Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

hahuhize.dll


  • Please log in to reply

#1
virus?

virus?

    New Member

  • Member
  • Pip
  • 5 posts
I'm having trouble with hahuhize.dll opening IE sites randomly. I have Antivir, Ad-Aware and Combofix installed but they haven't been able to help. Below is my Hijack this log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:16:34 PM, on 4/22/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mshearts.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fark.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [6cf2e81c] rundll32.exe "C:\WINDOWS\system32\wosozile.dll",b
O4 - HKLM\..\Run: [CPM6fc1db80] Rundll32.exe "c:\windows\system32\hahuhize.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Power2GoExpress] NA (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: vzTCPConfig - http://www2.verizon....vzTCPConfig.CAB
O20 - AppInit_DLLs: c:\windows\system32\hahuhize.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hahuhize.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hahuhize.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 6127 bytes
  • 0

Advertisements


#2
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Please Click here!, and follow the recommendations in the guide.

Someone will be along to tell you what steps to take after you post the contents of the scan results.
  • 0

#3
virus?

virus?

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Here's the OTList2 "OTListit.txt"

OTListIt logfile created on: 4/22/2009 8:54:35 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Temporary Internet Files\Content.IE5\GKOGJFVI
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.44 Gb Available Physical Memory | 72.10% Memory free
3.85 Gb Paging File | 3.33 Gb Available in Paging File | 86.70% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.72 Gb Total Space | 164.20 Gb Free Space | 71.79% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 4.14 Gb Total Space | 1.20 Gb Free Space | 28.95% Space Free | Partition Type: FAT32
Drive I: | 625.47 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.47 Gb Total Space | 7.43 Gb Free Space | 99.40% Space Free | Partition Type: FAT32

Computer Name: YOUR-C980545849
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2007/11/01 23:59:20 | 00,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2007/11/01 23:59:20 | 00,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2009/03/09 15:06:55 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/03/05 16:17:24 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:10:30 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2005/12/15 16:14:40 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/06 00:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2009/03/24 21:30:25 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/08/06 00:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2005/08/06 00:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2005/12/09 22:44:40 | 00,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\readericon45G.exe
PRC - [2006/01/11 15:23:34 | 15,961,088 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2004/12/08 21:57:36 | 00,550,912 | ---- | M] () -- C:\WINDOWS\zHotkey.exe
PRC - [2004/02/12 14:38:56 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2004/05/12 16:18:56 | 00,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2009/03/24 21:30:25 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/03/09 15:06:55 | 00,515,416 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/03/02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2007/07/17 11:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
PRC - [2004/08/10 15:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2004/05/28 23:31:38 | 00,241,664 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2005/08/06 00:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehmsas.exe
PRC - [2009/02/06 06:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004/05/29 00:08:52 | 00,520,192 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2007/07/17 11:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2009/02/28 00:54:41 | 00,636,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/04/22 20:54:25 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Temporary Internet Files\Content.IE5\GKOGJFVI\OTListIt2[1].exe

========== Win32 Services (SafeList) ==========

SRV - [2009/03/05 16:17:24 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/03/02 12:10:30 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2005/09/23 11:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2007/11/01 23:59:20 | 00,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2007/11/01 22:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2005/09/23 11:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2005/12/15 16:14:40 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/06 00:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/03/24 21:30:25 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/03/09 15:06:55 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2005/08/06 00:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2004/08/10 15:11:50 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll -- (MHN [On_Demand | Stopped])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2004/03/18 17:55:48 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2009/03/24 22:26:46 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL [Disabled | Stopped])
SRV - [2004/08/11 05:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2005/09/23 10:26:40 | 01,094,751 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2001/08/18 00:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/13 14:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2001/08/18 00:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2001/08/18 00:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2009/03/24 22:24:57 | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
DRV - [2007/11/02 01:52:04 | 02,644,480 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2007/07/20 19:40:10 | 00,084,992 | ---- | M] (ATI Research Inc.) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Stopped])
DRV - [2009/02/13 11:35:05 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/02/13 11:31:26 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/02/13 14:22:54 | 00,095,576 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2004/11/10 21:27:34 | 00,044,288 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp [System | Running])
DRV - [2004/11/10 21:30:18 | 00,024,832 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k [System | Running])
DRV - [2001/08/18 00:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2001/08/18 00:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2006/12/28 12:44:44 | 00,084,992 | R--- | M] (ATI Research Inc.) -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService [On_Demand | Running])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2004/06/21 13:40:48 | 00,051,088 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2004/06/21 13:40:48 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2004/06/21 13:40:48 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2006/01/13 15:13:18 | 04,137,984 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009/03/09 15:06:56 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2001/08/18 00:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2001/08/17 16:49:32 | 00,019,968 | ---- | M] (Macronix International Co., Ltd. ) -- C:\WINDOWS\system32\DRIVERS\mxnic.sys -- (mxnic [On_Demand | Stopped])
DRV - [2004/08/04 01:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2004/08/10 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2005/05/13 05:54:10 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/18 00:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2001/08/18 00:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2001/08/18 00:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2004/04/13 17:14:12 | 00,070,144 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2008/04/13 12:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 14:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2001/08/18 01:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2009/02/13 11:50:02 | 00,028,376 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2001/08/18 01:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2001/08/18 01:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2001/08/18 01:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2001/08/18 01:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2001/08/18 00:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2003/01/10 17:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.fark.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/24 21:30:25 | 00,000,000 | ---D | M]


O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [6cf2e81c] rundll32.exe "C:\WINDOWS\system32\wosozile.dll",b ()
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min (Avira GmbH)
O4 - HKLM..\Run: [CHotkey] zHotkey.exe ()
O4 - HKLM..\Run: [CPM6fc1db80] Rundll32.exe "c:\windows\system32\hahuhize.dll",a ()
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" (Hewlett-Packard Company)
O4 - HKLM..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" (Hewlett-Packard Company)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)
O4 - HKLM..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: vzTCPConfig http://www2.verizon....vzTCPConfig.CAB (Reg Error: Key error.)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\system32\hahuhize.dll) - c:\windows\system32\hahuhize.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hahuhize.dll ()
O22 - SharedTaskScheduler: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - STS - c:\windows\system32\hahuhize.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/09 21:13:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/02/12 20:04:06 | 00,000,046 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2001/04/30 12:57:48 | 00,001,452 | R--- | M] () - I:\Autorun.ini -- [ CDFS ]
O33 - MountPoints2\{dc89d535-196d-11de-a578-00161777b408}\Shell - "" = AutoRun
O33 - MountPoints2\{dc89d535-196d-11de-a578-00161777b408}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dc89d535-196d-11de-a578-00161777b408}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/04/22 19:15:50 | 00,001,524 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Astral Tournament.lnk
[2009/04/22 19:15:46 | 00,000,000 | ---D | C] -- C:\Program Files\Astral
[2009/04/22 16:59:12 | 00,000,070 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/04/22 16:59:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2009/04/18 20:03:36 | 24,921,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/18 03:34:06 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/17 06:29:29 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/04/16 19:40:20 | 01,419,322 | -HS- | C] () -- C:\WINDOWS\System32\elizosow.ini
[2009/04/16 19:40:14 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 19:40:14 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/16 19:40:13 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 19:40:13 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 19:40:13 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 19:40:12 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 19:40:12 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 19:40:11 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 19:40:10 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 19:40:10 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 19:39:25 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 19:39:24 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 19:39:23 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/16 19:32:38 | 00,000,209 | ---- | C] () -- C:\Boot.bak
[2009/04/16 19:32:33 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/04/16 19:32:30 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/04/16 19:31:23 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/04/16 19:31:23 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/04/16 19:31:23 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/04/16 19:31:23 | 00,108,032 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/04/16 19:31:23 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/04/16 19:31:23 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/04/16 19:31:23 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/04/16 19:31:23 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/04/16 19:31:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/16 19:31:17 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/04/16 19:31:14 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/04/16 19:30:27 | 03,015,190 | R--- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\ComboFix.exe
[2009/04/15 16:05:49 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\HijackThis.lnk
[2009/04/15 16:05:48 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/14 23:49:17 | 00,022,487 | ---- | C] () -- C:\WINDOWS\System32\AAWService_2009_04_14_23_49_17.dmp
[2009/04/14 22:26:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\Electronic Arts
[2009/04/14 22:11:23 | 00,000,840 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Dark Age of Camelot - Labyrinth of the Minotaur.lnk
[2009/04/14 21:51:49 | 00,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2009/04/14 21:30:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Electronic Arts
[2009/04/14 20:29:28 | 00,000,000 | ---D | C] -- C:\Mythic
[2009/04/12 23:56:31 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009/04/12 23:56:19 | 00,095,576 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/04/12 23:56:19 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/04/12 23:56:19 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/04/12 23:56:19 | 00,028,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/04/12 23:56:19 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/04/12 23:56:17 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/04/12 23:56:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/04/11 15:32:32 | 21,459,64032 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/10 22:30:54 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/04/10 22:30:54 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/04/10 00:20:58 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009/04/03 23:51:54 | 00,070,204 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\heart_of_winter.zip
[2009/04/02 14:41:42 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/04/02 08:24:07 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2009/04/02 08:21:10 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2009/04/02 08:21:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009/04/02 08:19:07 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009/04/02 08:15:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2009/04/02 08:15:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Microsoft Help
[2009/04/02 08:14:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/04/02 08:14:15 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009/04/02 08:05:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\GetRightToGo
[2009/04/02 07:47:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\ICAClient
[2009/04/02 07:19:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\ShadowKeeper
[2009/04/02 07:16:25 | 00,305,881 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\ShadowKeeper.zip
[2009/03/29 17:39:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/03/28 19:13:06 | 00,001,695 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\The Darkest Day.lnk
[2009/03/28 17:05:21 | 00,000,827 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Baldur's Gate II - Throne of Bhaal.lnk
[2009/03/27 11:03:17 | 00,000,000 | ---D | C] -- C:\NW
[2009/03/26 06:36:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/03/26 06:36:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/03/26 06:35:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/03/26 06:35:19 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/03/26 06:34:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/03/26 06:31:43 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/26 06:31:42 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/26 06:31:42 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/26 06:31:42 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/26 06:31:42 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/26 06:31:42 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/03/26 06:31:41 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/03/26 06:31:41 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/26 06:31:40 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/03/26 01:21:25 | 00,000,839 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Icewind Dale.lnk
[2009/03/25 19:28:31 | 00,000,000 | ---D | C] -- C:\Program Files\Heroes3
[2009/03/25 19:20:56 | 00,001,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Icewind Dale II.lnk
[2009/03/25 18:57:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\acccore
[2009/03/25 18:57:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\AOL OCP
[2009/03/25 18:57:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\AOL
[2009/03/25 17:37:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\U3
[2009/03/25 17:33:14 | 00,000,000 | ---D | C] -- C:\Program Files\Black Isle
[2009/03/25 15:56:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/03/25 15:56:47 | 00,001,674 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AIM 6.lnk
[2009/03/25 15:56:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2009/03/25 15:55:43 | 00,000,000 | ---D | C] -- C:\Program Files\AIM6
[2009/03/25 15:25:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2009/03/25 14:50:52 | 00,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2009/03/25 14:03:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2009/03/25 14:03:32 | 00,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2009/03/25 05:29:16 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2009/03/25 05:29:16 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/03/25 05:29:16 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/03/25 05:29:16 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2009/03/25 05:29:16 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2009/03/25 05:29:16 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/03/25 05:29:16 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/03/25 05:29:16 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2009/03/25 05:29:16 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2009/03/25 05:29:16 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/03/25 05:29:16 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2009/03/25 05:29:16 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/03/25 05:29:16 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2009/03/25 05:29:16 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2009/03/25 05:29:14 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/03/25 05:29:13 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2009/03/25 05:29:13 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2009/03/25 05:29:13 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2009/03/25 05:29:13 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2009/03/25 05:29:12 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2009/03/25 05:29:12 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/03/25 05:29:12 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls
[2009/03/25 05:29:12 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2009/03/25 05:29:12 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/03/25 05:29:12 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls
[2009/03/25 05:29:12 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/03/25 05:29:12 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls
[2009/03/25 05:29:12 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2009/03/25 05:29:12 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2009/03/25 05:29:12 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2009/03/25 05:29:12 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2009/03/25 05:29:12 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP
[2009/03/25 05:29:12 | 00,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP
[2009/03/25 05:29:12 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2009/03/25 05:29:12 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2009/03/25 05:29:12 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2009/03/25 05:29:12 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2009/03/25 05:29:12 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2009/03/25 05:29:11 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2009/03/25 05:29:11 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2009/03/25 05:29:11 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2009/03/25 05:29:11 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/03/25 05:29:11 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls
[2009/03/25 05:29:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls
[2009/03/25 05:29:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls
[2009/03/25 05:29:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/03/25 05:29:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/03/25 05:29:11 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/03/25 05:29:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2009/03/25 05:29:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/03/25 05:29:10 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/03/25 05:29:10 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/03/25 05:29:10 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/03/25 05:29:10 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/03/25 05:29:10 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/03/25 05:29:09 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/03/25 05:29:08 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/03/25 05:29:08 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls
[2009/03/25 05:29:08 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/03/25 05:29:08 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls
[2009/03/25 05:29:08 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls
[2009/03/25 05:29:08 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/03/25 05:29:08 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/03/25 05:29:07 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/03/25 05:29:07 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/03/25 05:29:07 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/03/25 05:29:07 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/03/25 05:29:07 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/03/25 05:29:07 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2009/03/25 05:29:07 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/03/25 05:29:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2009/03/25 05:29:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/03/25 05:29:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2009/03/25 05:29:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/03/25 05:29:03 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/03/25 05:29:03 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/03/25 05:28:58 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/03/25 05:28:58 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls
[2009/03/25 05:28:58 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/03/25 05:28:58 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls
[2009/03/25 05:28:58 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/03/25 05:28:58 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls
[2009/03/25 05:28:58 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/03/25 05:28:58 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls
[2009/03/25 05:28:58 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/03/25 05:28:58 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls
[2009/03/25 05:28:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/03/25 05:28:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/03/25 05:28:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls
[2009/03/25 05:28:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls
[2009/03/25 05:28:58 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls
[2009/03/25 05:28:58 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/03/25 05:28:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/03/25 05:28:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2009/03/25 05:28:52 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2009/03/25 05:28:52 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2009/03/25 05:28:52 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2009/03/25 05:28:52 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2009/03/25 05:28:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2009/03/25 05:28:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2009/03/25 05:28:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2009/03/25 05:28:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2009/03/25 05:28:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2009/03/25 05:28:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2009/03/25 05:28:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2009/03/25 05:28:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2009/03/25 04:46:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Identities
[2009/03/25 04:00:42 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009/03/25 01:09:45 | 00,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/03/25 00:57:21 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CCleaner.lnk
[2009/03/25 00:57:20 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/03/25 00:50:10 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/25 00:50:01 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/25 00:50:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/03/25 00:48:15 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/03/25 00:48:14 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/25 00:48:11 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/03/25 00:48:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/03/25 00:23:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\NCSoft
[2009/03/24 23:58:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\WinRAR
[2009/03/24 23:57:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2009/03/24 23:57:22 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/03/24 23:57:08 | 00,084,992 | R--- | C] (ATI Research Inc.) -- C:\WINDOWS\System32\drivers\AtiHdAud.sys
[2009/03/24 23:56:07 | 00,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/03/24 23:56:04 | 00,011,283 | R--- | C] () -- C:\WINDOWS\atiogl.xml
[2009/03/24 23:56:03 | 00,007,167 | R--- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2009/03/24 23:56:02 | 00,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/03/24 23:56:01 | 03,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/03/24 23:56:01 | 03,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/03/24 23:56:01 | 00,157,034 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/03/24 23:56:00 | 01,311,202 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2009/03/24 23:56:00 | 00,002,096 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativdkxx.vp
[2009/03/24 23:55:59 | 00,047,360 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2009/03/24 23:55:59 | 00,002,096 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2009/03/24 23:55:59 | 00,000,929 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2009/03/24 23:48:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Macromedia
[2009/03/24 23:42:28 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009/03/24 23:35:13 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/03/24 23:35:13 | 00,001,620 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\City of Heroes.lnk
[2009/03/24 23:35:11 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/03/24 23:35:11 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/03/24 23:35:09 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/03/24 23:35:09 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/03/24 23:35:09 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009/03/24 23:35:08 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009/03/24 23:35:08 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/03/24 23:35:06 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009/03/24 23:35:06 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/03/24 23:35:05 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/03/24 23:35:05 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/03/24 23:35:05 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/03/24 23:35:05 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/03/24 23:35:01 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2009/03/24 23:35:01 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2009/03/24 23:34:59 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/03/24 23:34:57 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/03/24 23:34:57 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/03/24 23:34:56 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/03/24 23:34:56 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/03/24 23:34:56 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/03/24 23:34:56 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009/03/24 23:34:56 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/03/24 23:34:55 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/03/24 23:34:55 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/03/24 23:34:55 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/03/24 23:34:54 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/03/24 23:34:54 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/03/24 23:34:50 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2009/03/24 23:34:50 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/03/24 23:34:50 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/03/24 23:34:50 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/03/24 23:34:50 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/03/24 23:34:50 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/03/24 23:34:50 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/03/24 23:34:50 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/03/24 23:34:50 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/03/24 23:34:49 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/03/24 23:34:49 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/03/24 23:34:41 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/03/24 23:34:41 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/03/24 23:34:41 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/03/24 23:34:41 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/03/24 23:34:40 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINZM.IME
[2009/03/24 23:34:40 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/03/24 23:34:39 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TINTLGNT.IME
[2009/03/24 23:34:39 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/03/24 23:34:39 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/03/24 23:34:39 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/03/24 23:34:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINSP.IME
[2009/03/24 23:34:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINPY.IME
[2009/03/24 23:34:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/03/24 23:34:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/03/24 23:34:39 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/03/24 23:34:39 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime
[2009/03/24 23:34:39 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/03/24 23:34:39 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime
[2009/03/24 23:34:39 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/03/24 23:34:39 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll
[2009/03/24 23:34:39 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/03/24 23:34:39 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGB.IME
[2009/03/24 23:34:39 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/03/24 23:34:39 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/03/24 23:34:39 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/03/24 23:34:39 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime
[2009/03/24 23:34:39 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/03/24 23:34:39 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime
[2009/03/24 23:34:39 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/03/24 23:34:39 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/03/24 23:34:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime
[2009/03/24 23:34:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/03/24 23:34:39 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/03/24 23:34:37 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PINTLGNT.IME
[2009/03/24 23:34:37 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/03/24 23:34:36 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll
[2009/03/24 23:34:36 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/03/24 23:34:36 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/03/24 23:34:36 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/03/24 23:34:36 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime
[2009/03/24 23:34:36 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/03/24 23:34:36 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/03/24 23:34:36 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/03/24 23:34:36 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/03/24 23:34:36 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/03/24 23:34:36 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/03/24 23:34:36 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/03/24 23:34:36 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/03/24 23:34:36 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/03/24 23:34:36 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/03/24 23:34:36 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/03/24 23:34:36 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/03/24 23:34:36 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imekr61.ime
[2009/03/24 23:34:36 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/03/24 23:34:36 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/03/24 23:34:36 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/03/24 23:34:36 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime
[2009/03/24 23:34:36 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/03/24 23:34:36 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/03/24 23:34:36 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/03/24 23:34:36 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/03/24 23:34:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/03/24 23:34:36 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl
[2009/03/24 23:34:33 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/03/24 23:34:33 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/03/24 23:34:33 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/03/24 23:34:33 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/03/24 23:34:33 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/03/24 23:34:33 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/03/24 23:34:33 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime
[2009/03/24 23:34:33 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/03/24 23:34:33 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime
[2009/03/24 23:34:33 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/03/24 23:34:33 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/03/24 23:34:33 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/03/24 23:34:33 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/03/24 23:34:33 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/03/24 23:34:33 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CINTLGNT.IME
[2009/03/24 23:34:33 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll
[2009/03/24 23:34:33 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2009/03/24 23:34:33 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll
[2009/03/24 23:34:33 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2009/03/24 23:34:28 | 00,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/03/24 23:34:26 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/03/24 23:34:24 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009/03/24 23:34:24 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009/03/24 23:34:23 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2009/03/24 23:34:23 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll
[2009/03/24 23:34:23 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2009/03/24 23:34:22 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/03/24 23:34:22 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/03/24 23:34:22 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/03/24 23:34:22 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/03/24 23:34:22 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/03/24 23:34:22 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/03/24 23:34:22 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/03/24 23:34:22 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/03/24 23:34:20 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/03/24 23:34:20 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/03/24 23:34:20 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/03/24 23:34:20 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/03/24 23:34:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/03/24 23:34:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/03/24 23:34:20 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/03/24 23:34:20 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/03/24 23:34:20 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/03/24 23:34:19 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/03/24 23:34:18 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2009/03/24 23:34:18 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll
[2009/03/24 23:34:18 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/03/24 23:34:17 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/03/24 23:34:14 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/03/24 23:34:14 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/03/24 23:34:14 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009/03/24 23:34:14 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/03/24 23:34:14 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009/03/24 23:34:14 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/03/24 23:34:14 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009/03/24 23:34:14 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009/03/24 23:34:14 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/03/24 23:34:12 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/03/24 23:34:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2009/03/24 23:34:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2009/03/24 23:34:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2009/03/24 23:34:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2009/03/24 23:31:43 | 00,000,000 | ---D | C] -- C:\Program Files\City of Heroes
[2009/03/24 23:28:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\McAfee.com Personal Firewall
[2009/03/24 23:27:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Leadertech
[2009/03/24 23:27:42 | 00,001,478 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Neverwinter Nights Diamond Edition.lnk
[2009/03/24 23:26:32 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/03/24 23:26:24 | 01,160,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2009/03/24 23:26:24 | 00,826,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009/03/24 23:26:23 | 01,499,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2009/03/24 23:26:13 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/03/24 23:26:12 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/03/24 23:26:12 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/03/24 23:26:11 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/03/24 23:26:09 | 03,595,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/03/24 23:25:48 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/03/24 23:25:47 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/03/24 23:25:32 | 02,330,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2009/03/24 23:25:31 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/03/24 23:25:30 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/03/24 23:25:23 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/03/24 23:25:14 | 00,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/03/24 23:25:12 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/03/24 23:25:11 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/03/24 23:24:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/03/24 23:20:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\AdobeUM
[2009/03/24 23:19:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Adobe
[2009/03/24 23:19:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Adobe
[2009/03/24 23:18:29 | 00,000,271 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CD Drive.lnk
[2009/03/24 23:18:16 | 00,000,293 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Local Disk ©.lnk
[2009/03/24 23:14:31 | 00,000,000 | ---D | C] -- C:\NeverwinterNights
[2009/03/24 23:00:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/03/24 22:51:53 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/03/24 22:48:56 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\desktop.ini
[2009/03/24 22:48:55 | 01,577,454 | -H-- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\IconCache.db
[2009/03/24 22:48:55 | 00,013,104 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/24 22:48:55 | 00,000,786 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Windows Media Player.lnk
[2009/03/24 22:48:55 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Start Menu\Programs\Startup\desktop.ini
[2009/03/24 22:48:55 | 00,000,076 | -HS- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\desktop.ini
[2009/03/24 22:48:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Identities
[2009/03/24 22:48:54 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Microsoft
[2009/03/24 22:48:54 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Pictures
[2009/03/24 22:48:54 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Music
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Microsoft
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Google
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\ApplicationHistory
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150020}
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\You've Got Pictures Screensaver
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\SampleView
[2009/03/24 22:46:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/03/24 22:44:48 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/03/24 22:43:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\Gateway_GT4024__.MRK
[2009/03/24 22:42:59 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/03/24 22:42:55 | 00,000,333 | ---- | C] () -- C:\WINDOWS\System32\$ncsp$.inf
[2009/03/24 22:42:44 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/03/24 22:42:44 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/03/24 22:42:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2009/03/24 22:41:48 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/03/24 22:41:46 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2009/03/24 22:41:39 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/03/24 22:41:00 | 00,002,752 | ---- | C] () -- C:\WINDOWS\System32\Status.MPF
[2009/03/24 22:40:19 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/03/24 22:40:17 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/03/24 22:40:15 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/03/24 22:29:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/03/24 22:28:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee.com
[2009/03/24 22:28:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee.com Personal Firewall
[2009/03/24 22:28:04 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/03/24 22:27:05 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009/03/24 22:27:03 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009/03/24 22:26:57 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2009/03/24 22:26:57 | 00,001,150 | ---- | C] () -- C:\WINDOWS\System32\gtw.ico
[2009/03/24 22:26:46 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\POWERCFG.EXE
[2009/03/24 22:25:55 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/03/24 22:25:39 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2009/03/24 22:25:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nullsoft
[2009/03/24 22:25:05 | 00,086,016 | ---- | C] (MindVision) -- C:\WINDOWS\unvise32qt.exe
[2009/03/24 22:25:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2009/03/24 22:25:01 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/03/24 22:25:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/03/24 22:24:58 | 00,000,000 | ---D | C] -- C:\My Music
[2009/03/24 22:24:54 | 00,157,696 | ---- | C] (RealNetworks) -- C:\WINDOWS\System32\rmoc3260.dll
[2009/03/24 22:24:53 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/03/24 22:24:53 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2009/03/24 22:24:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009/03/24 22:24:46 | 00,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSComCt2.ocx
[2009/03/24 22:24:46 | 00,203,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RichTx32.ocx
[2009/03/24 22:24:46 | 00,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSInet.ocx
[2009/03/24 22:24:46 | 00,010,752 | ---- | C] (Almeida & Andrade Ltda) -- C:\WINDOWS\System32\aamd532.dll
[2009/03/24 22:24:45 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2009/03/24 22:24:45 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msstdfmt.dll
[2009/03/24 22:24:45 | 00,102,400 | ---- | C] (4Developers LLC) -- C:\WINDOWS\System32\SimpleRegistry.dll
[2009/03/24 22:24:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/24 22:24:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2009/03/24 22:24:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009/03/24 22:24:09 | 00,001,570 | -H-- | C] () -- C:\IPH.PH
[2009/03/24 22:24:09 | 00,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/24 22:24:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2009/03/24 22:24:01 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2009/03/24 22:23:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/03/24 22:23:32 | 00,550,912 | ---- | C] () -- C:\WINDOWS\zHotkey.exe
[2009/03/24 22:23:32 | 00,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2009/03/24 22:23:32 | 00,042,040 | ---- | C] () -- C:\WINDOWS\PatchWnd.exe
[2009/03/24 22:23:32 | 00,036,864 | ---- | C] () -- C:\WINDOWS\ShowWnd.exe
[2009/03/24 22:23:32 | 00,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2009/03/24 22:23:32 | 00,011,776 | ---- | C] () -- C:\WINDOWS\HIDMNT.dll
[2009/03/24 22:23:32 | 00,005,280 | ---- | C] () -- C:\WINDOWS\hotbtnv.vxd
[2009/03/24 22:23:32 | 00,004,223 | ---- | C] () -- C:\WINDOWS\mHotkey.reg
[2009/03/24 22:23:14 | 00,000,004 | ---- | C] () -- C:\WINDOWS\Pix11.dat
[2009/03/24 22:22:55 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Digital Image 2006
[2009/03/24 22:22:40 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll
[2009/03/24 22:22:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/03/24 22:22:35 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/03/24 22:22:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/03/24 22:22:24 | 00,020,480 | ---- | C] (Gateway) -- C:\WINDOWS\System32\Marker32.exe
[2009/03/24 22:21:54 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/03/24 22:21:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2009/03/24 22:21:49 | 00,002,238 | ---- | C] () -- C:\WINDOWS\System32\32-aol.ico
[2009/03/24 22:21:49 | 00,001,406 | ---- | C] () -- C:\WINDOWS\System32\16-aol.ico
[2009/03/24 22:20:47 | 00,094,208 | ---- | C] (Gateway Inc.) -- C:\WINDOWS\System32\bae.dll
[2009/03/24 22:20:43 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/03/24 22:20:43 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/03/24 22:20:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2009/03/24 22:20:21 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/03/24 22:20:21 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/03/24 22:20:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/03/24 22:19:49 | 02,809,856 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2009/03/24 22:19:49 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/03/24 22:19:38 | 00,013,352 | ---- | C] (BigFix, Inc.) -- C:\WINDOWS\BigFixClientOverride.dll
[2009/03/24 22:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\Digital Media Reader
[2009/03/24 22:19:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/03/24 22:15:52 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2009/03/24 22:15:28 | 00,051,656 | ---- | C] () -- C:\WINDOWS\System32\OEMLOGO.bmp
[2009/03/24 22:15:13 | 00,000,002 | ---- | C] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2009/03/24 22:14:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/03/24 22:09:33 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/03/24 22:09:33 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2009/03/24 22:09:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/03/24 22:09:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\New Boundary
[2009/03/24 22:09:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Prism Deploy
[2009/03/24 22:07:21 | 00,000,002 | RHS- | C] () -- C:\USER
[2009/03/24 22:07:21 | 00,000,000 | ---- | C] () -- C:\REQUEST_OEMRESET_ENDUSER
[2009/03/24 22:06:40 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2009/03/24 22:06:26 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009/03/24 22:05:25 | 00,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ohci1394.sys
[2009/03/24 22:05:25 | 00,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys
[2009/03/24 22:05:25 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2009/03/24 22:05:10 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbehci.sys
[2009/03/24 22:05:10 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2009/03/24 22:05:08 | 00,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbohci.sys
[2009/03/24 22:02:49 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/03/24 21:29:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Sun
[2009/03/24 21:23:50 | 00,000,000 | ---D | C] -- C:\Swsetup
[2009/03/24 21:18:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/03/24 21:01:37 | 00,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2009/03/24 21:01:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\creator
[2009/03/24 21:01:31 | 01,094,751 | ---- | C] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys
[2009/03/24 21:01:31 | 00,070,144 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtlnicxp.sys
[2009/03/24 21:01:31 | 00,068,096 | ---- | C] (Agere Systems) -- C:\WINDOWS\agrsmdel.exe
[2009/03/24 21:01:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\SMINST
[2009/03/24 21:01:12 | 00,000,000 | R--D | C] -- C:\Program Files
[2009/03/24 21:01:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/03/24 21:01:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/03/24 21:01:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/03/24 21:00:11 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/03/24 21:00:06 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/03/24 20:59:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/03/24 20:59:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/03/24 20:59:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/03/24 20:59:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/03/24 20:59:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/03/24 20:58:36 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/03/24 20:57:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/03/24 20:56:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/03/24 20:54:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/03/24 20:53:09 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/03/24 20:50:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/03/24 20:37:28 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Videos
[2009/03/24 20:35:50 | 00,018,944 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/24 20:35:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\Sounds
[2009/03/24 20:33:50 | 00,001,496 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CDisplay.lnk
[2009/03/24 20:33:50 | 00,000,000 | ---D | C] -- C:\Program Files\CDisplay
[2009/03/24 20:33:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\CDisplay
[2009/03/24 20:33:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Katie's Stuff
[2009/03/24 20:33:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\John's Stuff
[2009/03/24 20:30:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Albums
[2009/03/24 20:30:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\IsolatedStorage
[2009/03/24 20:30:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\HP
[2009/03/24 20:28:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\MSNInstaller
[2009/03/24 20:28:35 | 00,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
[2009/03/24 20:27:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2009/03/24 20:26:24 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/03/24 20:26:16 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2009/03/24 20:26:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2009/03/24 20:26:07 | 00,626,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvaut32.dll
[2009/03/24 20:26:07 | 00,487,424 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcp70.dll
[2009/03/24 20:26:07 | 00,344,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcr70.dll
[2009/03/24 20:26:07 | 00,044,544 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSXML4a.dll
[2009/03/24 20:25:23 | 00,000,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Director.lnk
[2009/03/24 20:25:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\Comics
[2009/03/24 20:24:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2009/03/24 20:23:02 | 00,000,000 | ---D | C] -- C:\Program Files\HP
[2009/03/24 20:22:30 | 00,000,000 | -H-D | C] -- C:\Config.Msi
[2009/03/24 20:22:21 | 00,104,253 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2009/03/24 20:22:21 | 00,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2009/03/24 20:21:50 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/03/24 20:21:39 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/03/24 20:20:51 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2009/03/24 20:20:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Received Files
[2009/03/24 20:14:19 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Documents\MCE Logs
[2009/03/24 20:14:18 | 00,000,144 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\fusioncache.dat
[2009/03/24 20:07:26 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/03/24 20:03:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\ATI
[2009/03/24 20:03:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\ATI
[2009/03/24 20:03:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2009/01/11 04:31:15 | 00,100,864 | -HS- | C] () -- C:\WINDOWS\System32\wosozile.dll
[2009/01/11 04:31:14 | 00,109,568 | -HS- | C] () -- C:\WINDOWS\System32\hahuhize.dll
[2005/08/06 01:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/01/12 13:38:00 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/09 19:49:16 | 00,001,220 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/01/09 19:49:16 | 00,000,491 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2005/01/09 19:48:33 | 00,000,657 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/01/09 19:48:30 | 00,000,282 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/04/22 20:44:42 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/22 20:44:37 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/22 20:44:33 | 21,459,64032 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/22 20:41:34 | 01,577,454 | -H-- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\IconCache.db
[2009/04/22 19:15:50 | 00,001,524 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Astral Tournament.lnk
[2009/04/22 16:59:12 | 00,000,070 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/04/22 08:49:33 | 01,419,322 | -HS- | M] () -- C:\WINDOWS\System32\elizosow.ini
[2009/04/22 07:35:09 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/21 09:17:26 | 00,018,944 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/17 06:31:34 | 00,471,150 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/17 06:31:34 | 00,401,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 06:31:34 | 00,062,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/17 06:31:03 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/16 19:37:34 | 00,000,282 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/16 19:36:39 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/04/16 19:32:38 | 00,000,279 | RHS- | M] () -- C:\boot.ini
[2009/04/16 19:30:28 | 03,015,190 | R--- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\ComboFix.exe
[2009/04/15 16:05:49 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\HijackThis.lnk
[2009/04/15 07:28:25 | 00,000,657 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/14 23:49:18 | 00,022,487 | ---- | M] () -- C:\WINDOWS\System32\AAWService_2009_04_14_23_49_17.dmp
[2009/04/14 23:49:15 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/04/14 22:11:23 | 00,000,840 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Dark Age of Camelot - Labyrinth of the Minotaur.lnk
[2009/04/14 00:26:42 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/04/12 23:56:31 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009/04/12 22:23:38 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/11 15:53:08 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\notunelu
[2009/04/11 04:31:15 | 00,109,568 | -HS- | M] () -- C:\WINDOWS\System32\hahuhize.dll
[2009/04/11 04:31:15 | 00,100,864 | -HS- | M] () -- C:\WINDOWS\System32\wosozile.dll
[2009/04/11 04:31:14 | 00,064,512 | -HS- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\norugite.exe
[2009/04/10 22:30:54 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/04/06 07:57:26 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/03 23:51:55 | 00,070,204 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\heart_of_winter.zip
[2009/04/02 19:58:48 | 00,281,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/02 07:16:25 | 00,305,881 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\ShadowKeeper.zip
[2009/03/28 19:13:06 | 00,001,695 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\The Darkest Day.lnk
[2009/03/28 17:07:00 | 00,000,827 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Baldur's Gate II - Throne of Bhaal.lnk
[2009/03/27 02:58:38 | 01,203,922 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/03/26 06:41:38 | 00,001,496 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CDisplay.lnk
[2009/03/26 06:40:26 | 00,000,076 | -HS- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\desktop.ini
[2009/03/26 01:17:06 | 00,000,839 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Icewind Dale.lnk
[2009/03/25 19:20:56 | 00,001,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Icewind Dale II.lnk
[2009/03/25 16:47:03 | 00,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2009/03/25 15:58:39 | 00,001,570 | -H-- | M] () -- C:\IPH.PH
[2009/03/25 15:56:47 | 00,001,674 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AIM 6.lnk
[2009/03/25 14:13:16 | 00,000,271 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CD Drive.lnk
[2009/03/25 13:20:02 | 00,001,620 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\City of Heroes.lnk
[2009/03/25 01:09:45 | 00,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/03/25 00:57:21 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CCleaner.lnk
[2009/03/25 00:48:14 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/24 23:28:06 | 00,002,752 | ---- | M] () -- C:\WINDOWS\System32\Status.MPF
[2009/03/24 23:27:42 | 00,001,478 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Neverwinter Nights Diamond Edition.lnk
[2009/03/24 23:18:16 | 00,000,293 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Local Disk ©.lnk
[2009/03/24 22:51:53 | 00,000,002 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2009/03/24 22:48:39 | 00,000,097 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/03/24 22:48:36 | 00,000,209 | ---- | M] () -- C:\Boot.bak
[2009/03/24 22:44:48 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/03/24 22:43:03 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\Gateway_GT4024__.MRK
[2009/03/24 22:42:55 | 00,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf
[2009/03/24 22:42:44 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/03/24 22:42:44 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/03/24 22:42:09 | 00,000,000 | ---- | M] () -- C:\REQUEST_OEMRESET_ENDUSER
[2009/03/24 22:29:54 | 00,000,491 | ---- | M] () -- C:\WINDOWS\System32\emver.ini
[2009/03/24 22:29:46 | 00,001,220 | ---- | M] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/03/24 22:24:58 | 00,157,696 | ---- | M] (RealNetworks) -- C:\WINDOWS\System32\rmoc3260.dll
[2009/03/24 22:24:53 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/03/24 22:24:09 | 00,000,335 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/03/24 22:23:14 | 00,000,004 | ---- | M] () -- C:\WINDOWS\Pix11.dat
[2009/03/24 22:15:13 | 00,000,002 | ---- | M] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2009/03/24 22:07:28 | 00,000,867 | ---- | M] () -- C:\WINDOWS\System32\VGASwitcher.lnk
[2009/03/24 22:07:21 | 00,000,002 | RHS- | M] () -- C:\USER
[2009/03/24 21:20:21 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/03/24 21:01:37 | 00,000,060 | ---- | M] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2009/03/24 20:55:51 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/03/24 20:37:23 | 00,000,786 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Windows Media Player.lnk
[2009/03/24 20:29:50 | 00,104,253 | ---- | M] () -- C:\WINDOWS\hpoins04.dat
[2009/03/24 20:28:35 | 00,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
[2009/03/24 20:26:24 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/03/24 20:25:23 | 00,000,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Director.lnk
[2009/03/24 20:14:18 | 00,000,144 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\fusioncache.dat
< End of report >

Here is the OTList "Extras.Txt"

OTListIt Extras logfile created on: 4/22/2009 8:54:35 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Temporary Internet Files\Content.IE5\GKOGJFVI
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.44 Gb Available Physical Memory | 72.10% Memory free
3.85 Gb Paging File | 3.33 Gb Available in Paging File | 86.70% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.72 Gb Total Space | 164.20 Gb Free Space | 71.79% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 4.14 Gb Total Space | 1.20 Gb Free Space | 28.95% Space Free | Partition Type: FAT32
Drive I: | 625.47 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.47 Gb Total Space | 7.43 Gb Free Space | 99.40% Space Free | Partition Type: FAT32

Computer Name: YOUR-C980545849
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2005/05/28 21:52:02 | 00,605,184 | ---- | M] () -- C:\Program Files\Astral\astral.exe:*:Disabled:astral
[2005/10/10 11:43:44 | 09,437,184 | ---- | M] (Bioware Corp.) -- C:\NeverwinterNights\NWN\nwmain.exe:*:Enabled:Neverwinter Nights
[2006/11/03 03:17:27 | 00,010,800 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
[2008/10/21 13:09:59 | 00,050,472 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
[2009/03/25 17:08:13 | 03,794,528 | ---- | M] (Blizzard Entertainment) -- C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher
[2009/03/25 17:08:13 | 02,172,400 | ---- | M] (Blizzard Entertainment) -- C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
[2005/05/10 15:55:30 | 02,473,984 | ---- | M] (Bioware Corp.) -- C:\NeverwinterNights\NWN\nwserver.exe:*:Enabled:Neverwinter Nights Server
[2001/06/08 17:52:22 | 07,831,598 | ---- | M] (BioWare Corp.) -- C:\Program Files\Black Isle\BGII - SoA\BGMain.exe:*:Enabled:Baldur's Gate II - Shadows of Amn - Throne of Bhaal
[2008/04/13 20:12:17 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper
[2006/10/27 15:16:48 | 12,813,096 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014585C8-7557-11D4-9ABA-006067325E47}" = Baldur's Gate™ II - Shadows of Amn™ Bonus CD
"{02408B4B-35AB-6F27-F09F-AB755604F18A}" = CCC Help Norwegian
"{03303AE9-B8E3-8736-6760-7AC5E5F28411}" = Catalyst Control Center Graphics Full Existing
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0816BEDF-7156-86ED-73A7-51E3A6F9618C}" = Catalyst Control Center Localization Portuguese
"{14088A3C-96E9-0326-1E31-40B599739D5D}" = Catalyst Control Center Localization Danish
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{18AEAA52-353E-1FBA-49A7-8A7846B756FC}" = CCC Help Portuguese
"{18E63856-66DB-ABD3-4537-F02A93DDDAF2}" = CCC Help French
"{1C496937-CF1D-250E-4982-8ECFA1AF040E}" = Catalyst Control Center Localization Dutch
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{204A052D-43C1-64BD-888D-17BD668AD6F3}" = Catalyst Control Center Graphics Light
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2F71F2BA-B513-4113-969C-18A84D238E27}" = 1310
"{3083F455-68C6-8830-4207-16CDB73D704D}" = CCC Help Polish
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3C273231-7C97-FF28-1FD0-126CAE0F60C1}" = Catalyst Control Center Localization Turkish
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4228D0C1-068F-09AA-CF06-F3D41C086E60}" = CCC Help Russian
"{433BF933-81D6-4646-A318-3DE5DB6108F2}" = Icewind Dale - Heart of Winter
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{46272908-CB74-55D6-015C-56FC9E696943}" = Catalyst Control Center Localization Thai
"{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader
"{4CA5A832-3CE1-E0F4-09CB-74B8D78AACAB}" = CCC Help Thai
"{4FBAE95B-8FAA-7A43-1D4B-7FA1140F04A4}" = CCC Help Spanish
"{532972DC-7450-C767-0CAB-DEEADC042C97}" = CCC Help Korean
"{588C135F-0B15-4A02-8F2D-04697BE2904E}" = Icewind Dale II
"{595D0DE8-C38A-4432-B851-47DECC1A99BD}" = HP Unload DLL Patch
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{5CBE8BF9-E386-144E-2275-A0571CD4AB3E}" = CCC Help Chinese Standard
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D6609E8-5A6C-58C9-B99D-99019F42D4FF}" = CCC Help Czech
"{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}" = Multimedia Keyboard Driver
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{77604F22-C6C4-6FCD-9C0F-0D5D4363D0EB}" = Catalyst Control Center Localization Hungarian
"{79A9EE33-3F8E-F03B-127E-DE3AA6E1A045}" = CCC Help Finnish
"{7A5A52BA-CB57-787B-10DD-1F717D9FCEFD}" = CCC Help Italian
"{80413011-029C-4D6B-B3AD-725DDE60B81C}" = 1310Trb
"{82841135-112D-2587-98F1-532FCEA99A4C}" = CCC Help Greek
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8B3700A3-3A38-900D-2192-D1E9E7999F68}" = Catalyst Control Center Localization Finnish
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EEF2D6F-509A-0F8E-647A-0EECE541E55F}" = Catalyst Control Center Localization Czech
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{965D29F4-902C-8211-5302-840FD87F7DF2}" = Catalyst Control Center Localization Greek
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{98764FC3-87A6-1EB3-E0CB-B84F73B780DB}" = CCC Help German
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2AF890-B0CD-43DC-85F6-AA0B51024DFF}" = ATI MCE Transcode
"{9B741240-EF62-154B-1997-60B506449417}" = Catalyst Control Center Localization Chinese Traditional
"{9B9A6B96-6970-9ED6-0675-E060EFE658E0}" = Catalyst Control Center Localization Polish
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{ADB13867-C822-EEA4-1D00-9B5E0399612D}" = Catalyst Control Center Core Implementation
"{AE3890B6-877C-B8B2-D4A7-BD3D61EBF803}" = CCC Help Japanese
"{AFA31743-20A2-7D27-2987-681F91D6E85F}" = Catalyst Control Center Localization Korean
"{B01EAEB2-ECC8-1DFC-65D0-3127B10AE7C7}" = ccc-core-preinstall
"{B18EC160-29FA-2B04-BBCD-2917956EEFC8}" = Catalyst Control Center Graphics Full New
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B57CA8AB-9461-1386-54D0-1F2D211C9F3F}" = CCC Help Hungarian
"{B7A13295-43A4-D0EF-8EF5-1874FEF4AFD6}" = Catalyst Control Center Localization French
"{B8C3B479-1716-11D5-968A-0050BA84F5F7}" = Baldur's Gate™ II - Throne of Bhaal ™
"{BC550D51-807D-EF68-AE54-0ABBF943A653}" = Catalyst Control Center Localization Swedish
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BE621D1B-141E-9BAB-0670-285633BC0050}" = Skins
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C1583439-B034-4881-819C-D52A0587662B}" = Neverwinter Nights
"{C3831B1E-8822-8E53-9911-2A6950E3CA8F}" = Catalyst Control Center Localization Russian
"{C68CA5F3-3762-5097-E198-EC308508C643}" = CCC Help English
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0E24994-42AB-32B3-89D6-B487B42B5340}" = Catalyst Control Center Localization Norwegian
"{D6F4EF5E-5792-4ECA-D024-5763335B16F1}" = CCC Help Danish
"{DE33B0D5-6781-1477-A825-015B189CDA48}" = ccc-core-static
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E21658D0-8C83-4ADD-937B-6ED07F335ABA}" = 1310Tour
"{E58BD749-ACFE-9342-E158-4527CFB0F32F}" = Catalyst Control Center Graphics Previews Common
"{E90BEB5B-CFA0-418E-9ABB-4C4A7B0D9483}" = 1310_Help
"{EB109037-3C5D-D11E-ADD1-8C96585315F1}" = Catalyst Control Center Localization Chinese Standard
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{ECEE477B-6FDC-B62A-2782-ED13DD44A466}" = Catalyst Control Center Localization Spanish
"{EFC9FED9-A930-0573-4537-CF4CF52F41EC}" = Catalyst Control Center Localization Italian
"{F0A81C0F-F842-98B9-9E92-E519E101A6A6}" = CCC Help Turkish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1D0DD2C-CDF8-CF48-2C05-CE209511A683}" = CCC Help Dutch
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F448EFBD-E9B5-1025-887D-C5A79BA7CF17}" = Catalyst Control Center Localization German
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{F66E79DF-A079-9881-4C3E-FE74B1B538E9}" = CCC Help Swedish
"{F8B226E7-3DDF-2F6C-08D9-ADE9D2CFF0D7}" = ccc-utility
"{FB6ED2DF-E2FD-8FD9-C7D2-9287C904A545}" = CCC Help Chinese Traditional
"{FC7EFC9F-61C8-A9AE-2DA6-DBBF188DE386}" = Catalyst Control Center Localization Japanese
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"AIM_6" = AIM 6
"All ATI Software" = ATI - Software Uninstall Utility
"AT" = Astral Tournament 1.7
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"CDisplay_is1" = CDisplay 1.8
"CoH" = City of Villains/City of Heroes (remove only)
"Dark Age of Camelot - Epic Edition_is1" = Dark Age of Camelot - Epic Edition
"Dark Age of Camelot - Labyrinth of the Minotaur_is1" = Dark Age of Camelot - Labyrinth of the Minotaur
"HijackThis" = HijackThis 2.0.2
"HP Photo & Imaging" = HP Image Zone 4.2
"Icewind Dale" = Icewind Dale
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Neverwinter Nights™ Kingmaker" = BioWare Premium Module: Neverwinter Nights™ Kingmaker
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"PROR" = Microsoft Office Professional 2007
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"The Darkest Day" = The Darkest Day (remove and restore BG2)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/10/2009 2:48:57 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/10/2009 2:50:05 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/10/2009 10:52:16 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/10/2009 10:55:44 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/10/2009 10:56:26 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/10/2009 10:58:43 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/10/2009 11:01:50 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/11/2009 8:05:10 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16791, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/12/2009 8:54:03 AM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/12/2009 6:14:10 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 4/2/2009 6:13:43 AM | Computer Name = YOUR-C980545849 | Source = Service Control Manager | ID = 7031
Description = The COM+ System Application service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 1000 milliseconds:
Restart the service.


< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP