OTL Extras logfile created on: 5/13/2011 9:31:22 AM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Installed Programs\Virus Malware Stuff\Old Timer From Geek Squad Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 139.03 Gb Total Space | 74.02 Gb Free Space | 53.24% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 5.63 Gb Free Space | 56.24% Space Free | Partition Type: NTFS Computer Name: CARMANS | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- () "C:\Program Files\Defender Pro\Defender Pro\DpReg.exe" = C:\Program Files\Defender Pro\Defender Pro\DpReg.exe:*:Enabled:Defender Pro 15 in 1 -- (BitDefender S.R.L.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers "{12018183-866A-11D3-97DF-0000F8D8F2E9}" = Symantec pcAnywhere "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{262C7F33-8251-432E-88C1-E9F42A53F8F0}" = PDFill PDF Editor with FREE PDF Writer and Tools "{28DE1E36-090A-408B-AA7D-7E5316526011}" = Defender Pro 15-in-1 "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2BA09774-34F7-4A06-8C7E-B69E44CB9EB0}" = DriverBoost "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35748B06-FCFC-4700-8285-DAD41689E4FE}" = Broadcom TPM Driver Installer "{38DD9AAA-A09A-42FF-A9EE-DA9C84B2E036}" = Dual-Core Optimizer "{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager "{451E6F89-34C0-1FE0-5A74-B4725CEEDB93}" = HughesNet Status Meter "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{69333A04-5134-40A5-A055-9166A7AA1EC8}" = "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari "{79F86C69-2B17-4368-9234-472A23639E16}" = Ad-Aware "{821DABD6-26F2-49E5-AE55-40A589ADBE6D}" = Pharaoh and Cleopatra "{830D40F7-7092-4418-BE17-F7F7899F2B41}" = e-Sword "{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support "{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{92BF38A8-5616-4209-87A3-D910B45A1D98}" = Homescan Internet Transporter "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9F185C48-595B-401A-A1D6-AAB324890DC4}" = GiPo@MoveOnBoot 1.9.5 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver 11.0 03 "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation) "{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager "{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter "{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer "{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}" = Broadcom Management Programs "53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "Burger Island_is1" = Burger Island "Caesar 3" = Caesar 3 "Canon MG5200 series User Registration" = Canon MG5200 series User Registration "Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility "Canon_IJ_Network_UTILITY" = Canon IJ Network Tool "CanonMyPrinter" = Canon My Printer "CanonSolutionMenuEX" = Canon Solution Menu EX "Civil War Generals II Demo" = Civil War Generals II Demo "com.hughesnet.HughesNetStatusMeter.92D257A0BA68956E9AA1D50589E83FF4134CD6A8.1" = HughesNet Status Meter "Coupon Printer for Windows4.0" = Coupon Printer for Windows "Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows "Dell AIO Printer A920" = Dell AIO Printer A920 "Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX "eMusic Download Manager" = eMusic Download Manager 4.1.4 "EPSON Scanner" = EPSON Scan "ExamView Pro" = ExamView Pro "FileASSASSIN" = FileASSASSIN "FTDICOMM" = FTDI USB Serial Converter Drivers "GPL Ghostscript 8.63" = GPL Ghostscript 8.63 "ie8" = Windows Internet Explorer 8 "LiveReg" = LiveReg (Symantec Corporation) "LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8) "MP Navigator EX 4.0" = Canon MP Navigator EX 4.0 "NSS" = Norton Security Scan "Sierra Utilities" = Sierra Utilities "SimCity 3000" = SimCity 3000 "WIC" = Windows Imaging Component "Windows XP Service Pack" = Windows XP Service Pack 3 "Zynga Toolbar" = Zynga Toolbar [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Move Networks Player - IE" = Move Networks Media Player for Internet Explorer "Smilebox" = Smilebox [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 5/12/2011 4:37:14 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 5984 Error - 5/12/2011 9:20:54 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 5/12/2011 9:20:54 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 17025718 Error - 5/12/2011 9:20:54 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 17025718 Error - 5/12/2011 9:20:56 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 5/12/2011 9:20:56 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 17027875 Error - 5/12/2011 9:20:56 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 17027875 Error - 5/12/2011 9:20:58 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 5/12/2011 9:20:58 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 17029890 Error - 5/12/2011 9:20:58 AM | Computer Name = CARMANS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 17029890 [ System Events ] Error - 5/5/2011 3:02:39 PM | Computer Name = CARMANS | Source = DCOM | ID = 10010 Description = The server {B2B3C70A-B20F-40B7-90C5-EA7E946C16E0} did not register with DCOM within the required timeout. Error - 5/6/2011 7:07:17 PM | Computer Name = CARMANS | Source = Service Control Manager | ID = 7011 Description = Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. Error - 5/8/2011 7:32:27 AM | Computer Name = CARMANS | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error - 5/8/2011 5:15:01 PM | Computer Name = CARMANS | Source = PSched | ID = 14103 Description = QoS [Adapter {0D6FE33D-FAC6-4A44-A91A-1CCB21B88559}]: The netcard driver failed the query for OID_GEN_LINK_SPEED. Error - 5/9/2011 11:10:55 AM | Computer Name = CARMANS | Source = PSched | ID = 14103 Description = QoS [Adapter {0D6FE33D-FAC6-4A44-A91A-1CCB21B88559}]: The netcard driver failed the query for OID_GEN_LINK_SPEED. Error - 5/10/2011 9:20:04 AM | Computer Name = CARMANS | Source = PSched | ID = 14103 Description = QoS [Adapter {0D6FE33D-FAC6-4A44-A91A-1CCB21B88559}]: The netcard driver failed the query for OID_GEN_LINK_SPEED. Error - 5/11/2011 3:07:57 PM | Computer Name = CARMANS | Source = PSched | ID = 14103 Description = QoS [Adapter {0D6FE33D-FAC6-4A44-A91A-1CCB21B88559}]: The netcard driver failed the query for OID_GEN_LINK_SPEED. Error - 5/12/2011 9:20:53 AM | Computer Name = CARMANS | Source = PSched | ID = 14103 Description = QoS [Adapter {0D6FE33D-FAC6-4A44-A91A-1CCB21B88559}]: The netcard driver failed the query for OID_GEN_LINK_SPEED. Error - 5/12/2011 9:27:19 PM | Computer Name = CARMANS | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error - 5/12/2011 9:39:25 PM | Computer Name = CARMANS | Source = DCOM | ID = 10005 Description = DCOM got error "%1055" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820} < End of report >