WiredWX Hobby Weather ToolsLog in

 


descriptionTrojan Horse Agent_rxj Help EmptyTrojan Horse Agent_rxj Help

more_horiz
Win7 Ultimate
I've ran OTL and this is what I've got...

OTL logfile created on: 4/28/2011 2:38:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kabal\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 184.36 Gb Total Space | 18.54 Gb Free Space | 10.05% Space Free | Partition Type: NTFS
Drive D: | 1.95 Gb Total Space | 0.49 Gb Free Space | 25.32% Space Free | Partition Type: NTFS
Drive E: | 5.40 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 9.56 Gb Total Space | 9.47 Gb Free Space | 99.13% Space Free | Partition Type: NTFS
Drive G: | 7.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 19.01 Gb Total Space | 6.11 Gb Free Space | 32.13% Space Free | Partition Type: NTFS

Computer Name: KABAL-PC | User Name: Kabal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/28 14:32:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kabal\Desktop\OTL.exe
PRC - [2011/04/08 00:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/07 22:44:58 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011/04/07 22:44:48 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2011/03/09 11:09:54 | 003,986,944 | ---- | M] (Western Digital Technologies, Inc.) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/07 01:22:12 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/11/22 04:48:46 | 003,226,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe
PRC - [2010/10/27 18:24:42 | 000,645,952 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2010/10/27 18:23:16 | 001,483,072 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/22 04:56:48 | 000,745,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010/03/22 09:17:22 | 000,191,080 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2010/03/22 09:17:20 | 000,133,736 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 20:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/06/30 14:10:08 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
PRC - [2009/06/30 14:10:08 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files\ALFA\AWUS036H Wireless LAN Utility\RtlService.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe


========== Modules (SafeList) ==========

MOD - [2011/04/28 14:32:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kabal\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/04/20 15:21:12 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Stopped] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2011/04/08 00:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/11/22 04:48:46 | 003,226,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2010/10/27 18:23:16 | 001,483,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/10/27 18:21:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/23 12:23:07 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2010/05/07 19:35:51 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/04/16 02:18:34 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/03/22 09:17:22 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/06/30 14:10:08 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe -- (Realtek87B)
SRV - [2009/06/30 14:10:08 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\ALFA\AWUS036H Wireless LAN Utility\RtlService.exe -- (AWUS036H)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007/05/11 12:10:00 | 000,132,728 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\pcAnywhere\awhost32.exe -- (awhost32)
SRV - [2007/01/05 14:04:10 | 002,918,008 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)


========== Driver Services (SafeList) ==========

DRV - [2011/04/08 00:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/10/07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/09/13 16:27:54 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 21:42:36 | 000,021,072 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/07/29 00:25:02 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/07/12 04:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010/01/21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010/01/21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010/01/21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010/01/07 03:20:22 | 000,375,808 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8187.sys -- (RTL8187)
DRV - [2009/09/15 14:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009/07/31 00:12:54 | 000,287,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 17:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (SrvHsfPCI)
DRV - [2009/07/13 17:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/06/22 22:34:38 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/04/13 17:42:16 | 000,068,096 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2007/03/30 20:48:02 | 000,018,232 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\AW_HOST5.sys -- (AW_HOST)
DRV - [2007/03/30 20:47:22 | 000,017,848 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\awlegacy.sys -- (awlegacy)
DRV - [2007/03/30 20:46:50 | 000,013,368 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\awechomd.sys -- (awecho)
DRV - [2007/03/30 20:44:22 | 000,020,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\GERNUWA.sys -- (Gernuwa)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 DD 52 6C 65 EE CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://bing.zugo.com/?cfg=2-80-0-1939r
IE - HKCU\..\URLSearchHook: {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NetZero\SearchEnh1.dll (NetZero, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://yeppo.net"
FF - prefs.js..extensions.enabledItems: {cdbbb3f6-a50e-4b20-a154-5fcbb3bbf43d}:1.2.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209


FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/04/21 21:14:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/22 23:27:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/22 23:27:02 | 000,000,000 | ---D | M]

[2010/05/07 22:47:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kabal\AppData\Roaming\Mozilla\Extensions
[2011/04/27 22:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kabal\AppData\Roaming\Mozilla\Firefox\Profiles\1gllg7sh.default\extensions
[2011/04/27 22:09:44 | 000,000,000 | ---D | M] (Veehd Plugin) -- C:\Users\Kabal\AppData\Roaming\Mozilla\Firefox\Profiles\1gllg7sh.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}
[2010/05/18 21:21:59 | 000,000,000 | ---D | M] (JavaScript Options) -- C:\Users\Kabal\AppData\Roaming\Mozilla\Firefox\Profiles\1gllg7sh.default\extensions\{cdbbb3f6-a50e-4b20-a154-5fcbb3bbf43d}
[2011/04/20 00:53:17 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kabal\AppData\Roaming\Mozilla\Firefox\Profiles\1gllg7sh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/05/15 13:00:22 | 000,001,836 | ---- | M] () -- C:\Users\Kabal\AppData\Roaming\Mozilla\Firefox\Profiles\1gllg7sh.default\searchplugins\bing-ff.xml
[2011/04/22 23:27:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/19 02:46:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{b0dfc1dc-a953-5872-8dbb-28e8b51f963b}-trash
[2010/11/21 14:51:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) --
[2011/04/21 21:14:39 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/03/18 12:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/04/27 21:35:50 | 000,432,470 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14910 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Pop-up Blocker) - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\X1IEBHO.dll (NetZero, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll (NetZero, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Display All Images with Full Quality - C:\Program Files\NetZero\qsacc\appres.dll (NetZero, Inc.)
O8 - Extra context menu item: Display Image with Full Quality - C:\Program Files\NetZero\qsacc\appres.dll (NetZero, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (C:\Windows\SYSTEM32\RtlGina\RtlGina.DLL) - C:\Windows\System32\RtlGina\RtlGina.dll (Realtek)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\PCANotify: DllName - PCANotify.dll - C:\Windows\System32\PCANotify.dll (Symantec Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O27 - HKLM IFEO\TeamViewer_Service.exe: Debugger - rundll32.exe (Microsoft Corporation)
O27 - HKLM IFEO\VideoAcceleratorService.exe: Debugger - rundll32.exe (Microsoft Corporation)
O27 - HKLM IFEO\WLIDSVC.EXE: Debugger - rundll32.exe (Microsoft Corporation)
O27 - HKLM IFEO\WLIDSvcM.exe: Debugger - rundll32.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/02/09 20:55:59 | 000,423,304 | R--- | M] (Electronic Arts) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010/02/10 01:21:09 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2010/01/31 03:21:13 | 000,367,686 | R--- | M] () - E:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2010/02/09 21:55:03 | 009,965,568 | R--- | M] () - E:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2010/02/09 21:54:55 | 000,000,155 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/11/09 10:57:14 | 000,000,075 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/12/28 15:56:56 | 000,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{744f6c47-5a5e-11df-951a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{744f6c47-5a5e-11df-951a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010/02/09 20:55:59 | 000,423,304 | R--- | M] (Electronic Arts)
O33 - MountPoints2\{9c06ff14-6dbf-11e0-9706-00215a71e555}\Shell - "" = AutoRun
O33 - MountPoints2\{9c06ff14-6dbf-11e0-9706-00215a71e555}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{cd3bebf5-6d37-11e0-a129-00215a71e555}\Shell - "" = AutoRun
O33 - MountPoints2\{cd3bebf5-6d37-11e0-a129-00215a71e555}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/28 14:32:15 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Kabal\Desktop\OTL.exe
[2011/04/28 12:42:55 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Roaming\Sun
[2011/04/27 21:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/04/27 21:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/04/27 21:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/04/26 09:56:56 | 000,000,000 | ---D | C] -- C:\Users\Kabal\Desktop\site
[2011/04/26 09:46:41 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011/04/26 09:46:41 | 010,690,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011/04/26 09:46:41 | 005,180,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011/04/26 09:46:41 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011/04/26 09:46:41 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011/04/26 09:46:41 | 000,944,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220140.dll
[2011/04/26 09:46:41 | 000,855,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322060.dll
[2011/04/26 09:46:41 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011/04/26 09:46:40 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011/04/26 09:46:40 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2011/04/26 00:14:57 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Roaming\Malwarebytes
[2011/04/26 00:14:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/26 00:14:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/04/26 00:14:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/04/26 00:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/26 00:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/24 21:09:52 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2011/04/24 20:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2011/04/24 20:43:37 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Roaming\Nero
[2011/04/24 20:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011/04/24 20:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2011/04/24 20:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2011/04/24 20:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/04/24 20:37:49 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2011/04/24 20:37:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2011/04/23 07:50:50 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Local\Activision
[2011/04/23 07:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011/04/22 22:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Manager
[2011/04/22 22:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager
[2011/04/22 20:00:11 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011/04/22 19:59:55 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2011/04/22 19:59:55 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011/04/22 19:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011/04/22 19:58:55 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Roaming\TuneUp Software
[2011/04/22 19:58:39 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2011
[2011/04/22 19:57:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011/04/22 19:57:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/04/22 19:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2011/04/22 18:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\WD_SmartWareCommon
[2011/04/22 18:40:27 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Local\Western_Digital
[2011/04/22 18:35:38 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Roaming\Western Digital
[2011/04/22 18:34:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2011/04/22 18:34:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/22 18:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2011/04/22 18:32:01 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Local\Western Digital
[2011/04/21 20:59:38 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Roaming\AVG10
[2011/04/21 20:57:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/04/21 20:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/04/21 20:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/04/20 21:18:24 | 000,000,000 | ---D | C] -- C:\2101d730187801ae8dbb
[2011/04/20 19:27:41 | 000,000,000 | ---D | C] -- C:\Users\Kabal\AppData\Roaming\ESET
[2011/04/20 19:22:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011/04/20 17:47:33 | 000,485,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2011/04/20 15:21:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedBit Video Accelerator
[2011/04/20 15:21:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit
[2011/04/20 15:21:10 | 000,172,032 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx
[2011/04/20 15:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedBit Video Accelerator
[2011/04/20 13:48:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/04/20 00:57:56 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/04/20 00:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/04/20 00:23:58 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/04/20 00:23:58 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/04/20 00:23:56 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011/04/20 00:23:55 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/04/20 00:23:55 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/04/20 00:23:55 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/04/20 00:23:38 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/20 00:23:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/20 00:23:36 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/20 00:23:36 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/20 00:23:36 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/20 00:23:36 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/20 00:23:35 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/20 00:23:35 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/20 00:23:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/20 00:23:35 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/20 00:23:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/20 00:23:13 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/04/20 00:23:13 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/04/20 00:23:12 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/04/20 00:23:11 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011/04/20 00:23:11 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/04/20 00:23:11 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/04/20 00:22:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/20 00:22:47 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011/04/20 00:22:47 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/04/20 00:22:42 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011/04/20 00:22:37 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/04/20 00:22:11 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/20 00:22:01 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/04/20 00:22:01 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/04/20 00:22:01 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/04/20 00:22:00 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011/04/20 00:21:56 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/20 00:21:55 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/20 00:21:51 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/04/20 00:21:51 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/04/20 00:21:42 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2011/04/20 00:21:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/04/20 00:21:30 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/04/20 00:21:23 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/20 00:21:23 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/20 00:21:14 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/20 00:21:14 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/20 00:21:03 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011/04/20 00:21:01 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011/04/20 00:21:01 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011/04/20 00:21:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011/04/20 00:14:43 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011/04/20 00:14:43 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/04/20 00:13:39 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/04/16 18:59:56 | 000,000,000 | ---D | C] -- C:\Users\Kabal\Documents\Electronic Arts
[2011/04/07 22:45:08 | 000,580,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll
[2011/04/07 22:45:06 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2011/04/07 22:44:58 | 003,701,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2011/04/07 22:44:48 | 002,565,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2011/03/30 19:18:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero Internet
[2011/03/30 19:18:47 | 000,000,000 | ---D | C] -- C:\NetZeroInstaller
[2011/03/30 19:18:42 | 000,000,000 | ---D | C] -- C:\Program Files\Connection Wizard
[2011/03/29 18:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK RTL8187 Wireless LAN Utility
[2011/03/29 18:30:32 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/28 14:32:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kabal\Desktop\OTL.exe
[2011/04/28 14:23:54 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/28 14:23:53 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/28 14:14:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/28 13:03:07 | 000,140,360 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/04/28 13:02:58 | 000,281,208 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011/04/28 13:00:46 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011/04/28 11:29:38 | 000,000,228 | ---- | M] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance2011.job
[2011/04/28 10:55:06 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4127708054-3947323632-704718354-1001UA.job
[2011/04/28 09:34:41 | 113,592,104 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/04/27 21:35:50 | 000,432,470 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/04/27 21:25:26 | 000,001,221 | ---- | M] () -- C:\Users\Kabal\Desktop\Spybot - Search & Destroy.lnk
[2011/04/27 08:01:18 | 000,000,632 | RHS- | M] () -- C:\Users\Kabal\ntuser.pol
[2011/04/26 21:14:13 | 000,002,233 | ---- | M] () -- C:\Users\Kabal\Desktop\members.png
[2011/04/26 21:04:04 | 000,019,092 | ---- | M] () -- C:\Users\Kabal\Desktop\members.jpg
[2011/04/26 20:56:42 | 000,003,928 | ---- | M] () -- C:\Users\Kabal\Desktop\images.jpg
[2011/04/26 20:53:00 | 000,063,061 | ---- | M] () -- C:\Users\Kabal\Desktop\1268841927_cover_novyj-razmer.jpg
[2011/04/26 18:29:19 | 000,003,971 | ---- | M] () -- C:\Users\Kabal\Desktop\block-Recruitment.php
[2011/04/26 18:04:01 | 000,002,415 | ---- | M] () -- C:\Users\Kabal\Desktop\Google Chrome.lnk
[2011/04/26 17:52:27 | 000,001,396 | -HS- | M] () -- C:\Users\Kabal\AppData\Local\l5f6ntrchw38qg10wh40w
[2011/04/26 17:52:27 | 000,001,396 | -HS- | M] () -- C:\ProgramData\l5f6ntrchw38qg10wh40w
[2011/04/26 16:12:34 | 000,001,170 | ---- | M] () -- C:\Users\Kabal\Desktop\FileZilla.lnk
[2011/04/26 15:07:31 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4127708054-3947323632-704718354-1001Core.job
[2011/04/26 08:01:48 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\tgllq.sys
[2011/04/26 07:55:58 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/25 18:42:41 | 000,028,117 | ---- | M] () -- C:\Users\Kabal\Desktop\BadaBingNew.JPG
[2011/04/24 21:15:00 | 000,000,124 | ---- | M] () -- C:\Users\Kabal\Documents\ax_files.xml
[2011/04/24 20:41:35 | 000,002,915 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2011/04/24 20:37:52 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2011/04/23 16:46:11 | 000,632,708 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/23 16:46:11 | 000,110,342 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/23 16:19:54 | 000,001,551 | ---- | M] () -- C:\Users\Kabal\Desktop\Winaw32.exe - Shortcut.lnk
[2011/04/23 07:45:22 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011/04/23 07:45:20 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011/04/23 07:26:48 | 000,001,305 | ---- | M] () -- C:\Users\Kabal\Desktop\Steam.exe - Shortcut.lnk
[2011/04/22 22:55:36 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\Download Manager.lnk
[2011/04/22 19:59:54 | 000,002,160 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2011/04/22 19:59:54 | 000,002,142 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011/04/22 19:26:18 | 000,001,323 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2011/04/22 18:29:49 | 000,008,710 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjg.avm
[2011/04/21 21:14:39 | 000,000,928 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/04/21 21:11:36 | 000,651,666 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2011/04/20 16:37:11 | 000,000,375 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011/04/20 15:21:10 | 000,172,032 | ---- | M] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx
[2011/04/20 14:36:00 | 000,240,388 | ---- | M] () -- C:\Users\Kabal\Desktop\New WinRAR archive.rar
[2011/04/20 02:36:09 | 000,001,144 | ---- | M] () -- C:\Users\Kabal\Desktop\DynamicHeaderImage.php
[2011/04/20 00:49:04 | 000,281,688 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/19 21:54:33 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk
[2011/04/08 06:28:58 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2011/04/08 00:14:00 | 015,227,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011/04/08 00:14:00 | 013,007,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011/04/08 00:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011/04/08 00:14:00 | 010,071,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2011/04/08 00:14:00 | 006,299,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2011/04/08 00:14:00 | 005,180,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011/04/08 00:14:00 | 002,765,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011/04/08 00:14:00 | 002,074,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011/04/08 00:14:00 | 002,034,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2011/04/08 00:14:00 | 000,944,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220140.dll
[2011/04/08 00:14:00 | 000,855,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322060.dll
[2011/04/08 00:14:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011/04/08 00:14:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2011/04/08 00:14:00 | 000,004,755 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2011/04/07 22:45:08 | 000,580,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll
[2011/04/07 22:45:06 | 000,111,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2011/04/07 22:44:58 | 003,701,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2011/04/07 22:44:48 | 002,565,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2011/04/01 22:32:49 | 618,229,440 | ---- | M] () -- C:\Snes Emu-Games.rar
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/28 11:29:38 | 000,000,228 | ---- | C] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance2011.job
[2011/04/27 21:25:26 | 000,001,221 | ---- | C] () -- C:\Users\Kabal\Desktop\Spybot - Search & Destroy.lnk
[2011/04/26 21:11:01 | 000,002,233 | ---- | C] () -- C:\Users\Kabal\Desktop\members.png
[2011/04/26 21:04:02 | 000,019,092 | ---- | C] () -- C:\Users\Kabal\Desktop\members.jpg
[2011/04/26 20:56:40 | 000,003,928 | ---- | C] () -- C:\Users\Kabal\Desktop\images.jpg
[2011/04/26 20:52:57 | 000,063,061 | ---- | C] () -- C:\Users\Kabal\Desktop\1268841927_cover_novyj-razmer.jpg
[2011/04/26 18:29:19 | 000,003,971 | ---- | C] () -- C:\Users\Kabal\Desktop\block-Recruitment.php
[2011/04/26 18:16:49 | 000,025,290 | ---- | C] () -- C:\Users\Kabal\Desktop\MA_Guide_1.0.0.html
[2011/04/26 18:15:17 | 000,007,241 | ---- | C] () -- C:\Users\Kabal\Desktop\M_A_Install.php
[2011/04/26 18:04:01 | 000,002,415 | ---- | C] () -- C:\Users\Kabal\Desktop\Google Chrome.lnk
[2011/04/26 17:52:27 | 000,001,396 | -HS- | C] () -- C:\Users\Kabal\AppData\Local\l5f6ntrchw38qg10wh40w
[2011/04/26 17:52:27 | 000,001,396 | -HS- | C] () -- C:\ProgramData\l5f6ntrchw38qg10wh40w
[2011/04/26 16:33:20 | 000,029,262 | ---- | C] () -- C:\Users\Kabal\Desktop\request_form.php
[2011/04/26 16:19:55 | 000,008,377 | ---- | C] () -- C:\Users\Kabal\Desktop\install.sql
[2011/04/26 16:12:34 | 000,001,170 | ---- | C] () -- C:\Users\Kabal\Desktop\FileZilla.lnk
[2011/04/26 09:46:41 | 000,004,755 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2011/04/26 08:01:48 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\tgllq.sys
[2011/04/26 00:14:39 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/25 18:42:32 | 000,028,117 | ---- | C] () -- C:\Users\Kabal\Desktop\BadaBingNew.JPG
[2011/04/24 21:14:29 | 000,000,124 | ---- | C] () -- C:\Users\Kabal\Documents\ax_files.xml
[2011/04/24 20:41:35 | 000,002,915 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2011/04/24 20:37:52 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2011/04/23 16:19:54 | 000,001,551 | ---- | C] () -- C:\Users\Kabal\Desktop\Winaw32.exe - Shortcut.lnk
[2011/04/23 07:45:22 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011/04/23 07:45:20 | 000,002,147 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011/04/23 07:26:48 | 000,001,305 | ---- | C] () -- C:\Users\Kabal\Desktop\Steam.exe - Shortcut.lnk
[2011/04/22 23:27:07 | 000,001,109 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/22 22:55:26 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\Download Manager.lnk
[2011/04/22 19:59:54 | 000,002,160 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2011/04/22 19:59:54 | 000,002,142 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011/04/22 19:59:52 | 000,002,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011/04/22 19:26:18 | 000,001,323 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2011/04/21 20:57:15 | 000,000,928 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/04/20 14:35:56 | 000,240,388 | ---- | C] () -- C:\Users\Kabal\Desktop\New WinRAR archive.rar
[2011/04/20 02:32:22 | 000,001,144 | ---- | C] () -- C:\Users\Kabal\Desktop\DynamicHeaderImage.php
[2011/04/16 19:36:50 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk
[2011/04/08 06:28:58 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011/04/01 22:17:41 | 618,229,440 | ---- | C] () -- C:\Snes Emu-Games.rar
[2011/03/30 19:18:58 | 000,001,765 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero Internet
[2011/03/29 14:34:54 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011/03/27 13:35:35 | 000,000,958 | ---- | C] () -- C:\Windows\SOFPLAT.ini
[2011/03/14 01:23:31 | 000,003,584 | ---- | C] () -- C:\Users\Kabal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/23 17:11:25 | 000,886,272 | -H-- | C] () -- C:\Users\Kabal\AppData\Roaming\System.Data.SQLite.DLL
[2010/10/23 17:11:23 | 000,017,920 | ---- | C] () -- C:\Users\Kabal\AppData\Roaming\4wvxj8664WV.exe
[2010/10/23 16:34:08 | 000,017,920 | ---- | C] () -- C:\Users\Kabal\AppData\Roaming\4sdrm5719ON.exe
[2010/08/29 12:26:16 | 000,000,017 | ---- | C] () -- C:\Users\Kabal\AppData\Local\resmon.resmoncfg
[2010/06/13 18:00:31 | 000,138,056 | ---- | C] () -- C:\Users\Kabal\AppData\Roaming\PnkBstrK.sys
[2010/06/13 18:00:11 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/05/30 13:58:09 | 000,000,093 | ---- | C] () -- C:\Users\Kabal\AppData\Local\fusioncache.dat
[2010/05/29 22:13:01 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/05/29 22:13:00 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/05/29 22:12:59 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/05/29 22:12:59 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/05/29 22:12:58 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/05/19 07:22:56 | 000,000,770 | ---- | C] () -- C:\Windows\Sof2.INI
[2010/05/18 21:54:29 | 000,000,600 | ---- | C] () -- C:\Users\Kabal\AppData\Local\PUTTY.RND
[2010/05/07 23:31:30 | 000,140,360 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/05/07 23:31:21 | 000,281,208 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/05/07 23:31:06 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,281,688 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,632,708 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,110,342 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >

descriptionTrojan Horse Agent_rxj Help EmptyOTL Extras

more_horiz
OTL Extras logfile created on: 4/28/2011 2:38:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kabal\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 184.36 Gb Total Space | 18.54 Gb Free Space | 10.05% Space Free | Partition Type: NTFS
Drive D: | 1.95 Gb Total Space | 0.49 Gb Free Space | 25.32% Space Free | Partition Type: NTFS
Drive E: | 5.40 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 9.56 Gb Total Space | 9.47 Gb Free Space | 99.13% Space Free | Partition Type: NTFS
Drive G: | 7.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 19.01 Gb Total Space | 6.11 Gb Free Space | 32.13% Space Free | Partition Type: NTFS

Computer Name: KABAL-PC | User Name: Kabal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0AEA6DF2-CD5A-4EAC-9C6B-44477994E2F1}" = Battlefield Bad Company 2 Command Center
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DF70CB6-553A-4C57-8E6D-87635EECFB78}" = REALTEK Wireless LAN Driver and Utility
"{12118183-866A-11D3-97DF-0000F8D8F2E9}" = Symantec pcAnywhere
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6c651250-2eb2-11d5-8e33-0050dad72ac2}" = NetZero Internet
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 270.61
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3AEF776-7FFF-4C50-A402-9119E3849EE0}" = AVG 2011
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{D86B6C32-49BD-4A02-9C43-14E497018498}" = Windows 7 Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB9BD1D5-8DFB-48C4-927B-10BB47CA59B3}" = Microsoft .NET Framework SDK (English) 1.1
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AGrcon v1.0" = AGrcon v1.0
"AVG" = AVG 2011
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"DivX Setup.divx.com" = DivX Setup
"Download Manager" = Download Manager 2.3.10
"EADM" = EA Download Manager
"FileZilla Client" = FileZilla Client 3.4.0
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"Joboshare AVI to DVD Converter" = Joboshare AVI to DVD Converter
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.9.8 BETA
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Precision" = EVGA Precision 1.9.3
"PunkBusterSvc" = PunkBuster Services
"Soldier of Fortune Platinum" = Soldier of Fortune Platinum
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"Steam App 10090" = Call of Duty: World at War
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"THE END OF DAYS" = THE END OF DAYS
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"UltraISO_is1" = UltraISO Premium V8.62
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bc3d19583e42009e" = TS3 Admin
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/26/2011 5:23:52 PM | Computer Name = Kabal-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: ntdll.dll, version: 6.1.7600.16695, time
stamp: 0x4cc7ab44 Exception code: 0xc0000005 Fault offset: 0x0006aef7 Faulting process
id: 0x4c0 Faulting application start time: 0x01cc044f5428d780 Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 7b885fe0-704b-11e0-9b60-00215a71e555

Error - 4/26/2011 6:33:29 PM | Computer Name = Kabal-PC | Source = SignInAssistant | ID = 0
Description =

Error - 4/26/2011 6:33:41 PM | Computer Name = Kabal-PC | Source = SignInAssistant | ID = 0
Description =

Error - 4/26/2011 6:38:39 PM | Computer Name = Kabal-PC | Source = SignInAssistant | ID = 0
Description =

Error - 4/26/2011 6:49:22 PM | Computer Name = Kabal-PC | Source = SignInAssistant | ID = 0
Description =

Error - 4/26/2011 6:49:55 PM | Computer Name = Kabal-PC | Source = SignInAssistant | ID = 0
Description =

Error - 4/26/2011 7:08:32 PM | Computer Name = Kabal-PC | Source = SignInAssistant | ID = 0
Description =

Error - 4/26/2011 7:10:09 PM | Computer Name = Kabal-PC | Source = SignInAssistant | ID = 0
Description =

Error - 4/27/2011 9:11:23 AM | Computer Name = Kabal-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: ntdll.dll, version: 6.1.7600.16695, time
stamp: 0x4cc7ab44 Exception code: 0xc0000005 Fault offset: 0x0006aef7 Faulting process
id: 0x4d8 Faulting application start time: 0x01cc04dacd32a620 Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: d9593c00-70cf-11e0-8c5a-00215a71e555

Error - 4/27/2011 9:23:54 PM | Computer Name = Kabal-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: ntdll.dll, version: 6.1.7600.16695, time
stamp: 0x4cc7ab44 Exception code: 0xc0000005 Fault offset: 0x0006aef7 Faulting process
id: 0x4dc Faulting application start time: 0x01cc0540f606bbc0 Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 2dc22610-7136-11e0-a69d-00215a71e555

[ System Events ]
Error - 4/28/2011 3:14:24 PM | Computer Name = Kabal-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:11:27 PM on ?4/?28/?2011 was unexpected.

Error - 4/28/2011 3:15:00 PM | Computer Name = Kabal-PC | Source = Service Control Manager | ID = 7003
Description = The SBSD Security Center Service service depends the following service:
wscsvc. This service might not be installed.

Error - 4/28/2011 3:15:31 PM | Computer Name = Kabal-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the TeamViewer
5 service to connect.

Error - 4/28/2011 3:15:31 PM | Computer Name = Kabal-PC | Source = Service Control Manager | ID = 7000
Description = The TeamViewer 5 service failed to start due to the following error:
%%1053

Error - 4/28/2011 3:16:01 PM | Computer Name = Kabal-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the VideoAcceleratorService
service to connect.

Error - 4/28/2011 3:16:01 PM | Computer Name = Kabal-PC | Source = Service Control Manager | ID = 7000
Description = The VideoAcceleratorService service failed to start due to the following
error: %%1053

Error - 4/28/2011 3:16:10 PM | Computer Name = Kabal-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Live ID Sign-in Assistant service to connect.

Error - 4/28/2011 3:16:10 PM | Computer Name = Kabal-PC | Source = Service Control Manager | ID = 7000
Description = The Windows Live ID Sign-in Assistant service failed to start due
to the following error: %%1053

Error - 4/28/2011 3:29:55 PM | Computer Name = Kabal-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%1058

Error - 4/28/2011 3:39:38 PM | Computer Name = Kabal-PC | Source = DCOM | ID = 10010
Description =


< End of report >

descriptionTrojan Horse Agent_rxj Help EmptyRe: Trojan Horse Agent_rxj Help

more_horiz
Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.

descriptionTrojan Horse Agent_rxj Help EmptyRe: Trojan Horse Agent_rxj Help

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum