Here's the OTList2 "OTListit.txt"
OTListIt logfile created on: 4/22/2009 8:54:35 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Temporary Internet Files\Content.IE5\GKOGJFVI
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.44 Gb Available Physical Memory | 72.10% Memory free
3.85 Gb Paging File | 3.33 Gb Available in Paging File | 86.70% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.72 Gb Total Space | 164.20 Gb Free Space | 71.79% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 4.14 Gb Total Space | 1.20 Gb Free Space | 28.95% Space Free | Partition Type: FAT32
Drive I: | 625.47 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.47 Gb Total Space | 7.43 Gb Free Space | 99.40% Space Free | Partition Type: FAT32
Computer Name: YOUR-C980545849
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - [2007/11/01 23:59:20 | 00,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2007/11/01 23:59:20 | 00,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2009/03/09 15:06:55 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/03/05 16:17:24 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:10:30 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2005/12/15 16:14:40 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/06 00:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2009/03/24 21:30:25 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/08/06 00:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2005/08/06 00:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2005/12/09 22:44:40 | 00,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Digital Media Reader\readericon45G.exe
PRC - [2006/01/11 15:23:34 | 15,961,088 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2004/12/08 21:57:36 | 00,550,912 | ---- | M] () -- C:\WINDOWS\zHotkey.exe
PRC - [2004/02/12 14:38:56 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2004/05/12 16:18:56 | 00,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2009/03/24 21:30:25 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/03/09 15:06:55 | 00,515,416 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/03/02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2007/07/17 11:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
PRC - [2004/08/10 15:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2004/05/28 23:31:38 | 00,241,664 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2005/08/06 00:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehmsas.exe
PRC - [2009/02/06 06:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004/05/29 00:08:52 | 00,520,192 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2007/07/17 11:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
PRC - [2009/02/28 00:54:41 | 00,636,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/04/22 20:54:25 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Temporary Internet Files\Content.IE5\GKOGJFVI\OTListIt2[1].exe
========== Win32 Services (SafeList) ========== SRV - [2009/03/05 16:17:24 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/03/02 12:10:30 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2005/09/23 11:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2007/11/01 23:59:20 | 00,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2007/11/01 22:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2005/09/23 11:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2005/12/15 16:14:40 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/06 00:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/03/24 21:30:25 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/03/09 15:06:55 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2005/08/06 00:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2004/08/10 15:11:50 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll -- (MHN [On_Demand | Stopped])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2004/03/18 17:55:48 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2009/03/24 22:26:46 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL [Disabled | Stopped])
SRV - [2004/08/11 05:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])
========== Driver Services (SafeList) ========== DRV - [2005/09/23 10:26:40 | 01,094,751 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2001/08/18 00:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/13 14:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2001/08/18 00:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2001/08/18 00:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2009/03/24 22:24:57 | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
DRV - [2007/11/02 01:52:04 | 02,644,480 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2007/07/20 19:40:10 | 00,084,992 | ---- | M] (ATI Research Inc.) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Stopped])
DRV - [2009/02/13 11:35:05 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio [System | Running])
DRV - [2009/02/13 11:31:26 | 00,055,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\avgntflt.sys -- (avgntflt [Auto | Running])
DRV - [2009/02/13 14:22:54 | 00,095,576 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2004/11/10 21:27:34 | 00,044,288 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp [System | Running])
DRV - [2004/11/10 21:30:18 | 00,024,832 | ---- | M] (Roxio) -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k [System | Running])
DRV - [2001/08/18 00:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2001/08/18 00:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2006/12/28 12:44:44 | 00,084,992 | R--- | M] (ATI Research Inc.) -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService [On_Demand | Running])
DRV - [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2004/06/21 13:40:48 | 00,051,088 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2004/06/21 13:40:48 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2004/06/21 13:40:48 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2006/01/13 15:13:18 | 04,137,984 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009/03/09 15:06:56 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2001/08/18 00:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2001/08/17 16:49:32 | 00,019,968 | ---- | M] (Macronix International Co., Ltd. ) -- C:\WINDOWS\system32\DRIVERS\mxnic.sys -- (mxnic [On_Demand | Stopped])
DRV - [2004/08/04 01:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2004/08/10 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2005/05/13 05:54:10 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/18 00:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2001/08/18 00:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2001/08/18 00:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2004/04/13 17:14:12 | 00,070,144 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])
DRV - [2008/04/13 12:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 14:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2001/08/18 01:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2009/02/13 11:50:02 | 00,028,376 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2001/08/18 01:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2001/08/18 01:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2001/08/18 01:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2001/08/18 01:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2001/08/18 00:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2003/01/10 17:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Stopped])
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.fark.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/24 21:30:25 | 00,000,000 | ---D | M]
O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [6cf2e81c] rundll32.exe "C:\WINDOWS\system32\wosozile.dll",b ()
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min (Avira GmbH)
O4 - HKLM..\Run: [CHotkey] zHotkey.exe ()
O4 - HKLM..\Run: [CPM6fc1db80] Rundll32.exe "c:\windows\system32\hahuhize.dll",a ()
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" (Hewlett-Packard Company)
O4 - HKLM..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" (Hewlett-Packard Company)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)
O4 - HKLM..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: vzTCPConfig
http://www2.verizon....vzTCPConfig.CAB (Reg Error: Key error.)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\system32\hahuhize.dll) - c:\windows\system32\hahuhize.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hahuhize.dll ()
O22 - SharedTaskScheduler: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - STS - c:\windows\system32\hahuhize.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/09 21:13:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/02/12 20:04:06 | 00,000,046 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2001/04/30 12:57:48 | 00,001,452 | R--- | M] () - I:\Autorun.ini -- [ CDFS ]
O33 - MountPoints2\{dc89d535-196d-11de-a578-00161777b408}\Shell - "" = AutoRun
O33 - MountPoints2\{dc89d535-196d-11de-a578-00161777b408}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dc89d535-196d-11de-a578-00161777b408}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/04/22 19:15:50 | 00,001,524 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Astral Tournament.lnk
[2009/04/22 19:15:46 | 00,000,000 | ---D | C] -- C:\Program Files\Astral
[2009/04/22 16:59:12 | 00,000,070 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/04/22 16:59:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2009/04/18 20:03:36 | 24,921,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/18 03:34:06 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/17 06:29:29 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/04/16 19:40:20 | 01,419,322 | -HS- | C] () -- C:\WINDOWS\System32\elizosow.ini
[2009/04/16 19:40:14 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 19:40:14 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/16 19:40:13 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 19:40:13 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 19:40:13 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 19:40:12 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 19:40:12 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 19:40:11 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 19:40:10 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 19:40:10 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 19:39:25 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 19:39:24 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 19:39:23 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/16 19:32:38 | 00,000,209 | ---- | C] () -- C:\Boot.bak
[2009/04/16 19:32:33 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/04/16 19:32:30 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/04/16 19:31:23 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/04/16 19:31:23 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/04/16 19:31:23 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/04/16 19:31:23 | 00,108,032 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/04/16 19:31:23 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/04/16 19:31:23 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/04/16 19:31:23 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/04/16 19:31:23 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/04/16 19:31:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/16 19:31:17 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/04/16 19:31:14 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/04/16 19:30:27 | 03,015,190 | R--- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\ComboFix.exe
[2009/04/15 16:05:49 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\HijackThis.lnk
[2009/04/15 16:05:48 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/14 23:49:17 | 00,022,487 | ---- | C] () -- C:\WINDOWS\System32\AAWService_2009_04_14_23_49_17.dmp
[2009/04/14 22:26:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\Electronic Arts
[2009/04/14 22:11:23 | 00,000,840 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Dark Age of Camelot - Labyrinth of the Minotaur.lnk
[2009/04/14 21:51:49 | 00,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2009/04/14 21:30:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Electronic Arts
[2009/04/14 20:29:28 | 00,000,000 | ---D | C] -- C:\Mythic
[2009/04/12 23:56:31 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009/04/12 23:56:19 | 00,095,576 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009/04/12 23:56:19 | 00,055,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2009/04/12 23:56:19 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009/04/12 23:56:19 | 00,028,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009/04/12 23:56:19 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009/04/12 23:56:17 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/04/12 23:56:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/04/11 15:32:32 | 21,459,64032 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/10 22:30:54 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/04/10 22:30:54 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/04/10 00:20:58 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009/04/03 23:51:54 | 00,070,204 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\heart_of_winter.zip
[2009/04/02 14:41:42 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/04/02 08:24:07 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2009/04/02 08:21:10 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2009/04/02 08:21:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009/04/02 08:19:07 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009/04/02 08:15:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2009/04/02 08:15:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Microsoft Help
[2009/04/02 08:14:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/04/02 08:14:15 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009/04/02 08:05:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\GetRightToGo
[2009/04/02 07:47:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\ICAClient
[2009/04/02 07:19:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\ShadowKeeper
[2009/04/02 07:16:25 | 00,305,881 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\ShadowKeeper.zip
[2009/03/29 17:39:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/03/28 19:13:06 | 00,001,695 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\The Darkest Day.lnk
[2009/03/28 17:05:21 | 00,000,827 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Baldur's Gate II - Throne of Bhaal.lnk
[2009/03/27 11:03:17 | 00,000,000 | ---D | C] -- C:\NW
[2009/03/26 06:36:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/03/26 06:36:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/03/26 06:35:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/03/26 06:35:19 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/03/26 06:34:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/03/26 06:31:43 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/26 06:31:42 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/26 06:31:42 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/26 06:31:42 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/26 06:31:42 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/26 06:31:42 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/03/26 06:31:41 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/03/26 06:31:41 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/26 06:31:40 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/03/26 01:21:25 | 00,000,839 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Icewind Dale.lnk
[2009/03/25 19:28:31 | 00,000,000 | ---D | C] -- C:\Program Files\Heroes3
[2009/03/25 19:20:56 | 00,001,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Icewind Dale II.lnk
[2009/03/25 18:57:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\acccore
[2009/03/25 18:57:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\AOL OCP
[2009/03/25 18:57:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\AOL
[2009/03/25 17:37:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\U3
[2009/03/25 17:33:14 | 00,000,000 | ---D | C] -- C:\Program Files\Black Isle
[2009/03/25 15:56:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/03/25 15:56:47 | 00,001,674 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AIM 6.lnk
[2009/03/25 15:56:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2009/03/25 15:55:43 | 00,000,000 | ---D | C] -- C:\Program Files\AIM6
[2009/03/25 15:25:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2009/03/25 14:50:52 | 00,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2009/03/25 14:03:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2009/03/25 14:03:32 | 00,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2009/03/25 05:29:16 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2009/03/25 05:29:16 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/03/25 05:29:16 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/03/25 05:29:16 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2009/03/25 05:29:16 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2009/03/25 05:29:16 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/03/25 05:29:16 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/03/25 05:29:16 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2009/03/25 05:29:16 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2009/03/25 05:29:16 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/03/25 05:29:16 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2009/03/25 05:29:16 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/03/25 05:29:16 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2009/03/25 05:29:16 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2009/03/25 05:29:14 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/03/25 05:29:13 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2009/03/25 05:29:13 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2009/03/25 05:29:13 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2009/03/25 05:29:13 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2009/03/25 05:29:12 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2009/03/25 05:29:12 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/03/25 05:29:12 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls
[2009/03/25 05:29:12 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2009/03/25 05:29:12 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/03/25 05:29:12 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls
[2009/03/25 05:29:12 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/03/25 05:29:12 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls
[2009/03/25 05:29:12 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2009/03/25 05:29:12 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2009/03/25 05:29:12 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2009/03/25 05:29:12 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2009/03/25 05:29:12 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP
[2009/03/25 05:29:12 | 00,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP
[2009/03/25 05:29:12 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2009/03/25 05:29:12 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2009/03/25 05:29:12 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2009/03/25 05:29:12 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2009/03/25 05:29:12 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2009/03/25 05:29:11 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2009/03/25 05:29:11 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2009/03/25 05:29:11 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2009/03/25 05:29:11 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/03/25 05:29:11 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls
[2009/03/25 05:29:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls
[2009/03/25 05:29:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls
[2009/03/25 05:29:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/03/25 05:29:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/03/25 05:29:11 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/03/25 05:29:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2009/03/25 05:29:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/03/25 05:29:10 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/03/25 05:29:10 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/03/25 05:29:10 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/03/25 05:29:10 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/03/25 05:29:10 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/03/25 05:29:09 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/03/25 05:29:08 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/03/25 05:29:08 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls
[2009/03/25 05:29:08 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/03/25 05:29:08 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls
[2009/03/25 05:29:08 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls
[2009/03/25 05:29:08 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/03/25 05:29:08 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/03/25 05:29:07 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/03/25 05:29:07 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/03/25 05:29:07 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/03/25 05:29:07 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/03/25 05:29:07 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/03/25 05:29:07 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2009/03/25 05:29:07 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/03/25 05:29:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2009/03/25 05:29:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/03/25 05:29:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2009/03/25 05:29:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/03/25 05:29:03 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/03/25 05:29:03 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/03/25 05:28:58 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/03/25 05:28:58 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls
[2009/03/25 05:28:58 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/03/25 05:28:58 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls
[2009/03/25 05:28:58 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/03/25 05:28:58 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls
[2009/03/25 05:28:58 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/03/25 05:28:58 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls
[2009/03/25 05:28:58 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/03/25 05:28:58 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls
[2009/03/25 05:28:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/03/25 05:28:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/03/25 05:28:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls
[2009/03/25 05:28:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls
[2009/03/25 05:28:58 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls
[2009/03/25 05:28:58 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/03/25 05:28:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/03/25 05:28:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2009/03/25 05:28:52 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2009/03/25 05:28:52 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2009/03/25 05:28:52 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2009/03/25 05:28:52 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2009/03/25 05:28:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2009/03/25 05:28:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2009/03/25 05:28:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2009/03/25 05:28:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2009/03/25 05:28:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2009/03/25 05:28:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2009/03/25 05:28:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2009/03/25 05:28:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2009/03/25 04:46:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Identities
[2009/03/25 04:00:42 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009/03/25 01:09:45 | 00,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/03/25 00:57:21 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CCleaner.lnk
[2009/03/25 00:57:20 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/03/25 00:50:10 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/25 00:50:01 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/25 00:50:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/03/25 00:48:15 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/03/25 00:48:14 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/25 00:48:11 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/03/25 00:48:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/03/25 00:23:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\NCSoft
[2009/03/24 23:58:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\WinRAR
[2009/03/24 23:57:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2009/03/24 23:57:22 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/03/24 23:57:08 | 00,084,992 | R--- | C] (ATI Research Inc.) -- C:\WINDOWS\System32\drivers\AtiHdAud.sys
[2009/03/24 23:56:07 | 00,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/03/24 23:56:04 | 00,011,283 | R--- | C] () -- C:\WINDOWS\atiogl.xml
[2009/03/24 23:56:03 | 00,007,167 | R--- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2009/03/24 23:56:02 | 00,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/03/24 23:56:01 | 03,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/03/24 23:56:01 | 03,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/03/24 23:56:01 | 00,157,034 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/03/24 23:56:00 | 01,311,202 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2009/03/24 23:56:00 | 00,002,096 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativdkxx.vp
[2009/03/24 23:55:59 | 00,047,360 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2009/03/24 23:55:59 | 00,002,096 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2009/03/24 23:55:59 | 00,000,929 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2009/03/24 23:48:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Macromedia
[2009/03/24 23:42:28 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009/03/24 23:35:13 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/03/24 23:35:13 | 00,001,620 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\City of Heroes.lnk
[2009/03/24 23:35:11 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/03/24 23:35:11 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/03/24 23:35:09 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/03/24 23:35:09 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/03/24 23:35:09 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009/03/24 23:35:08 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009/03/24 23:35:08 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/03/24 23:35:06 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009/03/24 23:35:06 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/03/24 23:35:05 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/03/24 23:35:05 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/03/24 23:35:05 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/03/24 23:35:05 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/03/24 23:35:01 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2009/03/24 23:35:01 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2009/03/24 23:34:59 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/03/24 23:34:57 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/03/24 23:34:57 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/03/24 23:34:56 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/03/24 23:34:56 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/03/24 23:34:56 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/03/24 23:34:56 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009/03/24 23:34:56 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/03/24 23:34:55 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/03/24 23:34:55 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/03/24 23:34:55 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/03/24 23:34:54 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/03/24 23:34:54 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/03/24 23:34:50 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2009/03/24 23:34:50 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/03/24 23:34:50 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/03/24 23:34:50 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/03/24 23:34:50 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/03/24 23:34:50 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/03/24 23:34:50 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/03/24 23:34:50 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/03/24 23:34:50 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/03/24 23:34:49 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/03/24 23:34:49 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/03/24 23:34:41 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/03/24 23:34:41 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/03/24 23:34:41 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/03/24 23:34:41 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/03/24 23:34:40 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINZM.IME
[2009/03/24 23:34:40 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/03/24 23:34:39 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TINTLGNT.IME
[2009/03/24 23:34:39 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/03/24 23:34:39 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/03/24 23:34:39 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/03/24 23:34:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINSP.IME
[2009/03/24 23:34:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINPY.IME
[2009/03/24 23:34:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/03/24 23:34:39 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/03/24 23:34:39 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/03/24 23:34:39 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime
[2009/03/24 23:34:39 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/03/24 23:34:39 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime
[2009/03/24 23:34:39 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/03/24 23:34:39 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll
[2009/03/24 23:34:39 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/03/24 23:34:39 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WINGB.IME
[2009/03/24 23:34:39 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/03/24 23:34:39 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/03/24 23:34:39 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/03/24 23:34:39 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime
[2009/03/24 23:34:39 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/03/24 23:34:39 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime
[2009/03/24 23:34:39 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/03/24 23:34:39 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/03/24 23:34:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime
[2009/03/24 23:34:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/03/24 23:34:39 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/03/24 23:34:37 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PINTLGNT.IME
[2009/03/24 23:34:37 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/03/24 23:34:36 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll
[2009/03/24 23:34:36 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/03/24 23:34:36 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/03/24 23:34:36 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/03/24 23:34:36 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime
[2009/03/24 23:34:36 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/03/24 23:34:36 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/03/24 23:34:36 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/03/24 23:34:36 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/03/24 23:34:36 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/03/24 23:34:36 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/03/24 23:34:36 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/03/24 23:34:36 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/03/24 23:34:36 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/03/24 23:34:36 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/03/24 23:34:36 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/03/24 23:34:36 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/03/24 23:34:36 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imekr61.ime
[2009/03/24 23:34:36 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/03/24 23:34:36 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/03/24 23:34:36 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/03/24 23:34:36 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime
[2009/03/24 23:34:36 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/03/24 23:34:36 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/03/24 23:34:36 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/03/24 23:34:36 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/03/24 23:34:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/03/24 23:34:36 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl
[2009/03/24 23:34:33 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/03/24 23:34:33 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/03/24 23:34:33 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/03/24 23:34:33 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/03/24 23:34:33 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/03/24 23:34:33 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/03/24 23:34:33 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime
[2009/03/24 23:34:33 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/03/24 23:34:33 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime
[2009/03/24 23:34:33 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/03/24 23:34:33 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/03/24 23:34:33 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/03/24 23:34:33 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/03/24 23:34:33 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/03/24 23:34:33 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CINTLGNT.IME
[2009/03/24 23:34:33 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll
[2009/03/24 23:34:33 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2009/03/24 23:34:33 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll
[2009/03/24 23:34:33 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2009/03/24 23:34:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2009/03/24 23:34:28 | 00,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/03/24 23:34:26 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/03/24 23:34:24 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009/03/24 23:34:24 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009/03/24 23:34:23 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2009/03/24 23:34:23 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll
[2009/03/24 23:34:23 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2009/03/24 23:34:22 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/03/24 23:34:22 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/03/24 23:34:22 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/03/24 23:34:22 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/03/24 23:34:22 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/03/24 23:34:22 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/03/24 23:34:22 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/03/24 23:34:22 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/03/24 23:34:20 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/03/24 23:34:20 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/03/24 23:34:20 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/03/24 23:34:20 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/03/24 23:34:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/03/24 23:34:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/03/24 23:34:20 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/03/24 23:34:20 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/03/24 23:34:20 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/03/24 23:34:19 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/03/24 23:34:18 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2009/03/24 23:34:18 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll
[2009/03/24 23:34:18 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/03/24 23:34:17 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/03/24 23:34:14 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/03/24 23:34:14 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/03/24 23:34:14 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009/03/24 23:34:14 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/03/24 23:34:14 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009/03/24 23:34:14 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/03/24 23:34:14 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009/03/24 23:34:14 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009/03/24 23:34:14 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/03/24 23:34:12 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/03/24 23:34:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2009/03/24 23:34:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2009/03/24 23:34:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2009/03/24 23:34:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2009/03/24 23:31:43 | 00,000,000 | ---D | C] -- C:\Program Files\City of Heroes
[2009/03/24 23:28:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\McAfee.com Personal Firewall
[2009/03/24 23:27:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Leadertech
[2009/03/24 23:27:42 | 00,001,478 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Neverwinter Nights Diamond Edition.lnk
[2009/03/24 23:26:32 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/03/24 23:26:24 | 01,160,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2009/03/24 23:26:24 | 00,826,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009/03/24 23:26:23 | 01,499,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2009/03/24 23:26:13 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/03/24 23:26:12 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/03/24 23:26:12 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/03/24 23:26:11 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/03/24 23:26:09 | 03,595,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/03/24 23:25:48 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/03/24 23:25:47 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/03/24 23:25:32 | 02,330,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2009/03/24 23:25:31 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/03/24 23:25:30 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/03/24 23:25:23 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/03/24 23:25:14 | 00,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/03/24 23:25:12 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/03/24 23:25:11 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/03/24 23:24:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/03/24 23:20:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\AdobeUM
[2009/03/24 23:19:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Adobe
[2009/03/24 23:19:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Adobe
[2009/03/24 23:18:29 | 00,000,271 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CD Drive.lnk
[2009/03/24 23:18:16 | 00,000,293 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Local Disk ©.lnk
[2009/03/24 23:14:31 | 00,000,000 | ---D | C] -- C:\NeverwinterNights
[2009/03/24 23:00:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/03/24 22:51:53 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/03/24 22:48:56 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\desktop.ini
[2009/03/24 22:48:55 | 01,577,454 | -H-- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\IconCache.db
[2009/03/24 22:48:55 | 00,013,104 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/24 22:48:55 | 00,000,786 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Windows Media Player.lnk
[2009/03/24 22:48:55 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Start Menu\Programs\Startup\desktop.ini
[2009/03/24 22:48:55 | 00,000,076 | -HS- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\desktop.ini
[2009/03/24 22:48:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Identities
[2009/03/24 22:48:54 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Microsoft
[2009/03/24 22:48:54 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Pictures
[2009/03/24 22:48:54 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Music
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Microsoft
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\Google
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\ApplicationHistory
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150020}
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\You've Got Pictures Screensaver
[2009/03/24 22:48:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\SampleView
[2009/03/24 22:46:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/03/24 22:44:48 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/03/24 22:43:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\Gateway_GT4024__.MRK
[2009/03/24 22:42:59 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2009/03/24 22:42:55 | 00,000,333 | ---- | C] () -- C:\WINDOWS\System32\$ncsp$.inf
[2009/03/24 22:42:44 | 00,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/03/24 22:42:44 | 00,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/03/24 22:42:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2009/03/24 22:41:48 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2009/03/24 22:41:46 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2009/03/24 22:41:39 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2009/03/24 22:41:00 | 00,002,752 | ---- | C] () -- C:\WINDOWS\System32\Status.MPF
[2009/03/24 22:40:19 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2009/03/24 22:40:17 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2009/03/24 22:40:15 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2009/03/24 22:29:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/03/24 22:28:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee.com
[2009/03/24 22:28:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee.com Personal Firewall
[2009/03/24 22:28:04 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2009/03/24 22:27:05 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009/03/24 22:27:03 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009/03/24 22:26:57 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2009/03/24 22:26:57 | 00,001,150 | ---- | C] () -- C:\WINDOWS\System32\gtw.ico
[2009/03/24 22:26:46 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\POWERCFG.EXE
[2009/03/24 22:25:55 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/03/24 22:25:39 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2009/03/24 22:25:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nullsoft
[2009/03/24 22:25:05 | 00,086,016 | ---- | C] (MindVision) -- C:\WINDOWS\unvise32qt.exe
[2009/03/24 22:25:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2009/03/24 22:25:01 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/03/24 22:25:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/03/24 22:24:58 | 00,000,000 | ---D | C] -- C:\My Music
[2009/03/24 22:24:54 | 00,157,696 | ---- | C] (RealNetworks) -- C:\WINDOWS\System32\rmoc3260.dll
[2009/03/24 22:24:53 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/03/24 22:24:53 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2009/03/24 22:24:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009/03/24 22:24:46 | 00,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSComCt2.ocx
[2009/03/24 22:24:46 | 00,203,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RichTx32.ocx
[2009/03/24 22:24:46 | 00,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSInet.ocx
[2009/03/24 22:24:46 | 00,010,752 | ---- | C] (Almeida & Andrade Ltda) -- C:\WINDOWS\System32\aamd532.dll
[2009/03/24 22:24:45 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2009/03/24 22:24:45 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msstdfmt.dll
[2009/03/24 22:24:45 | 00,102,400 | ---- | C] (4Developers LLC) -- C:\WINDOWS\System32\SimpleRegistry.dll
[2009/03/24 22:24:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/24 22:24:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2009/03/24 22:24:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009/03/24 22:24:09 | 00,001,570 | -H-- | C] () -- C:\IPH.PH
[2009/03/24 22:24:09 | 00,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/24 22:24:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2009/03/24 22:24:01 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2009/03/24 22:23:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/03/24 22:23:32 | 00,550,912 | ---- | C] () -- C:\WINDOWS\zHotkey.exe
[2009/03/24 22:23:32 | 00,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2009/03/24 22:23:32 | 00,042,040 | ---- | C] () -- C:\WINDOWS\PatchWnd.exe
[2009/03/24 22:23:32 | 00,036,864 | ---- | C] () -- C:\WINDOWS\ShowWnd.exe
[2009/03/24 22:23:32 | 00,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2009/03/24 22:23:32 | 00,011,776 | ---- | C] () -- C:\WINDOWS\HIDMNT.dll
[2009/03/24 22:23:32 | 00,005,280 | ---- | C] () -- C:\WINDOWS\hotbtnv.vxd
[2009/03/24 22:23:32 | 00,004,223 | ---- | C] () -- C:\WINDOWS\mHotkey.reg
[2009/03/24 22:23:14 | 00,000,004 | ---- | C] () -- C:\WINDOWS\Pix11.dat
[2009/03/24 22:22:55 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Digital Image 2006
[2009/03/24 22:22:40 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll
[2009/03/24 22:22:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/03/24 22:22:35 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/03/24 22:22:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/03/24 22:22:24 | 00,020,480 | ---- | C] (Gateway) -- C:\WINDOWS\System32\Marker32.exe
[2009/03/24 22:21:54 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/03/24 22:21:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2009/03/24 22:21:49 | 00,002,238 | ---- | C] () -- C:\WINDOWS\System32\32-aol.ico
[2009/03/24 22:21:49 | 00,001,406 | ---- | C] () -- C:\WINDOWS\System32\16-aol.ico
[2009/03/24 22:20:47 | 00,094,208 | ---- | C] (Gateway Inc.) -- C:\WINDOWS\System32\bae.dll
[2009/03/24 22:20:43 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/03/24 22:20:43 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/03/24 22:20:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2009/03/24 22:20:21 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/03/24 22:20:21 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/03/24 22:20:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/03/24 22:19:49 | 02,809,856 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2009/03/24 22:19:49 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/03/24 22:19:38 | 00,013,352 | ---- | C] (BigFix, Inc.) -- C:\WINDOWS\BigFixClientOverride.dll
[2009/03/24 22:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\Digital Media Reader
[2009/03/24 22:19:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009/03/24 22:15:52 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2009/03/24 22:15:28 | 00,051,656 | ---- | C] () -- C:\WINDOWS\System32\OEMLOGO.bmp
[2009/03/24 22:15:13 | 00,000,002 | ---- | C] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2009/03/24 22:14:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/03/24 22:09:33 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/03/24 22:09:33 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2009/03/24 22:09:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/03/24 22:09:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\New Boundary
[2009/03/24 22:09:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Prism Deploy
[2009/03/24 22:07:21 | 00,000,002 | RHS- | C] () -- C:\USER
[2009/03/24 22:07:21 | 00,000,000 | ---- | C] () -- C:\REQUEST_OEMRESET_ENDUSER
[2009/03/24 22:06:40 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2009/03/24 22:06:26 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009/03/24 22:05:25 | 00,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ohci1394.sys
[2009/03/24 22:05:25 | 00,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys
[2009/03/24 22:05:25 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2009/03/24 22:05:10 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbehci.sys
[2009/03/24 22:05:10 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2009/03/24 22:05:08 | 00,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbohci.sys
[2009/03/24 22:02:49 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/03/24 21:29:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\Sun
[2009/03/24 21:23:50 | 00,000,000 | ---D | C] -- C:\Swsetup
[2009/03/24 21:18:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/03/24 21:01:37 | 00,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2009/03/24 21:01:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\creator
[2009/03/24 21:01:31 | 01,094,751 | ---- | C] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys
[2009/03/24 21:01:31 | 00,070,144 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtlnicxp.sys
[2009/03/24 21:01:31 | 00,068,096 | ---- | C] (Agere Systems) -- C:\WINDOWS\agrsmdel.exe
[2009/03/24 21:01:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\SMINST
[2009/03/24 21:01:12 | 00,000,000 | R--D | C] -- C:\Program Files
[2009/03/24 21:01:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/03/24 21:01:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/03/24 21:01:04 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/03/24 21:00:11 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/03/24 21:00:06 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/03/24 20:59:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/03/24 20:59:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/03/24 20:59:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/03/24 20:59:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/03/24 20:59:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/03/24 20:58:36 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/03/24 20:57:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/03/24 20:56:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/03/24 20:54:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/03/24 20:53:09 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/03/24 20:50:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/03/24 20:37:28 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Videos
[2009/03/24 20:35:50 | 00,018,944 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/24 20:35:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\Sounds
[2009/03/24 20:33:50 | 00,001,496 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CDisplay.lnk
[2009/03/24 20:33:50 | 00,000,000 | ---D | C] -- C:\Program Files\CDisplay
[2009/03/24 20:33:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\CDisplay
[2009/03/24 20:33:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Katie's Stuff
[2009/03/24 20:33:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\John's Stuff
[2009/03/24 20:30:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Albums
[2009/03/24 20:30:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\IsolatedStorage
[2009/03/24 20:30:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\HP
[2009/03/24 20:28:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\MSNInstaller
[2009/03/24 20:28:35 | 00,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
[2009/03/24 20:27:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2009/03/24 20:26:24 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/03/24 20:26:16 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2009/03/24 20:26:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2009/03/24 20:26:07 | 00,626,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvaut32.dll
[2009/03/24 20:26:07 | 00,487,424 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcp70.dll
[2009/03/24 20:26:07 | 00,344,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hpvcr70.dll
[2009/03/24 20:26:07 | 00,044,544 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSXML4a.dll
[2009/03/24 20:25:23 | 00,000,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Director.lnk
[2009/03/24 20:25:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\Comics
[2009/03/24 20:24:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2009/03/24 20:23:02 | 00,000,000 | ---D | C] -- C:\Program Files\HP
[2009/03/24 20:22:30 | 00,000,000 | -H-D | C] -- C:\Config.Msi
[2009/03/24 20:22:21 | 00,104,253 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2009/03/24 20:22:21 | 00,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2009/03/24 20:21:50 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/03/24 20:21:39 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/03/24 20:20:51 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2009/03/24 20:20:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\My Received Files
[2009/03/24 20:14:19 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Documents\MCE Logs
[2009/03/24 20:14:18 | 00,000,144 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\fusioncache.dat
[2009/03/24 20:07:26 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/03/24 20:03:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\ATI
[2009/03/24 20:03:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-C980545849\Application Data\ATI
[2009/03/24 20:03:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2009/01/11 04:31:15 | 00,100,864 | -HS- | C] () -- C:\WINDOWS\System32\wosozile.dll
[2009/01/11 04:31:14 | 00,109,568 | -HS- | C] () -- C:\WINDOWS\System32\hahuhize.dll
[2005/08/06 01:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/01/12 13:38:00 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/09 19:49:16 | 00,001,220 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/01/09 19:49:16 | 00,000,491 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2005/01/09 19:48:33 | 00,000,657 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/01/09 19:48:30 | 00,000,282 | ---- | C] () -- C:\WINDOWS\system.ini
========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/04/22 20:44:42 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/22 20:44:37 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/22 20:44:33 | 21,459,64032 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/22 20:41:34 | 01,577,454 | -H-- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\IconCache.db
[2009/04/22 19:15:50 | 00,001,524 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Astral Tournament.lnk
[2009/04/22 16:59:12 | 00,000,070 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/04/22 08:49:33 | 01,419,322 | -HS- | M] () -- C:\WINDOWS\System32\elizosow.ini
[2009/04/22 07:35:09 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/21 09:17:26 | 00,018,944 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/17 06:31:34 | 00,471,150 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/17 06:31:34 | 00,401,064 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 06:31:34 | 00,062,344 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/17 06:31:03 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/16 19:37:34 | 00,000,282 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/16 19:36:39 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/04/16 19:32:38 | 00,000,279 | RHS- | M] () -- C:\boot.ini
[2009/04/16 19:30:28 | 03,015,190 | R--- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\ComboFix.exe
[2009/04/15 16:05:49 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\HijackThis.lnk
[2009/04/15 07:28:25 | 00,000,657 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/14 23:49:18 | 00,022,487 | ---- | M] () -- C:\WINDOWS\System32\AAWService_2009_04_14_23_49_17.dmp
[2009/04/14 23:49:15 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/04/14 22:11:23 | 00,000,840 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Dark Age of Camelot - Labyrinth of the Minotaur.lnk
[2009/04/14 00:26:42 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/04/12 23:56:31 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009/04/12 22:23:38 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/11 15:53:08 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\notunelu
[2009/04/11 04:31:15 | 00,109,568 | -HS- | M] () -- C:\WINDOWS\System32\hahuhize.dll
[2009/04/11 04:31:15 | 00,100,864 | -HS- | M] () -- C:\WINDOWS\System32\wosozile.dll
[2009/04/11 04:31:14 | 00,064,512 | -HS- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\norugite.exe
[2009/04/10 22:30:54 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/04/06 07:57:26 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/03 23:51:55 | 00,070,204 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\heart_of_winter.zip
[2009/04/02 19:58:48 | 00,281,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/02 07:16:25 | 00,305,881 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\ShadowKeeper.zip
[2009/03/28 19:13:06 | 00,001,695 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\The Darkest Day.lnk
[2009/03/28 17:07:00 | 00,000,827 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Baldur's Gate II - Throne of Bhaal.lnk
[2009/03/27 02:58:38 | 01,203,922 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/03/26 06:41:38 | 00,001,496 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CDisplay.lnk
[2009/03/26 06:40:26 | 00,000,076 | -HS- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\My Documents\desktop.ini
[2009/03/26 01:17:06 | 00,000,839 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Icewind Dale.lnk
[2009/03/25 19:20:56 | 00,001,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Icewind Dale II.lnk
[2009/03/25 16:47:03 | 00,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2009/03/25 15:58:39 | 00,001,570 | -H-- | M] () -- C:\IPH.PH
[2009/03/25 15:56:47 | 00,001,674 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AIM 6.lnk
[2009/03/25 14:13:16 | 00,000,271 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CD Drive.lnk
[2009/03/25 13:20:02 | 00,001,620 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\City of Heroes.lnk
[2009/03/25 01:09:45 | 00,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/03/25 00:57:21 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\CCleaner.lnk
[2009/03/25 00:48:14 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/24 23:28:06 | 00,002,752 | ---- | M] () -- C:\WINDOWS\System32\Status.MPF
[2009/03/24 23:27:42 | 00,001,478 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Neverwinter Nights Diamond Edition.lnk
[2009/03/24 23:18:16 | 00,000,293 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Local Disk ©.lnk
[2009/03/24 22:51:53 | 00,000,002 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2009/03/24 22:48:39 | 00,000,097 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/03/24 22:48:36 | 00,000,209 | ---- | M] () -- C:\Boot.bak
[2009/03/24 22:44:48 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/03/24 22:43:03 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\Gateway_GT4024__.MRK
[2009/03/24 22:42:55 | 00,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf
[2009/03/24 22:42:44 | 00,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2009/03/24 22:42:44 | 00,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2009/03/24 22:42:09 | 00,000,000 | ---- | M] () -- C:\REQUEST_OEMRESET_ENDUSER
[2009/03/24 22:29:54 | 00,000,491 | ---- | M] () -- C:\WINDOWS\System32\emver.ini
[2009/03/24 22:29:46 | 00,001,220 | ---- | M] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/03/24 22:24:58 | 00,157,696 | ---- | M] (RealNetworks) -- C:\WINDOWS\System32\rmoc3260.dll
[2009/03/24 22:24:53 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/03/24 22:24:09 | 00,000,335 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/03/24 22:23:14 | 00,000,004 | ---- | M] () -- C:\WINDOWS\Pix11.dat
[2009/03/24 22:15:13 | 00,000,002 | ---- | M] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2009/03/24 22:07:28 | 00,000,867 | ---- | M] () -- C:\WINDOWS\System32\VGASwitcher.lnk
[2009/03/24 22:07:21 | 00,000,002 | RHS- | M] () -- C:\USER
[2009/03/24 21:20:21 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/03/24 21:01:37 | 00,000,060 | ---- | M] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2009/03/24 20:55:51 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/03/24 20:37:23 | 00,000,786 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Desktop\Windows Media Player.lnk
[2009/03/24 20:29:50 | 00,104,253 | ---- | M] () -- C:\WINDOWS\hpoins04.dat
[2009/03/24 20:28:35 | 00,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
[2009/03/24 20:26:24 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/03/24 20:25:23 | 00,000,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Director.lnk
[2009/03/24 20:14:18 | 00,000,144 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Application Data\fusioncache.dat
< End of report >
Here is the OTList "Extras.Txt"
OTListIt Extras logfile created on: 4/22/2009 8:54:35 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Owner.YOUR-C980545849\Local Settings\Temporary Internet Files\Content.IE5\GKOGJFVI
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.44 Gb Available Physical Memory | 72.10% Memory free
3.85 Gb Paging File | 3.33 Gb Available in Paging File | 86.70% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.72 Gb Total Space | 164.20 Gb Free Space | 71.79% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 4.14 Gb Total Space | 1.20 Gb Free Space | 28.95% Space Free | Partition Type: FAT32
Drive I: | 625.47 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.47 Gb Total Space | 7.43 Gb Free Space | 99.40% Space Free | Partition Type: FAT32
Computer Name: YOUR-C980545849
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2005/05/28 21:52:02 | 00,605,184 | ---- | M] () -- C:\Program Files\Astral\astral.exe:*:Disabled:astral
[2005/10/10 11:43:44 | 09,437,184 | ---- | M] (Bioware Corp.) -- C:\NeverwinterNights\NWN\nwmain.exe:*:Enabled:Neverwinter Nights
[2006/11/03 03:17:27 | 00,010,800 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
[2008/10/21 13:09:59 | 00,050,472 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
[2009/03/25 17:08:13 | 03,794,528 | ---- | M] (Blizzard Entertainment) -- C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher
[2009/03/25 17:08:13 | 02,172,400 | ---- | M] (Blizzard Entertainment) -- C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
[2005/05/10 15:55:30 | 02,473,984 | ---- | M] (Bioware Corp.) -- C:\NeverwinterNights\NWN\nwserver.exe:*:Enabled:Neverwinter Nights Server
[2001/06/08 17:52:22 | 07,831,598 | ---- | M] (BioWare Corp.) -- C:\Program Files\Black Isle\BGII - SoA\BGMain.exe:*:Enabled:Baldur's Gate II - Shadows of Amn - Throne of Bhaal
[2008/04/13 20:12:17 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper
[2006/10/27 15:16:48 | 12,813,096 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014585C8-7557-11D4-9ABA-006067325E47}" = Baldur's Gate II - Shadows of Amn Bonus CD
"{02408B4B-35AB-6F27-F09F-AB755604F18A}" = CCC Help Norwegian
"{03303AE9-B8E3-8736-6760-7AC5E5F28411}" = Catalyst Control Center Graphics Full Existing
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0816BEDF-7156-86ED-73A7-51E3A6F9618C}" = Catalyst Control Center Localization Portuguese
"{14088A3C-96E9-0326-1E31-40B599739D5D}" = Catalyst Control Center Localization Danish
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{18AEAA52-353E-1FBA-49A7-8A7846B756FC}" = CCC Help Portuguese
"{18E63856-66DB-ABD3-4537-F02A93DDDAF2}" = CCC Help French
"{1C496937-CF1D-250E-4982-8ECFA1AF040E}" = Catalyst Control Center Localization Dutch
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{204A052D-43C1-64BD-888D-17BD668AD6F3}" = Catalyst Control Center Graphics Light
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 13
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2F71F2BA-B513-4113-969C-18A84D238E27}" = 1310
"{3083F455-68C6-8830-4207-16CDB73D704D}" = CCC Help Polish
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3C273231-7C97-FF28-1FD0-126CAE0F60C1}" = Catalyst Control Center Localization Turkish
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4228D0C1-068F-09AA-CF06-F3D41C086E60}" = CCC Help Russian
"{433BF933-81D6-4646-A318-3DE5DB6108F2}" = Icewind Dale - Heart of Winter
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{46272908-CB74-55D6-015C-56FC9E696943}" = Catalyst Control Center Localization Thai
"{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader
"{4CA5A832-3CE1-E0F4-09CB-74B8D78AACAB}" = CCC Help Thai
"{4FBAE95B-8FAA-7A43-1D4B-7FA1140F04A4}" = CCC Help Spanish
"{532972DC-7450-C767-0CAB-DEEADC042C97}" = CCC Help Korean
"{588C135F-0B15-4A02-8F2D-04697BE2904E}" = Icewind Dale II
"{595D0DE8-C38A-4432-B851-47DECC1A99BD}" = HP Unload DLL Patch
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{5CBE8BF9-E386-144E-2275-A0571CD4AB3E}" = CCC Help Chinese Standard
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D6609E8-5A6C-58C9-B99D-99019F42D4FF}" = CCC Help Czech
"{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}" = Multimedia Keyboard Driver
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{77604F22-C6C4-6FCD-9C0F-0D5D4363D0EB}" = Catalyst Control Center Localization Hungarian
"{79A9EE33-3F8E-F03B-127E-DE3AA6E1A045}" = CCC Help Finnish
"{7A5A52BA-CB57-787B-10DD-1F717D9FCEFD}" = CCC Help Italian
"{80413011-029C-4D6B-B3AD-725DDE60B81C}" = 1310Trb
"{82841135-112D-2587-98F1-532FCEA99A4C}" = CCC Help Greek
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8B3700A3-3A38-900D-2192-D1E9E7999F68}" = Catalyst Control Center Localization Finnish
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EEF2D6F-509A-0F8E-647A-0EECE541E55F}" = Catalyst Control Center Localization Czech
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{965D29F4-902C-8211-5302-840FD87F7DF2}" = Catalyst Control Center Localization Greek
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{98764FC3-87A6-1EB3-E0CB-B84F73B780DB}" = CCC Help German
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2AF890-B0CD-43DC-85F6-AA0B51024DFF}" = ATI MCE Transcode
"{9B741240-EF62-154B-1997-60B506449417}" = Catalyst Control Center Localization Chinese Traditional
"{9B9A6B96-6970-9ED6-0675-E060EFE658E0}" = Catalyst Control Center Localization Polish
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{ADB13867-C822-EEA4-1D00-9B5E0399612D}" = Catalyst Control Center Core Implementation
"{AE3890B6-877C-B8B2-D4A7-BD3D61EBF803}" = CCC Help Japanese
"{AFA31743-20A2-7D27-2987-681F91D6E85F}" = Catalyst Control Center Localization Korean
"{B01EAEB2-ECC8-1DFC-65D0-3127B10AE7C7}" = ccc-core-preinstall
"{B18EC160-29FA-2B04-BBCD-2917956EEFC8}" = Catalyst Control Center Graphics Full New
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B57CA8AB-9461-1386-54D0-1F2D211C9F3F}" = CCC Help Hungarian
"{B7A13295-43A4-D0EF-8EF5-1874FEF4AFD6}" = Catalyst Control Center Localization French
"{B8C3B479-1716-11D5-968A-0050BA84F5F7}" = Baldur's Gate II - Throne of Bhaal
"{BC550D51-807D-EF68-AE54-0ABBF943A653}" = Catalyst Control Center Localization Swedish
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BE621D1B-141E-9BAB-0670-285633BC0050}" = Skins
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C1583439-B034-4881-819C-D52A0587662B}" = Neverwinter Nights
"{C3831B1E-8822-8E53-9911-2A6950E3CA8F}" = Catalyst Control Center Localization Russian
"{C68CA5F3-3762-5097-E198-EC308508C643}" = CCC Help English
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0E24994-42AB-32B3-89D6-B487B42B5340}" = Catalyst Control Center Localization Norwegian
"{D6F4EF5E-5792-4ECA-D024-5763335B16F1}" = CCC Help Danish
"{DE33B0D5-6781-1477-A825-015B189CDA48}" = ccc-core-static
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E21658D0-8C83-4ADD-937B-6ED07F335ABA}" = 1310Tour
"{E58BD749-ACFE-9342-E158-4527CFB0F32F}" = Catalyst Control Center Graphics Previews Common
"{E90BEB5B-CFA0-418E-9ABB-4C4A7B0D9483}" = 1310_Help
"{EB109037-3C5D-D11E-ADD1-8C96585315F1}" = Catalyst Control Center Localization Chinese Standard
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{ECEE477B-6FDC-B62A-2782-ED13DD44A466}" = Catalyst Control Center Localization Spanish
"{EFC9FED9-A930-0573-4537-CF4CF52F41EC}" = Catalyst Control Center Localization Italian
"{F0A81C0F-F842-98B9-9E92-E519E101A6A6}" = CCC Help Turkish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1D0DD2C-CDF8-CF48-2C05-CE209511A683}" = CCC Help Dutch
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F448EFBD-E9B5-1025-887D-C5A79BA7CF17}" = Catalyst Control Center Localization German
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{F66E79DF-A079-9881-4C3E-FE74B1B538E9}" = CCC Help Swedish
"{F8B226E7-3DDF-2F6C-08D9-ADE9D2CFF0D7}" = ccc-utility
"{FB6ED2DF-E2FD-8FD9-C7D2-9287C904A545}" = CCC Help Chinese Traditional
"{FC7EFC9F-61C8-A9AE-2DA6-DBBF188DE386}" = Catalyst Control Center Localization Japanese
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"AIM_6" = AIM 6
"All ATI Software" = ATI - Software Uninstall Utility
"AT" = Astral Tournament 1.7
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"CDisplay_is1" = CDisplay 1.8
"CoH" = City of Villains/City of Heroes (remove only)
"Dark Age of Camelot - Epic Edition_is1" = Dark Age of Camelot - Epic Edition
"Dark Age of Camelot - Labyrinth of the Minotaur_is1" = Dark Age of Camelot - Labyrinth of the Minotaur
"HijackThis" = HijackThis 2.0.2
"HP Photo & Imaging" = HP Image Zone 4.2
"Icewind Dale" = Icewind Dale
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875}" = Digital Media Reader
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Neverwinter Nights Kingmaker" = BioWare Premium Module: Neverwinter Nights Kingmaker
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"PROR" = Microsoft Office Professional 2007
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"The Darkest Day" = The Darkest Day (remove and restore BG2)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 4/10/2009 2:48:57 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/10/2009 2:50:05 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/10/2009 10:52:16 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/10/2009 10:55:44 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/10/2009 10:56:26 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/10/2009 10:58:43 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/10/2009 11:01:50 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/11/2009 8:05:10 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16791, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/12/2009 8:54:03 AM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 4/12/2009 6:14:10 PM | Computer Name = YOUR-C980545849 | Source = Application Hang | ID = 1002
Description = Hanging application BGMain.exe, version 2.5.0.2, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 4/2/2009 6:13:43 AM | Computer Name = YOUR-C980545849 | Source = Service Control Manager | ID = 7031
Description = The COM+ System Application service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 1000 milliseconds:
Restart the service.
< End of report >