[code]
WinPFind35 logfile created on: 1/27/2008 2:08:25 PM
WinPFind35U Version Beta38     Folder = C:\Users\Luke\Desktop\WinPFind35u
Windows Vista  Service Pack 1, v.744 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.17128)
 
2.00 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 49.64% Memory free
4.00 Gb Paging File | 3.15 Gb Available in Paging File | 78.85% Paging File free
Paging file location(s): ?:\pagefile.sys;
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.69 Gb Total Space | 66.88 Gb Free Space | 47.54% Space Free | Partition Type: NTFS
Drive D: | 8.36 Gb Total Space | 1.81 Gb Free Space | 21.66% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: LUKE-PC
Current User Name: Luke
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user


[Processes - Non-Microsoft Only]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 9/6/2007 12:28:18 PM | Attr =    ]
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Inc. [Ver = 1,0,4,12 | Size = 229376 bytes | Modified Date = 7/24/2007 3:17:08 PM | Attr =    ]
clcapsvc.exe -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ->  [Ver = 5.00.2819 | Size = 262243 bytes | Modified Date = 4/23/2007 8:11:42 PM | Attr =    ]
iaantmon.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 355096 bytes | Modified Date = 2/12/2007 9:38:04 AM | Attr =    ]
lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.136.1 | Size = 61440 bytes | Modified Date = 12/14/2006 7:49:10 PM | Attr =    ]
frameworkservice.exe -> %ProgramFiles%\McAfee\Common Framework\FrameworkService.exe -> McAfee, Inc. [Ver = 3.6.0.480 | Size = 104000 bytes | Modified Date = 12/19/2006 11:24:50 AM | Attr =    ]
vstskmgr.exe -> %ProgramFiles%\McAfee\VirusScan Enterprise\VsTskMgr.exe -> McAfee, Inc. [Ver = 8.5.0.895 | Size = 54608 bytes | Modified Date = 10/16/2007 8:50:00 PM | Attr =    ]
naprdmgr.exe -> %ProgramFiles%\McAfee\Common Framework\naPrdMgr.exe -> McAfee, Inc. [Ver = 3.6.0.480 | Size = 136768 bytes | Modified Date = 12/19/2006 11:27:54 AM | Attr =    ]
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 10.0.13.2 14Sep07 | Size = 1021224 bytes | Modified Date = 9/15/2007 1:50:54 AM | Attr =    ]
rthdvcpl.exe -> %SystemRoot%\RtHDVCpl.exe -> Realtek Semiconductor [Ver = 1, 0, 0, 41 | Size = 4390912 bytes | Modified Date = 3/9/2007 12:50:02 PM | Attr =    ]
iaanotif.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 174872 bytes | Modified Date = 2/12/2007 9:37:58 AM | Attr =    ]
qpservice.exe -> %ProgramFiles%\HP\QuickPlay\QPService.exe -> CyberLink Corp. [Ver = 4.5.0.0000 | Size = 176128 bytes | Modified Date = 4/23/2007 8:11:20 PM | Attr =    ]
qlbctrl.exe -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ->  Hewlett-Packard Development Company, L.P. [Ver = 6, 2, 2, 1 | Size = 159744 bytes | Modified Date = 2/13/2007 1:38:36 PM | Attr =    ]
wifimsg.exe -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3.0.4.1 | Size = 317128 bytes | Modified Date = 1/10/2007 6:12:08 PM | Attr =    ]
shstat.exe -> %ProgramFiles%\McAfee\VirusScan Enterprise\shstat.exe -> McAfee, Inc. [Ver = 8.5.0.895 | Size = 111952 bytes | Modified Date = 10/16/2007 8:50:00 PM | Attr =    ]
udaterui.exe -> %ProgramFiles%\McAfee\Common Framework\UdaterUI.exe -> McAfee, Inc. [Ver = 3.6.0.480 | Size = 136768 bytes | Modified Date = 12/19/2006 11:27:00 AM | Attr =    ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 1:11:35 AM | Attr =    ]
mctray.exe -> %ProgramFiles%\McAfee\Common Framework\Mctray.exe -> McAfee, Inc. [Ver = 1.0.0.125 | Size = 86016 bytes | Modified Date = 12/19/2006 3:06:00 PM | Attr =    ]
noadware5.exe -> %ProgramFiles%\NoAdware5.0\NoAdware5.exe ->  [Ver = 1, 0, 0, 1 | Size = 1695744 bytes | Modified Date = 1/14/2008 11:11:00 AM | Attr =    ]
bttray.exe -> %ProgramFiles%\WIDCOMM\Bluetooth Software\BTTray.exe -> Broadcom Corporation. [Ver = 6.0.1.3700 | Size = 719664 bytes | Modified Date = 12/20/2006 11:27:40 AM | Attr =    ]
btstackserver.exe -> %ProgramFiles%\WIDCOMM\Bluetooth Software\BTStackServer.exe -> Broadcom Corporation. [Ver = 6.0.1.3700 | Size = 1600304 bytes | Modified Date = 12/20/2006 11:27:38 AM | Attr =    ]
wlcomm.exe -> %ProgramFiles%\Windows Live\Contacts\wlcomm.exe -> Microsoft Corp. [Ver = 9.0.1407.1107 (next-working.client.messenger (by BTSA010 on TK1BLD46)) | Size = 19456 bytes | Modified Date = 11/7/2007 3:20:06 PM | Attr =    ]
minidm.exe -> %ProgramFiles%\IEPro\MiniDM.exe -> IE7Pro.com [Ver = 1, 0, 0, 7 | Size = 617608 bytes | Modified Date = 1/2/2008 3:34:12 AM | Attr =    ]
winpfind35u.exe -> %UserDesktop%\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 307712 bytes | Modified Date = 1/26/2008 1:34:08 PM | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 9/6/2007 12:28:18 PM | Attr =    ]
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Inc. [Ver = 1,0,4,12 | Size = 229376 bytes | Modified Date = 7/24/2007 3:17:08 PM | Attr =    ]
(CertPropSvc) Certificate Propagation [Win32_Shared | Unknown | Stopped] ->  -> File not found
(CLCapSvc) CyberLink Background Capture Service (CBCS) [Win32_Own | Auto | Running] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ->  [Ver = 5.00.2819 | Size = 262243 bytes | Modified Date = 4/23/2007 8:11:42 PM | Attr =    ]
(CLSched) CyberLink Task Scheduler (CTS) [Win32_Own | Auto | Stopped] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLSched.exe ->  [Ver = 5.00.2819 | Size = 106593 bytes | Modified Date = 4/23/2007 8:11:44 PM | Attr =    ]
(DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Unknown | Running] ->  -> File not found
(DPS) Diagnostic Policy Service [Win32_Shared | Unknown | Running] ->  -> File not found
(gpsvc) Group Policy Client [Win32_Shared | Unknown | Running] ->  -> File not found
(HP Health Check Service) HP Health Check Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Service.exe -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 62984 bytes | Modified Date = 3/14/2007 2:07:30 PM | Attr =    ]
(hpqwmiex) hpqwmiex [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 9 | Size = 135168 bytes | Modified Date = 5/2/2006 4:41:28 PM | Attr =    ]
(IAANTMON) Intel(R) Matrix Storage Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 355096 bytes | Modified Date = 2/12/2007 9:38:04 AM | Attr =    ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/3/2005 11:41:10 PM | Attr =    ]
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] ->  -> File not found
(iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 504104 bytes | Modified Date = 1/15/2008 3:22:44 AM | Attr =    ]
(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.136.1 | Size = 61440 bytes | Modified Date = 12/14/2006 7:49:10 PM | Attr =    ]
(McAfeeFramework) McAfee Framework Service [Win32_Own | Unknown | Running] ->  -> File not found
(McShield) McAfee McShield [Win32_Own | Unknown | Stopped] ->  -> File not found
(McTaskManager) McAfee Task Manager [Win32_Own | Unknown | Running] ->  -> File not found
(MSDTC) Distributed Transaction Coordinator [Win32_Own | Unknown | Stopped] ->  -> File not found
(perfmons) perfmons Service [Win32_Own | Auto | Stopped] -> %System32%\perfs.exe -> File not found
(Routing) Routing Service [Win32_Own | Auto | Stopped] -> %System32%\routing.exe -> File not found
(RoxMediaDB9) RoxMediaDB9 [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -> Sonic Solutions [Ver = 9.0.5.98 | Size = 880640 bytes | Modified Date = 2/12/2007 11:36:58 AM | Attr =    ]
(RpcSs) Remote Procedure Call (RPC) [Win32_Shared | Unknown | Running] ->  -> File not found
(SCardSvr) Smart Card [Win32_Shared | Unknown | Stopped] ->  -> File not found
(Schedule) Task Scheduler [Win32_Shared | Unknown | Running] ->  -> File not found
(SCPolicySvc) Smart Card Removal Policy [Win32_Shared | Unknown | Stopped] ->  -> File not found
(stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SureThing Shared\stllssvr.exe -> MicroVision Development, Inc. [Ver = 1.2.560 | Size = 74656 bytes | Modified Date = 2/17/2007 9:31:12 AM | Attr = R  ]
(TrustedInstaller) Windows Modules Installer [Win32_Own | Unknown | Stopped] ->  -> File not found
(WdiServiceHost) Diagnostic Service Host [Win32_Shared | Unknown | Stopped] ->  -> File not found
(WdiSystemHost) Diagnostic System Host [Win32_Shared | Unknown | Running] ->  -> File not found

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
hpWirelessAssistant -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3, 0, 5, 1 | Size = 472776 bytes | Modified Date = 3/1/2007 3:18:36 PM | Attr =    ]
IAAnotif -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 174872 bytes | Modified Date = 2/12/2007 9:37:58 AM | Attr =    ]
McAfeeUpdaterUI -> %ProgramFiles%\McAfee\Common Framework\UdaterUI.exe -> McAfee, Inc. [Ver = 3.6.0.480 | Size = 136768 bytes | Modified Date = 12/19/2006 11:27:00 AM | Attr =    ]
NvCplDaemon -> %System32%\nvcpl.dll -> NVIDIA Corporation [Ver = 7.15.11.0145 | Size = 8433664 bytes | Modified Date = 6/28/2007 9:48:00 AM | Attr =    ]
NvMediaCenter -> %System32%\nvmctray.dll -> NVIDIA Corporation [Ver = 7.15.11.0145 | Size = 81920 bytes | Modified Date = 6/28/2007 9:55:00 AM | Attr =    ]
NvSvc -> %System32%\nvsvc.dll -> NVIDIA Corporation [Ver = 7.15.11.0145 | Size = 86016 bytes | Modified Date = 6/28/2007 9:58:00 AM | Attr =    ]
QlbCtrl -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ->  Hewlett-Packard Development Company, L.P. [Ver = 6, 2, 2, 1 | Size = 159744 bytes | Modified Date = 2/13/2007 1:38:36 PM | Attr =    ]
QPService -> %ProgramFiles%\HP\QuickPlay\QPService.exe -> CyberLink Corp. [Ver = 4.5.0.0000 | Size = 176128 bytes | Modified Date = 4/23/2007 8:11:20 PM | Attr =    ]
RtHDVCpl -> %SystemRoot%\RtHDVCpl.exe -> Realtek Semiconductor [Ver = 1, 0, 0, 41 | Size = 4390912 bytes | Modified Date = 3/9/2007 12:50:02 PM | Attr =    ]
ShStatEXE -> %ProgramFiles%\McAfee\VirusScan Enterprise\shstat.exe -> McAfee, Inc. [Ver = 8.5.0.895 | Size = 111952 bytes | Modified Date = 10/16/2007 8:50:00 PM | Attr =    ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 1:11:35 AM | Attr =    ]
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 10.0.13.2 14Sep07 | Size = 1021224 bytes | Modified Date = 9/15/2007 1:50:54 AM | Attr =    ]
SynTPStart -> %ProgramFiles%\Synaptics\SynTP\SynTPStart.exe -> Synaptics, Inc. [Ver = 10.0.13.2 14Sep07 | Size = 102400 bytes | Modified Date = 9/15/2007 1:29:10 AM | Attr =    ]
WAWifiMessage -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3.0.4.1 | Size = 317128 bytes | Modified Date = 1/10/2007 6:12:08 PM | Attr =    ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> 
IMAIL-> Installed = 1 -> 
MAPI-> Installed = 1 -> 
MSFS-> Installed = 1 -> 
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
NoAdware5 -> %ProgramFiles%\NoAdware5.0\NoAdware5.exe ->  [Ver = 1, 0, 0, 1 | Size = 1695744 bytes | Modified Date = 1/14/2008 11:11:00 AM | Attr =    ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 3 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDrives -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin -> 2 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableInstallerDetection -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableVirtualization -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ValidateAdminCodeSignatures -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\scforceoption -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\FilterAdministratorToken -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideShutdownScripts -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableUIADesktopToggle -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_TEXT -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_BITMAP -> 2 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_OEMTEXT -> 7 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIB -> 8 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_PALETTE -> 9 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_UNICODETEXT -> 13 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIBV5 -> 17 -> 
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoRecentDocsHistory -> 1 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoRecentDocsMenu -> 1 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisAllowRun\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{20D04FE0-3AEA-1069-A2D8-08002B30309D} -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{450D8FBA-AD25-11D0-98A8-0800361B1103} -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Windows\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Windows\Sidebar\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Windows\Sidebar\\TurnOffUserInstalledGadgets -> 0 -> 
< HOSTS File > (734 bytes) -> C:\Windows\System32\drivers\etc\Hosts -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\Local Page -> \blank.htm -> 
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.mtu.edu/ -> 
HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> 
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
HKEY_CURRENT_USER\: ProxyOverride -> *.local -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3230 domain(s) found. -> 
26 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 17 range(s) found. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{00011268-E188-40DF-A514-835FCD78B1BF} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\IEPro\IEPro.dll [IE7Pro BHO] -> IE7Pro.com [Ver = 2, 0, 0, 7 | Size = 699496 bytes | Modified Date = 1/2/2008 3:34:10 AM | Attr =    ]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 10:08:42 PM | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 1:11:33 AM | Attr =    ]
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee\VirusScan Enterprise\ScriptCl.dll [scriptproxy] -> McAfee, Inc. [Ver = VSCORE.13.3.2.123.x86 | Size = 66880 bytes | Modified Date = 10/16/2007 8:50:00 PM | Attr =    ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
SITEguard [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}:{B119EB0C-C021-46CF-85B0-34A760E0D5FE} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\IEPro\IEPro.dll [IE7Pro Preferences] -> IE7Pro.com [Ver = 2, 0, 0, 7 | Size = 699496 bytes | Modified Date = 1/2/2008 3:34:10 AM | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 1:11:33 AM | Attr =    ]
{7F9DB11C-E358-4ca6-A83D-ACC663939424}:BandCLSID -> %ProgramFiles%\Bonjour\ExplorerPlugin.dll [Bonjour] -> Apple Inc. [Ver = 1,0,4,12 | Size = 516096 bytes | Modified Date = 7/24/2007 3:17:08 PM | Attr =    ]
{CCA281CA-C863-46ef-9331-5C8D4460577F}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [@btrez.dll,-4015] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Add to Windows &Live Favorites ->  -> File not found
Send image to &Bluetooth Device... -> %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ->  [Ver =  | Size = 2773 bytes | Modified Date = 8/29/2006 2:12:28 PM | Attr =    ]
Send page to &Bluetooth Device... -> %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie.htm ->  [Ver =  | Size = 5601 bytes | Modified Date = 10/26/2006 6:28:50 PM | Attr =    ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{212DF71F-B84B-4D87-A5CA-60B40D2FCEA9} ->    () -> 
{71147865-9F2B-4375-81FF-7040448863D3} ->    (Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)) -> 
{7F82E9EA-52E0-4D8F-8D6E-3BE7AF6CBD09} ->    (Intel(R) Wireless WiFi Link 4965AGN) -> 
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
ldap -> 4 = Restricted sites (Not a Default Protocol) -> 
news -> 4 = Restricted sites (Not a Default Protocol) -> 
nntp -> 4 = Restricted sites (Not a Default Protocol) -> 
oecmd -> 4 = Restricted sites (Not a Default Protocol) -> 
snews -> 4 = Restricted sites (Not a Default Protocol) -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value  does not exist or could not be read.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{67DABFBF-D0AB-41FA-9C46-CC0F21721616}[HKEY_LOCAL_MACHINE] -> http://download.divx.com/player/DivXBrowserPlugin.cab[DivXBrowserPlugin Object] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> 


[Registry - Additional Scans - Non-Microsoft Only]


[Files/Folders - Created Within 30 days]
01 - Sinfony.mp3 -> %SystemDrive%\01 - Sinfony.mp3 ->  [Ver =  | Size = 1272006 bytes | Created Date = 1/21/2008 12:13:33 AM | Attr =    ]
02 - Quiet (live in Atlanta, 1993).mp3 -> %SystemDrive%\02 - Quiet (live in Atlanta, 1993).mp3 ->  [Ver =  | Size = 5532605 bytes | Created Date = 1/21/2008 12:12:12 AM | Attr =    ]
03 - Disarm (live on English TV, 1993).mp3 -> %SystemDrive%\03 - Disarm (live on English TV, 1993).mp3 ->  [Ver =  | Size = 4078892 bytes | Created Date = 1/21/2008 12:16:28 AM | Attr =    ]
04 - Cherub Rock (acoustic) (live on MTV Europe, 1993).mp3 -> %SystemDrive%\04 - Cherub Rock (acoustic) (live on MTV Europe, 1993).mp3 ->  [Ver =  | Size = 5921459 bytes | Created Date = 1/21/2008 12:14:51 AM | Attr =    ]
05 - Today (live in Chicago, 1993).mp3 -> %SystemDrive%\05 - Today (live in Chicago, 1993).mp3 ->  [Ver =  | Size = 5237066 bytes | Created Date = 1/21/2008 12:13:00 AM | Attr =    ]
06 - Bugg Superstar.mp3 -> %SystemDrive%\06 - Bugg Superstar.mp3 ->  [Ver =  | Size = 1463261 bytes | Created Date = 1/21/2008 12:11:27 AM | Attr =    ]
07 - I Am One (live in Barcelona, 1993).mp3 -> %SystemDrive%\07 - I Am One (live in Barcelona, 1993).mp3 ->  [Ver =  | Size = 11276695 bytes | Created Date = 1/21/2008 12:13:00 AM | Attr =    ]
08 - Pulseczar.mp3 -> %SystemDrive%\08 - Pulseczar.mp3 ->  [Ver =  | Size = 3690119 bytes | Created Date = 1/21/2008 12:10:11 AM | Attr =    ]
09 - Soma (live in London, 1994).mp3 -> %SystemDrive%\09 - Soma (live in London, 1994).mp3 ->  [Ver =  | Size = 9432815 bytes | Created Date = 1/21/2008 12:11:26 AM | Attr =    ]
10 - Slunk (live on Japanese TV, 1992).mp3 -> %SystemDrive%\10 - Slunk (live on Japanese TV, 1992).mp3 ->  [Ver =  | Size = 2952788 bytes | Created Date = 1/21/2008 12:14:35 AM | Attr =    ]
11 - French Movie Theme.mp3 -> %SystemDrive%\11 - French Movie Theme.mp3 ->  [Ver =  | Size = 2913066 bytes | Created Date = 1/21/2008 12:21:23 AM | Attr =    ]
12 - Geek U.S.A. (live on German TV, 1993).mp3 -> %SystemDrive%\12 - Geek U.S.A. (live on German TV, 1993).mp3 ->  [Ver =  | Size = 6518674 bytes | Created Date = 1/21/2008 12:10:39 AM | Attr =    ]
13 - Mayonaise (acoustic) (live everywhere, 1988-1994).mp3 -> %SystemDrive%\13 - Mayonaise (acoustic) (live everywhere, 1988-1994).mp3 ->  [Ver =  | Size = 6785427 bytes | Created Date = 1/21/2008 12:11:51 AM | Attr =    ]
14 - Silverfuck (live in London, 1994) Over The Rainbow.mp3 -> %SystemDrive%\14 - Silverfuck (live in London, 1994) Over The Rainbow.mp3 ->  [Ver =  | Size = 20343570 bytes | Created Date = 1/21/2008 12:10:34 AM | Attr =    ]
15 - Why Am I So Tired.mp3 -> %SystemDrive%\15 - Why Am I So Tired.mp3 ->  [Ver =  | Size = 24754393 bytes | Created Date = 1/21/2008 12:11:21 AM | Attr =    ]
Deckard -> %SystemDrive%\Deckard ->  [Folder | Created Date = 1/26/2008 3:51:53 PM | Attr =    ]
install.dat -> %SystemDrive%\install.dat ->  [Ver =  | Size = 164 bytes | Created Date = 1/18/2008 6:40:51 PM | Attr =    ]
IO.SYS -> %SystemDrive%\IO.SYS ->  [Ver =  | Size = 0 bytes | Created Date = 1/1/2008 11:32:34 PM | Attr = RHS]
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS ->  [Ver =  | Size = 0 bytes | Created Date = 1/1/2008 11:32:34 PM | Attr = RHS]
PerfLogs -> %SystemDrive%\PerfLogs ->  [Folder | Created Date = 1/17/2008 3:03:24 PM | Attr =    ]
SonyKorn -> %SystemDrive%\SonyKorn ->  [Folder | Created Date = 1/1/2008 11:32:19 PM | Attr =    ]
Vicarious.flv -> %SystemDrive%\Vicarious.flv ->  [Ver =  | Size = 20404704 bytes | Created Date = 1/2/2008 2:12:11 AM | Attr =    ]
_OTMoveIt -> %SystemDrive%\_OTMoveIt ->  [Folder | Created Date = 1/27/2008 1:46:10 AM | Attr =    ]
MsftWdf_Kernel_01007_Inbox_Critical.Wdf -> %System32%\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf ->  [Ver =  | Size = 3 bytes | Created Date = 1/17/2008 2:14:59 PM | Attr =    ]
Msft_User_WpdMtpDr_01_00_00.Wdf -> %System32%\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf ->  [Ver =  | Size = 0 bytes | Created Date = 12/28/2007 11:34:45 PM | Attr =  H ]
andt.sys -> %System32%\andt.sys ->  [Ver = 2.0.1.101 | Size = 250368 bytes | Created Date = 1/25/2008 10:06:14 PM | Attr =    ]
atmfd.dll -> %System32%\atmfd.dll -> Adobe Systems Incorporated [Ver = 5.1 Build 226 | Size = 289792 bytes | Created Date = 1/17/2008 2:16:12 PM | Attr =    ]
Defrag.exe -> %System32%\Defrag.exe -> Microsoft Corp. [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 226816 bytes | Created Date = 1/17/2008 2:19:14 PM | Attr =    ]
dfrgfat.exe -> %System32%\dfrgfat.exe -> Microsoft Corp. [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 96768 bytes | Created Date = 1/17/2008 2:19:30 PM | Attr =    ]
DfrgNtfs.exe -> %System32%\DfrgNtfs.exe -> Microsoft Corp. [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 163840 bytes | Created Date = 1/17/2008 2:21:14 PM | Attr =    ]
DivX.dll -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 682496 bytes | Created Date = 1/4/2008 4:57:10 PM | Attr =    ]
DivXCodecVersionChecker.exe -> %System32%\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 6, 7, 0, 1 | Size = 156992 bytes | Created Date = 1/4/2008 4:56:48 PM | Attr =    ]
divxdec.ax -> %System32%\divxdec.ax -> DivX, Inc. [Ver = 6.8.0.0 | Size = 630784 bytes | Created Date = 1/7/2008 8:16:38 PM | Attr =    ]
DivXsm.exe -> %System32%\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 4 | Size = 524288 bytes | Created Date = 1/4/2008 4:59:04 PM | Attr =    ]
divxsm.tlb -> %System32%\divxsm.tlb ->  [Ver =  | Size = 4816 bytes | Created Date = 1/4/2008 4:59:04 PM | Attr =    ]
DivXWMPExtType.dll -> %System32%\DivXWMPExtType.dll ->  [Ver =  | Size = 12288 bytes | Created Date = 1/4/2008 4:56:24 PM | Attr =    ]
divx_xx07.dll -> %System32%\divx_xx07.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Created Date = 1/4/2008 4:57:12 PM | Attr =    ]
divx_xx0c.dll -> %System32%\divx_xx0c.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Created Date = 1/4/2008 4:57:10 PM | Attr =    ]
divx_xx11.dll -> %System32%\divx_xx11.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 802816 bytes | Created Date = 1/4/2008 4:57:10 PM | Attr =    ]
dot3.tmf -> %System32%\dot3.tmf ->  [Ver =  | Size = 289467 bytes | Created Date = 1/17/2008 2:19:32 PM | Attr =    ]
dpl100.dll -> %System32%\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 81920 bytes | Created Date = 1/4/2008 4:57:22 PM | Attr =    ]
dpl100.dll.manifest -> %System32%\dpl100.dll.manifest ->  [Ver =  | Size = 416 bytes | Created Date = 1/4/2008 4:57:22 PM | Attr =    ]
dpu10.dll -> %System32%\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 1/4/2008 4:57:14 PM | Attr =    ]
dpu11.dll -> %System32%\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 1/4/2008 4:57:14 PM | Attr =    ]
dpuGUI10.dll -> %System32%\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Created Date = 1/4/2008 4:57:16 PM | Attr =    ]
dpuGUI11.dll -> %System32%\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Created Date = 1/4/2008 4:57:14 PM | Attr =    ]
dpus11.dll -> %System32%\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Created Date = 1/4/2008 4:57:14 PM | Attr =    ]
dpv11.dll -> %System32%\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Created Date = 1/4/2008 4:57:14 PM | Attr =    ]
dtu100.dll -> %System32%\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 196608 bytes | Created Date = 1/4/2008 4:57:22 PM | Attr =    ]
dtu100.dll.manifest -> %System32%\dtu100.dll.manifest ->  [Ver =  | Size = 416 bytes | Created Date = 1/4/2008 4:57:22 PM | Attr =    ]
dumphive.exe -> %System32%\dumphive.exe ->  [Ver =  | Size = 51200 bytes | Created Date = 1/24/2008 4:57:20 PM | Attr =    ]
eaphost.tmf -> %System32%\eaphost.tmf ->  [Ver =  | Size = 206830 bytes | Created Date = 1/17/2008 2:22:08 PM | Attr =    ]
esrb.rs -> %System32%\esrb.rs -> Microsoft [Ver = 1.0.0.1 | Size = 51712 bytes | Created Date = 1/17/2008 2:17:17 PM | Attr =    ]
feedback.hta -> %System32%\feedback.hta ->  [Ver =  | Size = 7830 bytes | Created Date = 1/17/2008 2:21:09 PM | Attr =    ]
fsmgmt.msc -> %System32%\fsmgmt.msc ->  [Ver =  | Size = 144909 bytes | Created Date = 1/17/2008 2:15:06 PM | Attr =    ]
GameUXLegacyGDFs.dll -> %System32%\GameUXLegacyGDFs.dll -> Microsoft [Ver = 1.0.0.1 | Size = 4240384 bytes | Created Date = 1/17/2008 2:21:13 PM | Attr =    ]
gatherWiredInfo.vbs -> %System32%\gatherWiredInfo.vbs ->  [Ver =  | Size = 12198 bytes | Created Date = 1/17/2008 2:15:08 PM | Attr =    ]
gatherWirelessInfo.vbs -> %System32%\gatherWirelessInfo.vbs ->  [Ver =  | Size = 15181 bytes | Created Date = 1/17/2008 2:15:08 PM | Attr =    ]
grb.rs -> %System32%\grb.rs -> Microsoft [Ver = 1.0.0.1 | Size = 16896 bytes | Created Date = 1/17/2008 2:20:15 PM | Attr =    ]
Header.jpg -> %System32%\Header.jpg ->  [Ver =  | Size = 21317 bytes | Created Date = 1/17/2008 2:22:00 PM | Attr =    ]
IasMigPlugin.dll -> %System32%\IasMigPlugin.dll -> Microsoft [Ver = 1.0.0.1 | Size = 445952 bytes | Created Date = 1/17/2008 2:21:40 PM | Attr =    ]
IEDFix.exe -> %System32%\IEDFix.exe -> S!Ri.URZ [Ver =  | Size = 81920 bytes | Created Date = 1/24/2008 4:57:20 PM | Attr =    ]
Indt2.sys -> %System32%\Indt2.sys -> a [Ver = 2.00.0032 | Size = 45056 bytes | Created Date = 1/24/2008 12:01:22 AM | Attr =    ]
l3codeca.acm -> %System32%\l3codeca.acm -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 9, 0, 0401 | Size = 62464 bytes | Created Date = 1/17/2008 2:15:57 PM | Attr =    ]
l3codecp.acm -> %System32%\l3codecp.acm -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 3, 4, 0, 0 | Size = 220672 bytes | Created Date = 1/17/2008 2:17:10 PM | Attr =    ]
locale.nls -> %System32%\locale.nls ->  [Ver =  | Size = 3662296 bytes | Created Date = 1/17/2008 2:21:18 PM | Attr =    ]
msjetoledb40.dll -> %System32%\msjetoledb40.dll ->  [Ver =  | Size = 368640 bytes | Created Date = 1/17/2008 2:17:38 PM | Attr =    ]
ndt2.sys -> %System32%\ndt2.sys ->  [Ver = 2.0.1.101 | Size = 250368 bytes | Created Date = 1/24/2008 12:01:21 AM | Attr =    ]
onex.tmf -> %System32%\onex.tmf ->  [Ver =  | Size = 261163 bytes | Created Date = 1/17/2008 2:19:16 PM | Attr =    ]
People.jpg -> %System32%\People.jpg ->  [Ver =  | Size = 3269 bytes | Created Date = 1/17/2008 2:18:35 PM | Attr =    ]
perfmon.msc -> %System32%\perfmon.msc ->  [Ver =  | Size = 145455 bytes | Created Date = 1/17/2008 2:15:00 PM | Attr =    ]
PresentationCFFRasterizerNative_v0300.dll -> %System32%\PresentationCFFRasterizerNative_v0300.dll -> Adobe Systems Incorporated [Ver = 3.0.6920.1109 (lh_tools_devdiv_wpf.071009-1109) | Size = 106520 bytes | Created Date = 1/17/2008 2:18:59 PM | Attr =    ]
Process.exe -> %System32%\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 1/27/2008 5:25:39 AM | Attr =    ]
qt-dx331.dll -> %System32%\qt-dx331.dll ->  [Ver =  | Size = 3596288 bytes | Created Date = 1/4/2008 4:58:50 PM | Attr =    ]
QuickTime.qts -> %System32%\QuickTime.qts -> Apple Inc. [Ver = 7.4 | Size = 57344 bytes | Created Date = 1/10/2008 3:27:44 PM | Attr =    ]
QuickTimeVR.qtx -> %System32%\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.4 | Size = 90112 bytes | Created Date = 1/10/2008 3:27:46 PM | Attr =    ]
RacUR.xml -> %System32%\RacUR.xml ->  [Ver =  | Size = 7025 bytes | Created Date = 1/17/2008 2:15:30 PM | Attr =    ]
Robocopy.exe -> %System32%\Robocopy.exe -> Microsoft [Ver = 5, 1, 10, 1027 | Size = 87552 bytes | Created Date = 1/17/2008 2:18:52 PM | Attr =    ]
slmgr.vbs -> %System32%\slmgr.vbs ->  [Ver =  | Size = 80047 bytes | Created Date = 1/17/2008 2:18:40 PM | Attr =    ]
SMBHelperClass.dll -> %System32%\SMBHelperClass.dll -> Microsoft [Ver = 1.0.0.1 | Size = 83456 bytes | Created Date = 1/17/2008 2:21:55 PM | Attr =    ]
SrchSTS.exe -> %System32%\SrchSTS.exe -> S!Ri [Ver =  | Size = 288417 bytes | Created Date = 1/24/2008 4:57:20 PM | Attr =    ]
StructuredQuerySchema.bin -> %System32%\StructuredQuerySchema.bin ->  [Ver =  | Size = 100043 bytes | Created Date = 1/17/2008 2:16:26 PM | Attr =    ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 1/24/2008 4:57:19 PM | Attr =    ]
swsc.exe -> %System32%\swsc.exe ->  [Ver =  | Size = 40960 bytes | Created Date = 1/24/2008 4:57:20 PM | Attr =    ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 1/24/2008 4:57:20 PM | Attr =    ]
systemsf.ebd -> %System32%\systemsf.ebd ->  [Ver =  | Size = 132148 bytes | Created Date = 1/17/2008 2:21:29 PM | Attr =    ]
tcpmon.ini -> %System32%\tcpmon.ini ->  [Ver =  | Size = 60124 bytes | Created Date = 1/17/2008 2:16:10 PM | Attr =    ]
Tips.jpg -> %System32%\Tips.jpg ->  [Ver =  | Size = 3149 bytes | Created Date = 1/17/2008 2:18:34 PM | Attr =    ]
URTTemp -> %System32%\URTTemp ->  [Folder | Created Date = 1/24/2008 5:20:45 PM | Attr =    ]
VCCLSID.exe -> %System32%\VCCLSID.exe -> S!Ri [Ver =  | Size = 289144 bytes | Created Date = 1/24/2008 4:57:20 PM | Attr =    ]
WFP.TMF -> %System32%\WFP.TMF ->  [Ver =  | Size = 175508 bytes | Created Date = 1/17/2008 2:20:16 PM | Attr =    ]
winrm.vbs -> %System32%\winrm.vbs ->  [Ver =  | Size = 195122 bytes | Created Date = 1/17/2008 2:19:30 PM | Attr =    ]
wlan.tmf -> %System32%\wlan.tmf ->  [Ver =  | Size = 1675370 bytes | Created Date = 1/17/2008 2:22:07 PM | Attr =    ]
WlanMmHC.dll -> %System32%\WlanMmHC.dll -> Microsoft [Ver = 1.0.0.1 | Size = 41472 bytes | Created Date = 1/17/2008 2:16:18 PM | Attr =    ]
WS2Fix.exe -> %System32%\WS2Fix.exe ->  [Ver =  | Size = 25600 bytes | Created Date = 1/24/2008 4:57:20 PM | Attr =    ]
120276828.ini -> %SystemRoot%\120276828.ini ->  [Ver =  | Size = 37 bytes | Created Date = 1/2/2008 2:11:28 AM | Attr =    ]
ERDNT -> %SystemRoot%\ERDNT ->  [Folder | Created Date = 1/26/2008 3:52:41 PM | Attr =    ]
2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> 
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 726 bytes | Created Date = 1/8/2008 2:00:46 PM | Attr =    ]
popcinfo.dat -> %SystemRoot%\popcinfo.dat ->  [Ver =  | Size = 26 bytes | Created Date = 1/24/2008 2:56:51 AM | Attr =    ]

[Files/Folders - Modified Within 30 days]
01 - Sinfony.mp3 -> %SystemDrive%\01 - Sinfony.mp3 ->  [Ver =  | Size = 1272006 bytes | Modified Date = 1/21/2008 1:24:02 AM | Attr =    ]
02 - Quiet (live in Atlanta, 1993).mp3 -> %SystemDrive%\02 - Quiet (live in Atlanta, 1993).mp3 ->  [Ver =  | Size = 5532605 bytes | Modified Date = 1/21/2008 1:24:25 AM | Attr =    ]
03 - Disarm (live on English TV, 1993).mp3 -> %SystemDrive%\03 - Disarm (live on English TV, 1993).mp3 ->  [Ver =  | Size = 4078892 bytes | Modified Date = 1/21/2008 1:24:29 AM | Attr =    ]
04 - Cherub Rock (acoustic) (live on MTV Europe, 1993).mp3 -> %SystemDrive%\04 - Cherub Rock (acoustic) (live on MTV Europe, 1993).mp3 ->  [Ver =  | Size = 5921459 bytes | Modified Date = 1/21/2008 1:27:19 AM | Attr =    ]
05 - Today (live in Chicago, 1993).mp3 -> %SystemDrive%\05 - Today (live in Chicago, 1993).mp3 ->  [Ver =  | Size = 5237066 bytes | Modified Date = 1/21/2008 1:24:47 AM | Attr =    ]
06 - Bugg Superstar.mp3 -> %SystemDrive%\06 - Bugg Superstar.mp3 ->  [Ver =  | Size = 1463261 bytes | Modified Date = 1/21/2008 1:24:56 AM | Attr =    ]
07 - I Am One (live in Barcelona, 1993).mp3 -> %SystemDrive%\07 - I Am One (live in Barcelona, 1993).mp3 ->  [Ver =  | Size = 11276695 bytes | Modified Date = 1/21/2008 1:25:11 AM | Attr =    ]
08 - Pulseczar.mp3 -> %SystemDrive%\08 - Pulseczar.mp3 ->  [Ver =  | Size = 3690119 bytes | Modified Date = 1/21/2008 1:25:20 AM | Attr =    ]
09 - Soma (live in London, 1994).mp3 -> %SystemDrive%\09 - Soma (live in London, 1994).mp3 ->  [Ver =  | Size = 9432815 bytes | Modified Date = 1/21/2008 1:25:25 AM | Attr =    ]
10 - Slunk (live on Japanese TV, 1992).mp3 -> %SystemDrive%\10 - Slunk (live on Japanese TV, 1992).mp3 ->  [Ver =  | Size = 2952788 bytes | Modified Date = 1/21/2008 1:25:30 AM | Attr =    ]
11 - French Movie Theme.mp3 -> %SystemDrive%\11 - French Movie Theme.mp3 ->  [Ver =  | Size = 2913066 bytes | Modified Date = 1/21/2008 1:25:36 AM | Attr =    ]
12 - Geek U.S.A. (live on German TV, 1993).mp3 -> %SystemDrive%\12 - Geek U.S.A. (live on German TV, 1993).mp3 ->  [Ver =  | Size = 6518674 bytes | Modified Date = 1/21/2008 1:25:42 AM | Attr =    ]
13 - Mayonaise (acoustic) (live everywhere, 1988-1994).mp3 -> %SystemDrive%\13 - Mayonaise (acoustic) (live everywhere, 1988-1994).mp3 ->  [Ver =  | Size = 6785427 bytes | Modified Date = 1/21/2008 1:26:41 AM | Attr =    ]
14 - Silverfuck (live in London, 1994) Over The Rainbow.mp3 -> %SystemDrive%\14 - Silverfuck (live in London, 1994) Over The Rainbow.mp3 ->  [Ver =  | Size = 20343570 bytes | Modified Date = 1/21/2008 1:27:03 AM | Attr =    ]
15 - Why Am I So Tired.mp3 -> %SystemDrive%\15 - Why Am I So Tired.mp3 ->  [Ver =  | Size = 24754393 bytes | Modified Date = 1/21/2008 1:26:04 AM | Attr =    ]
boot -> %SystemDrive%\boot ->  [Folder | Modified Date = 1/17/2008 3:16:18 PM | Attr =  HS]
bootmgr -> %SystemDrive%\bootmgr ->  [Ver =  | Size = 333202 bytes | Modified Date = 1/2/2008 2:44:22 AM | Attr = RHS]
Config.Msi -> %SystemDrive%\Config.Msi ->  [Folder | Modified Date = 1/26/2008 3:46:32 PM | Attr =  H ]
Deckard -> %SystemDrive%\Deckard ->  [Folder | Modified Date = 1/26/2008 3:51:53 PM | Attr =    ]
install.dat -> %SystemDrive%\install.dat ->  [Ver =  | Size = 164 bytes | Modified Date = 1/18/2008 6:40:51 PM | Attr =    ]
IO.SYS -> %SystemDrive%\IO.SYS ->  [Ver =  | Size = 0 bytes | Modified Date = 1/1/2008 11:32:34 PM | Attr = RHS]
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS ->  [Ver =  | Size = 0 bytes | Modified Date = 1/1/2008 11:32:34 PM | Attr = RHS]
PerfLogs -> %SystemDrive%\PerfLogs ->  [Folder | Modified Date = 1/25/2008 8:03:23 PM | Attr =    ]
Program Files -> %ProgramFiles% ->  [Folder | Modified Date = 1/25/2008 10:04:14 PM | Attr = R  ]
ProgramData -> %AllUsersAppData% ->  [Folder | Modified Date = 1/24/2008 2:00:26 AM | Attr =  H ]
QUARANTINE -> %SystemDrive%\QUARANTINE ->  [Folder | Modified Date = 1/24/2008 5:30:43 PM | Attr =    ]
SonyKorn -> %SystemDrive%\SonyKorn ->  [Folder | Modified Date = 1/1/2008 11:32:30 PM | Attr =    ]
System Volume Information -> %SystemDrive%\System Volume Information ->  [Folder | Modified Date = 1/27/2008 1:34:10 PM | Attr =  HS]
Vicarious.flv -> %SystemDrive%\Vicarious.flv ->  [Ver =  | Size = 20404704 bytes | Modified Date = 1/11/2008 12:25:17 PM | Attr =    ]
Windows -> %SystemRoot% ->  [Folder | Modified Date = 1/27/2008 1:46:10 AM | Attr =    ]
_OTMoveIt -> %SystemDrive%\_OTMoveIt ->  [Folder | Modified Date = 1/27/2008 1:46:10 AM | Attr =    ]
en-US -> %System32%\drivers\en-US ->  [Folder | Modified Date = 1/17/2008 3:05:20 PM | Attr =    ]
b57nd60x.sys.mui -> %System32%\drivers\en-US\b57nd60x.sys.mui -> Broadcom Corporation [Ver = 10.10.0.0 (mbuild.02262007-1449,b57nd60_main.CL-967) | Size = 5120 bytes | Modified Date = 1/2/2008 2:29:19 AM | Attr =    ]
e1e6032.sys.mui -> %System32%\drivers\en-US\e1e6032.sys.mui -> Intel Corporation [Ver = 9.11.5.7 built by: WinDDK | Size = 19968 bytes | Modified Date = 1/2/2008 2:35:43 AM | Attr =    ]
E1G60I32.sys.mui -> %System32%\drivers\en-US\E1G60I32.sys.mui -> Intel Corporation [Ver = 8.3.2.8 built by: WinDDK | Size = 16896 bytes | Modified Date = 1/2/2008 2:38:31 AM | Attr =    ]
etc -> %System32%\drivers\etc ->  [Folder | Modified Date = 1/25/2008 8:24:11 PM | Attr =    ]
hosts -> %System32%\drivers\etc\hosts ->  [Ver =  | Size = 734 bytes | Modified Date = 1/25/2008 8:24:11 PM | Attr =    ]
hosts.msn -> %System32%\drivers\etc\hosts.msn ->  [Ver =  | Size = 785 bytes | Modified Date = 1/14/2008 6:07:32 PM | Attr =    ]
Msft_User_WpdMtpDr_01_00_00.Wdf -> %System32%\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf ->  [Ver =  | Size = 0 bytes | Modified Date = 12/28/2007 11:34:45 PM | Attr =  H ]
UMDF -> %System32%\drivers\UMDF ->  [Folder | Modified Date = 1/17/2008 2:58:53 PM | Attr =    ]
Msft_User_WpdMtpDr_01_00_00.Wdf -> %System32%\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf ->  [Ver =  | Size = 0 bytes | Modified Date = 1/17/2008 2:48:58 PM | Attr =  H ]
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %System32%\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 ->  [Ver =  | Size = 3296 bytes | Modified Date = 1/27/2008 2:02:29 PM | Attr =  H ]
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %System32%\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 ->  [Ver =  | Size = 3296 bytes | Modified Date = 1/27/2008 2:02:29 PM | Attr =  H ]
AdvancedInstallers -> %System32%\AdvancedInstallers ->  [Folder | Modified Date = 1/17/2008 3:05:26 PM | Attr =    ]
andt.sys -> %System32%\andt.sys ->  [Ver = 2.0.1.101 | Size = 250368 bytes | Modified Date = 1/25/2008 10:06:14 PM | Attr =    ]
ar-SA -> %System32%\ar-SA ->  [Folder | Modified Date = 1/17/2008 3:05:12 PM | Attr =    ]
atmfd.dll -> %System32%\atmfd.dll -> Adobe Systems Incorporated [Ver = 5.1 Build 226 | Size = 289792 bytes | Modified Date = 1/2/2008 1:01:31 AM | Attr =    ]
axaltocm.dll -> %System32%\axaltocm.dll -> Gemalto, Inc. [Ver = 6.0.6001.17128 (longhorn.080101-1935) | Size = 82432 bytes | Modified Date = 1/17/2008 2:39:51 PM | Attr =    ]
BASSMOD.dll -> %System32%\BASSMOD.dll ->  [Ver =  | Size = 34308 bytes | Modified Date = 1/24/2008 9:39:03 AM | Attr =    ]
Boot -> %System32%\Boot ->  [Folder | Modified Date = 1/17/2008 3:03:27 PM | Attr =    ]
catroot -> %System32%\catroot ->  [Folder | Modified Date = 1/26/2008 12:02:37 AM | Attr =    ]
catroot2 -> %System32%\catroot2 ->  [Folder | Modified Date = 1/24/2008 8:43:49 PM | Attr =    ]
com -> %System32%\com ->  [Folder | Modified Date = 1/17/2008 3:05:45 PM | Attr =    ]
cs-CZ -> %System32%\cs-CZ ->  [Folder | Modified Date = 1/17/2008 3:05:25 PM | Attr =    ]
da-DK -> %System32%\da-DK ->  [Folder | Modified Date = 1/17/2008 3:05:45 PM | Attr =    ]
de-DE -> %System32%\de-DE ->  [Folder | Modified Date = 1/17/2008 3:05:33 PM | Attr =    ]
Defrag.exe -> %System32%\Defrag.exe -> Microsoft Corp. [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 226816 bytes | Modified Date = 1/2/2008 2:31:28 AM | Attr =    ]
dfrgfat.exe -> %System32%\dfrgfat.exe -> Microsoft Corp. [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 96768 bytes | Modified Date = 1/2/2008 2:31:28 AM | Attr =    ]
DfrgNtfs.exe -> %System32%\DfrgNtfs.exe -> Microsoft Corp. [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 163840 bytes | Modified Date = 1/2/2008 2:31:28 AM | Attr =    ]
DivX.dll -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 682496 bytes | Modified Date = 1/4/2008 4:57:10 PM | Attr =    ]
DivXCodecVersionChecker.exe -> %System32%\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 6, 7, 0, 1 | Size = 156992 bytes | Modified Date = 1/4/2008 4:56:48 PM | Attr =    ]
divxdec.ax -> %System32%\divxdec.ax -> DivX, Inc. [Ver = 6.8.0.0 | Size = 630784 bytes | Modified Date = 1/7/2008 8:16:38 PM | Attr =    ]
DivXsm.exe -> %System32%\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 4 | Size = 524288 bytes | Modified Date = 1/4/2008 4:59:04 PM | Attr =    ]
divxsm.tlb -> %System32%\divxsm.tlb ->  [Ver =  | Size = 4816 bytes | Modified Date = 1/4/2008 4:59:04 PM | Attr =    ]
DivXWMPExtType.dll -> %System32%\DivXWMPExtType.dll ->  [Ver =  | Size = 12288 bytes | Modified Date = 1/4/2008 4:56:24 PM | Attr =    ]
divx_xx07.dll -> %System32%\divx_xx07.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Modified Date = 1/4/2008 4:57:12 PM | Attr =    ]
divx_xx0c.dll -> %System32%\divx_xx0c.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Modified Date = 1/4/2008 4:57:10 PM | Attr =    ]
divx_xx11.dll -> %System32%\divx_xx11.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 802816 bytes | Modified Date = 1/4/2008 4:57:10 PM | Attr =    ]
dot3.tmf -> %System32%\dot3.tmf ->  [Ver =  | Size = 289467 bytes | Modified Date = 1/2/2008 1:17:05 AM | Attr =    ]
dpl100.dll -> %System32%\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 81920 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr =    ]
dpl100.dll.manifest -> %System32%\dpl100.dll.manifest ->  [Ver =  | Size = 416 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr =    ]
dpu10.dll -> %System32%\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr =    ]
dpu11.dll -> %System32%\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr =    ]
dpuGUI10.dll -> %System32%\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Modified Date = 1/4/2008 4:57:16 PM | Attr =    ]
dpuGUI11.dll -> %System32%\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr =    ]
dpus11.dll -> %System32%\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr =    ]
dpv11.dll -> %System32%\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr =    ]
drivers -> %System32%\drivers ->  [Folder | Modified Date = 1/26/2008 12:02:41 AM | Attr =    ]
dtu100.dll -> %System32%\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 196608 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr =    ]
dtu100.dll.manifest -> %System32%\dtu100.dll.manifest ->  [Ver =  | Size = 416 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr =    ]
eaphost.tmf -> %System32%\eaphost.tmf ->  [Ver =  | Size = 206830 bytes | Modified Date = 1/2/2008 1:20:28 AM | Attr =    ]
el-GR -> %System32%\el-GR ->  [Folder | Modified Date = 1/17/2008 3:05:33 PM | Attr =    ]
en-US -> %System32%\en-US ->  [Folder | Modified Date = 1/17/2008 3:05:43 PM | Attr =    ]
es-ES -> %System32%\es-ES ->  [Folder | Modified Date = 1/17/2008 3:05:21 PM | Attr =    ]
esrb.rs -> %System32%\esrb.rs -> Microsoft [Ver = 1.0.0.1 | Size = 51712 bytes | Modified Date = 1/2/2008 1:09:42 AM | Attr =    ]
fi-FI -> %System32%\fi-FI ->  [Folder | Modified Date = 1/17/2008 3:05:25 PM | Attr =    ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT ->  [Ver =  | Size = 414264 bytes | Modified Date = 1/27/2008 1:26:38 AM | Attr =    ]
fr-FR -> %System32%\fr-FR ->  [Folder | Modified Date = 1/17/2008 3:05:26 PM | Attr =    ]
GameUXLegacyGDFs.dll -> %System32%\GameUXLegacyGDFs.dll -> Microsoft [Ver = 1.0.0.1 | Size = 4240384 bytes | Modified Date = 1/2/2008 1:10:28 AM | Attr =    ]
grb.rs -> %System32%\grb.rs -> Microsoft [Ver = 1.0.0.1 | Size = 16896 bytes | Modified Date = 1/2/2008 1:09:42 AM | Attr =    ]
he-IL -> %System32%\he-IL ->  [Folder | Modified Date = 1/17/2008 3:05:26 PM | Attr =    ]
hu-HU -> %System32%\hu-HU ->  [Folder | Modified Date = 1/17/2008 3:05:25 PM | Attr =    ]
ias -> %System32%\ias ->  [Folder | Modified Date = 1/17/2008 3:05:26 PM | Attr =    ]
IasMigPlugin.dll -> %System32%\IasMigPlugin.dll -> Microsoft [Ver = 1.0.0.1 | Size = 445952 bytes | Modified Date = 1/2/2008 2:34:18 AM | Attr =    ]
ifxcardm.dll -> %System32%\ifxcardm.dll -> Infineon Technologies AG [Ver = 6.0.6001.17128 (longhorn.080101-1935) | Size = 101888 bytes | Modified Date = 1/17/2008 2:39:52 PM | Attr =    ]
Indt2.sys -> %System32%\Indt2.sys -> a [Ver = 2.00.0032 | Size = 45056 bytes | Modified Date = 1/24/2008 12:01:22 AM | Attr =    ]
it-IT -> %System32%\it-IT ->  [Folder | Modified Date = 1/17/2008 3:05:33 PM | Attr =    ]
ja-JP -> %System32%\ja-JP ->  [Folder | Modified Date = 1/17/2008 3:05:21 PM | Attr =    ]
ko-KR -> %System32%\ko-KR ->  [Folder | Modified Date = 1/17/2008 3:05:45 PM | Attr =    ]
l3codeca.acm -> %System32%\l3codeca.acm -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 9, 0, 0401 | Size = 62464 bytes | Modified Date = 1/2/2008 2:31:23 AM | Attr =    ]
l3codecp.acm -> %System32%\l3codecp.acm -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 3, 4, 0, 0 | Size = 220672 bytes | Modified Date = 1/2/2008 2:31:23 AM | Attr =    ]
locale.nls -> %System32%\locale.nls ->  [Ver =  | Size = 3662296 bytes | Modified Date = 1/1/2008 11:02:36 PM | Attr =    ]
manifeststore -> %System32%\manifeststore ->  [Folder | Modified Date = 1/17/2008 3:05:21 PM | Attr =    ]
migration -> %System32%\migration ->  [Folder | Modified Date = 1/17/2008 3:05:32 PM | Attr =    ]
migwiz -> %System32%\migwiz ->  [Folder | Modified Date = 1/17/2008 3:05:08 PM | Attr =    ]
msjetoledb40.dll -> %System32%\msjetoledb40.dll ->  [Ver =  | Size = 368640 bytes | Modified Date = 1/2/2008 2:33:18 AM | Attr =    ]
nb-NO -> %System32%\nb-NO ->  [Folder | Modified Date = 1/17/2008 3:05:12 PM | Attr =    ]
ndt2.sys -> %System32%\ndt2.sys ->  [Ver = 2.0.1.101 | Size = 250368 bytes | Modified Date = 1/24/2008 12:01:21 AM | Attr =    ]
nl-NL -> %System32%\nl-NL ->  [Folder | Modified Date = 1/17/2008 3:05:12 PM | Attr =    ]
onex.tmf -> %System32%\onex.tmf ->  [Ver =  | Size = 261163 bytes | Modified Date = 1/2/2008 1:16:51 AM | Attr =    ]
oobe -> %System32%\oobe ->  [Folder | Modified Date = 1/17/2008 3:05:33 PM | Attr =    ]
perfc009.dat -> %System32%\perfc009.dat ->  [Ver =  | Size = 101350 bytes | Modified Date = 1/27/2008 12:58:27 PM | Attr =    ]
perfh009.dat -> %System32%\perfh009.dat ->  [Ver =  | Size = 595684 bytes | Modified Date = 1/27/2008 12:58:27 PM | Attr =    ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI ->  [Ver =  | Size = 690960 bytes | Modified Date = 1/27/2008 12:58:27 PM | Attr =    ]
pl-PL -> %System32%\pl-PL ->  [Folder | Modified Date = 1/17/2008 3:05:21 PM | Attr =    ]
pncrt.dll -> %System32%\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Modified Date = 1/16/2008 11:15:19 PM | Attr =    ]
pndx5016.dll -> %System32%\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Modified Date = 1/16/2008 11:15:21 PM | Attr =    ]
pndx5032.dll -> %System32%\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Modified Date = 1/16/2008 11:15:21 PM | Attr =    ]
pt-BR -> %System32%\pt-BR ->  [Folder | Modified Date = 1/17/2008 3:05:07 PM | Attr =    ]
pt-PT -> %System32%\pt-PT ->  [Folder | Modified Date = 1/17/2008 3:05:25 PM | Attr =    ]
qt-dx331.dll -> %System32%\qt-dx331.dll ->  [Ver =  | Size = 3596288 bytes | Modified Date = 1/4/2008 4:58:50 PM | Attr =    ]
QuickTime.qts -> %System32%\QuickTime.qts -> Apple Inc. [Ver = 7.4 | Size = 57344 bytes | Modified Date = 1/10/2008 3:27:44 PM | Attr =    ]
QuickTimeVR.qtx -> %System32%\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.4 | Size = 90112 bytes | Modified Date = 1/10/2008 3:27:46 PM | Attr =    ]
rmoc3260.dll -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.45 | Size = 185944 bytes | Modified Date = 1/16/2008 11:15:40 PM | Attr =    ]
ro-RO -> %System32%\ro-RO ->  [Folder | Modified Date = 1/17/2008 3:05:21 PM | Attr =    ]
Robocopy.exe -> %System32%\Robocopy.exe -> Microsoft [Ver = 5, 1, 10, 1027 | Size = 87552 bytes | Modified Date = 1/2/2008 2:31:51 AM | Attr =    ]
RTCOM -> %System32%\RTCOM ->  [Folder | Modified Date = 1/17/2008 2:46:35 PM | Attr =    ]
ru-RU -> %System32%\ru-RU ->  [Folder | Modified Date = 1/17/2008 3:05:26 PM | Attr =    ]
setup -> %System32%\setup ->  [Folder | Modified Date = 1/17/2008 3:05:26 PM | Attr =    ]
SLUI -> %System32%\SLUI ->  [Folder | Modified Date = 1/17/2008 3:05:25 PM | Attr =    ]
SMBHelperClass.dll -> %System32%\SMBHelperClass.dll -> Microsoft [Ver = 1.0.0.1 | Size = 83456 bytes | Modified Date = 1/2/2008 2:34:23 AM | Attr =    ]
StructuredQuerySchema.bin -> %System32%\StructuredQuerySchema.bin ->  [Ver =  | Size = 100043 bytes | Modified Date = 1/1/2008 11:07:35 PM | Attr =    ]
sv-SE -> %System32%\sv-SE ->  [Folder | Modified Date = 1/17/2008 3:05:26 PM | Attr =    ]
sysprep -> %System32%\sysprep ->  [Folder | Modified Date = 1/17/2008 3:05:32 PM | Attr =    ]
Tasks -> %System32%\Tasks ->  [Folder | Modified Date = 1/24/2008 3:31:53 AM | Attr =    ]
tmp.reg -> %System32%\tmp.reg ->  [Ver =  | Size = 3550 bytes | Modified Date = 1/24/2008 5:05:56 PM | Attr =    ]
tr-TR -> %System32%\tr-TR ->  [Folder | Modified Date = 1/17/2008 3:05:16 PM | Attr =    ]
URTTemp -> %System32%\URTTemp ->  [Folder | Modified Date = 1/24/2008 5:20:45 PM | Attr =    ]
wbem -> %System32%\wbem ->  [Folder | Modified Date = 1/17/2008 3:05:15 PM | Attr =    ]
WFP.TMF -> %System32%\WFP.TMF ->  [Ver =  | Size = 175508 bytes | Modified Date = 1/2/2008 1:18:35 AM | Attr =    ]
wlan.tmf -> %System32%\wlan.tmf ->  [Ver =  | Size = 1675370 bytes | Modified Date = 1/2/2008 1:16:57 AM | Attr =    ]
WlanMmHC.dll -> %System32%\WlanMmHC.dll -> Microsoft [Ver = 1.0.0.1 | Size = 41472 bytes | Modified Date = 1/2/2008 2:34:43 AM | Attr =    ]
XPSViewer -> %System32%\XPSViewer ->  [Folder | Modified Date = 1/17/2008 3:05:45 PM | Attr =    ]
zh-CN -> %System32%\zh-CN ->  [Folder | Modified Date = 1/17/2008 3:05:22 PM | Attr =    ]
zh-TW -> %System32%\zh-TW ->  [Folder | Modified Date = 1/17/2008 3:05:21 PM | Attr =    ]
120276828.ini -> %SystemRoot%\120276828.ini ->  [Ver =  | Size = 37 bytes | Modified Date = 1/2/2008 2:11:28 AM | Attr =    ]
AppPatch -> %SystemRoot%\AppPatch ->  [Folder | Modified Date = 1/17/2008 3:03:41 PM | Attr =    ]
2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> 
assembly -> %SystemRoot%\assembly ->  [Folder | Modified Date = 1/17/2008 3:20:15 PM | Attr = R S]
Boot -> %SystemRoot%\Boot ->  [Folder | Modified Date = 1/17/2008 3:03:31 PM | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 67584 bytes | Modified Date = 1/27/2008 12:53:43 PM | Attr =   S]
bthservsdp.dat -> %SystemRoot%\bthservsdp.dat ->  [Ver =  | Size = 12 bytes | Modified Date = 1/27/2008 5:26:37 AM | Attr =    ]
DigitalLocker -> %SystemRoot%\DigitalLocker ->  [Folder | Modified Date = 1/17/2008 3:05:47 PM | Attr =    ]
Downloaded Installations -> %SystemRoot%\Downloaded Installations ->  [Folder | Modified Date = 1/24/2008 2:18:30 AM | Attr =    ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Modified Date = 1/24/2008 8:38:11 PM | Attr =   S]
ehome -> %SystemRoot%\ehome ->  [Folder | Modified Date = 1/17/2008 3:06:02 PM | Attr =    ]
ERDNT -> %SystemRoot%\ERDNT ->  [Folder | Modified Date = 1/26/2008 3:52:41 PM | Attr =    ]
Fonts -> %SystemRoot%\Fonts ->  [Folder | Modified Date = 1/26/2008 3:43:24 PM | Attr = R S]
IME -> %SystemRoot%\IME ->  [Folder | Modified Date = 1/17/2008 3:05:47 PM | Attr =    ]
inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 1/27/2008 12:58:27 PM | Attr =    ]
Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 1/26/2008 3:46:32 PM | Attr =  HS]
L2Schemas -> %SystemRoot%\L2Schemas ->  [Folder | Modified Date = 1/17/2008 3:05:47 PM | Attr =    ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET ->  [Folder | Modified Date = 1/17/2008 3:20:16 PM | Attr =    ]
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 726 bytes | Modified Date = 1/8/2008 2:02:26 PM | Attr =    ]
MSAgent -> %SystemRoot%\MSAgent ->  [Folder | Modified Date = 1/17/2008 3:05:49 PM | Attr =    ]
PolicyDefinitions -> %SystemRoot%\PolicyDefinitions ->  [Folder | Modified Date = 1/17/2008 3:05:45 PM | Attr =    ]
popcinfo.dat -> %SystemRoot%\popcinfo.dat ->  [Ver =  | Size = 26 bytes | Modified Date = 1/26/2008 1:16:40 AM | Attr =    ]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Modified Date = 1/27/2008 2:08:56 PM | Attr =    ]
pss -> %SystemRoot%\pss ->  [Folder | Modified Date = 1/23/2008 12:37:45 PM | Attr =    ]
rescache -> %SystemRoot%\rescache ->  [Folder | Modified Date = 1/17/2008 4:04:40 PM | Attr =    ]
servicing -> %SystemRoot%\servicing ->  [Folder | Modified Date = 1/17/2008 3:06:03 PM | Attr =    ]
System32 -> %System32% ->  [Folder | Modified Date = 1/27/2008 12:58:27 PM | Attr =    ]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Modified Date = 1/18/2008 6:53:08 PM | Attr =    ]
Temp -> %SystemRoot%\Temp ->  [Folder | Modified Date = 1/27/2008 2:08:57 PM | Attr =    ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 352 bytes | Modified Date = 1/18/2008 6:41:44 PM | Attr =    ]
WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 1/17/2008 3:16:17 PM | Attr = RH ]
winsxs -> %SystemRoot%\winsxs ->  [Folder | Modified Date = 1/17/2008 4:03:33 PM | Attr =    ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 1/27/2008 12:53:45 PM | Attr =  H ]
Uniblue SpeedUpMyPC Nag.job -> %SystemRoot%\tasks\Uniblue SpeedUpMyPC Nag.job ->  [Ver =  | Size = 268 bytes | Modified Date = 1/22/2008 9:19:37 PM | Attr =    ]
Uniblue SpyEraser.job -> %SystemRoot%\tasks\Uniblue SpyEraser.job ->  [Ver =  | Size = 336 bytes | Modified Date = 1/19/2008 1:59:40 PM | Attr =    ]
User_Feed_Synchronization-{9D8CDE7C-01E5-4293-9409-14C682154076}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{9D8CDE7C-01E5-4293-9409-14C682154076}.job ->  [Ver =  | Size = 416 bytes | Modified Date = 1/26/2008 6:57:26 PM | Attr =  H ]

[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001a6be3e970]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001a6be3e970]
scanning hidden registry entries ...
scanning hidden files ...
C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT 6144 bytes
< Document and Settings folder & sub folders >
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001a6be3e970]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001a6be3e970]
scanning hidden registry entries ...
scanning hidden files ...
C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT 6144 bytes

< End of report >
[/code]