Edited to add: I also can't install a printer. It says the RPC (host?) isn't running, even after i start it up and reboot (that's kind of what started it all). And there are a bunch of .tmp files in F:\My Music\iTunes folder.
Thanks!
Chronic
OTL logfile created on: 3/14/2011 4:44:39 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mimi\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 66.00% Paging File free
Paging file location(s): C:\pagefile.sys 512 1024
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24.64 Gb Total Space | 10.80 Gb Free Space | 43.84% Space Free | Partition Type: NTFS
Drive F: | 25.38 Gb Total Space | 16.62 Gb Free Space | 65.48% Space Free | Partition Type: NTFS
Computer Name: MIMI-TOSHIBA | User Name: Mimi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/14 16:34:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mimi\Desktop\OTL.exe
PRC - [2011/03/11 01:50:03 | 001,004,088 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011/02/16 16:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/01/21 18:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/10/08 13:13:54 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/09/23 13:33:42 | 001,141,200 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/09/23 12:17:22 | 000,358,600 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/09/22 17:11:32 | 001,243,088 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/08/31 14:10:18 | 001,593,808 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\Upgrade.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/28 16:23:30 | 000,053,248 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
========== Modules (SafeList) ==========
MOD - [2011/03/14 16:34:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mimi\Desktop\OTL.exe
MOD - [2011/03/02 20:48:50 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/10/08 13:14:02 | 000,451,856 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll
MOD - [2009/09/29 16:30:56 | 000,147,992 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009/09/09 22:54:58 | 000,155,184 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\smum32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/02/16 16:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/01/21 18:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/10/08 13:13:54 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2009/09/23 13:33:42 | 001,141,200 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/09/23 12:17:22 | 000,358,600 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
========== Driver Services (SafeList) ==========
DRV - [2010/07/15 08:44:20 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/07/15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/12/02 12:21:00 | 000,020,616 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\eufs.sys -- (EUFS)
DRV - [2009/12/02 12:20:58 | 000,014,216 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2009/12/02 12:20:56 | 000,026,248 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2009/12/02 12:20:54 | 000,122,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EuDisk.sys -- (EuDisk)
DRV - [2009/10/08 13:14:10 | 000,059,664 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2009/10/08 13:14:10 | 000,033,552 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2009/10/08 13:14:08 | 000,051,984 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2009/09/24 08:55:46 | 000,229,304 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2009/09/23 16:10:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/09/03 09:45:12 | 000,070,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2009/03/25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/03/17 06:01:00 | 000,698,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athr.sys -- (athr)
DRV - [2004/12/22 16:45:36 | 000,393,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/07/30 15:05:06 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPIOMngr.sys -- (SrvcTPIOMngr)
DRV - [2004/06/21 16:53:20 | 000,626,204 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/11/20 10:25:20 | 000,033,847 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wA301a.sys -- ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.1
FF - prefs.js..extensions.enabledItems: {6614d11d-d21d-b211-ae23-815234e1ebb5}:1.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/03/13 10:54:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/08 22:55:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/22 19:09:17 | 000,000,000 | ---D | M]
[2010/05/17 20:57:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mimi\Application Data\Mozilla\Extensions
[2011/03/13 23:43:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mimi\Application Data\Mozilla\Firefox\Profiles\vftmg31p.default\extensions
[2010/08/06 17:04:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mimi\Application Data\Mozilla\Firefox\Profiles\vftmg31p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/28 19:34:22 | 000,000,000 | ---D | M] (Google Shortcuts) -- C:\Documents and Settings\Mimi\Application Data\Mozilla\Firefox\Profiles\vftmg31p.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
[2010/08/06 17:17:55 | 000,000,000 | ---D | M] (Dr.Web anti-virus link checker) -- C:\Documents and Settings\Mimi\Application Data\Mozilla\Firefox\Profiles\vftmg31p.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
[2011/02/22 19:03:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mimi\Application Data\Mozilla\Firefox\Profiles\vftmg31p.default\extensions\staged-xpis
[2011/03/13 23:43:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/24 19:06:15 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/12/28 02:07:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/13 18:43:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/12/28 02:06:42 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/13 10:54:12 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2004/07/02 15:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\components\np32asw.dll
[2004/07/02 15:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32asw.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2002/04/18 09:39:16 | 000,008,192 | ---- | M] (PLATO Learning, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npipcd3.dll
[2005/01/19 21:48:22 | 000,008,192 | ---- | M] (PLATO Learning, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npiPLATO_22.dll
[2011/03/01 00:28:57 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
O1 HOSTS File: ([2011/03/14 16:02:23 | 000,620,421 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com #[server down?]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16373 more lines...
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6770.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1274141510795 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1277009103250 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Mimi\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mimi\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/17 23:40:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/06/25 18:39:00 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/06/25 18:39:01 | 000,000,000 | R--D | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/09/08 16:51:08 | 000,000,000 | RHSD | M] - F:\AUTORUN_.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/08/24 19:07:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mimi\Application Data\skypePM
[2011/08/24 19:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/08/24 19:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/08/24 19:04:57 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/08/24 19:04:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mimi\Application Data\Skype
[2011/08/24 19:04:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011/03/14 16:34:56 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mimi\Desktop\OTL.exe
[2011/03/14 15:58:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/03/13 18:48:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mimi\Recent
[2011/03/13 18:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mimi\Start Menu\Programs\Revo Uninstaller
[2011/03/13 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/03/13 18:27:15 | 000,000,000 | ---D | C] -- C:\lj1010 series
[2011/03/13 18:26:23 | 000,000,000 | ---D | C] -- C:\lj1015
[2011/03/02 19:55:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mimi\Desktop\New Folder (2)
[2011/02/28 22:58:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011/02/28 22:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2011/02/25 11:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/02/23 00:30:35 | 000,000,000 | ---D | C] -- F:\New Folder
[2011/02/22 19:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/02/22 19:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/02/22 19:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/02/22 19:06:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/02/22 19:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mimi\Local Settings\Application Data\Adobe
[2011/02/22 19:04:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/02/12 21:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\ZiPhone
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/08/24 19:07:36 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/08/24 18:04:32 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/03/14 16:48:09 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/14 16:34:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mimi\Desktop\OTL.exe
[2011/03/14 16:02:23 | 000,620,421 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2011/03/14 15:55:26 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/14 15:54:33 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/03/14 15:54:32 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/14 15:54:32 | 000,000,542 | ---- | M] () -- C:\WINDOWS\tasks\PandaUSBVaccine.job
[2011/03/14 15:54:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/13 18:46:40 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Mimi\Desktop\Revo Uninstaller.lnk
[2011/03/13 18:27:00 | 000,928,240 | ---- | M] () -- F:\lj1010serieshb-en.exe
[2011/03/13 18:26:11 | 002,171,903 | ---- | M] () -- F:\lj1015pcl5ewin2kxp2003-en.exe
[2011/03/13 11:52:39 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/03/13 10:59:37 | 000,432,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/13 10:59:37 | 000,067,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/10 23:55:39 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/25 10:46:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/23 23:55:36 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/02/22 19:09:18 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/02/22 19:08:06 | 000,883,743 | ---- | M] () -- F:\TEXAS.pdf
[2011/02/22 19:08:06 | 000,883,743 | ---- | M] () -- C:\Documents and Settings\Mimi\Desktop\TEXAS.pdf
[2011/02/21 18:21:48 | 000,002,083 | ---- | M] () -- C:\Documents and Settings\Mimi\Desktop\Logitech Webcam Software.lnk
[2011/02/16 17:48:25 | 009,030,911 | ---- | M] () -- F:\Chris Brown ft. Lil Wayne & Busta Rhymes – Look At Me Now.mp3
[2011/02/16 17:48:25 | 009,030,911 | ---- | M] () -- C:\Documents and Settings\Mimi\Desktop\Chris Brown ft. Lil Wayne & Busta Rhymes – Look At Me Now.mp3
[2011/02/13 01:31:37 | 000,463,395 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.umbrella
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/08/24 19:07:36 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/08/24 19:05:01 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/08/24 18:59:11 | 000,002,083 | ---- | C] () -- C:\Documents and Settings\Mimi\Desktop\Logitech Webcam Software.lnk
[2011/03/14 16:38:04 | 006,972,597 | ---- | C] () -- F:\12-Kid Cudi - Mr. Rager-RGF.mp3
[2011/03/14 16:35:39 | 009,030,911 | ---- | C] () -- F:\Chris Brown ft. Lil Wayne & Busta Rhymes – Look At Me Now.mp3
[2011/03/14 15:56:31 | 000,883,743 | ---- | C] () -- F:\TEXAS.pdf
[2011/03/13 18:26:59 | 000,928,240 | ---- | C] () -- F:\lj1010serieshb-en.exe
[2011/03/13 18:26:10 | 002,171,903 | ---- | C] () -- F:\lj1015pcl5ewin2kxp2003-en.exe
[2011/02/22 19:09:18 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/02/22 19:09:18 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/02/22 19:07:58 | 000,883,743 | ---- | C] () -- C:\Documents and Settings\Mimi\Desktop\TEXAS.pdf
[2011/01/06 01:18:57 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Mimi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/14 21:00:21 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/10/14 21:00:21 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/08/06 19:46:27 | 001,774,720 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2010/08/06 19:46:27 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2010/08/06 19:46:27 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2010/08/06 19:46:27 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2010/08/06 19:46:27 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2010/08/03 23:45:53 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\PlugPlayPCIDevice.exe
[2010/08/03 23:45:53 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\MFCFirstRemove.exe
[2010/08/03 20:57:24 | 000,011,254 | ---- | C] () -- C:\WINDOWS\System32\locate.com
[2010/08/03 19:34:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2010/06/25 20:58:26 | 000,029,904 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/05/25 19:16:38 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2010/05/25 19:16:38 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat
[2010/05/17 23:43:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/05/17 23:36:39 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/05/17 21:01:03 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/05/17 21:01:03 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2010/05/17 21:01:03 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxhweq.dat
[2010/05/17 20:57:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/05/17 18:27:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/05/17 18:26:23 | 000,158,752 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/01/16 14:45:48 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,432,924 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,067,714 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/31 11:17:12 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
========== LOP Check ==========
[2010/06/25 19:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2011/03/14 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/03 07:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/01/05 22:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mimi\Application Data\AnvSoft
[2011/01/05 01:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mimi\Application Data\Clone2Go Video Converter Professional
[2011/01/05 22:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mimi\Application Data\GetRightToGo
[2011/03/14 15:54:33 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2011/03/14 15:54:32 | 000,000,542 | ---- | M] () -- C:\WINDOWS\Tasks\PandaUSBVaccine.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\dllcache\spra0419.dll:SummaryInformation
@Alternate Data Stream - 186 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7578EF04
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
OTL Extras logfile created on: 3/14/2011 4:44:39 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mimi\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 66.00% Paging File free
Paging file location(s): C:\pagefile.sys 512 1024
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24.64 Gb Total Space | 10.80 Gb Free Space | 43.84% Space Free | Partition Type: NTFS
Drive F: | 25.38 Gb Total Space | 16.62 Gb Free Space | 65.48% Space Free | Partition Type: NTFS
Computer Name: MIMI-TOSHIBA | User Name: Mimi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dmremote.exe" = C:\WINDOWS\system32\dmremote.exe:*:Enabled:dmremote.exe -- (Microsoft Corp.)
"C:\Documents and Settings\Mimi\Desktop\tinyumbrella-4.21.02.exe" = C:\Documents and Settings\Mimi\Desktop\tinyumbrella-4.21.02.exe:*:Enabled:TinyUmbrella - Save your SHSH!
"C:\Documents and Settings\Mimi\Desktop\Firmware&redsn0w\tinyumbrella-4.21.02.exe" = C:\Documents and Settings\Mimi\Desktop\Firmware&redsn0w\tinyumbrella-4.21.02.exe:*:Enabled:TinyUmbrella - Save your SHSH!
"C:\Documents and Settings\Mimi\Desktop\Firmware&redsn0w\tinyumbrella-4.21.07.exe" = C:\Documents and Settings\Mimi\Desktop\Firmware&redsn0w\tinyumbrella-4.21.07.exe:*:Disabled:TinyUmbrella - Save your SHSH! -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}" = Atheros Wireless LAN MiniPCI card Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java 6 Update 24
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7EF2432D-8C52-40C1-962A-1EB0413F25ED}" = TouchPad On/Off Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A29549FD-65F3-440C-A552-6B8114CF319D}" = Skype Toolbars
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DF0B1D6F-DEC5-4831-00B7-FC2ACB464C31}" = The Sims Carnival SnapCity
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CCleaner" = CCleaner
"Clone2Go Video Converter Professional_is1" = Clone2Go Video Converter Professional 1.9.2
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 6.1.1 Home Edition
"EASEUS Todo Backup 1.1_is1" = EASEUS Todo Backup 1.1
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{7EF2432D-8C52-40C1-962A-1EB0413F25ED}" = TouchPad On/Off Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PLATO Web Learning Network Clients" = PLATO Web Learning Network Clients
"Revo Uninstaller" = Revo Uninstaller 1.91
"Spyware Doctor" = Spyware Doctor 7.0
"SpywareBlaster_is1" = SpywareBlaster 4.4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2/3/2011 2:10:07 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2047
Error - 2/3/2011 2:10:09 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2/3/2011 2:10:09 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4375
Error - 2/3/2011 2:10:09 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4375
Error - 2/3/2011 2:10:11 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2/3/2011 2:10:11 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6797
Error - 2/3/2011 2:10:11 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6797
Error - 2/4/2011 8:49:05 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2/4/2011 8:49:05 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22398484
Error - 2/4/2011 8:49:05 PM | Computer Name = MIMI-TOSHIBA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22398484
[ System Events ]
Error - 3/13/2011 7:40:30 PM | Computer Name = MIMI-TOSHIBA | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.
Error - 3/13/2011 7:41:01 PM | Computer Name = MIMI-TOSHIBA | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/13/2011 7:49:46 PM | Computer Name = MIMI-TOSHIBA | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/13/2011 7:49:58 PM | Computer Name = MIMI-TOSHIBA | Source = Service Control Manager | ID = 7034
Description = The McAfee SiteAdvisor Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 3/13/2011 7:50:17 PM | Computer Name = MIMI-TOSHIBA | Source = Service Control Manager | ID = 7034
Description = The Remote Procedure Call (RPC) Locator service terminated unexpectedly.
It has done this 1 time(s).
Error - 3/14/2011 12:35:04 AM | Computer Name = MIMI-TOSHIBA | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.
Error - 3/14/2011 12:35:12 AM | Computer Name = MIMI-TOSHIBA | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 3/14/2011 4:54:43 PM | Computer Name = MIMI-TOSHIBA | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.
Error - 3/14/2011 4:54:51 PM | Computer Name = MIMI-TOSHIBA | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 3/14/2011 5:15:54 PM | Computer Name = MIMI-TOSHIBA | Source = Service Control Manager | ID = 7034
Description = The McAfee SiteAdvisor Service service terminated unexpectedly. It
has done this 1 time(s).
< End of report >
Edited by Chronic_mom, 14 March 2011 - 04:12 PM.