Hello. I hope these are the right logs. I did exactly what you told me to do. I dont know if you wanted both logs by OTL so I posted them both anyways. Here all the logs you requested:
COMBO FIX:
ComboFix 10-01-27.05 - Owner 01/29/2010 8:22.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2866 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt.txt
AV: avast! antivirus 4.8.1351 [VPS 100129-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
FILE ::
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Owner\Application Data\LimeWire
c:\documents and settings\Owner\Application Data\LimeWire\.AppSpecialShare\ESCAPE THE FATE - DISCOGRAPHY [CHANNEL NEO].torrent
c:\documents and settings\Owner\Application Data\LimeWire\active.mojito
c:\documents and settings\Owner\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\Owner\Application Data\LimeWire\createtimes.cache
c:\documents and settings\Owner\Application Data\LimeWire\downloads.dat
c:\documents and settings\Owner\Application Data\LimeWire\fileurns.bak
c:\documents and settings\Owner\Application Data\LimeWire\fileurns.cache
c:\documents and settings\Owner\Application Data\LimeWire\filters.props
c:\documents and settings\Owner\Application Data\LimeWire\gnutella.net
c:\documents and settings\Owner\Application Data\LimeWire\installation.props
c:\documents and settings\Owner\Application Data\LimeWire\library.dat
c:\documents and settings\Owner\Application Data\LimeWire\limewire.props
c:\documents and settings\Owner\Application Data\LimeWire\mojito.props
c:\documents and settings\Owner\Application Data\LimeWire\passive.mojito
c:\documents and settings\Owner\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\Owner\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\Owner\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\Owner\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\Owner\Application Data\LimeWire\questions.props
c:\documents and settings\Owner\Application Data\LimeWire\responses.cache
c:\documents and settings\Owner\Application Data\LimeWire\simpp.xml
c:\documents and settings\Owner\Application Data\LimeWire\spam.dat
c:\documents and settings\Owner\Application Data\LimeWire\tables.props
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme.lwtp
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\01_star.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\02_star.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\03_star.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\04_star.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\05_star.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\chat.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\forward_up.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\kill.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\kill_on.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\pause_up.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\play_dn.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\play_up.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\question.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\stop_up.gif
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\theme.txt
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\version.txt
c:\documents and settings\Owner\Application Data\LimeWire\themes\windows_theme\warning.gif
c:\documents and settings\Owner\Application Data\LimeWire\ttrees.cache
c:\documents and settings\Owner\Application Data\LimeWire\ttroot.cache
c:\documents and settings\Owner\Application Data\LimeWire\version.xml
c:\documents and settings\Owner\Application Data\LimeWire\versions.props
c:\documents and settings\Owner\Application Data\LimeWire\xml\data\audio.sxml2
c:\program files\Ask.com
c:\program files\LimeWire
c:\program files\LimeWire\hs_err_pid2548.log
c:\program files\LimeWire\hs_err_pid660.log
.
((((((((((((((((((((((((( Files Created from 2009-12-28 to 2010-01-29 )))))))))))))))))))))))))))))))
.
2010-01-25 16:42 . 2010-01-25 16:43 -------- d-----w- c:\program files\Free M4a to MP3 Converter
2010-01-24 01:28 . 2010-01-24 01:28 -------- d-----w- C:\_OTL
2010-01-22 22:02 . 2010-01-23 14:56 -------- d-----w- c:\program files\ManyCam 2.4
2010-01-22 07:51 . 2010-01-25 23:49 3293184 ----a-w- c:\documents and settings\All Users\Application Data\SwiftKit\Temp Data\SwiftKit-RS.exe
2010-01-21 11:43 . 2010-01-21 11:43 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2010-01-21 11:43 . 2010-01-07 21:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-21 11:43 . 2010-01-21 11:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-21 11:43 . 2010-01-21 11:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-21 11:43 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-20 20:14 . 2010-01-20 20:14 -------- d-----w- C:\Rooter$
2010-01-19 10:23 . 2010-01-19 10:23 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Help
2010-01-15 20:30 . 2010-01-15 20:30 -------- d-sh--w- c:\documents and settings\47883\IETldCache
2010-01-14 21:57 . 2010-01-14 21:57 -------- d-----w- c:\program files\TeamViewer
2010-01-13 20:11 . 2010-01-13 20:11 -------- d--h--w- c:\windows\PIF
2010-01-12 20:53 . 2010-01-12 20:53 -------- d-----w- c:\documents and settings\All Users\Application Data\boost_interprocess
2010-01-12 20:53 . 2010-01-12 21:02 -------- d-----w- c:\documents and settings\Owner\Application Data\Multi File Downloader
2010-01-12 20:17 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-29 13:10 . 2009-07-05 01:46 -------- d-----w- c:\documents and settings\Owner\Application Data\Skype
2010-01-29 13:08 . 2009-07-20 19:44 -------- d-----w- c:\program files\Steam
2010-01-28 20:56 . 2009-08-28 18:25 -------- d-----w- c:\documents and settings\Owner\Application Data\mIRC
2010-01-28 14:59 . 2009-06-17 04:37 39 ----a-w- c:\documents and settings\Owner\jagex_runescape_preferences.dat
2010-01-28 14:47 . 2009-09-02 15:06 69 ----a-w- c:\documents and settings\Owner\jagex_runescape_preferences2.dat
2010-01-28 13:07 . 2009-07-05 01:46 -------- d-----w- c:\documents and settings\Owner\Application Data\skypePM
2010-01-28 12:45 . 2009-09-04 05:13 -------- d-----w- c:\program files\mIRC
2010-01-28 11:40 . 2009-11-06 22:54 -------- d-----w- c:\program files\Cheat Engine
2010-01-27 04:50 . 2010-01-15 20:28 3488822 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-01-25 23:49 . 2009-07-05 03:22 -------- d-----w- c:\program files\SwiftKit
2010-01-20 19:44 . 2009-09-11 17:32 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-19 09:40 . 2009-11-22 16:34 -------- d-----w- c:\documents and settings\Owner\Application Data\Screenshot Sender
2010-01-18 00:25 . 2010-01-18 00:27 1915904 ----a-w- c:\windows\Internet Logs\xDB23.tmp
2010-01-15 20:16 . 2010-01-15 20:29 1910272 ----a-w- c:\windows\Internet Logs\xDB22.tmp
2010-01-14 21:57 . 2009-08-15 15:09 -------- d-----w- c:\documents and settings\Owner\Application Data\TeamViewer
2010-01-13 00:05 . 2010-01-13 00:08 1923072 ----a-w- c:\windows\Internet Logs\xDB21.tmp
2010-01-12 23:25 . 2009-12-09 08:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Make A Voozie
2010-01-09 19:59 . 2009-12-01 09:30 -------- d-----w- c:\documents and settings\Owner\Application Data\VoozieMaker
2010-01-04 19:02 . 2008-01-01 05:02 4100608 ----a-w- c:\windows\Internet Logs\xDB1F.tmp
2010-01-04 19:02 . 2008-01-01 05:02 1904640 ----a-w- c:\windows\Internet Logs\xDB20.tmp
2010-01-03 14:53 . 2010-01-04 00:17 1911296 ----a-w- c:\windows\Internet Logs\xDB1E.tmp
2010-01-03 01:06 . 2009-10-06 23:15 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-03 01:06 . 2009-10-06 23:15 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-29 09:03 . 2009-12-29 09:03 -------- d-----w- c:\program files\Project64 1.6
2009-12-29 09:03 . 2009-12-29 09:03 8854 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
2009-12-29 09:03 . 2009-12-29 09:03 40960 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2009-12-29 09:03 . 2009-12-29 09:03 40960 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2009-12-29 01:53 . 2009-12-29 01:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-12-29 01:49 . 2009-08-09 16:50 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-29 01:47 . 2009-12-29 01:47 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-12-29 01:46 . 2009-12-29 01:46 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-12-29 01:46 . 2009-12-29 01:46 -------- d-----w- c:\program files\NOS
2009-12-23 17:19 . 2009-10-06 23:15 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-12-23 16:38 . 2009-06-17 18:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-23 15:45 . 2009-10-06 23:15 22328 ----a-w- c:\documents and settings\Owner\Application Data\PnkBstrK.sys
2009-12-23 15:45 . 2009-10-06 23:15 22328 ----a-w- c:\documents and settings\Owner\Application Data\PnkBstrK.sys
2009-12-23 15:40 . 2009-12-23 15:40 -------- d-----w- c:\program files\Activision
2009-12-23 15:37 . 2009-12-23 15:20 -------- d-----w- c:\documents and settings\Owner\Application Data\DAEMON Tools Lite
2009-12-23 15:21 . 2009-12-23 15:21 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-12-23 15:21 . 2009-12-23 15:21 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-23 15:20 . 2009-12-23 15:20 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-12-21 19:14 . 2004-08-12 14:09 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 23:49 . 2009-12-18 23:49 -------- d-----w- c:\program files\Webzen
2009-12-15 11:06 . 2009-12-15 11:06 -------- d-----w- c:\program files\Google
2009-12-12 19:48 . 2009-06-17 18:25 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-12 19:48 . 2009-06-17 18:25 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-12 17:07 . 2009-12-12 17:10 1810432 ----a-w- c:\windows\Internet Logs\xDB1D.tmp
2009-12-09 08:24 . 2009-08-27 18:34 1148 ----a-w- c:\windows\system32\ezdigsgn.dat
2009-12-09 08:23 . 2009-12-09 08:23 14352384 ----a-w- c:\documents and settings\All Users\Application Data\Make A Voozie\VoozieMakerSetup.exe
2009-12-01 09:26 . 2009-09-18 08:42 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-12-01 07:55 . 2009-12-01 07:42 445 ----a-w- c:\windows\EntPack.dat
2009-12-01 05:40 . 2009-12-01 05:40 -------- d-----w- c:\documents and settings\Owner\Application Data\acccore
2009-11-27 21:46 . 2009-11-27 21:46 1385 ----a-w- c:\windows\127.0.0.1 activate.adobe.com
2009-11-26 08:01 . 2009-11-26 15:14 1753088 ----a-w- c:\windows\Internet Logs\xDB1C.tmp
2009-11-26 06:33 . 2009-11-26 06:43 1755136 ----a-w- c:\windows\Internet Logs\xDB1B.tmp
2009-11-25 15:46 . 2009-11-26 01:06 1751552 ----a-w- c:\windows\Internet Logs\xDB1A.tmp
2009-11-23 13:51 . 2009-11-23 14:10 1755648 ----a-w- c:\windows\Internet Logs\xDB19.tmp
2009-11-21 15:51 . 2004-08-12 13:55 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-20 11:08 . 2010-01-15 20:29 38784 ----a-w- c:\documents and settings\47883\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-20 11:08 . 2009-12-29 01:47 38784 ----a-w- c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-20 11:08 . 2009-12-29 01:47 38784 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-16 08:09 . 2009-11-16 08:11 1732608 ----a-w- c:\windows\Internet Logs\xDB18.tmp
2009-11-12 11:55 . 2009-11-12 11:55 14716 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-09 09:40 . 2009-11-09 09:43 1714688 ----a-w- c:\windows\Internet Logs\xDB17.tmp
2009-11-04 08:25 . 2009-11-04 08:26 1693184 ----a-w- c:\windows\Internet Logs\xDB16.tmp
2009-11-03 01:44 . 2009-11-03 01:46 1686016 ----a-w- c:\windows\Internet Logs\xDB15.tmp
2009-11-02 23:02 . 2009-11-02 23:03 1682944 ----a-w- c:\windows\Internet Logs\xDB14.tmp
2009-11-02 21:49 . 2009-11-02 21:48 1683968 ----a-w- c:\windows\Internet Logs\xDB13.tmp
2009-11-02 20:02 . 2009-06-17 18:21 15728 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-27 21:52 . 2010-01-27 21:52 119312 ----a-w- c:\program files\mozilla firefox\components\efcfdcaedbbcbd.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-01-28_11.43.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-29 13:20 . 2010-01-29 13:20 16384 c:\windows\Temp\Perflib_Perfdata_718.dat
+ 2010-01-29 13:21 . 2010-01-29 13:21 16384 c:\windows\Temp\Perflib_Perfdata_228.dat
- 2004-08-12 14:03 . 2010-01-28 11:35 78608 c:\windows\system32\perfc009.dat
+ 2004-08-12 14:03 . 2010-01-29 13:25 78608 c:\windows\system32\perfc009.dat
+ 2009-06-17 04:37 . 2010-01-28 12:53 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
- 2009-06-17 04:37 . 2010-01-28 00:50 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
+ 2009-06-17 04:37 . 2010-01-28 12:53 81920 c:\windows\.jagex_cache_32\runescape\jaggl.dll
- 2009-06-17 04:37 . 2010-01-28 00:50 81920 c:\windows\.jagex_cache_32\runescape\jaggl.dll
+ 2004-08-12 14:03 . 2010-01-29 13:25 462390 c:\windows\system32\perfh009.dat
- 2004-08-12 14:03 . 2010-01-28 11:35 462390 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Steam"="c:\program files\steam\steam.exe" [2009-10-25 1217808]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-07-16 25604904]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-15 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-17 148888]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-26 13680640]
"nwiz"="nwiz.exe" [2008-12-26 1657376]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384]
"RTHDCPL"="RTHDCPL.EXE" [2009-08-14 18702336]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WPN111 Smart Wizard.lnk - c:\program files\NETGEAR\WPN111\wpn111.exe [2009-6-17 884838]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim]
2009-10-01 20:20 3634024 ----a-w- c:\program files\AIM\aim.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
2009-12-19 05:04 1824040 ----a-w- c:\program files\ManyCam 2.4\ManyCam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-05-27 04:06 4351216 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\america's army 3\\Binaries\\AA3Game.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [8/16/2009 4:42 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/16/2009 4:42 PM 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [9/11/2009 12:31 PM 54752]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [1/14/2008 5:06 AM 21632]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/23/2009 10:21 AM 691696]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [8/27/2009 11:17 AM 1684736]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [6/17/2009 1:29 PM 17149]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 9:48 PM 704864]
S3 PAC207;CIF USB Camera;c:\windows\system32\drivers\PFC027.SYS [7/9/2009 4:44 PM 505984]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [3/27/2009 1:23 PM 23064]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\drivers\WPN111.sys [6/17/2009 2:10 PM 362944]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\3cdw19y9.default\
FF - prefs.js: browser.startup.homepage -
hxxp://google.com/FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-01-29 08:28
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2010-01-29 08:29:21
ComboFix-quarantined-files.txt 2010-01-29 13:29
ComboFix2.txt 2010-01-28 11:49
Pre-Run: 914,921,799,680 bytes free
Post-Run: 914,944,356,352 bytes free
- - End Of File - - 3F80B2575A8D202B72A2CDC0225F027C
VIRUS TOTAL :
Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.01.29 -
AhnLab-V3 5.0.0.2 2010.01.29 -
AntiVir 7.9.1.154 2010.01.29 -
Antiy-AVL 2.0.3.7 2010.01.28 -
Authentium 5.2.0.5 2010.01.29 -
Avast 4.8.1351.0 2010.01.29 -
AVG 9.0.0.730 2010.01.29 -
BitDefender 7.2 2010.01.29 -
CAT-QuickHeal 10.00 2010.01.29 -
ClamAV 0.96.0.0-git 2010.01.29 -
Comodo 3749 2010.01.29 -
DrWeb 5.0.1.12222 2010.01.29 -
eSafe 7.0.17.0 2010.01.28 -
eTrust-Vet 35.2.7270 2010.01.29 -
F-Prot 4.5.1.85 2010.01.29 -
F-Secure 9.0.15370.0 2010.01.29 -
Fortinet 4.0.14.0 2010.01.28 -
GData 19 2010.01.29 -
Ikarus T3.1.1.80.0 2010.01.29 -
Jiangmin 13.0.900 2010.01.28 -
K7AntiVirus 7.10.959 2010.01.28 -
Kaspersky 7.0.0.125 2010.01.29 -
McAfee 5875 2010.01.28 -
McAfee+Artemis 5875 2010.01.28 -
McAfee-GW-Edition 6.8.5 2010.01.29 -
Microsoft 1.5406 2010.01.29 -
NOD32 4818 2010.01.29 -
Norman 6.04.03 2010.01.28 -
nProtect 2009.1.8.0 2010.01.29 -
Panda 10.0.2.2 2010.01.29 -
PCTools 7.0.3.5 2010.01.29 -
Prevx 3.0 2010.01.29 -
Rising 22.32.04.03 2010.01.29 -
Sophos 4.50.0 2010.01.29 -
Sunbelt 3.2.1858.2 2010.01.29 -
Symantec 20091.2.0.41 2010.01.29 Supicious.Insight
TheHacker 6.5.1.0.170 2010.01.29 -
TrendMicro 9.120.0.1004 2010.01.29 -
VBA32 3.12.12.1 2010.01.29 -
ViRobot 2010.1.29.2162 2010.01.29 -
VirusBuster 5.0.21.0 2010.01.29 -
Additional information
File size: 144377 bytes
MD5...: e8f59104ac64d73b97f11075d4ecaa2f
SHA1..: e0ab9d8cbaf4dc9844002023c82bf036df185356
SHA256: a24bec6bca7272603e82da6e7bd01fc20092b373a2c4c281ab2e822ceb02f407
ssdeep: 3072:6U4/27oofnuNW9+1GSBHGsYMh1U4ta3ILyNHSGBj5Ch/v:6U4/DofuAsxHL
hqYWIaScUh/v
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: ZIP compressed archive (100.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
OTL SCANS EXTRAS:
OTL Extras logfile created on: 1/29/2010 8:42:01 AM - Run 4
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Owner\Desktop\Anti Virus Shit
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 80.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 852.12 Gb Free Space | 91.48% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SUPER-ABE66CE06
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-73586283-1547161642-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Firefly Studios\Stronghold Legends\StrongholdLegends.exe" = C:\Program Files\Firefly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends -- (Firefly Studios)
"C:\Program Files\Steam\steam.exe" = C:\Program Files\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe" = C:\Program Files\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe:*:Enabled:America's Army 3 -- ()
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe" = C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- ()
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{066A1255-1299-4EBA-B9B3-FA7FB14F92E4}" = CIF USB Camera
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{582E9125-32B6-4CBA-AB48-3E33CE3DB389}" = NETGEAR RangeMax(TM) Wireless USB 2.0 Adapter WPN111
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{6E5AB107-172B-4F17-8ABB-357C59EF1B08}" = Vegas Pro 9.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AAB2A3A6-6789-4260-9966-517498589AB5}" = ArcSoft PhotoImpression 5
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F57CEB84-3D22-4657-8EDA-F8CD5217B83E}" = Mu
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_7" = AIM 7
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"avast!" = avast! Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Emoticon Maker" = Emoticon Maker
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"HyperCam 2" = HyperCam 2
"ie8" = Windows Internet Explorer 8
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"PunkBusterSvc" = PunkBuster Services
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Speed Gear_is1" = Speed Gear v6.0
"Steam App 13140" = America's Army 3
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 440" = Team Fortress 2
"Steam App 500" = Left 4 Dead
"TeamViewer 5" = TeamViewer 5
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Voozie Maker" = Voozie Maker
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"ZoneAlarm" = ZoneAlarm
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-73586283-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SwiftKit" = SwiftKit
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 11/12/2009 10:55:30 PM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://api.omgpop.com/api/pool?commands ... ller/index failed, 0000A413.
Error - 11/13/2009 7:54:07 PM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://api.omgpop.com/api/pool?commands ... ller/index failed, 0000A413.
Error - 11/14/2009 12:42:00 AM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://api.omgpop.com/api/pool?commands ... ler/create failed,
0000A413.
Error - 11/14/2009 1:50:57 AM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://api.omgpop.com/api/pool?commands ... ller/index failed, 0000A413.
Error - 11/14/2009 3:36:23 PM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://api.omgpop.com/api/pool?commands ... ller/index failed, 0000A413.
Error - 11/14/2009 4:39:50 PM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://api.omgpop.com/api/pool?commands ... ller/index failed, 0000A413.
Error - 11/14/2009 8:48:16 PM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://api.omgpop.com/api/pool?commands ... ler/search failed,
0000A413.
Error - 11/18/2009 5:41:24 PM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://users.conduit.com/iis2ebs.asp failed, 0000A413.
Error - 11/20/2009 5:59:06 AM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.youtube.com/get_video_info?& ... dtype=dclk failed, 0000A413.
Error - 11/21/2009 9:54:23 PM | Computer Name = SUPER-ABE66CE06 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.youtube.com/get_video_info?& ... s&hl=en_US failed, 0000A413.
[ Application Events ]
Error - 1/28/2010 4:56:34 PM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
Error - 1/28/2010 4:56:34 PM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
Error - 1/28/2010 4:56:34 PM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
Error - 1/28/2010 4:56:34 PM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
Error - 1/28/2010 4:56:34 PM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
Error - 1/28/2010 4:56:34 PM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
Error - 1/28/2010 4:56:34 PM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
Error - 1/28/2010 4:56:34 PM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
Error - 1/29/2010 9:35:01 AM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
Error - 1/29/2010 9:35:01 AM | Computer Name = SUPER-ABE66CE06 | Source = nview_info | ID = 11141121
Description =
[ System Events ]
Error - 1/29/2010 9:17:56 AM | Computer Name = SUPER-ABE66CE06 | Source = Service Control Manager | ID = 7034
Description = The Yahoo! Updater service terminated unexpectedly. It has done this
1 time(s).
Error - 1/29/2010 9:18:07 AM | Computer Name = SUPER-ABE66CE06 | Source = Service Control Manager | ID = 7034
Description = The PnkBstrA service terminated unexpectedly. It has done this 1
time(s).
Error - 1/29/2010 9:31:19 AM | Computer Name = SUPER-ABE66CE06 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service SeaPort with
arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Error - 1/29/2010 9:33:32 AM | Computer Name = SUPER-ABE66CE06 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service WSearch with
arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 1/29/2010 9:33:33 AM | Computer Name = SUPER-ABE66CE06 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service WSearch with
arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 1/29/2010 9:33:37 AM | Computer Name = SUPER-ABE66CE06 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service WSearch with
arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 1/29/2010 9:36:07 AM | Computer Name = SUPER-ABE66CE06 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service SeaPort with
arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Error - 1/29/2010 9:37:02 AM | Computer Name = SUPER-ABE66CE06 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service SeaPort with
arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Error - 1/29/2010 9:38:13 AM | Computer Name = SUPER-ABE66CE06 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service SeaPort with
arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
Error - 1/29/2010 9:38:37 AM | Computer Name = SUPER-ABE66CE06 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service WSearch with
arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
< End of report >
OTL SCAN:
OTL logfile created on: 1/29/2010 8:42:01 AM - Run 4
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Owner\Desktop\Anti Virus Shit
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 80.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 852.12 Gb Free Space | 91.48% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SUPER-ABE66CE06
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Owner\Desktop\Anti Virus Shit\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\system32\PnkBstrA.exe ()
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Skype\Plugin Manager\skypePM.exe (Skype Technologies)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Pixart\Pac207\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\Program Files\NETGEAR\WPN111\WPN111.exe (NETGEAR)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Owner\Desktop\Anti Virus Shit\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (PnkBstrA) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (vsmon) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Driver Services (SafeList) ========== DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (AegisP) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\AegisP.sys (Meetinghouse Data Communications)
DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (srescan) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys (Check Point Software Technologies LTD)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (ManyCam) -- C:\WINDOWS\system32\drivers\ManyCam.sys (ManyCam LLC.)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (PAC207) -- C:\WINDOWS\system32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (WPN111) -- C:\WINDOWS\system32\drivers\WPN111.sys (NETGEAR, Inc.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (DNINDIS5) -- C:\WINDOWS\system32\DNINDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-73586283-1547161642-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-73586283-1547161642-839522115-1003\S-1-5-21-73586283-1547161642-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://google.com/"
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: ""
FF - prefs.js..extensions.enabledItems: ""
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/27 16:52:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/28 20:49:27 | 00,000,000 | ---D | M]
[2008/01/04 16:00:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/01/29 08:13:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3cdw19y9.default\extensions
[2009/10/25 06:21:09 | 00,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\3cdw19y9.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2008/01/04 15:59:32 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/27 16:52:06 | 00,119,312 | ---- | M] (none) -- C:\Program Files\Mozilla Firefox\components\efcfdcaedbbcbd.dll
O1 HOSTS File: ([2010/01/28 06:43:22 | 00,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-73586283-1547161642-839522115-1003\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1547161642-839522115-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-73586283-1547161642-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\Pixart\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-73586283-1547161642-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-73586283-1547161642-839522115-1003..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-73586283-1547161642-839522115-1003..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-73586283-1547161642-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WPN111 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN111\WPN111.exe (NETGEAR)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-73586283-1547161642-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-73586283-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-73586283-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-73586283-1547161642-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-73586283-1547161642-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
http://messenger.zone.msn.com/binary/ms ... b56986.cab (Checkers Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
http://dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 9172879359 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7}
http://appdirectory.messenger.msn.com/A ... tPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147}
http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\My Documents\My Pictures\1263074561902.png
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/17 10:25:25 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/01/28 06:33:57 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2010/01/28 06:30:21 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/01/28 06:30:21 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/01/28 06:30:20 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/01/28 06:30:20 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/01/28 06:30:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/28 06:25:35 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010/01/25 11:42:59 | 00,000,000 | ---D | C] -- C:\Program Files\Free M4a to MP3 Converter
[2010/01/23 20:28:21 | 00,000,000 | ---D | C] -- C:\_OTL
[2010/01/22 17:02:23 | 00,000,000 | ---D | C] -- C:\Program Files\ManyCam 2.4
[2010/01/21 06:43:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2010/01/21 06:43:22 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/21 06:43:20 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/21 06:43:20 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/21 06:43:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/20 15:14:21 | 00,000,000 | ---D | C] -- C:\Rooter$
[2010/01/20 14:42:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/19 05:23:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Help
[2010/01/14 16:57:49 | 00,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010/01/13 15:11:43 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/01/12 15:53:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/01/12 15:53:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Multi File Downloader
[2010/01/12 15:17:38 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/08/16 19:36:00 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/08/16 10:52:02 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/08/16 10:52:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
========== Files - Modified Within 30 Days ========== [2010/01/29 08:37:38 | 00,550,666 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/29 08:37:38 | 00,462,390 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/29 08:37:38 | 00,078,608 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/29 08:33:32 | 00,350,192 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/01/29 08:33:15 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/29 08:33:13 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/29 08:33:07 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/29 08:31:45 | 08,912,896 | -H-- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2010/01/29 08:31:45 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/01/29 08:28:26 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/28 09:59:21 | 00,000,039 | ---- | M] () -- C:\Documents and Settings\Owner\jagex_runescape_preferences.dat
[2010/01/28 09:47:23 | 00,000,069 | ---- | M] () -- C:\Documents and Settings\Owner\jagex_runescape_preferences2.dat
[2010/01/28 06:43:22 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/28 06:34:03 | 00,000,293 | RHS- | M] () -- C:\boot.ini
[2010/01/28 06:27:34 | 03,839,130 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2010/01/25 21:19:05 | 00,000,406 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\AutoClick.ini
[2010/01/25 21:15:24 | 00,000,110 | ---- | M] () -- C:\WINDOWS\GMouse.ini
[2010/01/25 11:43:00 | 00,000,740 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Free M4a to MP3 Converter.lnk
[2010/01/25 11:43:00 | 00,000,735 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\My Music Tools.lnk
[2010/01/25 02:26:29 | 00,000,223 | ---- | M] () -- C:\Boot.bak
[2010/01/25 02:26:28 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/01/24 16:53:09 | 00,002,278 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\1-23-2010 3-34-06 AM.png
[2010/01/24 16:52:49 | 00,006,285 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\1-23-2010 3-50-39 PM.png
[2010/01/24 16:20:23 | 00,072,715 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\90 slay.jpg
[2010/01/22 17:02:44 | 00,001,568 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ManyCam 2.4.lnk
[2010/01/22 01:17:51 | 00,643,830 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Christina.bmp
[2010/01/21 04:54:38 | 00,143,360 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/21 03:51:16 | 87,700,1032 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\clip0164.avi
[2010/01/20 00:17:52 | 00,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2010/01/19 01:34:58 | 07,847,758 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\sexy.mp3
[2010/01/19 01:24:57 | 05,552,462 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\DJ Khaled - We taking over (feat. Akon, Baby, Lil Wayne, Rick Ross & T.I.).mp3
[2010/01/17 03:13:54 | 00,014,518 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\blue.jpg
[2010/01/16 03:01:44 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/15 10:50:46 | 00,246,272 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ghost-mouse-2-0.exe
[2010/01/14 16:57:57 | 00,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 5.lnk
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/06 23:08:36 | 00,508,094 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\lolololol.html
[2010/01/05 23:34:33 | 42,318,649 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\katieeee.wmv
[2010/01/05 21:34:23 | 48,580,654 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\clip0163.avi
[2010/01/02 20:16:48 | 00,000,585 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Mombot_CoD_4.cfg
[2010/01/02 20:06:30 | 00,138,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/01/02 20:06:21 | 00,215,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/01/02 20:06:21 | 00,215,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/12/30 16:43:57 | 00,000,072 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CoD 4.ini
========== Files Created - No Company Name ========== [2010/01/28 06:34:03 | 00,000,223 | ---- | C] () -- C:\Boot.bak
[2010/01/28 06:34:00 | 00,260,272 | ---- | C] () -- C:\cmldr
[2010/01/28 06:30:21 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/01/28 06:30:21 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/01/28 06:30:21 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/01/28 06:30:21 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/01/28 06:30:21 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/01/28 06:27:34 | 03,839,130 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2010/01/25 21:19:05 | 00,000,406 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\AutoClick.ini
[2010/01/25 11:43:00 | 00,000,740 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Free M4a to MP3 Converter.lnk
[2010/01/25 11:43:00 | 00,000,735 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\My Music Tools.lnk
[2010/01/24 16:53:07 | 00,002,278 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\1-23-2010 3-34-06 AM.png
[2010/01/24 16:52:48 | 00,006,285 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\1-23-2010 3-50-39 PM.png
[2010/01/24 16:20:20 | 00,072,715 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\90 slay.jpg
[2010/01/22 17:02:44 | 00,001,568 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ManyCam 2.4.lnk
[2010/01/22 01:17:46 | 00,643,830 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Christina.bmp
[2010/01/21 03:33:46 | 87,700,1032 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\clip0164.avi
[2010/01/19 05:15:07 | 00,000,110 | ---- | C] () -- C:\WINDOWS\GMouse.ini
[2010/01/17 03:13:51 | 00,014,518 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\blue.jpg
[2010/01/17 02:06:52 | 07,847,758 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\sexy.mp3
[2010/01/15 10:50:38 | 00,246,272 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ghost-mouse-2-0.exe
[2010/01/14 16:57:57 | 00,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 5.lnk
[2010/01/06 23:08:36 | 00,508,094 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\lolololol.html
[2010/01/05 23:27:28 | 42,318,649 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\katieeee.wmv
[2010/01/05 21:33:26 | 48,580,654 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\clip0163.avi
[2009/12/30 16:43:57 | 00,000,072 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CoD 4.ini
[2009/12/30 16:42:01 | 01,339,392 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CoD 4.dll
[2009/12/30 16:42:01 | 00,061,440 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CoD 4.exe
[2009/12/30 16:42:01 | 00,000,585 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Mombot_CoD_4.cfg
[2009/12/23 10:44:42 | 00,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009/12/23 10:21:12 | 00,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/12/01 02:42:39 | 00,000,051 | ---- | C] () -- C:\WINDOWS\EntPack.ini
[2009/11/14 17:58:28 | 00,000,172 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\RSBot Accounts.ini
[2009/11/14 01:44:08 | 00,000,067 | ---- | C] () -- C:\WINDOWS\SpeedGear.INI
[2009/11/06 17:54:23 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/10/06 18:15:42 | 00,138,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/10/06 18:15:42 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PnkBstrK.sys
[2009/09/08 16:17:50 | 00,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/07/09 16:44:31 | 00,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.INI
[2009/07/04 19:37:35 | 00,143,360 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/17 13:29:01 | 00,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2009/06/17 13:29:01 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2008/12/26 00:08:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/12/26 00:08:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/12/26 00:08:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/12/26 00:08:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/07 11:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 11:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 11:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 11:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 11:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 11:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 11:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 11:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 11:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 11:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/01/01 08:54:37 | 00,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/01/01 08:54:37 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/09/27 09:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
< End of report >