Space-eating virus on C drive

A week or so ago, I received a pop-up alert stating that I had little space left on C drive. As I had at least 2 GB space, I was quite confused. C drive showed that there was only 200ish MB left. This space kept on fluctuating from 500 MB to 70 MB and so on. As of right now, I currently have 0 bytes of space in C drive. It occasionally jumps to 3 MB or so and goes back to zero.

I've no idea how this problem came to be. MS Security Essentials did not indicate any virus alerts recently. Speaking of which, I am not able to even update Security Essentials to the latest virus definitions as there is no space for it to download updates. This has to a virus's doing but unfortunately, I'm at a loss on how to fix this issue.

So I really someone will be able to help me here

OTL.txt log:
OTL logfile created on: 10/22/2011 8:14:08 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Yasser\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.42 Mb Total Physical Memory | 113.95 Mb Available Physical Memory | 22.68% Memory free
1.20 Gb Paging File | 0.67 Gb Available in Paging File | 55.98% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: FAT32
Drive D: | 39.06 Gb Total Space | 0.34 Gb Free Space | 0.87% Space Free | Partition Type: NTFS
Drive E: | 39.06 Gb Total Space | 0.11 Gb Free Space | 0.28% Space Free | Partition Type: NTFS
Drive F: | 36.69 Gb Total Space | 1.86 Gb Free Space | 5.08% Space Free | Partition Type: NTFS
Drive G: | 777.89 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ARIF | User Name: Yasser | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/22 20:12:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yasser\Desktop\OTL.exe
PRC - [2011/10/09 21:43:24 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/09 15:51:40 | 000,050,176 | ---- | M] (Roozz.com) -- C:\Program Files\Roozz\RoozzHelper.exe
PRC - [2011/02/04 19:10:10 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/11/09 00:18:02 | 000,065,216 | ---- | M] (WordWeb Software) -- C:\Program Files\WordWeb\wweb32.exe
PRC - [2006/02/28 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/11/04 17:29:04 | 000,285,696 | ---- | M] (CHICONY) -- C:\Program Files\Lenovo\Lenovo Keyboard Driver\ctl_center.exe
PRC - [2005/11/01 19:23:48 | 000,040,960 | ---- | M] (Chicony) -- C:\WINDOWS\LHOTKEY.exe
PRC - [2005/11/01 18:51:32 | 001,146,880 | ---- | M] (Chicony) -- C:\Program Files\Lenovo\Lenovo Keyboard Driver\SessionChk.exe

========== Modules (No Company Name) ==========

MOD - [2011/10/09 21:43:24 | 001,015,256 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/03/13 13:54:34 | 000,997,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\894d87c08a9a5b5923e7104055a616d2\System.Management.ni.dll
MOD - [2011/03/13 13:54:28 | 000,140,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\22a1629a4dcdd493bbd8be40cc122e94\System.Configuration.Install.ni.dll
MOD - [2011/01/14 13:43:48 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll
MOD - [2011/01/14 13:17:16 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
MOD - [2011/01/14 13:17:04 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
MOD - [2011/01/06 16:51:18 | 005,971,408 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010/12/19 19:59:42 | 000,139,264 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/11/17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/10/23 10:06:40 | 000,022,792 | ---- | M] () -- C:\Program Files\WordWeb\WUCNT.dll
MOD - [2005/04/15 11:41:18 | 000,024,576 | ---- | M] () -- C:\WINDOWS\HKNTDLL.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/09 15:51:40 | 000,050,176 | ---- | M] (Roozz.com) [Auto | Running] -- C:\Program Files\Roozz\RoozzHelper.exe -- (Roozz Helper)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

========== Driver Services (SafeList) ==========

DRV - [2008/07/24 12:02:36 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2004/09/24 13:37:28 | 000,801,280 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmuda3.sys -- (cmuda3)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:4.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: F:\itunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2163: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1212: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@Roozz.com/RoozzPlugin: C:\Program Files\Roozz\nproozz.dll (Roozz.com)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Yasser\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Yasser\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Yasser\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/22 21:31:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/06 16:27:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/06 16:27:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/22 21:31:36 | 000,000,000 | ---D | M]

[2011/01/06 16:27:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yasser\Application Data\Mozilla\Extensions
[2011/01/06 16:27:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Yasser\Application Data\Mozilla\Firefox\Profiles\tb31hwl8.default\extensions
[2011/04/05 16:02:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Yasser\Application Data\Mozilla\Firefox\Profiles\tb31hwl8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/06 16:27:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/16 21:55:46 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/03/10 21:31:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/09 22:31:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/13 23:31:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/12/22 21:31:36 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2011/01/09 22:31:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Yasser\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Yasser\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Yasser\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Roozz plugin (Enabled) = C:\Program Files\Roozz\nproozz.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: iTunes Application Detector (Enabled) = F:\itunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.4.6_0\
CHR - Extension: Word Search Puzzle = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\alcobafdkcddhiabfgnongafffchimnl\1.2_0\
CHR - Extension: 3DTin = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\algoakekcdmbbikdjgjdahbfihboglmi\0.97_0\
CHR - Extension: Private Joe = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bddhcbcefccaggaloclldffhobmecjfj\1.3_0\
CHR - Extension: 3D Space Hawk = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bljfpkdnlijidcpfdjdkdigeococngec\1.0_0\
CHR - Extension: Isle of Tune = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bljldflafhmbedhjnlncilbhfcnfabgb\1_0\
CHR - Extension: Striker Manager = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\chmachfiimeggafocgeldapnchdnoiib\3_0\
CHR - Extension: FARMERAMA = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\clkfdgnfefjmciocbhnffnbpkjpdleca\1.0.1_0\
CHR - Extension: WGT Golf Challenge = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\29.1.0_0\
CHR - Extension: Voyage Theme = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ddgmdidminnkiajaonminefjlllglgap\1.0_0\
CHR - Extension: Super Mario = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dnkjbdmdgifgkcenpllpepgcgllapgpm\1_0\
CHR - Extension: Millionaire City = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\epbjglgofchklemffipkdnjbailmbbhh\0.9_0\
CHR - Extension: International Basketball Manager = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghacinoaobbolmfheplaagkkjkpnedpo\2_0\
CHR - Extension: OrangeFPS on Roozz = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ifnckhopllcmleegegheacblhehfifei\0.1.0.3_0\
CHR - Extension: Cycling the Alps = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihklobncbkangkiiamccfgnlihbmjhlh\4.6.0.0_0\
CHR - Extension: Cargo Bridge = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.6_0\
CHR - Extension: Alchemy = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.10_0\
CHR - Extension: Steambirds: Survival = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn\1.0_0\
CHR - Extension: Ping-Pong 3D = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ldlffaeabegjbenmhfjonhlgaldogmeh\1.0_0\
CHR - Extension: Click to call with Skype = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\
CHR - Extension: We Are Tennis = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkmdeepeooimedpakfaiahicgilkifef\0.0.0.2_0\
CHR - Extension: Berzerk Ball = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mlhdccfnfabmabdlpmlgmnegfekcpgpb\0.0.0.3_0\
CHR - Extension: Curling = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.1_0\
CHR - Extension: Bowman 2 = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocafgnfjehoenphpclkakndfnjnmnejj\3_0\
CHR - Extension: Burger Shop 2 = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oiahdjilmlekhacfggeipddaklcbiljf\1.1_0\
CHR - Extension: Canvas Rider = C:\Documents and Settings\Yasser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.7_0\

O1 HOSTS File: ([2006/02/28 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd File not found
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [Lcc1] C:\Program Files\Lenovo\Lenovo Keyboard Driver\ctl_center.exe (CHICONY)
O4 - HKLM..\Run: [LHotkey] C:\WINDOWS\LHOTKEY.exe (Chicony)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [WordWeb] C:\Program Files\WordWeb\wweb32.exe (WordWeb Software)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download with Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3344F546-3684-4F53-B7DC-F313CDBAD6B1}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/19 16:45:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2010/09/15 16:39:18 | 000,000,051 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{296a35a5-1ce4-11e0-9017-00016c9016fe}\Shell\AutoRun\command - "" = marijin/ljubavnik.exe
O33 - MountPoints2\{296a35a5-1ce4-11e0-9017-00016c9016fe}\Shell\Explore\command - "" = marijin/ljubavnik.exe
O33 - MountPoints2\{296a35a5-1ce4-11e0-9017-00016c9016fe}\Shell\Open\command - "" = marijin/ljubavnik.exe
O33 - MountPoints2\{5ef4e366-1a34-11e0-900a-00016c9016fe}\Shell - "" = AutoRun
O33 - MountPoints2\{5ef4e366-1a34-11e0-900a-00016c9016fe}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ef4e366-1a34-11e0-900a-00016c9016fe}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{5ef4e367-1a34-11e0-900a-00016c9016fe}\Shell - "" = AutoRun
O33 - MountPoints2\{5ef4e367-1a34-11e0-900a-00016c9016fe}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ef4e367-1a34-11e0-900a-00016c9016fe}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{a656ec1a-0b8c-11e0-a000-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{a656ec1a-0b8c-11e0-a000-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a656ec1a-0b8c-11e0-a000-806d6172696f}\Shell\AutoRun\command - "" = G:\Launch-Engineering-Drawing-CD.exe -- [2010/09/21 12:31:09 | 000,036,864 | R--- | M] ()
O33 - MountPoints2\{bae730d0-57dc-11e0-90a4-00016c9016fe}\Shell\AutoRun\command - "" = rundll32.exe dx.dll,XxKOo
O33 - MountPoints2\{bae730d0-57dc-11e0-90a4-00016c9016fe}\Shell\open\Command - "" = rundll32.exe .\dx.dll,XxKOo
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/22 20:12:36 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Yasser\Desktop\OTL.exe
[2011/10/21 15:38:56 | 000,000,000 | -HSD | C] -- C:\FOUND.027
[2011/10/09 21:18:42 | 000,000,000 | -HSD | C] -- C:\FOUND.026
[2011/09/25 19:25:52 | 000,000,000 | ---D | C] -- C:\TC
[2011/09/25 13:54:54 | 000,000,000 | -HSD | C] -- C:\FOUND.025

========== Files - Modified Within 30 Days ==========

[2011/10/22 20:16:02 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/10/22 20:12:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Yasser\Desktop\OTL.exe
[2011/10/22 20:01:02 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/10/22 19:49:16 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/22 18:49:02 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/22 14:26:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/21 23:20:18 | 000,056,386 | ---- | M] () -- C:\Documents and Settings\Yasser\Desktop\x2qp08.jpg
[2011/10/18 19:18:36 | 000,089,661 | ---- | M] () -- C:\Documents and Settings\Yasser\Desktop\z1.jpg
[2011/10/18 18:39:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/17 19:48:18 | 000,118,272 | ---- | M] () -- C:\Documents and Settings\Yasser\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/16 20:53:56 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/10/10 18:53:42 | 000,002,197 | ---- | M] () -- C:\Documents and Settings\Yasser\Desktop\Google Chrome.lnk
[2011/10/10 18:53:42 | 000,002,175 | ---- | M] () -- C:\Documents and Settings\Yasser\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/27 00:33:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-920026266-725345543-1004Core1cc7c7e38200d90.job
[2011/09/23 21:57:34 | 217,519,901 | ---- | M] () -- C:\Documents and Settings\Yasser\Desktop\Snake-Charmers-Scene-4-HI.mp4.part
[2011/09/22 20:41:32 | 210,763,776 | ---- | M] () -- C:\Documents and Settings\Yasser\Desktop\[email protected]

========== Files Created - No Company Name ==========

[2011/10/21 23:20:12 | 000,056,386 | ---- | C] () -- C:\Documents and Settings\Yasser\Desktop\x2qp08.jpg
[2011/10/18 19:18:32 | 000,089,661 | ---- | C] () -- C:\Documents and Settings\Yasser\Desktop\z1.jpg
[2011/09/27 00:28:03 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-920026266-725345543-1004Core1cc7c7e38200d90.job
[2011/09/23 21:33:39 | 217,519,901 | ---- | C] () -- C:\Documents and Settings\Yasser\Desktop\Snake-Charmers-Scene-4-HI.mp4.part
[2011/09/22 20:18:45 | 210,763,776 | ---- | C] () -- C:\Documents and Settings\Yasser\Desktop\[email protected]
[2011/06/07 11:21:28 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011/03/25 20:54:44 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011/03/13 13:23:45 | 000,070,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/04 19:11:50 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/01/22 11:10:23 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/16 09:40:15 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2011/01/15 00:34:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\imblacklist.dat
[2011/01/14 21:56:05 | 000,856,005 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011/01/13 20:06:57 | 000,018,952 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/01/06 16:27:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/06 06:50:53 | 000,000,632 | ---- | C] () -- C:\WINDOWS\hpomdl37.dat.temp
[2010/12/22 21:24:20 | 000,167,835 | ---- | C] () -- C:\WINDOWS\hpoins37.dat
[2010/12/22 21:24:20 | 000,000,632 | ---- | C] () -- C:\WINDOWS\hpomdl37.dat
[2010/12/19 23:47:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/19 18:19:57 | 000,233,472 | R--- | C] () -- C:\WINDOWS\System32\CMRMDRV3.exe
[2010/12/19 18:19:57 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\CMRMDRV3.DLL
[2010/12/19 18:19:50 | 000,028,672 | R--- | C] () -- C:\WINDOWS\CmiPCIUninstall.exe
[2010/12/19 18:07:55 | 000,118,272 | ---- | C] () -- C:\Documents and Settings\Yasser\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/19 16:57:19 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2010/12/19 16:48:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/19 16:42:39 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/19 16:35:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/19 16:34:09 | 000,121,336 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2006/02/28 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 12:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 12:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006/02/28 12:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 12:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006/02/28 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 12:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 12:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/02/28 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011/01/13 19:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/01/14 22:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\21540000-9b73-4902-b0-edfc223cbeac
[2011/01/14 22:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\d4dd0000-b732-45f6-ee1d-badbd71636b3
[2011/03/25 21:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian
[2010/12/19 22:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\Foxit Software
[2011/01/03 22:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\GetRightToGo
[2011/01/03 23:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\Dev-Cpp
[2011/01/14 20:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\uTorrent
[2011/01/14 21:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\QuickScan
[2011/02/20 23:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\Mipony
[2011/03/07 21:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\WordWeb
[2011/03/10 21:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\OpenOffice.org
[2011/03/25 20:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\FlashGetBHO
[2011/03/25 20:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\FlashGet
[2011/03/25 20:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\BITS
[2011/04/18 01:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\LyX16
[2011/08/02 21:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Yasser\Application Data\Atari
[2011/10/22 20:01:02 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2011/01/14 22:42:04 | 000,000,000 | ---- | M] ()(C:\Documents and Settings\Yasser\?????) -- C:\Documents and Settings\Yasser\獷楬汢捯污

< End of report >

Edited by GalaxyTurbo, 25 October 2011 - 02:47 AM.

#1
GalaxyTurbo

Posted 22 October 2011 - 09:04 AM

Advertisements

#2
Jintan

Posted 04 November 2011 - 04:23 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us