Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet Freesing

Started by tombakers , Mar 01 2011 12:57 PM

  • Please log in to reply

#1
tombakers
Posted 01 March 2011 - 12:57 PM

tombakers

    New Member

  • Member
  • Pip
  • 8 posts
I hope you guys/girls can help. I have this network icon in the lower right that flashes when its online displaying online status.. when it goes dark my internet freezes and the only way I can get my internet back is to disconnect and reconnect.. Please examine my OTL log.. I feel as though i have a virus but I dont know enough about viruses to know for sure.. When I log on with a different computer everything is fine.. its just this computer..

Thank you..

OTL logfile created on: 2/23/2011 11:06:33 PM - Run 1
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\New user\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,024.00 Mb Total Physical Memory | 381.00 Mb Available Physical Memory | 37.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 6.05 Gb Free Space | 43.27% Space Free | Partition Type: NTFS
Drive D: | 97.82 Gb Total Space | 12.19 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Drive G: | 612.96 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 1863.01 Gb Total Space | 1862.75 Gb Free Space | 99.99% Space Free | Partition Type: NTFS

Computer Name: WINDOWS | User Name: New user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/23 23:06:05 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New user\My Documents\Downloads\OTL.exe
PRC - [2011/02/08 09:55:00 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/01/13 09:41:38 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/07 01:22:12 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/17 00:14:28 | 000,196,912 | ---- | M] (Nitro PDF Software) -- D:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- D:\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2009/12/18 11:25:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/12/18 11:24:24 | 000,197,928 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/11/04 17:00:14 | 002,334,856 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 06:00:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sol.exe


========== Modules (SafeList) ==========

MOD - [2011/02/23 23:06:05 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New user\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 4.0)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/17 00:14:28 | 000,196,912 | ---- | M] (Nitro PDF Software) [Auto | Running] -- D:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe -- (NitroReaderDriverReadSpool)
SRV - [2009/12/18 11:25:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)


========== Driver Services (SafeList) ==========

DRV - [2011/01/14 01:33:00 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 16:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 21:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/05/10 12:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 12:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/07/15 02:17:04 | 000,087,040 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ACFVA32.sys -- (acfva)
DRV - [2008/06/15 22:13:36 | 000,028,928 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ACFDCP32.sys -- (dgcfltr)
DRV - [2008/04/13 18:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 16:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008/04/13 16:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/02/25 12:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/03/15 02:07:34 | 000,012,672 | R--- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACFSDK32.sys -- (mdmxsdk)
DRV - [2003/02/14 12:59:00 | 001,169,792 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/07/19 13:25:58 | 000,202,880 | ---- | M] (YAMAHA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yacxgc.sys -- (WDM_YAMAHAAC97)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..keyword.URL: "http://www.uploadingstart.com/s/?src=FF-Address&site=Yahoo!&cfg=2-568-0-0&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/12/27 14:36:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/02/08 09:55:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/08 09:55:13 | 000,000,000 | ---D | M]

[2011/01/30 00:31:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\New user\Application Data\Mozilla\Extensions
[2011/02/23 22:14:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\New user\Application Data\Mozilla\Firefox\Profiles\3bjquv3m.default\extensions
[2011/02/12 11:34:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\New user\Application Data\Mozilla\Firefox\Profiles\3bjquv3m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/23 22:14:41 | 000,000,000 | ---D | M] (Sammsoft Toolbar) -- C:\Documents and Settings\New user\Application Data\Mozilla\Firefox\Profiles\3bjquv3m.default\extensions\[email protected]
[2011/02/01 18:33:57 | 000,001,063 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Mozilla\Firefox\Profiles\3bjquv3m.default\searchplugins\yahoo-zugo.xml
[2011/01/30 00:31:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/27 14:36:05 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX

O1 HOSTS File: ([2008/04/14 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Sammsoft Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Sammsoft Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [AROReminder] C:\Program Files\ARO 2011\aro.exe (Support.com)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1289107729342 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/31 15:30:08 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/10/22 02:04:53 | 000,000,035 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/10/22 02:04:50 | 000,000,844 | R--- | M] () - G:\autorun -- [ CDFS ]
O32 - AutoRun File - [2010/01/26 03:15:22 | 000,000,191 | ---- | M] () - H:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{39aebd9b-2cd1-11e0-873b-000c6e022fdd}\Shell\AutoRun\command - "" = H:\Seagate\Installer\InstallSeagateManager.exe
O33 - MountPoints2\{39aebd9b-2cd1-11e0-873b-000c6e022fdd}\Shell\Install\command - "" = H:\Seagate\Installer\InstallSeagateManager.exe
O33 - MountPoints2\{3de2eeca-1fb6-11e0-872c-000c6e022fdd}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/23 22:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011/02/23 22:14:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Sammsoft
[2011/02/23 22:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ARO 2011
[2011/02/23 22:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\ARO 2011
[2011/02/23 19:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Start Menu\Programs\HiJackThis
[2011/02/22 16:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\ParetoLogic
[2011/02/22 16:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\DriverCure
[2011/02/22 16:02:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Start Menu\Programs\ParetoLogic
[2011/02/22 16:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2011/02/22 16:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2011/02/22 16:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/02/16 23:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Yahoo!
[2011/02/16 23:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Local Settings\Application Data\Yahoo
[2011/02/16 19:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/02/16 19:55:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/02/16 17:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2011/02/15 09:29:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Desktop\Glenns
[2011/02/15 09:28:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Desktop\pictures
[2011/02/11 00:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/02/09 02:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/02/09 02:55:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\uTorrent
[2011/02/08 01:32:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/02/08 01:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/02/08 01:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/02/08 01:31:54 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011/02/08 01:31:54 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011/02/08 01:31:54 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011/02/08 01:31:54 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011/02/08 01:31:54 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011/02/08 01:31:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011/02/07 01:16:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/02/07 01:16:30 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2011/02/07 01:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/02/07 01:15:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/02/07 01:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/02/04 17:42:05 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/02/04 17:42:04 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/02/04 17:42:02 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/02/04 17:42:01 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/02/04 17:41:57 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/02/04 07:04:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2011/02/02 09:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Desktop\snow
[2011/02/01 18:47:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Nero
[2011/02/01 18:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\MaxiLoader
[2011/01/31 16:32:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero
[2011/01/31 16:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2011/01/31 16:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2011/01/31 16:30:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011/01/31 16:30:09 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2011/01/31 15:36:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/01/31 15:34:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Local Settings\Application Data\Downloaded Installations
[2011/01/31 15:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2011/01/31 15:34:11 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2011/01/31 15:30:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\New user\My Documents\My Videos
[2011/01/31 15:29:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
[2011/01/31 15:28:44 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/01/31 15:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2011/01/31 15:27:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011/01/31 15:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2011/01/31 15:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\InstallShield
[2011/01/31 15:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Leadertech
[2011/01/30 18:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\My Documents\Downloads
[2011/01/30 00:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Local Settings\Application Data\Mozilla
[2011/01/30 00:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Mozilla
[2011/01/30 00:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/01/30 00:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/01/27 23:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\pdftoepub
[2011/01/26 21:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Start Menu\Programs\WinRAR
[2011/01/26 21:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\WinRAR
[2011/01/26 21:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/01/26 21:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/23 23:01:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/02/23 22:14:10 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\New user\Desktop\Check PC For Errors.lnk
[2011/02/23 22:14:10 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2011/02/23 19:38:42 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\New user\Desktop\HiJackThis.lnk
[2011/02/23 18:19:47 | 106,994,231 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/02/23 18:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/02/23 10:07:42 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2011/02/22 18:49:58 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\New user\Local Settings\Application Data\housecall.guid.cache
[2011/02/22 16:02:17 | 000,000,838 | ---- | M] () -- C:\Documents and Settings\New user\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/02/22 16:02:17 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/02/22 16:02:16 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2011/02/22 10:30:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/20 10:04:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/17 23:20:47 | 000,000,452 | ---- | M] () -- C:\Documents and Settings\New user\My Documents\spider.sav
[2011/02/17 17:34:30 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\New user\My Documents\Image.jpg
[2011/02/16 19:55:26 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/02/16 19:55:26 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/02/11 07:04:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/11 01:12:13 | 000,103,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/11 01:08:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/11 01:06:26 | 000,432,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/11 01:06:26 | 000,067,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/09 02:56:18 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/02/07 00:55:51 | 000,013,140 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/06 20:34:37 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\New user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/01 19:08:14 | 000,000,028 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/01/31 15:30:10 | 000,002,320 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Home movies made easy!.lnk
[2011/01/31 15:30:08 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/01/31 15:28:20 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/01/30 00:31:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/01/30 00:31:06 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/30 00:31:06 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/29 19:43:15 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/01/28 14:03:56 | 000,851,026 | ---- | M] () -- C:\Documents and Settings\New user\My Documents\Anne_McCaffrey_-_Dragon_Harper_.mobi
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/23 22:14:40 | 000,000,240 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/02/23 22:14:10 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\New user\Desktop\Check PC For Errors.lnk
[2011/02/23 22:14:10 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2011/02/23 19:38:42 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\New user\Desktop\HiJackThis.lnk
[2011/02/22 18:49:58 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\New user\Local Settings\Application Data\housecall.guid.cache
[2011/02/22 16:02:29 | 000,000,450 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/02/22 16:02:17 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\New user\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/02/22 16:02:16 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/02/22 16:02:15 | 000,000,382 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2011/02/22 16:02:14 | 000,000,364 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2011/02/17 17:34:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\New user\My Documents\Image.jpg
[2011/02/16 19:55:26 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/02/16 19:55:26 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/02/09 02:56:18 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/02/07 00:55:51 | 000,013,140 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/06 20:34:37 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\New user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 15:30:10 | 000,002,320 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Home movies made easy!.lnk
[2011/01/30 00:31:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/30 00:31:06 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/30 00:31:06 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/28 14:03:57 | 000,851,026 | ---- | C] () -- C:\Documents and Settings\New user\My Documents\Anne_McCaffrey_-_Dragon_Harper_.mobi
[2011/01/14 01:32:59 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/11/30 11:21:25 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/11/10 17:49:10 | 000,000,372 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/11/06 15:49:01 | 000,004,403 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1

< End of report >

Second logfile

OTL logfile created on: 2/23/2011 11:06:33 PM - Run 1
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\New user\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,024.00 Mb Total Physical Memory | 381.00 Mb Available Physical Memory | 37.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 6.05 Gb Free Space | 43.27% Space Free | Partition Type: NTFS
Drive D: | 97.82 Gb Total Space | 12.19 Gb Free Space | 12.46% Space Free | Partition Type: NTFS
Drive G: | 612.96 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 1863.01 Gb Total Space | 1862.75 Gb Free Space | 99.99% Space Free | Partition Type: NTFS

Computer Name: WINDOWS | User Name: New user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/23 23:06:05 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New user\My Documents\Downloads\OTL.exe
PRC - [2011/02/08 09:55:00 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/01/13 09:41:38 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/07 01:22:12 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/17 00:14:28 | 000,196,912 | ---- | M] (Nitro PDF Software) -- D:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- D:\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2009/12/18 11:25:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/12/18 11:24:24 | 000,197,928 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/11/04 17:00:14 | 002,334,856 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 06:00:00 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sol.exe


========== Modules (SafeList) ==========

MOD - [2011/02/23 23:06:05 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\New user\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 4.0)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/17 00:14:28 | 000,196,912 | ---- | M] (Nitro PDF Software) [Auto | Running] -- D:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe -- (NitroReaderDriverReadSpool)
SRV - [2009/12/18 11:25:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)


========== Driver Services (SafeList) ==========

DRV - [2011/01/14 01:33:00 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 16:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 21:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/05/10 12:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 12:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/07/15 02:17:04 | 000,087,040 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ACFVA32.sys -- (acfva)
DRV - [2008/06/15 22:13:36 | 000,028,928 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ACFDCP32.sys -- (dgcfltr)
DRV - [2008/04/13 18:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 16:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008/04/13 16:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/02/25 12:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/03/15 02:07:34 | 000,012,672 | R--- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACFSDK32.sys -- (mdmxsdk)
DRV - [2003/02/14 12:59:00 | 001,169,792 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/07/19 13:25:58 | 000,202,880 | ---- | M] (YAMAHA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yacxgc.sys -- (WDM_YAMAHAAC97)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..keyword.URL: "http://www.uploadingstart.com/s/?src=FF-Address&site=Yahoo!&cfg=2-568-0-0&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/12/27 14:36:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/02/08 09:55:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/08 09:55:13 | 000,000,000 | ---D | M]

