{9189BADC-23A7-487D-B206-AD3A89A4F45D}" = Windows Small Business Server Fax "{91B90409-8000-11D3-8CFE-0150048383C9}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A2B40ABC-025A-4389-8148-86CED357B259}" = Microsoft Connector for POP3 Mailboxes "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A344F95E-E51A-450C-8F84-C940BF61903E}" = OKI Color Swatch Utility "{A34AC564-B4A3-4D45-B969-403BC39F0E6A}" = Microsoft .NET Framework 1.1 -- Device Update 4.0 "{A514D1FA-17D0-4328-9EC6-66C7FF7D958C}" = HP Smart Array SAS/SATA Event Notification Service "{A5E98C65-585A-45AB-BFC3-8555305B9929}" = Windows Small Business Server Documents "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3 "{B58E39B9-12E2-4E9B-A01B-9B896C6A52A8}" = Windows Small Business Server Connectivity "{B7300824-E68F-45F1-BAC1-5F15636C346F}" = Microsoft SQL Server Desktop Engine (SBSMonitoring) "{B85BA2E5-BD10-4B9D-AE29-BC11947A834D}" = Symantec Backup Exec for Windows Servers "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client "{BF458EEF-253E-44DF-AF45-7F77FB44C1A1}" = HP Array Configuration Utility "{C075FBA4-9E78-4B76-88BC-6865AD2454D6}" = Trend Micro Messaging Security Agent "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C293E1D0-8085-4830-B806-1BA0FEF9C4A4}" = Windows Small Business Server Client Experience "{C450CD0F-71AC-4661-867E-E79A2F7E7044}" = HP ProLiant Integrated Management Log Viewer "{C73E81BF-432C-44E2-831D-F46081CA6E28}" = Windows Small Business Server Remote Portal "{C8885E66-9862-4CEE-ADC4-F4769598C795}" = VERITAS Update "{CA3553E0-191B-4E2F-AD3C-82E33CB9D4E4}" = Microsoft Group Policy Management Console with SP1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D7B169BD-D8BF-4520-B519-81F85AD91843}" = HP Array Diagnostic Utility "{D846DDEE-EDF2-445F-96A4-175544202D32}" = Windows Small Business Server Fax Cfg "{DED8E8E1-A958-42DB-9E55-3738BCCDE5E3}" = HP Array Configuration Utility CLI "{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (BKUPEXEC) "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E721BEC1-887A-4D26-BE10-7E0336B7CAC7}" = Windows Small Business Server Common "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects "{F7A706C8-AE0D-431A-B3FD-4FF1A3747ACB}" = HP Insight Management Agents "{F98F8066-B2F1-4B81-A759-6794494F8640}" = HP ProLiant Remote Monitor Service "5717D53E-DD6D-4d1e-8A1F-C7BE620F65AA" = Windows Small Business Server 2003 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "ATI Display Driver" = ATI Display Driver "Browser Defender_is1" = Browser Defender 2.0.6.11 "CCleaner" = CCleaner "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "InstallShield_{42A6C8F8-1DB5-4A0B-8841-7423C4C5BC54}" = HP StorageWorks Library and Tape Tools "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Health Monitor 2.1" = Microsoft Health Monitor 2.1 "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "OfficeScanNT" = Trend Micro Client/Server Security Agent "Security Server-dc01.Septikservice.local" = Trend Micro Security Server "SMEX_{C075FBA4-9E78-4B76-88BC-6865AD2454D6}" = Trend Micro Messaging Security Agent "Spyware Doctor" = Spyware Doctor 7.0 "VERITAS Backup Exec 10.0" = Symantec Backup Exec (TM) 10d for Windows Servers "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "WIC" = Windows Imaging Component "WinRAR archiver" = WinRAR archiver "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "ASDM on 192.168.40.1" = ASDM on 192.168.40.1 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >