OTL.Txt
OTL logfile created on: 2/27/2010 6:56:11 PM - Run 1
OTL by OldTimer - Version 3.1.30.3 Folder = C:\Documents and Settings\User\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 401.36 Gb Free Space | 86.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: USER-B76099523F
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/02/27 18:55:29 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\Downloads\OTL.exe
PRC - [2010/02/26 17:45:34 | 000,186,368 | -HS- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\av.exe
PRC - [2010/01/21 18:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/12/11 16:17:03 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/12/11 16:16:55 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/12/08 10:32:18 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/12/08 10:32:14 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/12/08 10:32:11 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/10/03 04:08:38 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/13 18:51:24 | 002,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007/11/13 18:49:22 | 002,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007/09/25 01:11:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
PRC - [2007/08/15 02:49:26 | 000,063,040 | ---- | M] () -- C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
PRC - [2006/07/13 00:33:14 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2006/07/13 00:22:50 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
PRC - [2006/04/17 12:42:14 | 000,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE
PRC - [2006/04/17 12:41:24 | 000,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXPPS.EXE
PRC - [2006/03/23 20:17:50 | 000,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2006/03/23 20:13:40 | 000,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2004/10/14 14:42:54 | 001,404,928 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2003/10/31 20:42:40 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
========== Modules (SafeList) ==========
MOD - [2010/02/27 18:55:29 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\Downloads\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2010/01/21 18:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/12/11 16:16:55 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/12/08 10:32:11 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/08/15 02:49:26 | 000,063,040 | ---- | M] () [Auto | Running] -- C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe -- (PnkBstrA)
SRV - [2006/04/17 12:42:14 | 000,311,296 | ---- | M] (Lexmark International, Inc.) [Auto | Running] -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS)
========== Driver Services (SafeList) ==========
DRV - [2010/01/30 23:07:49 | 000,012,400 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2009/12/08 10:32:18 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/12/08 10:32:18 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/09/29 17:17:44 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/09/29 16:22:24 | 000,021,419 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2009/09/23 16:10:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2008/08/28 16:52:36 | 000,627,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2008/04/15 13:45:46 | 000,519,168 | ---- | M] (Atheros Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WlanGZXP.SYS -- (ZG760_XP)
DRV - [2008/04/15 13:45:46 | 000,020,736 | ---- | M] (ZDC., Inc. (ZDC)) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ZDCndis5.sys -- (ZDCNDIS5)
DRV - [2008/04/15 13:45:44 | 000,020,608 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BRGSp50.sys -- (BRGSp50)
DRV - [2008/04/14 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006/05/10 15:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/03/23 20:47:06 | 001,166,972 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2005/03/22 11:08:40 | 000,260,224 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://z4.invisionfree.com/Happy_Tree_Forums/index.php"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/21 16:06:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/21 16:06:58 | 000,000,000 | ---D | M]
[2009/12/08 15:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2010/02/26 19:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p9khj3ef.default\extensions
[2009/12/08 16:04:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p9khj3ef.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/12/08 15:45:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2010/02/02 14:47:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ZyXEL G-202 Wireless Adapter Utility.lnk = C:\Program Files\ZyXEL G-202\ZyXEL G-202.exe (ZyXEL Communications Corp.)
O4 - Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/25 12:12:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/02/26 18:03:38 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/02/26 18:03:37 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/02/26 18:03:37 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll.old
[2010/02/26 18:03:37 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/02/26 18:01:28 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/02/26 18:01:12 | 000,207,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/02/26 18:01:12 | 000,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/02/26 18:01:02 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/02/26 18:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/02/26 18:00:56 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/02/26 18:00:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\PC Tools
[2010/02/26 18:00:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/02/26 18:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/20 00:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Malwarebytes
[2010/02/20 00:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/02/20 00:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/19 23:53:02 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/02/19 23:48:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/02/02 15:41:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/02/02 14:50:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/02/02 10:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Old RP's
[2010/02/02 09:53:21 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/02/02 09:51:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/02/02 09:51:47 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/02/02 09:51:47 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/02/02 09:51:47 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/02/02 09:51:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/02/02 09:43:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/01/31 23:44:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Microsoft Games
[2010/01/31 23:40:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Games
[2010/01/31 23:35:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009/12/16 06:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/09/29 17:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/09/29 17:07:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/09/29 17:07:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
========== Files - Modified Within 30 Days ==========
[2010/02/27 18:53:43 | 000,010,986 | -HS- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\SlfBpB8
[2010/02/27 18:53:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/27 18:52:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/27 18:52:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/26 19:38:37 | 006,553,600 | -H-- | M] () -- C:\Documents and Settings\User\ntuser.dat
[2010/02/26 19:38:37 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2010/02/26 18:53:29 | 056,305,693 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/02/26 18:01:05 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/02/26 17:55:13 | 000,000,330 | ---- | M] () -- C:\Documents and Settings\User\My Documents\exefix.reg
[2010/02/26 17:49:00 | 000,021,391 | ---- | M] () -- C:\Documents and Settings\User\My Documents\20. Were Leopard Pan.odt
[2010/02/26 17:45:34 | 000,186,368 | -HS- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\av.exe
[2010/02/26 16:36:40 | 000,026,577 | ---- | M] () -- C:\Documents and Settings\User\My Documents\9. Feral 2.odt
[2010/02/25 20:53:54 | 000,028,562 | ---- | M] () -- C:\Documents and Settings\User\My Documents\8. Feral Level.odt
[2010/02/25 16:49:28 | 000,021,021 | ---- | M] () -- C:\Documents and Settings\User\My Documents\18. General.odt
[2010/02/23 22:49:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/23 16:36:31 | 000,018,243 | ---- | M] () -- C:\Documents and Settings\User\My Documents\19. Pet.odt
[2010/02/21 14:14:20 | 000,023,142 | ---- | M] () -- C:\Documents and Settings\User\My Documents\17. Li's Mind.odt
[2010/02/20 22:47:13 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/20 17:25:21 | 000,021,554 | ---- | M] () -- C:\Documents and Settings\User\My Documents\16. Another new.odt
[2010/02/20 00:11:22 | 000,000,528 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/20 00:11:22 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/02/20 00:11:22 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/02/19 19:52:34 | 000,022,411 | ---- | M] () -- C:\Documents and Settings\User\My Documents\15. New Character.odt
[2010/02/18 18:01:18 | 000,016,805 | ---- | M] () -- C:\Documents and Settings\User\My Documents\14. Rita Vores.odt
[2010/02/17 18:54:15 | 000,022,181 | ---- | M] () -- C:\Documents and Settings\User\My Documents\13. Li's Insanity.odt
[2010/02/16 18:11:42 | 000,023,564 | ---- | M] () -- C:\Documents and Settings\User\My Documents\12. Rita Visits.odt
[2010/02/14 17:06:06 | 000,024,972 | ---- | M] () -- C:\Documents and Settings\User\My Documents\un.odt
[2010/02/14 16:52:57 | 000,020,968 | ---- | M] () -- C:\Documents and Settings\User\My Documents\11. Weapons.odt
[2010/02/13 22:07:49 | 001,580,722 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db
[2010/02/13 19:57:47 | 000,014,967 | ---- | M] () -- C:\Documents and Settings\User\My Documents\10. Sleep Vore.odt
[2010/02/13 12:04:12 | 000,020,192 | ---- | M] () -- C:\Documents and Settings\User\My Documents\conversation.odt
[2010/02/11 16:53:38 | 000,014,128 | ---- | M] () -- C:\Documents and Settings\User\My Documents\7. Kody.odt
[2010/02/11 16:40:06 | 000,014,133 | ---- | M] () -- C:\Documents and Settings\User\My Documents\6. Li's Preg AGAIN.odt
[2010/02/10 16:36:06 | 000,017,991 | ---- | M] () -- C:\Documents and Settings\User\My Documents\5. Li and Laya Inflation.odt
[2010/02/09 21:17:35 | 000,000,129 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/02/09 16:42:32 | 000,020,462 | ---- | M] () -- C:\Documents and Settings\User\My Documents\4. Charlie & Ferals.odt
[2010/02/07 13:37:20 | 000,023,264 | ---- | M] () -- C:\Documents and Settings\User\My Documents\3. The Thing.odt
[2010/02/06 14:01:05 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Forgotten Hope.lnk
[2010/02/05 19:56:55 | 000,023,690 | ---- | M] () -- C:\Documents and Settings\User\My Documents\2. Rita School Again.odt
[2010/02/05 09:25:38 | 000,070,408 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/02/05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/02/03 16:45:21 | 000,020,821 | ---- | M] () -- C:\Documents and Settings\User\My Documents\2. Rita School.odt
[2010/02/02 16:48:42 | 000,017,135 | ---- | M] () -- C:\Documents and Settings\User\My Documents\1. Pan and Jayde.odt
[2010/02/02 14:51:28 | 000,023,372 | ---- | M] () -- C:\Documents and Settings\User\My Documents\ComboFix report2.odt
[2010/02/02 14:47:10 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/02/02 14:40:31 | 003,843,928 | R--- | M] () -- C:\Documents and Settings\User\Desktop\ComboFix.exe
[2010/02/02 10:57:16 | 000,014,304 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/02 10:17:06 | 000,023,747 | ---- | M] () -- C:\Documents and Settings\User\My Documents\ComboFix report.odt
[2010/01/31 23:43:49 | 000,001,726 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Zoo Tycoon 2 Endangered Species.lnk
[2010/01/30 23:07:49 | 000,012,400 | ---- | M] (Macrovision Europe Ltd) -- C:\WINDOWS\System32\drivers\secdrv.sys
[2010/01/30 19:55:15 | 000,000,297 | ---- | M] () -- C:\WINDOWS\EReg072.dat
[2010/01/30 14:14:40 | 000,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
========== Files Created - No Company Name ==========
[2010/02/26 18:03:38 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/02/26 18:03:38 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/02/26 18:03:38 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/02/26 18:03:38 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/02/26 18:03:38 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/02/26 18:03:38 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/02/26 18:01:28 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/02/26 18:01:12 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/02/26 18:01:12 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/02/26 18:01:05 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/02/26 18:01:02 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010/02/26 17:55:13 | 000,000,330 | ---- | C] () -- C:\Documents and Settings\User\My Documents\exefix.reg
[2010/02/26 17:48:59 | 000,021,391 | ---- | C] () -- C:\Documents and Settings\User\My Documents\20. Were Leopard Pan.odt
[2010/02/26 17:45:35 | 000,010,986 | -HS- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\SlfBpB8
[2010/02/26 17:45:34 | 000,186,368 | -HS- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\av.exe
[2010/02/23 16:36:30 | 000,018,243 | ---- | C] () -- C:\Documents and Settings\User\My Documents\19. Pet.odt
[2010/02/22 16:36:12 | 000,021,021 | ---- | C] () -- C:\Documents and Settings\User\My Documents\18. General.odt
[2010/02/21 12:18:42 | 000,023,142 | ---- | C] () -- C:\Documents and Settings\User\My Documents\17. Li's Mind.odt
[2010/02/20 11:13:25 | 000,021,554 | ---- | C] () -- C:\Documents and Settings\User\My Documents\16. Another new.odt
[2010/02/19 17:40:30 | 000,022,411 | ---- | C] () -- C:\Documents and Settings\User\My Documents\15. New Character.odt
[2010/02/18 17:17:37 | 000,016,805 | ---- | C] () -- C:\Documents and Settings\User\My Documents\14. Rita Vores.odt
[2010/02/17 16:45:04 | 000,022,181 | ---- | C] () -- C:\Documents and Settings\User\My Documents\13. Li's Insanity.odt
[2010/02/14 20:03:02 | 000,023,564 | ---- | C] () -- C:\Documents and Settings\User\My Documents\12. Rita Visits.odt
[2010/02/14 13:08:39 | 000,020,968 | ---- | C] () -- C:\Documents and Settings\User\My Documents\11. Weapons.odt
[2010/02/14 12:45:09 | 000,024,972 | ---- | C] () -- C:\Documents and Settings\User\My Documents\un.odt
[2010/02/13 19:57:46 | 000,014,967 | ---- | C] () -- C:\Documents and Settings\User\My Documents\10. Sleep Vore.odt
[2010/02/13 14:03:42 | 000,026,577 | ---- | C] () -- C:\Documents and Settings\User\My Documents\9. Feral 2.odt
[2010/02/13 10:44:47 | 000,020,192 | ---- | C] () -- C:\Documents and Settings\User\My Documents\conversation.odt
[2010/02/12 17:37:10 | 000,028,562 | ---- | C] () -- C:\Documents and Settings\User\My Documents\8. Feral Level.odt
[2010/02/11 16:53:38 | 000,014,128 | ---- | C] () -- C:\Documents and Settings\User\My Documents\7. Kody.odt
[2010/02/11 16:40:05 | 000,014,133 | ---- | C] () -- C:\Documents and Settings\User\My Documents\6. Li's Preg AGAIN.odt
[2010/02/10 16:36:05 | 000,017,991 | ---- | C] () -- C:\Documents and Settings\User\My Documents\5. Li and Laya Inflation.odt
[2010/02/09 21:17:35 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/02/08 16:54:13 | 000,020,462 | ---- | C] () -- C:\Documents and Settings\User\My Documents\4. Charlie & Ferals.odt
[2010/02/06 14:01:53 | 000,023,264 | ---- | C] () -- C:\Documents and Settings\User\My Documents\3. The Thing.odt
[2010/02/06 14:01:05 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Forgotten Hope.lnk
[2010/02/04 16:46:34 | 000,023,690 | ---- | C] () -- C:\Documents and Settings\User\My Documents\2. Rita School Again.odt
[2010/02/03 13:57:23 | 000,020,821 | ---- | C] () -- C:\Documents and Settings\User\My Documents\2. Rita School.odt
[2010/02/02 14:51:28 | 000,023,372 | ---- | C] () -- C:\Documents and Settings\User\My Documents\ComboFix report2.odt
[2010/02/02 14:37:15 | 003,843,928 | R--- | C] () -- C:\Documents and Settings\User\Desktop\ComboFix.exe
[2010/02/02 14:34:53 | 000,017,135 | ---- | C] () -- C:\Documents and Settings\User\My Documents\1. Pan and Jayde.odt
[2010/02/02 10:17:06 | 000,023,747 | ---- | C] () -- C:\Documents and Settings\User\My Documents\ComboFix report.odt
[2010/02/02 09:53:29 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/02/02 09:53:23 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/02/02 09:51:47 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/02/02 09:51:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/02/02 09:51:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/02/02 09:51:47 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/02/02 09:51:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/01/31 23:43:49 | 000,001,726 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Zoo Tycoon 2 Endangered Species.lnk
[2010/01/30 19:55:15 | 000,000,297 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2009/12/19 12:59:06 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/08 20:20:20 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/12/05 21:10:55 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009/12/05 15:33:34 | 000,000,580 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/12/03 19:01:36 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/12/03 19:01:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/12/03 16:04:39 | 000,000,248 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009/12/03 16:04:36 | 000,000,076 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2007/06/19 09:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007/04/20 08:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/04/20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/04/20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/04/20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/04/20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/04/20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/04/20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/04/20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/04/20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006/01/30 07:42:22 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2002/11/13 02:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >