[Closed] Keylogger

I was hacked in a game i was playing and i was wondering how do i check if i have a keylogger?

 

Logfile of random's system information tool 1.04 (written by random/random)
Run by Admin at 2008-11-08 09:18:44
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 21 GB (9%) free of 238 GB
Total RAM: 3582 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:18:47 AM, on 11/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\java.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Admin\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe "
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [w3dr.exe] C:\Program Files\Warcraft III\w3dr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7512 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP "=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"SoundMAX "=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"JMB36X IDE Setup "=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]
"36X Raid Configurer "=C:\WINDOWS\System32\JMRaidSetup.exe [2006-11-16 1953792]
"NvCplDaemon "=C:\WINDOWS\System32\NvCpl.dll [2007-11-06 8523776]
"nwiz "=nwiz.exe /install []
"NvMediaCenter "=C:\WINDOWS\System32\NvMcTray.dll [2007-11-06 81920]
"IntelliPoint "=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 849280]
"egui "=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
"amd_dc_opt "=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2007-07-23 77824]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"w3dr.exe "=C:\Program Files\Warcraft III\w3dr.exe []
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6 "= []
"SpybotSD TeaTimer "=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []
"MSMSGS "=C:\Program Files\Messenger\msmsgs.exe [2004-08-03 1667584]
"DAEMON Tools Lite "=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\AIM6\aim6.exe "= "C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM "
"C:\ijji\ENGLISH\u_gbound.exe "= "C:\ijji\ENGLISH\u_gbound.exe:*:Enabled:<ijji Downloader> "
"C:\ijji\ENGLISH\Gunbound Revolution\GunBound.gme "= "C:\ijji\ENGLISH\Gunbound Revolution\GunBound.gme:*:Enabled:GunBound "
"C:\Documents and Settings\Admin\Desktop\BitTornado\btdownloadgui.exe "= "C:\Documents and Settings\Admin\Desktop\BitTornado\btdownloadgui.exe:*:Enabled:btdownloadgui "
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe "= "C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 "
"C:\Documents and Settings\Admin\Desktop\Warcraft III - Reign of Chaos\Addings & Patches\Addings & Patches\Unofficial\NoCD v1.21a [Loader] [Bronxsy]\Original Files\Warcraft III.exe "= "C:\Documents and Settings\Admin\Desktop\Warcraft III - Reign of Chaos\Addings & Patches\Addings & Patches\Unofficial\NoCD v1.21a [Loader] [Bronxsy]\Original Files\Warcraft III.exe:*:Enabled:Warcraft III "
"C:\Program Files\Warcraft III\Warcraft III.exe "= "C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III "
"C:\Program Files\Warcraft III\War3.exe "= "C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III "
"C:\Documents and Settings\Admin\Desktop\GzBotPro(2)\GzBotPro.exe "= "C:\Documents and Settings\Admin\Desktop\GzBotPro(2)\GzBotPro.exe:*:Enabled:GzBot PRO v2.23 - Cracked "
"C:\Documents and Settings\Admin\Desktop\GzBotPro\GzBotPro.exe "= "C:\Documents and Settings\Admin\Desktop\GzBotPro\GzBotPro.exe:*:Enabled:GzBot PRO v2.23 - Cracked "
"C:\Documents and Settings\Admin\Desktop\GznBotPRO_v2[1].30\GznBotPRO_v2.30\gzbotPRO.exe "= "C:\Documents and Settings\Admin\Desktop\GznBotPRO_v2[1].30\GznBotPRO_v2.30\gzbotPRO.exe:*:Enabled:gzbotPRO "
"C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe "= "C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe:*isabled:Alcohol 120% "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Bonjour\mDNSResponder.exe "= "C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
"C:\Program Files\iTunes\iTunes.exe "= "C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "
"C:\Program Files\uTorrent\uTorrent.exe "= "C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent "
"C:\Program Files\ONWIND\ZU-ONLINE\ZuOnline.exe "= "C:\Program Files\ONWIND\ZU-ONLINE\ZuOnline.exe:*:Enabled:ZuOnline "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a


======List of files/folders created in the last 3 months======

2008-11-08 09:18:19 ----D---- C:\rsit
2008-11-08 08:38:01 ----D---- C:\Program Files\ONWIND
2008-11-02 11:58:38 ----D---- C:\Program Files\uTorrent
2008-11-02 11:58:34 ----D---- C:\Documents and Settings\Admin\Application Data\uTorrent
2008-10-27 18:00:37 ----A---- C:\WINDOWS\hpdj5100.ini
2008-10-24 22:05:15 ----D---- C:\Program Files\Handbrake
2008-10-24 18:59:10 ----D---- C:\Documents and Settings\Admin\Application Data\Red Kawa
2008-10-24 18:42:11 ----D---- C:\Program Files\AviSynth 2.5
2008-10-24 18:42:04 ----D---- C:\Program Files\Red Kawa
2008-10-24 18:32:34 ----RSD---- C:\WINDOWS\assembly
2008-10-24 18:32:19 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-22 18:25:54 ----D---- C:\Documents and Settings\Admin\Application Data\Apple Computer
2008-10-22 18:25:51 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-10-22 18:25:41 ----D---- C:\Program Files\iPod
2008-10-22 18:25:40 ----D---- C:\Program Files\iTunes
2008-10-22 18:25:40 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-22 18:25:09 ----D---- C:\Program Files\QuickTime
2008-10-22 18:25:08 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-10-22 18:24:59 ----D---- C:\Program Files\Apple Software Update
2008-10-22 18:24:56 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-22 18:24:49 ----D---- C:\Program Files\Common Files\Apple
2008-10-22 18:24:49 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-10-18 22:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-18 22:06:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-18 22:06:07 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-18 22:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-18 22:05:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-17 22:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2008-10-17 17:51:43 ----D---- C:\Program Files\GamesCampus
2008-10-17 17:08:49 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-17 17:08:49 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-17 17:08:49 ----A---- C:\WINDOWS\system32\java.exe
2008-09-30 18:21:15 ----D---- C:\WINDOWS\ie7updates
2008-09-30 18:21:05 ----D---- C:\WINDOWS\WBEM
2008-09-30 18:21:05 ----D---- C:\WINDOWS\system32\en-US
2008-09-30 18:20:48 ----HDC---- C:\WINDOWS\ie7
2008-09-30 18:20:41 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-09-30 18:20:22 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-09-30 18:20:00 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-09-30 18:19:59 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-09-30 18:19:23 ----D---- C:\WINDOWS\network diagnostic
2008-09-30 18:19:22 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-09-30 18:19:15 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-09-28 20:32:02 ----D---- C:\Program Files\Alcohol Soft
2008-09-28 20:08:23 ----D---- C:\Program Files\PeerGuardian2
2008-09-25 20:58:55 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-09-21 10:52:23 ----A---- C:\log_gznbot230.txt
2008-09-13 22:18:11 ----D---- C:\WINDOWS\Sun
2008-09-11 21:58:31 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-09-11 21:45:33 ----D---- C:\Program Files\Bonjour
2008-09-11 21:40:17 ----D---- C:\Program Files\Common Files\Macrovision Shared
2008-09-11 21:39:13 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-09-09 22:15:39 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-04 19:05:17 ----D---- C:\Documents and Settings\All Users\Application Data\Linksys
2008-09-04 19:04:37 ----D---- C:\Program Files\Linksys
2008-09-04 19:04:14 ----D---- C:\Program Files\Java
2008-09-04 19:04:13 ----D---- C:\Program Files\Common Files\Java
2008-09-04 19:03:19 ----D---- C:\Documents and Settings\Admin\Application Data\Sun
2008-09-02 21:46:47 ----D---- C:\WINDOWS\Eurobattle.net Installer
2008-09-02 21:46:27 ----A---- C:\WINDOWS\Eurobattle.net Installer Setup Log.txt
2008-08-30 10:46:25 ----D---- C:\Program Files\Trend Micro
2008-08-30 09:38:05 ----A---- C:\WINDOWS\War3Unin.exe
2008-08-30 09:36:10 ----D---- C:\Program Files\Warcraft III
2008-08-29 20:51:15 ----D---- C:\Documents and Settings\Admin\Application Data\Ventrilo
2008-08-29 20:50:27 ----D---- C:\Program Files\Ventrilo
2008-08-29 20:50:14 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-29 09:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-08-29 08:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll
2008-08-21 23:20:21 ----DC---- C:\WINDOWS\$NtUninstallKB941569$
2008-08-21 23:20:06 ----DC---- C:\WINDOWS\$NtUninstallKB929399$
2008-08-21 23:19:52 ----DC---- C:\WINDOWS\$NtUninstallKB939683$
2008-08-21 23:19:34 ----DC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-08-20 21:48:45 ----DC---- C:\WINDOWS\$NtUninstallKB926239$
2008-08-20 21:48:40 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-08-20 21:48:37 ----DC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-08-20 21:48:30 ----D---- C:\Program Files\Windows Media Connect 2
2008-08-20 21:48:26 ----DC---- C:\WINDOWS\$NtUninstallwmp11$
2008-08-20 21:47:58 ----DC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-08-20 21:47:34 ----DC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-08-20 21:47:11 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-08-20 16:01:01 ----D---- C:\Program Files\Perfect World Entertainment
2008-08-20 13:05:40 ----D---- C:\Documents and Settings\Admin\Application Data\GetRightToGo
2008-08-18 21:12:38 ----D---- C:\Program Files\Microsoft Works
2008-08-18 21:12:27 ----D---- C:\Program Files\Microsoft Visual Studio
2008-08-18 21:12:27 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-18 21:11:01 ----D---- C:\WINDOWS\SHELLNEW
2008-08-18 21:10:35 ----D---- C:\Program Files\Microsoft Office
2008-08-18 21:10:35 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-18 21:10:23 ----RHD---- C:\MSOCache
2008-08-18 21:08:05 ----D---- C:\Program Files\DAEMON Tools Lite
2008-08-18 20:21:41 ----D---- C:\Documents and Settings\Admin\Application Data\DAEMON Tools
2008-08-16 12:53:58 ----D---- C:\Program Files\dj5100
2008-08-15 00:44:54 ----D---- C:\Documents and Settings\Admin\Application Data\dvdcss
2008-08-14 14:52:07 ----D---- C:\Documents and Settings\Admin\Application Data\U3
2008-08-14 14:41:55 ----D---- C:\Program Files\VideoLAN
2008-08-14 14:29:26 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-14 14:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-14 14:29:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-14 14:29:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-14 14:28:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-14 14:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-14 14:28:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-14 14:28:34 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-08-14 14:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-08-13 09:12:01 ----D---- C:\WINDOWS\Minidump
2008-08-11 20:05:25 ----D---- C:\Documents and Settings\Admin\Application Data\ImgBurn
2008-08-11 19:39:22 ----D---- C:\Program Files\ImgBurn
2008-08-10 22:03:06 ----D---- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-08-10 20:32:59 ----A---- C:\WINDOWS\system32\Pncrt.dll
2008-08-10 20:32:59 ----A---- C:\WINDOWS\system32\drv43260.dll
2008-08-10 20:32:59 ----A---- C:\WINDOWS\system32\drv33260.dll
2008-08-10 20:32:59 ----A---- C:\WINDOWS\system32\drv23260.dll
2008-08-10 20:18:53 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-08-10 20:18:27 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-08-10 20:18:23 ----D---- C:\Program Files\Common Files\Adobe
2008-08-10 20:18:23 ----D---- C:\Program Files\Adobe
2008-08-10 16:27:39 ----D---- C:\Documents and Settings\Admin\Application Data\Vso
2008-08-10 16:27:39 ----A---- C:\Documents and Settings\Admin\Application Data\inst.exe
2008-08-10 16:27:36 ----D---- C:\Program Files\VSO
2008-08-10 00:34:36 ----D---- C:\Program Files\AMD
2008-08-10 00:05:22 ----D---- C:\Documents and Settings\Admin\Application Data\vlc

 

======List of files/folders modified in the last 3 months======

2008-11-08 09:18:42 ----D---- C:\WINDOWS\Temp
2008-11-08 09:18:25 ----D---- C:\WINDOWS\Prefetch
2008-11-08 08:41:50 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-08 08:38:01 ----RD---- C:\Program Files
2008-11-08 08:38:01 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-07 23:59:13 ----D---- C:\Program Files\Mozilla Firefox
2008-11-07 23:58:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-07 20:52:34 ----D---- C:\WINDOWS\system32\drivers
2008-11-02 21:28:45 ----SHD---- C:\WINDOWS\Installer
2008-11-02 20:20:53 ----D---- C:\WINDOWS
2008-11-02 09:11:44 ----D---- C:\WINDOWS\system32
2008-11-02 09:11:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-27 18:01:13 ----HD---- C:\WINDOWS\inf
2008-10-24 18:32:34 ----D---- C:\WINDOWS\WinSxS
2008-10-22 18:24:49 ----D---- C:\Program Files\Common Files
2008-10-22 17:54:09 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-18 22:06:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-18 22:06:16 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-18 22:06:15 ----A---- C:\WINDOWS\imsins.BAK
2008-10-18 22:05:59 ----D---- C:\Program Files\Internet Explorer
2008-10-07 11:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-03 09:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-30 22:44:36 ----D---- C:\WINDOWS\Help
2008-09-30 18:21:02 ----D---- C:\WINDOWS\Media
2008-09-25 20:58:55 ----D---- C:\WINDOWS\Debug
2008-09-15 18:59:47 ----SHD---- C:\System Volume Information
2008-09-15 18:59:47 ----D---- C:\WINDOWS\system32\Restore
2008-09-14 12:06:37 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft
2008-09-13 20:19:09 ----A---- C:\WINDOWS\win.ini
2008-09-13 18:50:36 ----D---- C:\Documents and Settings\Admin\Application Data\Adobe
2008-09-11 21:44:09 ----RSD---- C:\WINDOWS\Fonts
2008-08-28 21:32:16 ----D---- C:\WINDOWS\system32\config
2008-08-28 21:32:10 ----D---- C:\WINDOWS\system32\wbem
2008-08-28 21:32:10 ----D---- C:\WINDOWS\Registration
2008-08-28 21:32:02 ----D---- C:\Program Files\Windows Media Player
2008-08-28 21:31:59 ----D---- C:\WINDOWS\AppPatch
2008-08-28 21:31:36 ----D---- C:\WINDOWS\system
2008-08-28 21:30:56 ----HD---- C:\Documents and Settings\Admin\Application Data\ijjigame
2008-08-27 00:24:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-25 23:24:31 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-25 23:24:31 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-25 23:24:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-25 23:24:30 ----N---- C:\WINDOWS\system32\occache.dll
2008-08-25 23:24:30 ----N---- C:\WINDOWS\system32\mstime.dll
2008-08-25 23:24:30 ----N---- C:\WINDOWS\system32\msrating.dll
2008-08-25 23:24:30 ----A---- C:\WINDOWS\system32\url.dll
2008-08-25 23:24:30 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-25 23:24:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-25 23:24:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-25 23:24:30 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-25 23:24:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-25 23:24:29 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-08-25 23:24:29 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-25 23:24:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-25 23:24:28 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-08-25 23:24:28 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-08-25 23:24:28 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-08-25 23:24:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-25 23:24:28 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-25 23:24:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-25 23:24:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-25 23:24:28 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 00:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-25 00:37:59 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-22 21:54:51 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-08-20 16:05:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-08-18 21:12:38 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-08-18 21:12:15 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-08-14 14:29:24 ----D---- C:\Program Files\Messenger
2008-08-10 00:34:42 ----RSH---- C:\boot.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 NVTCP;NVIDIA TCP/IP Protocol Driver; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [2006-09-11 110592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-03 12032]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-15 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-06 93952]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2002-09-03 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-11-06 7429088]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-10 47360]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-07 21760]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 aqey942h;aqey942h; C:\WINDOWS\system32\drivers\aqey942h.sys []
S3 aw9bn3nn;aw9bn3nn; C:\WINDOWS\system32\drivers\aw9bn3nn.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-09-11 172032]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-04-13 20543]
R2 LinksysUpdater;Linksys Updater; C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-01-15 204800]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-09-11 135227]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-09-11 65599]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-11-06 155716]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-03-13 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-11 654848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]

-----------------EOF-----------------

 

Hate to put it this way, but here goes anyway.

"C:\Documents and Settings\Admin\Desktop\GzBotPro(2)\GzBotPro.exe "= "C:\Documents and Settings\Admin\Desktop\GzBotPro(2)\GzBotPro.exe:*:Enabled:GzBot PRO v2.23 - Cracked "

Maybe you deserved it? We don't approve of cracked software. It's theft, and irresponsible.