OTL logfile created on: 2009-11-07 14:55:25 - Run 1OTL by OldTimer - Version 3.1.4.0 Folder = C![:\](http://www.pchemma.se/core/gfx/smileys/smiley014.gif ":\")
Documents and Settings\Administrator\My Documents\Downloads64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 0000041D | Country: Sweden | Language: SVE | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,11 Gb Available Physical Memory | 77,81% Memory free4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File freePaging file location(s): Cpagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = CWINDOWS | %ProgramFiles% = CProgram Files (x86)Drive C: | 465,75 Gb Total Space | 409,49 Gb Free Space | 87,92% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: JOCKECurrent User Name: AdministratorLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userInclude 64bit ScansCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 14 DaysOutput = Standard ========== Files/Folders - Created Within 14 Days ========== [2009-11-07 07:07:25 | 00,000,000 | ---D | C] -- CDocuments and Settings\Administrator\Application Data\Octoshape[2009-11-07 05:27:12 | 00,157,712 | ---- | C] (Trend Micro Inc.) -- CWINDOWS\SysWow64\drivers\tmcomm.sys[2009-11-07 02:57:25 | 00,000,000 | ---D | C] -- CDocuments and Settings\Administrator\Application Data\Malwarebytes[2009-11-07 02:57:22 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- CWINDOWS\SysWow64\drivers\mbamswissarmy.sys[2009-
11-07 02:57:21 | 00,000,000 | ---D | C] -- CDocuments and Settings\All Users\Application Data\Malwarebytes[2009-11-07 02:57:20 | 00,000,000 | ---D | C] -- CProgram Files (x86)\Malwarebytes' Anti-Malware[2009-11-07 02:09:28 | 00,000,000 | ---D | C] -- CProgram Files (x86)\Trend Micro[2009-11-07 00:48:27 | 00,000,000 | -H-D | C] -- CDocuments and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}[2009-
11-04 22:06:16 | 00,000,000 | ---D | C] -- CDocuments and Settings\Administrator\Application Data\mIRC[2009-11-04 22:06:15 | 00,000,000 | ---D | C] -- CProgram Files (x86)\mIRC[2009-11-03 05:01:51 | 00,000,000 | -HSD | C] -- CConfig.Msi[2009-10-31 20:37:43 | 00,000,000 | ---D | C] -- CProgram Files (x86)\Steam[2009-09-12 00:07:42 | 00,065,536 | ---- | C] ( ) -- CWINDOWS\SysWow64\A3d.dll[3 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ][3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 14 Days ========== [2009-11-07 14:49:01 | 00,000,496 | ---- | M] () -- CWINDOWS\tasks\Ad-Aware Update (Weekly).job[2009-11-07 14:48:19 | 00,000,006 | -H-- | M] () -- CWINDOWS\tasks\SA.DAT[2009-11-07 14:48:17 | 00,002,048 | --S- | M] () -- CWINDOWS\bootstat.dat[2009-11-07 07:26:16 | 03,407,872 | -H-- | M] () -- CDocuments and Settings\Administrator\NTUSER.DAT[2009-11-07 07:26:16 | 00,000,178 | -HS- | M] () -- CDocuments and Settings\Administrator
tuser.ini[2009-11-07 07:00:47 | 00,002,243 | ---- | M] () -- CDocuments and Settings\All Users\Desktop\Steam.lnk[2009-11-07 06:27:32 | 04,810,398 | -H-- | M] () -- CDocuments and Settings\Administrator\Local Settings\Application Data\IconCache.db[2009-11-07 05:26:34 | 00,000,036 | ---- | M] () -- CDocuments and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache[2009-11-07 02:57:24 | 00,000,726 | ---- | M] () -- CDocuments and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk[2009-11-07 02:09:28 | 00,001,788 | ---- | M] () -- CDocuments and Settings\Administrator\Desktop\HijackThis.lnk[200
9-11-07 01:58:26 | 00,000,000 | ---- | M] () -- CWINDOWS\SysWow64\pguard.dat[2009-11-07 01:08:23 | 00,000,002 | ---- | M] () -- CWINDOWS\SysWow64\config.nt[2009-11-07 00:53:59 | 00,136,408 | ---- | M] () -- CDocuments and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT[2009-11-07 00:48:25 | 00,000,909 | ---- | M] () -- CDocuments and Settings\All Users\Desktop\Ad-Aware.lnk[2009-11-04 22:06:16 | 00,000,668 | ---- | M] () -- CDocuments and Settings\All Users\Desktop\mIRC.lnk[2009-11-03 05:00:59 | 00,000,476 | ---- | M] () -- CWINDOWS\win.ini[2009-10-31 20:59:10 | 00,001,668 | ---- | M] () -- CDocuments and Settings\Administrator\Desktop\Counter-Strike.lnk
[3 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ][3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2009-11-07 05:26:34 | 00,000,036 | ---- | C] () -- CDocuments and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache[2009-11-07 02:57:24 | 00,000,726 | ---- | C] () -- CDocuments and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk[2009-11-07 02:09:28 | 00,001,788 | ---- | C] () -- CDocuments and Settings\Administrator\Desktop\HijackThis.lnk[200
9-11-07 01:58:26 | 00,000,000 | ---- | C] () -- CWINDOWS\SysWow64\pguard.dat[2009-11-04 22:06:16 | 00,000,668 | ---- | C] () -- CDocuments and Settings\All Users\Desktop\mIRC.lnk[2009-10-31 20:59:10 | 00,001,668 | ---- | C] () -- CDocuments and Settings\Administrator\Desktop\Counter-Strike.lnk
[2009-10-31 20:37:43 | 00,002,243 | ---- | C] () -- CDocuments and Settings\All Users\Desktop\Steam.lnk[2009-10-07 13:59:09 | 00,366,976 | ---- | C] () -- CWINDOWS\SysWow64\PerfStringBackup.INI[2009-09-12 00:08:27 | 00,003,118 | ---- | C] () -- CWINDOWS\SysWow64\AudioDrv.ini[2009-09-12 00:07:44 | 00,008,275 | R--- | C] () -- CWINDOWS\sfsyx.ini[2009-09-12 00:07:43 | 00,137,216 | ---- | C] () -- CWINDOWS\SysWow64\OemSpi.dll[2009-09-12 00:07:43 | 00,053,248 | ---- | C] () -- CWINDOWS\SysWow64\P17CPI.dll[2009-09-12 00:00:29 | 00,000,262 | ---- | C] () -- CWINDOWS\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_W
iseFW.ini[2009-09-11 23:43:55 | 00,024,576 | R--- | C] () -- CWINDOWS\SysWow64\AsIO.dll[2009-09-11 23:43:55 | 00,014,392 | R--- | C] () -- CWINDOWS\SysWow64\drivers\AsIO.sys[2009-09-11 23:43:53 | 00,011,832 | ---- | C] () -- CWINDOWS\SysWow64\drivers\AsInsHelp64.sys[2009-09
-11 23:43:53 | 00,010,216 | ---- | C] () -- CWINDOWS\SysWow64\drivers\AsInsHelp32.sys[2009-09
-11 23:42:27 | 00,136,408 | ---- | C] () -- CDocuments and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT[2009-09-11 23:42:18 | 00,026,465 | ---- | C] () -- CWINDOWS\Ascd_tmp.ini[2009-09-11 23:42:18 | 00,010,296 | ---- | C] () -- CWINDOWS\SysWow64\drivers\ASUSHWIO.SYS[2009-09-11 23:30:11 | 04,810,398 | -H-- | C] () -- CDocuments and Settings\Administrator\Local Settings\Application Data\IconCache.db[2009-09-11 23:28:28 | 00,163,840 | ---- | C] () -- CWINDOWS\SysWow64\unrar.dll[2009-09-11 23:28:27 | 00,007,680 | ---- | C] () -- CWINDOWS\SysWow64\ff_vfw.dll[2009-09-11 23:28:27 | 00,000,547 | ---- | C] () -- CWINDOWS\SysWow64\ff_vfw.dll.manifest[2009-09-11 23:13:05 | 00,000,062 | -HS- | C] () -- CDocuments and Settings\Administrator\Application Data\desktop.ini[2009-09-11 23:07:56 | 00,000,476 | ---- | C] () -- CWINDOWS\win.ini[2009-09-11 23:07:41 | 00,000,002 | -HS- | C] () -- CProgram Files (x86)\desktop.ini[2009-09-11 17:01:46 | 00,000,150 | ---- | C] () -- CWINDOWS\system.ini[2009-09-11 17:01:41 | 00,000,062 | -HS- | C] () -- CDocuments and Settings\All Users\Application Data\desktop.ini[2009-08-03 07:21:54 | 00,197,912 | ---- | C] () -- CWINDOWS\SysWow64\physxcudart_20.dll[2009-08-03 07:21:54 | 00,058,648 | ---- | C] () -- CWINDOWS\SysWow64\AgCPanelTraditionalChinese.dll[
2009-08-03 07:21:54 | 00,058,648 | ---- | C] () -- CWINDOWS\SysWow64\AgCPanelSwedish.dll[2009-08-03 07:21:54 | 00,058,648 | ---- | C] () -- CWINDOWS\SysWow64\AgCPanelSpanish.dll[2009-08-03 07:21:54 | 00,058,648 | ---- | C] () -- CWINDOWS\SysWow64\AgCPanelSimplifiedChinese.dll[2
009-08-03 07:21:54 | 00,058,648 | ---- | C] () -- CWINDOWS\SysWow64\AgCPanelPortugese.dll[2009-08-03 07:21:54 | 00,058,648 | ---- | C] () -- CWINDOWS\SysWow64\AgCPanelKorean.dll[2009-08-03 07:21:54 | 00,058,648 | ---- | C] () -- CWINDOWS\SysWow64\AgCPanelJapanese.dll[2009-08-03 07:21:52 | 00,058,648 | ---- | C] () -- CWINDOWS\SysWow64\AgCPanelGerman.dll[2009-08-03 07:21:52 | 00,058,648 | ---- | C] () -- CWINDOWS\SysWow64\AgCPanelFrench.dll[2009-06-04 09:11:00 | 01,278,464 | ---- | C] () -- CWINDOWS\SysWow64\quartz.dll[2008-08-01 21:48:00 | 01,486,848 | ---- | C] () -- CWINDOWS\SysWow64
view.dll[2008-08-01 21:48:00 | 01,019,904 | ---- | C] () -- CWINDOWS\SysWow64
vwimg.dll[2007-02-18 18:05:48 | 00,276,992 | ---- | C] () -- CWINDOWS\SysWow64\sbe.dll[2007-02-18 18:05:46 | 00,512,512 | ---- | C] () -- CWINDOWS\SysWow64\qedit.dll[2007-02-18 18:05:46 | 00,385,536 | ---- | C] () -- CWINDOWS\SysWow64\qdvd.dll[2007-02-18 18:05:46 | 00,279,040 | ---- | C] () -- CWINDOWS\SysWow64\qdv.dll[2007-02-18 18:05:46 | 00,192,512 | ---- | C] () -- CWINDOWS\SysWow64\qcap.dll[2007-02-18 18:05:34 | 00,062,464 | ---- | C] () -- CWINDOWS\SysWow64\mciqtz32.dll[2007-02-18 18:05:28 | 00,396,288 | ---- | C] () -- CWINDOWS\SysWow64\encdec.dll[2007-02-18 18:05:24 | 00,061,440 | ---- | C] () -- CWINDOWS\SysWow64\devenum.dll[2007-02-18 18:05:20 | 00,072,704 | ---- | C] () -- CWINDOWS\SysWow64\amstream.dll[2006-05-29 18:18:00 | 00,733,696 | ---- | C] () -- CWINDOWS\SysWow64\qedwipes.dll[2006-05-29 18:18:00 | 00,498,742 | ---- | C] () -- CWINDOWS\SysWow64\dxmasf.dll[2006-05-29 18:18:00 | 00,355,112 | ---- | C] () -- CWINDOWS\SysWow64\msjetoledb40.dll[2006-05-29 18:18:00 | 00,199,168 | ---- | C] () -- CWINDOWS\SysWow64\ir32_32.dll[2006-05-29 18:18:00 | 00,114,688 | ---- | C] () -- CWINDOWS\SysWow64\msencode.dll[2006-05-29 18:18:00 | 00,016,896 | ---- | C] () -- CWINDOWS\SysWow64\tsd32.dll[2006-05-29 18:18:00 | 00,014,336 | ---- | C] () -- CWINDOWS\SysWow64\msdmo.dll[2006-05-29 18:18:00 | 00,004,126 | ---- | C] () -- CWINDOWS\SysWow64\msdxmlc.dll ========== LOP Check ========== [2009-11-07 07:07:25 | 00,000,000 | ---D | M] -- CDocuments and Settings\Administrator\Application Data\Octoshape[2009-11-03 15:48:36 | 00,000,000 | ---D | M] -- CDocuments and Settings\Administrator\Application Data\Spotify[2009-09-12 02:19:22 | 00,000,000 | ---D | M] -- CDocuments and Settings\All Users\Application Data\Blizzard[2009-09-12 03:17:03 | 00,000,000 | ---D | M] -- CDocuments and Settings\All Users\Application Data\Blizzard Entertainment[2009-11-07 00:48:27 | 00,000,000 | -H-D | M] -- CDocuments and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}[2009-
11-07 14:49:01 | 00,000,496 | ---- | M] () -- CWINDOWS\Tasks\Ad-Aware Update (Weekly).job[2006-05-29 18:18:00 | 00,000,065 | RH-- | M] () -- CWINDOWS\Tasks\desktop.ini[2009-11-07 14:48:19 | 00,000,006 | -H-- | M] () -- CWINDOWS\Tasks\SA.DAT[2009-11-07 07:26:18 | 00,032,522 | ---- | M] () -- CWINDOWS\Tasks\SchedLgU.Txt ========== Purity Check ========== < End of report >
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE'
