OTL logfile created on: 1/2/2011 2:42:45 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Gary\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
447.00 Mb Total Physical Memory | 163.00 Mb Available Physical Memory | 37.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 30.42 Gb Free Space | 81.68% Space Free | Partition Type: NTFS
Computer Name: GARY-8A733E5E27 | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/01/02 14:40:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary\Desktop\OTL.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/12/01 04:14:46 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/12/01 04:14:14 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2010/11/23 13:34:16 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/05/26 16:15:11 | 000,323,976 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 13:39:30 | 000,315,392 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
PRC - [2003/05/21 14:35:50 | 000,004,608 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\carpserv.exe
========== Modules (SafeList) ========== MOD - [2011/01/02 14:40:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary\Desktop\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007/03/26 11:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/06 10:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2003/03/09 20:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ========== DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 02:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 02:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2004/08/04 17:05:20 | 000,341,760 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/08/04 05:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/03 15:32:22 | 000,231,552 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ac97ali.sys -- (aliadwdm)
DRV - [2004/05/15 20:29:12 | 000,701,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/05/21 14:35:56 | 000,030,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher)
DRV - [2003/05/21 14:33:54 | 000,179,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI)
DRV - [2003/05/21 14:32:32 | 000,631,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/05/21 14:31:22 | 001,063,040 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2001/08/17 06:49:02 | 000,026,624 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alifir.sys -- (ALiIRDA)
DRV - [2001/08/17 05:12:32 | 000,016,074 | ---- | M] (NETGEAR Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FA312nd5.sys -- (FA312)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/12/27 14:08:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010/10/22 08:36:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/15 18:06:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/15 18:06:12 | 000,000,000 | ---D | M]
[2010/10/18 22:10:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Extensions
[2010/10/22 08:56:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\bbgyvvhz.default\extensions
[2011/01/02 11:01:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/14 11:08:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/27 14:08:01 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX
[2010/11/14 11:07:20 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/14 11:07:19 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKCU\..\Toolbar\ShellBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe (ArcSoft, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 7448389587 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Gary\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gary\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/17 23:25:10 | 000,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/01/02 14:40:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gary\Desktop\OTL.exe
[2011/01/02 11:08:52 | 000,000,000 | ---D | C] -- C:\rsit
[2011/01/02 11:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2011/01/02 11:03:00 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Gary\Desktop\MGADiag.exe
[2011/01/01 12:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/01/01 12:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Start Menu\Programs\HiJackThis
[2010/12/30 15:10:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Diamond Cut Audio
[2010/12/30 15:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\Diamond Cut Productions
[2010/12/28 20:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Desktop\RMHP
[2010/12/24 16:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Game Booster
[2010/12/21 13:37:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\My Documents\Resume soon
[2010/12/16 20:30:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\My Documents\Downloads
[2010/12/16 19:28:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/16 19:23:32 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/10 16:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\My Documents\Photos
[2010/12/08 13:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\My Documents\ArcSoft
[2010/12/08 12:35:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Application Data\ArcSoft
[2010/12/08 12:34:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft TotalMedia Backup
[2010/12/08 12:34:00 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2010/12/04 11:37:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gary\Recent
[2003/04/09 12:13:50 | 000,577,536 | ---- | C] (Hewlett-Packard) -- C:\Program Files\Common Files\Setup.exe
[2003/03/09 20:30:44 | 000,184,320 | ---- | C] (HP) -- C:\Program Files\Common Files\hpzscr07.dll
[2003/03/09 20:30:42 | 000,274,432 | ---- | C] (HP) -- C:\Program Files\Common Files\hpzglu07.exe
[2003/03/09 20:30:42 | 000,237,568 | ---- | C] (Hewlett-Packard Co.) -- C:\Program Files\Common Files\hpzc3212.dll
[2002/09/09 17:48:20 | 000,022,608 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\usbprint.sys
[2002/09/09 17:48:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\usbmon.dll
[2002/09/09 17:47:52 | 000,254,005 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\msvcrt.dll
[2002/09/09 17:47:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\msvcirt.dll
[2002/09/09 17:47:00 | 000,212,992 | ---- | C] (HP) -- C:\Program Files\Common Files\hpzpnp07.dll
[2002/09/09 17:46:50 | 000,049,212 | ---- | C] (Hewlett-Packard) -- C:\Program Files\Common Files\hpzjvp01.dll
[2002/09/09 17:46:42 | 000,249,913 | ---- | C] (Hewlett-Packard) -- C:\Program Files\Common Files\hpzjut01.dll
[2002/09/09 17:46:32 | 000,417,849 | ---- | C] (Hewlett-Packard) -- C:\Program Files\Common Files\hpzjpp01.dll
[2002/09/09 17:46:24 | 000,028,722 | ---- | C] (Hewlett-Packard) -- C:\Program Files\Common Files\hpzjlog.dll
[2002/09/06 09:54:56 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\MFC42.DLL
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/01/02 14:40:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary\Desktop\OTL.exe
[2011/01/02 14:33:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/02 14:32:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/02 11:08:03 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\RSIT.exe
[2011/01/02 11:03:10 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Gary\Desktop\MGADiag.exe
[2011/01/02 10:48:48 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\HiJackThis.lnk
[2011/01/02 08:57:10 | 103,260,215 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/01/01 20:24:38 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Gary\My Documents\Thumb done wrong.doc
[2011/01/01 16:32:14 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\Gary\My Documents\Invoice 2011-01.doc
[2011/01/01 13:39:20 | 000,301,221 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\Odessa Xmas.jpg
[2011/01/01 12:31:59 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\HiJackThis.msi
[2011/01/01 09:11:20 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/31 21:00:32 | 000,000,388 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1288148103.job
[2010/12/31 20:15:40 | 001,379,280 | R--- | M] () -- C:\Documents and Settings\Gary\Desktop\I_have_no_secrets.wmv
[2010/12/31 09:03:35 | 000,540,220 | ---- | M] () -- C:\Documents and Settings\Gary\My Documents\Turkey trot video.wav
[2010/12/31 09:03:35 | 000,031,316 | ---- | M] () -- C:\Documents and Settings\Gary\My Documents\Turkey trot video.pkf
[2010/12/31 08:52:59 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DC8.lnk
[2010/12/30 09:55:31 | 000,000,525 | ---- | M] () -- C:\hpfr3420.xml
[2010/12/30 09:34:02 | 000,000,191 | ---- | M] () -- C:\Documents and Settings\Gary\My Documents\DPE.DUS
[2010/12/28 11:25:47 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Gary\My Documents\Back from a recent road trip.doc
[2010/12/24 16:53:16 | 000,768,000 | ---- | M] () -- C:\Documents and Settings\Gary\My Documents\Presidiio, TX.doc
[2010/12/24 16:36:44 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/12/23 19:18:31 | 000,814,592 | ---- | M] () -- C:\Documents and Settings\Gary\My Documents\Christmas card1.pub
[2010/12/23 14:51:19 | 000,814,592 | ---- | M] () -- C:\Documents and Settings\Gary\My Documents\Christmas card.pub
[2010/12/21 13:47:03 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\Gary Rossmiller.doc
[2010/12/18 08:35:12 | 000,000,389 | ---- | M] () -- C:\Documents and Settings\Gary\Desktop\Photos.lnk
[2010/12/16 19:57:28 | 000,189,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/16 19:46:23 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/08 12:35:45 | 000,000,020 | -HS- | M] () -- C:\ArcDeviceInfo
[2010/12/08 12:34:31 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TotalMedia Backup Monitor.lnk
[2010/12/08 12:34:28 | 000,001,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TotalMedia Backup.lnk
[2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/01/02 11:08:00 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\RSIT.exe
[2011/01/01 19:08:52 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\Thumb done wrong.doc
[2011/01/01 16:32:13 | 000,225,280 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\Invoice 2011-01.doc
[2011/01/01 13:39:19 | 000,301,221 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\Odessa Xmas.jpg
[2011/01/01 12:33:48 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\HiJackThis.lnk
[2011/01/01 12:31:51 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\HiJackThis.msi
[2010/12/31 20:15:40 | 001,379,280 | R--- | C] () -- C:\Documents and Settings\Gary\Desktop\I_have_no_secrets.wmv
[2010/12/31 09:03:35 | 000,031,316 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\Turkey trot video.pkf
[2010/12/31 09:02:45 | 000,540,220 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\Turkey trot video.wav
[2010/12/30 15:10:59 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DC8.lnk
[2010/12/27 13:49:31 | 000,000,191 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\DPE.DUS
[2010/12/24 16:53:15 | 000,768,000 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\Presidiio, TX.doc
[2010/12/24 16:36:44 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/12/23 19:17:03 | 000,814,592 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\Christmas card1.pub
[2010/12/23 11:49:49 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\Back from a recent road trip.doc
[2010/12/22 19:16:46 | 000,814,592 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\Christmas card.pub
[2010/12/21 13:41:24 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\Gary Rossmiller.doc
[2010/12/21 13:36:59 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Gary\My Documents\files.xls
[2010/12/18 08:35:11 | 000,000,389 | ---- | C] () -- C:\Documents and Settings\Gary\Desktop\Photos.lnk
[2010/12/16 19:33:56 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/12/08 12:35:45 | 000,000,020 | -HS- | C] () -- C:\ArcDeviceInfo
[2010/12/08 12:34:31 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TotalMedia Backup Monitor.lnk
[2010/12/08 12:34:28 | 000,001,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TotalMedia Backup.lnk
[2010/11/09 20:22:41 | 000,000,120 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2010/10/26 19:31:37 | 000,000,217 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/10/21 11:46:40 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/19 01:22:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/10/17 17:07:30 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/04/22 09:46:52 | 002,719,744 | ---- | C] () -- C:\Program Files\Common Files\aiodrv.msi
[2003/04/22 09:42:04 | 002,588,672 | ---- | C] () -- C:\Program Files\Common Files\aiosw.msi
[2003/04/22 09:24:10 | 000,016,606 | ---- | C] () -- C:\Program Files\Common Files\hpomdl01.dat
[2003/04/22 09:24:02 | 000,019,469 | ---- | C] () -- C:\Program Files\Common Files\autorun.inf
[2003/04/22 09:23:58 | 000,000,267 | ---- | C] () -- C:\Program Files\Common Files\readme.html
[2003/04/09 17:19:46 | 000,002,848 | ---- | C] () -- C:\Program Files\Common Files\hpound08.inf
[2003/04/09 17:19:42 | 000,014,157 | ---- | C] () -- C:\Program Files\Common Files\hpousc08.inf
[2003/04/09 17:00:50 | 000,002,889 | ---- | C] () -- C:\Program Files\Common Files\hpousb08.inf
[2003/04/09 17:00:48 | 000,004,715 | ---- | C] () -- C:\Program Files\Common Files\hpoglu08.inf
[2003/03/20 15:20:50 | 000,022,523 | ---- | C] () -- C:\Program Files\Common Files\HPZius12.cat
[2003/03/20 15:20:48 | 000,022,082 | ---- | C] () -- C:\Program Files\Common Files\hpzist12.cat
[2003/03/20 15:20:46 | 000,024,728 | ---- | C] () -- C:\Program Files\Common Files\HPZipr12.cat
[2003/03/20 15:20:44 | 000,022,082 | ---- | C] () -- C:\Program Files\Common Files\HPZid412.cat
[2003/03/20 15:20:42 | 000,021,641 | ---- | C] () -- C:\Program Files\Common Files\HPOunp08.cat
[2003/03/20 15:20:40 | 000,024,285 | ---- | C] () -- C:\Program Files\Common Files\hposcu08.cat
[2003/03/20 15:20:38 | 000,205,503 | ---- | C] () -- C:\Program Files\Common Files\hpoprn08.cat
[2003/03/09 20:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2003/03/09 20:30:44 | 000,016,352 | ---- | C] () -- C:\Program Files\Common Files\HPZUCI12.DLL
[2003/03/09 20:30:44 | 000,014,285 | ---- | C] () -- C:\Program Files\Common Files\hpzius12.inf
[2003/03/09 20:30:44 | 000,010,325 | ---- | C] () -- C:\Program Files\Common Files\hpzipr12.inf
[2003/03/09 20:30:44 | 000,003,667 | ---- | C] () -- C:\Program Files\Common Files\hpzist12.inf
[2003/03/09 20:30:42 | 000,063,562 | ---- | C] () -- C:\Program Files\Common Files\hposcu08.inf
[2003/03/09 20:30:42 | 000,051,266 | ---- | C] () -- C:\Program Files\Common Files\hpoprn08.inf
[2003/03/09 20:30:42 | 000,033,952 | ---- | C] () -- C:\Program Files\Common Files\hpzid412.inf
[2003/03/09 20:30:42 | 000,023,186 | ---- | C] () -- C:\Program Files\Common Files\hpzcin06.ex_
[2003/03/09 20:30:42 | 000,003,898 | ---- | C] () -- C:\Program Files\Common Files\hpounp08.inf
[2003/01/07 12:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/09 17:48:02 | 000,458,752 | ---- | C] () -- C:\Program Files\Common Files\tls704d.dll
[2002/09/09 17:47:36 | 000,055,155 | ---- | C] () -- C:\Program Files\Common Files\hpzusb00.sy_
[2002/09/09 17:47:26 | 000,005,705 | ---- | C] () -- C:\Program Files\Common Files\hpzuci02.dl_
[2002/09/09 17:47:08 | 000,025,639 | ---- | C] () -- C:\Program Files\Common Files\hpzpom04.dl_
[2002/09/09 17:46:16 | 000,052,552 | ---- | C] () -- C:\Program Files\Common Files\hpziou01.dl_
[2002/09/09 17:46:06 | 000,046,017 | ---- | C] () -- C:\Program Files\Common Files\hpzion00.sy_
========== Alternate Data Streams ========== @Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
< End of report >
OTL Extras logfile created on: 1/2/2011 2:42:45 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Gary\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
447.00 Mb Total Physical Memory | 163.00 Mb Available Physical Memory | 37.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 30.42 Gb Free Space | 81.68% Space Free | Partition Type: NTFS
Computer Name: GARY-8A733E5E27 | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04E7A3BB-DB38-481C-A809-35FA60C78EDF}" = AVG 2011
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{87A54796-0620-4899-BAF7-7778A7FB54CB}" = ArcSoft TotalMedia Backup
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{F4C68898-EBA5-46A9-82B3-2D30426086BF}" = AVG 2011
"{F572F682-E1FD-48F2-BFBF-26C8AFDC990A}" = DC8
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2011
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Driver
"CNXT_MODEM_PCI_VEN_10B9&DEV_5457&SUBSYS_0850103C" = Conexant 56K ACLink Modem
"Game Booster_is1" = Game Booster
"HP PSC 1200 Series" = HP Photo and Imaging 2.0 - hp psc 1200 series
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"PhotoScape" = PhotoScape
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPatrol" = WinPatrol 2010
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 10/19/2010 12:47:09 AM | Computer Name = GARY-8A733E5E27 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 10/19/2010 12:48:57 AM | Computer Name = GARY-8A733E5E27 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 12/8/2010 3:31:59 PM | Computer Name = GARY-8A733E5E27 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 12/14/2010 10:44:08 PM | Computer Name = GARY-8A733E5E27 | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3951, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0001b21a.
Error - 12/22/2010 11:56:49 PM | Computer Name = GARY-8A733E5E27 | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3989, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.
Error - 12/23/2010 6:29:47 PM | Computer Name = GARY-8A733E5E27 | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3989, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.
[ System Events ]
Error - 11/9/2010 9:58:18 PM | Computer Name = GARY-8A733E5E27 | Source = DCOM | ID = 10010
Description = The server {1BE1F766-5536-11D1-B726-00C04FB926AF} did not register
with DCOM within the required timeout.
Error - 11/24/2010 12:14:45 PM | Computer Name = GARY-8A733E5E27 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avgwd service.
< End of report >
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:50:40 PM, on 1/2/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://windowsupdate.microsoft.com/O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - Global Startup: TotalMedia Backup Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia Backup\uBBMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupda ... 7448389587O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 4346 bytes