[2011/01/30 00:31:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\New user\Application Data\Mozilla\Extensions
[2011/02/23 22:14:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\New user\Application Data\Mozilla\Firefox\Profiles\3bjquv3m.default\extensions
[2011/02/12 11:34:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\New user\Application Data\Mozilla\Firefox\Profiles\3bjquv3m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/23 22:14:41 | 000,000,000 | ---D | M] (Sammsoft Toolbar) -- C:\Documents and Settings\New user\Application Data\Mozilla\Firefox\Profiles\3bjquv3m.default\extensions\[email protected]
[2011/02/01 18:33:57 | 000,001,063 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Mozilla\Firefox\Profiles\3bjquv3m.default\searchplugins\yahoo-zugo.xml
[2011/01/30 00:31:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/27 14:36:05 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX

O1 HOSTS File: ([2008/04/14 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Sammsoft Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Sammsoft Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [AROReminder] C:\Program Files\ARO 2011\aro.exe (Support.com)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1289107729342 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/31 15:30:08 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/10/22 02:04:53 | 000,000,035 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/10/22 02:04:50 | 000,000,844 | R--- | M] () - G:\autorun -- [ CDFS ]
O32 - AutoRun File - [2010/01/26 03:15:22 | 000,000,191 | ---- | M] () - H:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{39aebd9b-2cd1-11e0-873b-000c6e022fdd}\Shell\AutoRun\command - "" = H:\Seagate\Installer\InstallSeagateManager.exe
O33 - MountPoints2\{39aebd9b-2cd1-11e0-873b-000c6e022fdd}\Shell\Install\command - "" = H:\Seagate\Installer\InstallSeagateManager.exe
O33 - MountPoints2\{3de2eeca-1fb6-11e0-872c-000c6e022fdd}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/23 22:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011/02/23 22:14:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Sammsoft
[2011/02/23 22:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ARO 2011
[2011/02/23 22:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\ARO 2011
[2011/02/23 19:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Start Menu\Programs\HiJackThis
[2011/02/22 16:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\ParetoLogic
[2011/02/22 16:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\DriverCure
[2011/02/22 16:02:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Start Menu\Programs\ParetoLogic
[2011/02/22 16:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2011/02/22 16:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2011/02/22 16:02:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/02/16 23:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Yahoo!
[2011/02/16 23:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Local Settings\Application Data\Yahoo
[2011/02/16 19:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/02/16 19:55:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2011/02/16 17:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2011/02/15 09:29:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Desktop\Glenns
[2011/02/15 09:28:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Desktop\pictures
[2011/02/11 00:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/02/09 02:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/02/09 02:55:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\uTorrent
[2011/02/08 01:32:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/02/08 01:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/02/08 01:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/02/08 01:31:54 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011/02/08 01:31:54 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011/02/08 01:31:54 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011/02/08 01:31:54 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011/02/08 01:31:54 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011/02/08 01:31:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011/02/07 01:16:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/02/07 01:16:30 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2011/02/07 01:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/02/07 01:15:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/02/07 01:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/02/04 17:42:05 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/02/04 17:42:04 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/02/04 17:42:02 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/02/04 17:42:01 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/02/04 17:41:57 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/02/04 07:04:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2011/02/02 09:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Desktop\snow
[2011/02/01 18:47:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Nero
[2011/02/01 18:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\MaxiLoader
[2011/01/31 16:32:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero
[2011/01/31 16:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2011/01/31 16:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2011/01/31 16:30:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011/01/31 16:30:09 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2011/01/31 15:36:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/01/31 15:34:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Local Settings\Application Data\Downloaded Installations
[2011/01/31 15:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2011/01/31 15:34:11 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2011/01/31 15:30:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\New user\My Documents\My Videos
[2011/01/31 15:29:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
[2011/01/31 15:28:44 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/01/31 15:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2011/01/31 15:27:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011/01/31 15:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2011/01/31 15:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\InstallShield
[2011/01/31 15:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Leadertech
[2011/01/30 18:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\My Documents\Downloads
[2011/01/30 00:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Local Settings\Application Data\Mozilla
[2011/01/30 00:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\Mozilla
[2011/01/30 00:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/01/30 00:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/01/27 23:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\pdftoepub
[2011/01/26 21:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Start Menu\Programs\WinRAR
[2011/01/26 21:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\New user\Application Data\WinRAR
[2011/01/26 21:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/01/26 21:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/23 23:01:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/02/23 22:14:10 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\New user\Desktop\Check PC For Errors.lnk
[2011/02/23 22:14:10 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2011/02/23 19:38:42 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\New user\Desktop\HiJackThis.lnk
[2011/02/23 18:19:47 | 106,994,231 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/02/23 18:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/02/23 10:07:42 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2011/02/22 18:49:58 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\New user\Local Settings\Application Data\housecall.guid.cache
[2011/02/22 16:02:17 | 000,000,838 | ---- | M] () -- C:\Documents and Settings\New user\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/02/22 16:02:17 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/02/22 16:02:16 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2011/02/22 10:30:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/20 10:04:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/17 23:20:47 | 000,000,452 | ---- | M] () -- C:\Documents and Settings\New user\My Documents\spider.sav
[2011/02/17 17:34:30 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\New user\My Documents\Image.jpg
[2011/02/16 19:55:26 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/02/16 19:55:26 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/02/11 07:04:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/11 01:12:13 | 000,103,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/11 01:08:41 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/11 01:06:26 | 000,432,686 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/11 01:06:26 | 000,067,516 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/09 02:56:18 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/02/07 00:55:51 | 000,013,140 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/06 20:34:37 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\New user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/01 19:08:14 | 000,000,028 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/01/31 15:30:10 | 000,002,320 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Home movies made easy!.lnk
[2011/01/31 15:30:08 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/01/31 15:28:20 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/01/30 00:31:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/01/30 00:31:06 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/30 00:31:06 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/29 19:43:15 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/01/28 14:03:56 | 000,851,026 | ---- | M] () -- C:\Documents and Settings\New user\My Documents\Anne_McCaffrey_-_Dragon_Harper_.mobi
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/23 22:14:40 | 000,000,240 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/02/23 22:14:10 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\New user\Desktop\Check PC For Errors.lnk
[2011/02/23 22:14:10 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2011/02/23 19:38:42 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\New user\Desktop\HiJackThis.lnk
[2011/02/22 18:49:58 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\New user\Local Settings\Application Data\housecall.guid.cache
[2011/02/22 16:02:29 | 000,000,450 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/02/22 16:02:17 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\New user\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/02/22 16:02:16 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/02/22 16:02:15 | 000,000,382 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2011/02/22 16:02:14 | 000,000,364 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2011/02/17 17:34:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\New user\My Documents\Image.jpg
[2011/02/16 19:55:26 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/02/16 19:55:26 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/02/09 02:56:18 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/02/07 00:55:51 | 000,013,140 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/06 20:34:37 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\New user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 15:30:10 | 000,002,320 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Home movies made easy!.lnk
[2011/01/30 00:31:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/30 00:31:06 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\New user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/30 00:31:06 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/28 14:03:57 | 000,851,026 | ---- | C] () -- C:\Documents and Settings\New user\My Documents\Anne_McCaffrey_-_Dragon_Harper_.mobi
[2011/01/14 01:32:59 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/11/30 11:21:25 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/11/10 17:49:10 | 000,000,372 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/11/06 15:49:01 | 000,004,403 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1

< End of report >

Edited by tombakers, 01 March 2011 - 04:47 PM.

  • 0

Advertisements

#2
noknojon
Posted 02 March 2011 - 05:22 AM

noknojon

    Member

  • Member
  • PipPipPip
  • 533 posts
Hi -
Please read this item from the top of this page on where and how to post for Malware or infections -
http://www.geekstogo...cleaning-guide/
Then repost here http://www.geekstogo...alware-removal/

Thank You -
EDIT -
Malware and infections are not usually treated on the General forums -

Edited by noknojon, 02 March 2011 - 05:30 AM.

  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP