Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Keylogger (?)

Started by clavarnway , Sep 04 2009 10:50 AM

  • Please log in to reply

#1
clavarnway
Posted 04 September 2009 - 10:50 AM

clavarnway

    New Member

  • Member
  • Pip
  • 1 posts
I recently quit World of Warcraft, and towards the end somebody stole my account information somehow, and it's been an ongoing problem ever since. I've done virus/spyware scans but found nothing. Now they've stolen my email accounts (no they were not the same password, I changed them all when the WoW account was stolen), though I've temporarily got them back. Basically I guess I have a keylogger, and I need help getting rid of it.

OTL Log:

OTL logfile created on: 9/4/2009 10:01:45 AM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Craig\Downloads
64bit-Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 55.15% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.17 Gb Total Space | 468.56 Gb Free Space | 78.60% Space Free | Partition Type: NTFS
Drive D: | 7.45 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 149.01 Gb Total Space | 8.06 Gb Free Space | 5.41% Space Free | Partition Type: FAT32
Drive F: | 931.28 Gb Total Space | 564.75 Gb Free Space | 60.64% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CRAIG-PC
Current User Name: Craig
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/08/17 08:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/17 09:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/07/06 10:49:27 | 01,029,456 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/06/11 09:29:04 | 01,217,784 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2007/06/27 19:03:40 | 00,152,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2009/05/26 21:06:32 | 04,351,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2009/08/17 09:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/08/17 09:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/08/17 09:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007/06/27 19:04:00 | 01,213,736 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2008/06/11 22:43:26 | 00,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2009/01/29 15:11:32 | 00,052,392 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009/07/06 10:49:27 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/08/31 18:43:12 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/05/08 15:14:26 | 00,270,128 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2009/09/04 09:57:03 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Craig\Downloads\OTL.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/04/28 19:07:44 | 00,203,264 | ---- | M] () -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility [Auto | Running])
SRV:64bit: - [2008/01/20 19:49:41 | 00,195,584 | ---- | M] () -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt [On_Demand | Stopped])
SRV:64bit: - [2009/08/17 08:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV:64bit: - [2009/08/17 09:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV:64bit: - [2009/08/17 09:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV:64bit: - [2009/08/17 09:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV:64bit: - [2008/01/20 19:50:17 | 00,598,016 | ---- | M] () -- C:\Windows\SysNative\cscsvc.dll -- (CscService [Auto | Running])
SRV:64bit: - [2008/01/20 19:46:16 | 00,689,152 | ---- | M] () -- C:\Windows\SysNative\fxssvc.exe -- (Fax [On_Demand | Stopped])
SRV:64bit: - [2009/05/25 03:26:42 | 01,038,088 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64 [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 19:50:33 | 00,252,928 | ---- | M] () -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 19:45:43 | 01,147,904 | ---- | M] () -- C:\Windows\SysNative\wbengine.exe -- (wbengine [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 19:45:48 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV:64bit: - [2008/01/20 19:50:34 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2008/07/27 11:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/27 11:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2009/05/25 03:24:36 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/06/19 18:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/06/19 18:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService [Auto | Running])
SRV - [2006/11/02 02:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Stopped])
SRV - [2009/07/06 10:49:27 | 01,029,456 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2006/11/02 06:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2008/01/20 19:46:46 | 00,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/08/31 18:43:12 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Running])
SRV - [2006/11/01 23:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006/11/01 23:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2008/06/27 07:51:10 | 00,088,632 | ---- | M] () -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs [Auto | Running])
DRV:64bit: - [2009/08/17 09:05:43 | 00,022,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV:64bit: - [2009/08/17 09:05:31 | 00,065,616 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
DRV:64bit: - [2009/08/17 09:04:32 | 00,027,216 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr [System | Running])
DRV:64bit: - [2009/08/17 09:06:05 | 00,089,680 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP [System | Running])
DRV:64bit: - [2009/08/17 09:04:43 | 00,058,448 | ---- | M] () -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV:64bit: - [2009/04/23 22:43:18 | 00,110,904 | ---- | M] () -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService [On_Demand | Running])
DRV:64bit: - [2009/04/28 20:32:10 | 05,357,056 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV:64bit: - [2008/01/20 19:50:17 | 00,460,800 | ---- | M] () -- C:\Windows\SysNative\drivers\csc.sys -- (CSC [System | Running])
DRV:64bit: - [2009/02/17 10:11:25 | 00,031,400 | ---- | M] () -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running])
DRV:64bit: - [2006/11/01 22:28:10 | 00,273,920 | ---- | M] () -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
DRV:64bit: - [2009/05/20 06:02:32 | 00,057,856 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys -- (L1E [On_Demand | Running])
DRV:64bit: - [2009/06/20 10:49:01 | 00,068,640 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV:64bit: - [2006/11/01 16:23:00 | 00,015,680 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV:64bit: - [2008/01/20 19:45:19 | 00,098,816 | ---- | M] () -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV:64bit: - [2009/03/02 04:41:47 | 00,036,352 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\VClone.sys -- (VClone [On_Demand | Running])
DRV:64bit: - [2008/01/20 19:45:42 | 00,046,080 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb [On_Demand | Stopped])
DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2008/11/10 01:18:02 | 00,000,000 | ---D | M] -- C:\Windows\CSC -- (CSC [System | Running])
DRV - [2009/02/17 06:33:14 | 00,089,256 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\SysWow64\ElbyCDIO.dll -- (ElbyCDIO [System | Running])
DRV - [2008/11/16 16:11:52 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN\VLC\http -- (HTTP [On_Demand | Running])
DRV - [2006/09/18 14:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2006/09/18 14:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.20.0
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.3
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:1.6
FF - prefs.js..extensions.enabledItems: {9A752782-D706-479b-98F8-3F66BF921692}:5.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.8.8
FF - prefs.js..extensions.enabledItems: {1dbc4a33-ea62-4330-966c-7bdad3455322}:1.0.6.6
FF - prefs.js..extensions.enabledItems: {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}:2.0.4
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090414
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 03:01:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/03 13:41:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/09/03 13:41:08 | 00,000,000 | ---D | M]

[2008/11/09 10:00:22 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Extensions
[2008/11/09 10:00:22 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/04 09:53:54 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions
[2009/07/28 23:46:52 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/08/23 20:03:51 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}
[2009/06/14 21:54:35 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322}
[2009/06/25 12:20:45 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/03/24 08:53:03 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2009/09/03 12:56:36 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/07/21 15:40:46 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2009/08/23 20:03:51 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{9A752782-D706-479b-98F8-3F66BF921692}
[2009/07/21 15:45:27 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/07/21 15:54:22 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2009/08/12 14:15:57 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/11/09 13:12:32 | 00,000,000 | ---D | M] -- C:\Users\Craig\AppData\Roaming\mozilla\Firefox\Profiles\z9bj9rvf.default\extensions\temp
[2009/09/02 09:00:55 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/08/04 16:17:58 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/12/12 14:50:01 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/11 11:13:55 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/09/02 09:00:55 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/08/04 16:17:54 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/08/04 16:17:54 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009/08/04 16:17:56 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2009/07/19 09:33:14 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2009/07/19 09:33:14 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2009/07/19 09:33:15 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2009/07/19 09:33:15 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2009/07/19 09:33:15 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2009/07/19 09:33:15 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2009/07/19 09:33:15 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2009/08/04 16:17:56 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/04 16:17:56 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2009/08/04 16:17:56 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/04 16:17:56 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2009/08/04 16:17:57 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009/08/04 16:17:57 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/04 16:17:57 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (1225 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\Skytel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/11/12 15:22:16 | 00,000,000 | ---D | M] - E:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2005/11/15 12:08:04 | 00,000,036 | -H-- | M] () - E:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/02/05 01:14:14 | 00,000,000 | ---D | M] - F:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2007/08/20 21:55:06 | 00,000,070 | RH-- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{9a84de49-e40f-11dd-a9ee-002215f1818d}\Shell\AutoRun\command - "" = F:\wd_windows_tools\WDEULA.exe -- [2007/08/20 22:10:40 | 01,695,580 | ---- | M] (Western Digital )
O33 - MountPoints2\{b9058b7c-4924-11de-9815-002215f1818d}\Shell - "" = AutoRun
O33 - MountPoints2\{b9058b7c-4924-11de-9815-002215f1818d}\Shell\AutoRun\command - "" = G:\FalloutLauncher.exe -- File not found
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\wd_windows_tools\WDEULA.exe -- [2007/08/20 22:10:40 | 01,695,580 | ---- | M] (Western Digital )
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found

========== Files/Folders - Created Within 90 Days ==========

[2009/09/04 09:39:41 | 00,001,928 | ---- | C] () -- C:\Users\Craig\Desktop\HijackThis.lnk
[2009/09/04 09:39:41 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/09/03 13:37:39 | 00,000,000 | ---D | C] -- C:\Users\Craig\AppData\Roaming\Real
[2009/09/03 13:37:39 | 00,000,000 | ---D | C] -- C:\ProgramData\Real
[2009/09/02 14:08:04 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2009/09/02 14:08:04 | 00,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2009/09/02 14:08:04 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2009/09/02 14:08:03 | 04,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2009/09/01 21:52:48 | 01,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll
[2009/09/01 21:52:48 | 00,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll
[2009/09/01 21:52:47 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kerberos.dll
[2009/09/01 21:52:47 | 00,338,944 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2009/09/01 21:52:47 | 00,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll
[2009/09/01 21:52:47 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/09/01 21:52:47 | 00,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll
[2009/09/01 21:52:47 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdigest.dll
[2009/09/01 21:52:46 | 00,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys
[2009/09/01 21:52:46 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schannel.dll
[2009/09/01 21:52:46 | 00,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll
[2009/09/01 21:52:46 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secur32.dll
[2009/09/01 21:52:46 | 00,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe
[2009/09/01 15:40:22 | 00,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/09/01 15:39:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2009/09/01 15:39:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Real
[2009/09/01 15:35:55 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Real Alternative
[2009/09/01 15:33:23 | 18,015,723 | ---- | C] () -- C:\Users\Craig\Desktop\vlc-1.0.1-win32.exe
[2009/09/01 15:25:52 | 00,002,305 | ---- | C] () -- C:\Users\Craig\Desktop\QuickTime Player.lnk
[2009/08/31 13:27:19 | 00,000,000 | ---D | C] -- C:\Users\Craig\Desktop\Final Fantasy III
[2009/08/31 13:26:57 | 00,000,000 | ---D | C] -- C:\Users\Craig\Desktop\zsnesw151
[2009/08/29 09:39:06 | 00,000,000 | ---D | C] -- C:\Users\Craig\AppData\Local\Yahoo
[2009/08/29 09:23:32 | 00,000,994 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2009/08/29 09:23:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2009/08/29 09:23:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2009/08/27 03:00:40 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzres.dll
[2009/08/27 03:00:40 | 00,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2009/08/26 22:37:55 | 00,001,792 | ---- | C] () -- C:\Users\Craig\Desktop\Team Fortress 2.lnk
[2009/08/26 09:02:04 | 04,691,032 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2009/08/24 10:38:39 | 00,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2009/08/21 12:39:12 | 09,768,792 | ---- | C] () -- C:\Users\Craig\Desktop\deansroom.wmv
[2009/08/19 11:30:29 | 00,000,790 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2009/08/19 11:30:29 | 00,000,000 | ---D | C] -- C:\Users\Craig\AppData\Roaming\mIRC
[2009/08/19 11:30:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2009/08/13 07:24:37 | 02,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll
[2009/08/13 07:24:36 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2009/08/13 07:24:33 | 00,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll
[2009/08/13 07:24:33 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl.dll
[2009/08/13 07:24:32 | 00,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll
[2009/08/13 07:24:31 | 00,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll
[2009/08/13 07:24:30 | 00,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll
[2009/08/13 07:24:30 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2009/08/13 07:24:30 | 00,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll
[2009/08/13 07:24:27 | 13,426,176 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2009/08/13 07:24:24 | 10,624,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009/08/13 07:24:24 | 00,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll
[2009/08/13 07:24:23 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2009/08/13 07:24:23 | 00,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll
[2009/08/13 07:24:23 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2009/08/13 07:24:22 | 08,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2009/08/13 07:24:22 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009/08/13 07:24:22 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2009/08/13 07:24:22 | 00,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb
[2009/08/13 07:24:22 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2009/08/13 07:24:22 | 00,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb
[2009/08/13 07:24:22 | 00,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx
[2009/08/13 07:24:22 | 00,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll
[2009/08/13 07:24:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2009/08/13 07:24:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2009/08/09 15:08:05 | 00,000,000 | ---D | C] -- C:\Users\Craig\Documents\AIMLogger
[2009/08/08 10:18:33 | 00,000,000 | ---D | C] -- C:\Users\Craig\AppData\Roaming\acccore
[2009/08/08 10:17:12 | 00,000,000 | ---D | C] -- C:\Users\Craig\AppData\Local\AOL OCP
[2009/08/08 10:17:11 | 00,000,000 | ---D | C] -- C:\Users\Craig\AppData\Local\AOL
[2009/08/08 10:17:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
[2009/08/08 10:16:59 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2009/08/08 10:16:59 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL
[2009/08/08 10:16:41 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2009/08/08 10:16:19 | 00,000,365 | -H-- | C] () -- C:\IPH.PH
[2009/08/08 09:19:50 | 00,002,042 | ---- | C] () -- C:\Users\Public\Desktop\MagicOnline III.lnk
[2009/08/08 09:19:36 | 00,000,000 | ---D | C] -- C:\Temp
[2009/08/08 09:17:41 | 00,000,000 | ---D | C] -- C:\Users\Craig\AppData\Roaming\Wizards of the Coast
[2009/08/08 09:17:22 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Wizards of the Coast
[2009/08/08 09:17:12 | 00,000,000 | ---D | C] -- C:\Users\Craig\AppData\Roaming\InstallShield
[2009/08/05 19:00:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2009/07/28 11:37:22 | 05,685,248 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2009/07/28 11:37:20 | 07,005,184 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2009/07/28 11:37:19 | 03,583,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/07/28 11:37:19 | 00,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2009/07/28 11:37:19 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/07/28 11:37:18 | 06,069,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/07/28 11:37:17 | 01,418,752 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2009/07/28 11:37:17 | 01,014,272 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2009/07/28 11:37:16 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/07/28 11:37:15 | 00,827,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/07/28 11:37:15 | 00,580,608 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2009/07/28 11:37:15 | 00,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2009/07/28 11:37:15 | 00,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2009/07/28 11:37:15 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/07/28 11:37:14 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/07/28 11:37:14 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/07/28 11:37:14 | 00,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2009/07/28 11:37:14 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2009/07/28 11:37:13 | 01,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2009/07/28 11:37:13 | 00,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2009/07/28 11:37:13 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2009/07/28 11:37:13 | 00,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2009/07/28 11:37:13 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2009/07/28 11:37:13 | 00,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2009/07/28 11:37:13 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/07/28 11:37:12 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2009/07/28 11:37:11 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/07/28 11:37:11 | 01,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2009/07/28 11:37:11 | 00,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2009/07/28 11:37:11 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/07/21 15:54:34 | 00,000,000 | ---D | C] -- C:\Users\Craig\Documents\Youtube Videos
[2009/07/19 09:33:03 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2009/07/19 09:33:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/07/14 17:17:04 | 15,308,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xlive.dll
[2009/07/14 17:17:04 | 13,642,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xlivefnt.dll
[2009/07/14 17:15:00 | 00,178,432 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 13:49:31 | 00,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2009/07/14 13:49:31 | 00,189,440 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll
[2009/07/14 13:49:31 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2009/07/14 13:49:31 | 00,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll
[2009/07/14 13:49:31 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2009/07/14 13:49:30 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2009/07/14 13:49:30 | 00,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2009/07/14 13:49:30 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll
[2009/07/14 13:25:03 | 00,000,000 | ---D | C] -- C:\Users\Craig\Documents\Red Kawa
[2009/07/14 13:25:03 | 00,000,000 | ---D | C] -- C:\Users\Craig\AppData\Roaming\Red Kawa
[2009/07/14 13:15:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2009/07/14 13:15:25 | 00,002,057 | ---- | C] () -- C:\Users\Public\Desktop\Videora LG enV Touch Converter.lnk
[2009/07/14 13:15:25 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Red Kawa
[2009/07/13 15:44:08 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/06/26 16:55:17 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/06/25 21:04:37 | 00,000,000 | ---D | C] -- C:\Users\Craig\Documents\Story.Of.Ricky.1992.PAL.DVDR-DELUZE
[2009/06/25 21:01:08 | 00,000,000 | ---D | C] -- C:\Users\Craig\Documents\Riki-Oh
[2009/06/20 12:10:50 | 00,015,688 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2009/06/20 10:49:12 | 00,000,496 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/06/20 10:49:08 | 00,068,640 | ---- | C] () -- C:\Windows\SysNative\drivers\Lbd.sys
[2009/06/20 10:49:08 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2009/06/20 10:46:40 | 00,000,000 | -H-D | C] -- C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/06/20 10:46:39 | 00,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2009/06/20 10:46:36 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/06/20 10:46:36 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2009/06/20 10:23:19 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2009/06/20 10:23:18 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2009/06/20 10:10:36 | 00,049,160 | ---- | C] () -- C:\Windows\SysNative\infocardcpl.cpl
[2009/06/20 10:10:36 | 00,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2009/06/20 10:10:33 | 00,011,264 | ---- | C] () -- C:\Windows\SysNative\icardres.dll
[2009/06/20 10:10:32 | 00,052,760 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll
[2009/06/20 10:10:32 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2009/06/20 10:10:31 | 00,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2009/06/20 10:10:31 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2009/06/20 10:10:30 | 01,168,928 | ---- | C] () -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2009/06/20 10:10:30 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2009/06/20 10:10:30 | 00,167,432 | ---- | C] () -- C:\Windows\SysNative\infocardapi.dll
[2009/06/20 10:10:30 | 00,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2009/06/20 10:10:29 | 01,383,936 | ---- | C] () -- C:\Windows\SysNative\icardagt.exe
[2009/06/20 10:10:21 | 00,126,520 | ---- | C] () -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2009/06/20 10:10:21 | 00,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2009/06/20 10:10:18 | 00,357,904 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe
[2009/06/20 10:10:18 | 00,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2009/06/20 10:04:25 | 00,013,824 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll
[2009/06/20 10:04:24 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2009/06/20 10:04:09 | 00,112,120 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll
[2009/06/20 10:04:09 | 00,096,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2009/06/20 10:03:56 | 00,406,528 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll
[2009/06/20 10:03:56 | 00,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscoree.dll
[2009/06/20 10:03:47 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2009/06/20 10:03:47 | 00,158,208 | ---- | C] () -- C:\Windows\SysNative\mscorier.dll
[2009/06/20 10:03:45 | 00,076,288 | ---- | C] () -- C:\Windows\SysNative\mscories.dll
[2009/06/20 10:03:44 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2009/06/10 13:28:00 | 00,791,552 | ---- | C] () -- C:\Windows\SysNative\localspl.dll
[2009/06/10 13:28:00 | 00,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2009/06/10 13:27:57 | 01,280,512 | ---- | C] () -- C:\Windows\SysNative\rpcrt4.dll
[2009/06/10 13:27:57 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpcrt4.dll
[2009/06/10 13:27:55 | 02,742,272 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2009/01/25 15:10:42 | 00,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009/01/25 15:10:41 | 02,330,643 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2009/01/25 15:10:41 | 00,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/01/25 15:10:41 | 00,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/01/25 15:10:40 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009/01/25 15:10:40 | 00,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/01/25 15:10:40 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008/11/09 16:28:28 | 00,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2008/11/09 09:30:40 | 00,026,333 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/01/20 19:48:25 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 19:48:07 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/12/28 00:22:02 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2006/11/02 05:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 05:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini

========== Files - Modified Within 90 Days ==========

[2009/09/04 09:39:41 | 00,001,928 | ---- | M] () -- C:\Users\Craig\Desktop\HijackThis.lnk
[2009/09/04 09:09:22 | 00,001,460 | ---- | M] () -- C:\Users\Craig\AppData\Local\d3d9caps64.dat
[2009/09/04 09:04:03 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/09/03 23:21:48 | 00,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/09/03 23:21:48 | 00,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/09/03 15:44:32 | 00,246,272 | ---- | M] () -- C:\Users\Craig\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/03 13:21:51 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/09/03 11:08:15 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C16CCC25-79BF-4E08-A376-CC29450314D2}.job
[2009/09/01 15:40:22 | 00,000,025 | ---- | M] () -- C:\Windows\cdplayer.ini
[2009/09/01 15:34:06 | 18,015,723 | ---- | M] () -- C:\Users\Craig\Desktop\vlc-1.0.1-win32.exe
[2009/09/01 15:26:10 | 00,002,305 | ---- | M] () -- C:\Users\Craig\Desktop\QuickTime Player.lnk
[2009/08/31 10:49:11 | 00,000,496 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/08/29 09:23:32 | 00,000,994 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2009/08/28 13:47:09 | 00,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2009/08/28 05:51:05 | 00,032,256 | ---- | M] () -- C:\Windows\SysNative\Apphlpdm.dll
[2009/08/28 05:39:07 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2009/08/28 03:39:32 | 04,240,384 | ---- | M] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2009/08/28 03:15:30 | 04,240,384 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2009/08/26 22:37:55 | 00,001,792 | ---- | M] () -- C:\Users\Craig\Desktop\Team Fortress 2.lnk
[2009/08/19 11:30:29 | 00,000,790 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2009/08/17 09:10:20 | 01,279,456 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\aswBoot.exe
[2009/08/17 09:06:05 | 00,089,680 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys
[2009/08/17 09:05:43 | 00,022,096 | ---- | M] () -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2009/08/17 09:05:31 | 00,065,616 | ---- | M] () -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2009/08/17 09:04:43 | 00,058,448 | ---- | M] () -- C:\Windows\SysNative\drivers\aswTdi.sys
[2009/08/17 09:04:32 | 00,027,216 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRdr.sys
[2009/08/17 09:02:50 | 00,097,480 | ---- | M] () -- C:\Windows\SysNative\AvastSS.scr
[2009/08/08 10:17:12 | 00,000,365 | -H-- | M] () -- C:\IPH.PH
[2009/08/08 09:19:50 | 00,002,042 | ---- | M] () -- C:\Users\Public\Desktop\MagicOnline III.lnk
[2009/07/29 18:20:46 | 26,162,632 | ---- | M] () -- C:\Windows\SysNative\mrt.exe
[2009/07/25 05:23:07 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/07/25 05:23:07 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/07/25 05:23:05 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/07/25 05:23:00 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/07/21 15:40:30 | 00,001,778 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/07/21 08:52:38 | 04,691,032 | ---- | M] () -- C:\Windows\SysNative\ntoskrnl.exe
[2009/07/18 09:06:20 | 00,827,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/07/18 09:06:05 | 01,166,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/07/18 09:04:41 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/07/18 09:03:16 | 00,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2009/07/18 09:02:53 | 03,583,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/07/18 09:02:50 | 00,458,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/07/18 09:02:05 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/07/18 09:01:49 | 06,069,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/07/18 09:01:49 | 00,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/07/18 09:01:48 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/07/18 09:01:48 | 00,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2009/07/18 09:01:48 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2009/07/18 05:37:53 | 01,014,272 | ---- | M] () -- C:\Windows\SysNative\wininet.dll
[2009/07/18 05:37:34 | 01,418,752 | ---- | M] () -- C:\Windows\SysNative\urlmon.dll
[2009/07/18 05:36:20 | 00,208,896 | ---- | M] () -- C:\Windows\SysNative\occache.dll
[2009/07/18 05:35:04 | 01,129,984 | ---- | M] () -- C:\Windows\SysNative\mstime.dll
[2009/07/18 05:34:45 | 05,685,248 | ---- | M] () -- C:\Windows\SysNative\mshtml.dll
[2009/07/18 05:34:44 | 00,580,608 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll
[2009/07/18 05:34:02 | 00,032,256 | ---- | M] () -- C:\Windows\SysNative\jsproxy.dll
[2009/07/18 05:33:47 | 07,005,184 | ---- | M] () -- C:\Windows\SysNative\ieframe.dll
[2009/07/18 05:33:47 | 00,375,296 | ---- | M] () -- C:\Windows\SysNative\iertutil.dll
[2009/07/18 05:33:46 | 00,480,256 | ---- | M] () -- C:\Windows\SysNative\iedkcs32.dll
[2009/07/18 05:33:46 | 00,086,528 | ---- | M] () -- C:\Windows\SysNative\ieencode.dll
[2009/07/18 05:33:45 | 00,267,776 | ---- | M] () -- C:\Windows\SysNative\ieaksie.dll
[2009/07/18 03:59:41 | 00,485,376 | ---- | M] () -- C:\Windows\SysNative\html.iec
[2009/07/18 03:22:19 | 00,032,768 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe
[2009/07/18 03:21:30 | 01,383,424 | ---- | M] () -- C:\Windows\SysNative\mshtml.tlb
[2009/07/18 03:16:01 | 00,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2009/07/18 02:46:14 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/07/18 02:45:19 | 01,383,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/07/17 08:00:43 | 00,088,576 | ---- | M] () -- C:\Windows\SysNative\atl.dll
[2009/07/17 07:35:11 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\atl.dll
[2009/07/15 10:51:31 | 02,987,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/07/14 17:17:04 | 15,308,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xlive.dll
[2009/07/14 17:17:04 | 13,642,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xlivefnt.dll
[2009/07/14 17:15:00 | 00,178,432 | ---- | M] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 13:15:25 | 00,002,057 | ---- | M] () -- C:\Users\Public\Desktop\Videora LG enV Touch Converter.lnk
[2009/07/14 11:28:24 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/07/14 11:28:24 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/07/14 11:28:24 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/07/14 06:21:42 | 13,426,176 | ---- | M] () -- C:\Windows\SysNative\wmp.dll
[2009/07/14 06:21:42 | 00,368,128 | ---- | M] () -- C:\Windows\SysNative\wmpdxm.dll
[2009/07/14 06:20:51 | 00,005,120 | ---- | M] () -- C:\Windows\SysNative\msdxm.ocx
[2009/07/14 06:20:51 | 00,005,120 | ---- | M] () -- C:\Windows\SysNative\dxmasf.dll
[2009/07/14 06:20:06 | 00,009,216 | ---- | M] () -- C:\Windows\SysNative\spwmp.dll
[2009/07/14 06:00:17 | 00,313,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2009/07/14 06:00:16 | 10,624,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009/07/14 05:59:28 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2009/07/14 05:59:28 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2009/07/14 05:58:44 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2009/07/14 04:31:58 | 08,147,968 | ---- | M] () -- C:\Windows\SysNative\wmploc.DLL
[2009/07/14 03:59:56 | 08,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009/07/14 01:33:07 | 00,043,520 | ---- | M] () -- C:\Windows\SysNative\msdxm.tlb
[2009/07/14 01:33:07 | 00,018,432 | ---- | M] () -- C:\Windows\SysNative\amcompat.tlb
[2009/07/14 01:30:48 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2009/07/14 01:30:48 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2009/07/13 15:44:08 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/06/22 03:41:35 | 00,002,048 | ---- | M] () -- C:\Windows\SysNative\tzres.dll
[2009/06/22 03:22:01 | 00,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tzres.dll
[2009/06/20 10:49:01 | 00,068,640 | ---- | M] () -- C:\Windows\SysNative\drivers\Lbd.sys
[2009/06/20 10:48:59 | 00,015,688 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2009/06/20 10:46:39 | 00,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2009/06/20 10:27:07 | 00,104,072 | ---- | M] () -- C:\Users\Craig\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/06/20 09:59:12 | 00,000,219 | ---- | M] () -- C:\Windows\win.ini
[2009/06/15 18:31:37 | 00,515,656 | ---- | M] () -- C:\Windows\SysNative\drivers\ksecdd.sys
[2009/06/15 08:46:54 | 00,205,312 | ---- | M] () -- C:\Windows\SysNative\wdigest.dll
[2009/06/15 08:46:36 | 00,189,440 | ---- | M] () -- C:\Windows\SysNative\t2embed.dll
[2009/06/15 08:46:07 | 00,094,720 | ---- | M] () -- C:\Windows\SysNative\secur32.dll
[2009/06/15 08:46:04 | 00,338,944 | ---- | M] () -- C:\Windows\SysNative\schannel.dll
[2009/06/15 08:45:46 | 01,692,160 | ---- | M] () -- C:\Windows\SysNative\lsasrv.dll
[2009/06/15 08:44:24 | 00,268,800 | ---- | M] () -- C:\Windows\SysNative\msv1_0.dll
[2009/06/15 08:43:24 | 00,656,384 | ---- | M] () -- C:\Windows\SysNative\kerberos.dll
[2009/06/15 08:42:36 | 00,096,256 | ---- | M] () -- C:\Windows\SysNative\fontsub.dll
[2009/06/15 08:41:13 | 00,048,128 | ---- | M] () -- C:\Windows\SysNative\atmlib.dll
[2009/06/15 08:25:02 | 00,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secur32.dll
[2009/06/15 08:24:38 | 00,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wdigest.dll
[2009/06/15 08:24:24 | 00,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2009/06/15 08:24:02 | 00,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\schannel.dll
[2009/06/15 08:22:19 | 00,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/06/15 08:21:07 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\kerberos.dll
[2009/06/15 08:20:27 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2009/06/15 08:20:00 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll
[2009/06/15 06:26:45 | 00,011,264 | ---- | M] () -- C:\Windows\SysNative\lsass.exe
[2009/06/15 06:17:34 | 00,366,080 | ---- | M] () -- C:\Windows\SysNative\atmfd.dll
[2009/06/15 05:52:13 | 00,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2009/06/10 05:25:10 | 00,202,752 | ---- | M] () -- C:\Windows\SysNative\wkssvc.dll
[2009/06/10 05:21:29 | 00,093,184 | ---- | M] () -- C:\Windows\SysNative\mciavi32.dll
[2009/06/10 05:19:08 | 00,108,544 | ---- | M] () -- C:\Windows\SysNative\avifil32.dll
[2009/06/10 05:19:08 | 00,076,800 | ---- | M] () -- C:\Windows\SysNative\avicap32.dll
[2009/06/10 05:07:30 | 00,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
< End of report >

Edited by clavarnway, 04 September 2009 - 11:08 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP