TR/Crypt.ZPACK.Gen2 found in my Steam games folder

So I was playing GMOD (a third-party Counter Strike addon, you could say, for those that don't know) and suddenly my Avira Antivirus starts beeping. Click to see diagnosis and it says:
Virus or unwanted program 'TR/Crypt.ZPACK.Gen2 [trojan]'
detected in file 'D:\Steam\steamapps\tomatktchp\garrysmod\bin\AdminServer.dll.
Action performed: Allow access

My friend has been helping me a little, like making exceptions for my Avira (since he believed it to be a minor problem with Avira reporting) but it keeps on coming in different game folders. For example, this has been appearing in D:\Steam\steamapps\tomatktchp\garrysmod\bin\AdminServer.dll and in D:\Steam\steamapps\tomatktchp\cstrike\bin\AdminServer.dll and in D:\Steam\steamapps\tomatktchp\teamfortress2\bin\AdminServer.dll. Same folders, different games. I've been trying with some anti-Malware and Spybot - Search & Destroy to no avail. I tried to delete the AdminServer.dll files but spookily enough they are nowhere to be found, not even the computer search can find them. My last resort is now here. Here's the OTL log:

OTL logfile created on: 2011-03-17 21:05:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Tomatketchup\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 35,00% Memory free
7,00 Gb Paging File | 4,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 153,63 Gb Total Space | 51,45 Gb Free Space | 33,49% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 405,56 Gb Free Space | 87,08% Space Free | Partition Type: NTFS
Drive E: | 303,34 Gb Total Space | 303,24 Gb Free Space | 99,96% Space Free | Partition Type: NTFS
Drive F: | 6,28 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: WAYLON | User Name: Tomatketchup | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-03-17 21:04:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tomatketchup\Downloads\OTL.exe
PRC - [2011-03-17 20:10:35 | 004,608,506 | ---- | M] () -- C:\Users\Tomatketchup\Downloads\installer_anti_trojan_elite_5_3_1_Swedish.exe
PRC - [2011-03-17 16:20:57 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-03-15 13:06:28 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2011-03-05 10:53:59 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-01-07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011-01-07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010-12-20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010-11-30 18:13:26 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-11-30 18:13:17 | 000,435,368 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe
PRC - [2010-11-30 18:13:16 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-11-30 18:13:15 | 000,389,288 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
PRC - [2010-11-17 12:45:15 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Steam\steam.exe
PRC - [2010-01-15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-04-09 19:10:54 | 000,970,240 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe
PRC - [2009-01-26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-05-07 15:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008-02-29 13:13:12 | 000,307,200 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008-01-21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007-11-08 10:05:14 | 000,470,288 | ---- | M] (Fujitsu Siemens Computers) -- C:\ProgramData\fsc-reg\fscreg.exe
PRC - [2007-10-25 16:37:32 | 002,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2007-10-25 16:33:22 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007-10-25 16:32:58 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2007-10-19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007-10-19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

========== Modules (SafeList) ==========

MOD - [2011-03-17 21:04:28 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tomatketchup\Downloads\OTL.exe
MOD - [2010-08-31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2007-10-19 13:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll

========== Win32 Services (SafeList) ==========

SRV - [2011-03-17 16:20:57 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-03-15 13:06:28 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-01-07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-11-30 18:13:26 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-08-24 13:16:12 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008-02-29 13:13:12 | 000,307,200 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007-10-19 13:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007-10-19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007-10-19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)

========== Driver Services (SafeList) ==========

DRV - [2011-03-17 16:20:58 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-01-08 04:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010-11-30 18:13:39 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-11-15 02:24:56 | 000,009,984 | ---- | M] () [Kernel | Auto | Running] -- D:\Anti Trojan Elite\ATEPMON.sys -- (ATE_PROCMON)
DRV - [2010-06-17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-07-07 01:57:04 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009-06-11 17:56:15 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-06-30 22:16:26 | 000,018,912 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lmvac.sys -- (LTXMD_VAC) Litex Media Virtual Audio Cable (WDM)
DRV - [2008-05-02 12:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008-04-03 13:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008-01-21 03:24:12 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2007-12-19 18:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2007-10-19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007-10-11 18:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007-10-11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://forum.unseen64.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://forum.unseen64.net/"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-05 10:54:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-05 10:54:05 | 000,000,000 | ---D | M]

[2010-05-02 21:44:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomatketchup\AppData\Roaming\mozilla\Extensions
[2011-03-17 20:22:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomatketchup\AppData\Roaming\mozilla\Firefox\Profiles\2oovna70.default\extensions
[2010-05-05 17:04:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tomatketchup\AppData\Roaming\mozilla\Firefox\Profiles\2oovna70.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-03-12 16:58:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010-08-14 21:41:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-08-14 10:24:21 | 000,001,470 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2010-08-14 10:24:21 | 000,002,670 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2010-08-14 10:24:21 | 000,000,948 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2010-08-14 10:24:21 | 000,001,174 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2010-08-14 10:24:22 | 000,000,951 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-sv-SE.xml

O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Länkhjälp till Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NBKeyScan] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe (Fujitsu Siemens Computers)
O4 - HKCU..\Run: [inCode Virus Detector] File not found
O4 - HKCU..\Run: [recinfo] File not found
O4 - HKCU..\Run: [RGSC] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Steam] File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Tomatketchup\AppData\Roaming\Microsoft\Windows Photo Gallery\Skrivbordsunderlägg från Windows Fotogalleri.jpg
O24 - Desktop BackupWallPaper: C:\Users\Tomatketchup\AppData\Roaming\Microsoft\Windows Photo Gallery\Skrivbordsunderlägg från Windows Fotogalleri.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010-08-24 02:51:10 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{bf6742ad-8dc5-11dd-a754-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bf6742ad-8dc5-11dd-a754-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2010-08-24 02:51:12 | 000,345,896 | R--- | M] (Valve Corporation)
O33 - MountPoints2\{d8e0f60a-ecb3-11de-b37e-001150c58dc7}\Shell - "" = AutoRun
O33 - MountPoints2\{d8e0f60a-ecb3-11de-b37e-001150c58dc7}\Shell\AutoRun\command - "" = N:\DPFMate.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-03-17 20:38:56 | 000,000,000 | ---D | C] -- C:\Users\Tomatketchup\AppData\Roaming\TeamViewer
[2011-03-17 20:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti Trojan Elite
[2011-03-17 18:35:44 | 000,000,000 | ---D | C] -- C:\Users\Tomatketchup\AppData\Roaming\Malwarebytes
[2011-03-17 18:35:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011-03-17 18:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-03-17 18:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-03-17 18:35:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011-03-08 19:52:52 | 000,000,000 | ---D | C] -- C:\Users\Tomatketchup\Documents\4A Games
[2011-03-08 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Tomatketchup\AppData\Local\4A Games
[2011-02-24 12:18:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011-02-20 23:51:48 | 000,000,000 | ---D | C] -- C:\Users\Tomatketchup\AppData\Roaming\Media Player Classic
[2011-02-20 23:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011-02-20 23:51:04 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2011-02-20 23:51:04 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2011-02-20 23:51:04 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2011-02-20 23:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011-02-20 17:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011-02-16 13:16:02 | 000,000,000 | ---D | C] -- C:\Users\Tomatketchup\AppData\Roaming\Avira

========== Files - Modified Within 30 Days ==========

[2011-03-17 20:12:11 | 000,000,500 | ---- | M] () -- C:\Users\Tomatketchup\Desktop\Anti Trojan Elite.lnk
[2011-03-17 20:02:19 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-03-17 20:02:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-03-17 20:00:25 | 000,294,224 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-03-17 20:00:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-03-17 19:59:31 | 3488,866,304 | -HS- | M] () -- C:\hiberfil.sys
[2011-03-17 19:02:26 | 000,001,356 | ---- | M] () -- C:\Users\Tomatketchup\AppData\Local\d3d9caps.dat
[2011-03-17 18:35:28 | 000,000,576 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-03-17 16:20:58 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011-03-16 21:20:53 | 000,083,968 | ---- | M] () -- C:\Users\Tomatketchup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-03-16 19:50:10 | 000,001,448 | ---- | M] () -- C:\Users\Tomatketchup\Desktop\Team Fortress 2.lnk
[2011-03-16 18:27:28 | 000,000,572 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Tomatketchup.job
[2011-03-16 15:30:50 | 000,000,200 | ---- | M] () -- C:\Users\Tomatketchup\Desktop\Garry's Mod.url
[2011-03-16 09:20:08 | 000,175,005 | ---- | M] () -- C:\Users\Tomatketchup\Desktop\Skärmklipp2.JPG
[2011-03-16 09:15:32 | 000,048,956 | ---- | M] () -- C:\Users\Tomatketchup\Desktop\Skärmklipp.JPG
[2011-03-16 08:56:03 | 000,001,686 | ---- | M] () -- C:\Users\Tomatketchup\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2011-03-08 16:25:45 | 000,000,215 | ---- | M] () -- C:\Users\Tomatketchup\Desktop\Metro 2033.url
[2011-03-07 20:58:01 | 000,000,301 | ---- | M] () -- C:\Users\Tomatketchup\Desktop\HLSS 3.00.ini
[2011-02-22 23:06:16 | 000,000,727 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011-02-20 20:02:18 | 000,605,900 | ---- | M] () -- C:\Windows\System32\perfh01D.dat
[2011-02-20 20:02:18 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-02-20 20:02:18 | 000,120,302 | ---- | M] () -- C:\Windows\System32\perfc01D.dat
[2011-02-20 20:02:18 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-02-20 17:02:49 | 000,000,758 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011-02-16 13:39:22 | 000,386,859 | ---- | M] () -- C:\Users\Tomatketchup\Desktop\levelflow.jpg

========== Files Created - No Company Name ==========

[2011-03-17 20:12:11 | 000,000,500 | ---- | C] () -- C:\Users\Tomatketchup\Desktop\Anti Trojan Elite.lnk
[2011-03-17 19:59:31 | 3488,866,304 | -HS- | C] () -- C:\hiberfil.sys
[2011-03-17 18:35:28 | 000,000,576 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-03-16 15:14:33 | 000,000,200 | ---- | C] () -- C:\Users\Tomatketchup\Desktop\Garry's Mod.url
[2011-03-16 09:20:07 | 000,175,005 | ---- | C] () -- C:\Users\Tomatketchup\Desktop\Skärmklipp2.JPG
[2011-03-16 09:07:17 | 000,048,956 | ---- | C] () -- C:\Users\Tomatketchup\Desktop\Skärmklipp.JPG
[2011-03-16 08:56:03 | 000,001,686 | ---- | C] () -- C:\Users\Tomatketchup\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2011-03-08 16:25:45 | 000,000,215 | ---- | C] () -- C:\Users\Tomatketchup\Desktop\Metro 2033.url
[2011-02-24 12:15:09 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011-02-24 12:15:09 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011-02-24 12:15:09 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011-02-20 23:51:06 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-02-20 23:51:05 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-02-20 23:51:04 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2011-02-20 23:51:03 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-02-20 23:51:03 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011-02-20 23:51:03 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011-02-20 17:02:49 | 000,000,758 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011-02-16 13:38:22 | 000,386,859 | ---- | C] () -- C:\Users\Tomatketchup\Desktop\levelflow.jpg
[2010-10-14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010-08-14 00:44:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-06-01 10:03:53 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2010-04-17 20:17:08 | 000,002,194 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010-01-20 18:32:16 | 000,023,552 | ---- | C] () -- C:\Windows\System32\DirectCOM.dll
[2010-01-20 18:32:12 | 000,309,248 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2009-09-22 15:29:53 | 000,000,760 | ---- | C] () -- C:\Users\Tomatketchup\AppData\Roaming\setup_ldm.iss
[2009-05-12 17:34:53 | 000,003,184 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2009-04-30 10:01:18 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2009-04-29 21:03:19 | 000,404,656 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2009-04-29 20:09:23 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll
[2009-02-11 14:57:33 | 000,000,043 | ---- | C] () -- C:\Windows\mp3recorder.INI
[2008-12-13 21:12:20 | 000,025,612 | ---- | C] () -- C:\Users\Tomatketchup\AppData\Roaming\UserTile.png
[2008-12-12 22:50:49 | 000,001,356 | ---- | C] () -- C:\Users\Tomatketchup\AppData\Local\d3d9caps.dat
[2008-12-07 20:25:34 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008-11-04 06:10:45 | 000,141,904 | ---- | C] () -- C:\Windows\hppins20.dat
[2008-11-04 06:10:26 | 000,016,655 | ---- | C] () -- C:\Windows\hppmdl20.dat
[2008-10-08 21:56:18 | 000,134,726 | ---- | C] () -- C:\Windows\hpgins30.dat
[2008-10-08 21:56:18 | 000,000,149 | ---- | C] () -- C:\Windows\hpgmdl30.dat
[2008-09-29 18:47:58 | 000,000,374 | ---- | C] () -- C:\Windows\ODBC.INI
[2008-09-28 19:00:46 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008-09-28 18:59:15 | 000,083,968 | ---- | C] () -- C:\Users\Tomatketchup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-09-28 18:18:02 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008-09-28 18:18:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008-04-10 08:24:38 | 000,290,490 | ---- | C] () -- C:\Windows\System32\perfi01D.dat
[2008-04-10 08:24:37 | 000,605,900 | ---- | C] () -- C:\Windows\System32\perfh01D.dat
[2008-04-10 08:24:37 | 000,120,302 | ---- | C] () -- C:\Windows\System32\perfc01D.dat
[2008-04-10 08:24:37 | 000,035,978 | ---- | C] () -- C:\Windows\System32\perfd01D.dat
[2008-02-29 13:13:14 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2007-10-11 18:59:24 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006-11-02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 13:47:37 | 000,294,224 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 11:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 11:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2008-11-15 14:30:11 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\avidemux
[2010-04-26 23:48:26 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\Azureus
[2009-04-29 19:54:05 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\Bump Technologies, Inc
[2009-06-12 10:58:13 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\DAEMON Tools Pro
[2010-09-01 14:22:02 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\gtk-2.0
[2010-06-11 20:42:06 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\Image Zone Express
[2009-01-04 11:33:23 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\Printer Info Cache
[2011-01-09 18:00:50 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\SoftGrid Client
[2009-08-24 20:16:17 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\Sony
[2010-10-30 02:19:38 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\Spotify
[2011-03-17 20:51:57 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\TeamViewer
[2010-11-18 16:43:12 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\TP
[2011-01-27 20:34:00 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\TS3Client
[2011-02-21 02:05:57 | 000,000,000 | ---D | M] -- C:\Users\Tomatketchup\AppData\Roaming\uTorrent
[2011-03-16 23:20:52 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Also, a minor question:
Where did you guys learn this from? Any kind of school lines or self-taught?

Edited by Pythonsnack, 17 March 2011 - 02:13 PM.

#1
Pythonsnack

Posted 17 March 2011 - 02:11 PM

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us