[code] WinPFind35 logfile created on: 3/10/2008 4:07:33 PM WinPFind35U Version 1.0.5.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop\Utilities\WinPFind35u Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 191.48 Mb Total Physical Memory | 62.07 Mb Available Physical Memory | 32.41% Memory free 464.68 Mb Paging File | 203.60 Mb Available in Paging File | 43.82% Paging File free Paging file location(s): C:\pagefile.sys 288 576; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 69.68 Gb Total Space | 53.74 Gb Free Space | 77.12% Space Free | Partition Type: NTFS Drive D: | 4.86 Gb Total Space | 0.60 Gb Free Space | 12.30% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-4F1261A8E5 Current User Name: Compaq_Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 181864 bytes | Modified Date = 1/9/2007 6:32:04 PM | Attr = ] ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 198248 bytes | Modified Date = 1/9/2007 6:32:02 PM | Attr = ] lexbces.exe -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 8/18/2003 6:37:09 AM | Attr = ] lexpps.exe -> %SystemRoot%\system32\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 174592 bytes | Modified Date = 8/18/2003 6:32:55 AM | Attr = ] agrsmsvc.exe -> %SystemRoot%\system32\agrsmsvc.exe -> Agere Systems [Ver = 1.0.0.6 | Size = 12800 bytes | Modified Date = 9/26/2007 7:24:42 PM | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 8:31:10 AM | Attr = ] nprotect.exe -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> Symantec Corporation [Ver = 18.0.0.62 | Size = 95328 bytes | Modified Date = 8/31/2004 12:52:10 AM | Attr = ] nopdb.exe -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -> Symantec Corporation [Ver = 7.00.0.24 | Size = 181416 bytes | Modified Date = 8/31/2004 12:50:38 AM | Attr = ] symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1, 8, 54, 478 | Size = 819352 bytes | Modified Date = 2/26/2008 9:26:07 AM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 5:25:21 AM | Attr = ] hpsysdrv.exe -> %SystemRoot%\system\hpsysdrv.exe -> Hewlett-Packard Company [Ver = 1, 7, 0, 0 | Size = 52736 bytes | Modified Date = 5/7/1998 7:04:38 PM | Attr = ] agrsmmsg.exe -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.41.10 2.1.41.10 06/29/2004 09:06:35 | Size = 88363 bytes | Modified Date = 6/29/2004 8:06:38 PM | Attr = ] kbd.exe -> %SystemDrive%\hp\KBD\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 61440 bytes | Modified Date = 2/11/2003 10:02:48 PM | Attr = ] lxbkbmgr.exe -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmgr.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 8/19/2003 6:43:46 AM | Attr = ] alcxmntr.exe -> %SystemRoot%\ALCXMNTR.EXE -> Realtek Semiconductor Corp. [Ver = 1.5 | Size = 57344 bytes | Modified Date = 9/7/2004 11:47:52 PM | Attr = ] lxbkbmon.exe -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmon.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 53248 bytes | Modified Date = 8/19/2003 7:00:39 AM | Attr = ] wkufind.exe -> %CommonProgramFiles%\Microsoft Shared\Works Shared\WkUFind.exe -> Microsoft® Corporation [Ver = 9.00.0607.0 | Size = 50688 bytes | Modified Date = 6/7/2003 7:32:32 AM | Attr = ] ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 58984 bytes | Modified Date = 1/9/2007 6:32:02 PM | Attr = ] desktopweather.exe -> %ProgramFiles%\The Weather Channel FW\Desktop Weather\DesktopWeather.exe -> The Weather Channel Interactive [Ver = 5, 2, 0, 1 | Size = 715888 bytes | Modified Date = 12/20/2007 9:10:06 AM | Attr = ] sistray.exe -> %SystemRoot%\system32\sistray.exe -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3830 | Size = 262144 bytes | Modified Date = 10/3/2007 4:57:12 PM | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\Utilities\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.5.0 | Size = 310272 bytes | Modified Date = 3/10/2008 2:34:14 AM | Attr = ] [Win32 Services - Non-Microsoft Only] (AgereModemAudio) Agere Modem Call Progress Audio [Win32_Own | Auto | Running] -> %SystemRoot%\system32\agrsmsvc.exe -> Agere Systems [Ver = 1.0.0.6 | Size = 12800 bytes | Modified Date = 9/26/2007 7:24:42 PM | Attr = ] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 8:31:10 AM | Attr = ] (ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 198248 bytes | Modified Date = 1/9/2007 6:32:02 PM | Attr = ] (ccPwdSvc) Symantec Password Validation [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPWDSVC.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 79464 bytes | Modified Date = 1/9/2007 6:32:04 PM | Attr = ] (ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 181864 bytes | Modified Date = 1/9/2007 6:32:04 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 2:00:00 PM | Attr = ] (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found (LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 8/18/2003 6:37:09 AM | Attr = ] (NProtectService) Norton Unerase Protection [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> Symantec Corporation [Ver = 18.0.0.62 | Size = 95328 bytes | Modified Date = 8/31/2004 12:52:10 AM | Attr = ] (Speed Disk service) Speed Disk service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -> Symantec Corporation [Ver = 7.00.0.24 | Size = 181416 bytes | Modified Date = 8/31/2004 12:50:38 AM | Attr = ] (Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1, 8, 54, 478 | Size = 819352 bytes | Modified Date = 2/26/2008 9:26:07 AM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 5:25:42 AM | Attr = ] AGRSMMSG -> %SystemRoot%\AGRSMMSG.exe -> Agere Systems [Ver = 2.1.41.10 2.1.41.10 06/29/2004 09:06:35 | Size = 88363 bytes | Modified Date = 6/29/2004 8:06:38 PM | Attr = ] AlcxMonitor -> %SystemRoot%\ALCXMNTR.EXE -> Realtek Semiconductor Corp. [Ver = 1.5 | Size = 57344 bytes | Modified Date = 9/7/2004 11:47:52 PM | Attr = ] ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.9.2 | Size = 58984 bytes | Modified Date = 1/9/2007 6:32:02 PM | Attr = ] hpsysdrv -> %SystemRoot%\system\hpsysdrv.exe -> Hewlett-Packard Company [Ver = 1, 7, 0, 0 | Size = 52736 bytes | Modified Date = 5/7/1998 7:04:38 PM | Attr = ] KBD -> %SystemDrive%\hp\KBD\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 61440 bytes | Modified Date = 2/11/2003 10:02:48 PM | Attr = ] Lexmark X1100 Series -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmgr.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 8/19/2003 6:43:46 AM | Attr = ] LSBWatcher -> %SystemDrive%\hp\drivers\hplsbwatcher\LSBurnWatcher.exe -> Hewlett-Packard Company [Ver = 4, 10, 14, 0 | Size = 253952 bytes | Modified Date = 10/15/2004 12:54:32 AM | Attr = ] Microsoft Works Update Detection -> %CommonProgramFiles%\Microsoft Shared\Works Shared\WkUFind.exe -> Microsoft® Corporation [Ver = 9.00.0607.0 | Size = 50688 bytes | Modified Date = 6/7/2003 7:32:32 AM | Attr = ] PS2 -> %SystemRoot%\system32\ps2.EXE -> Hewlett-Packard Company [Ver = 1.0.2.2.911 | Size = 98304 bytes | Modified Date = 9/12/2003 10:13:20 PM | Attr = ] Recguard -> %SystemRoot%\SMINST\Recguard.exe -> [Ver = 5, 0, 44, 2 | Size = 233472 bytes | Modified Date = 4/14/2004 11:43:46 PM | Attr = ] SiSPower -> %SystemRoot%\system32\SiSPower.dll -> Silicon Integrated Systems Corporation [Ver = 6.14.10.3830 | Size = 53248 bytes | Modified Date = 10/3/2007 4:58:04 PM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 5:25:21 AM | Attr = ] TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3034 | Size = 180269 bytes | Modified Date = 1/28/2005 2:44:07 PM | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> DW4 -> %ProgramFiles%\The Weather Channel FW\Desktop Weather\DesktopWeather.exe -> The Weather Channel Interactive [Ver = 5, 2, 0, 1 | Size = 715888 bytes | Modified Date = 12/20/2007 9:10:06 AM | Attr = ] Hwml -> %ProgramFiles%\??mantec\??xplore.exe -> File not found Norton SystemWorks -> %ProgramFiles%\Norton SystemWorks\CfgWiz.exe -> Symantec Corporation [Ver = 5.0.0.51 | Size = 132248 bytes | Modified Date = 9/9/2004 10:12:00 PM | Attr = ] Srro -> %SystemDrive%\DOCUME~1\COMPAQ~1\APPLIC~1\SSTEM3~1\wuauboot.exe -> File not found < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Utility Tray.lnk -> %SystemRoot%\system32\sistray.exe -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3830 | Size = 262144 bytes | Modified Date = 10/3/2007 4:57:12 PM | Attr = ] < Compaq_Owner Startup Folder > -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 5/30/2007 8:29:58 AM | Attr = ] {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 1:55:48 PM | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.DLL -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 3/9/2008 9:21:40 AM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.msn.com/ -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 6.0.1.2003110300 | Size = 54248 bytes | Modified Date = 11/4/2003 1:17:44 AM | Attr = ] {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\StumbleUpon\StumbleUponIEBar.dll [StumbleUpon Launcher] -> stumbleupon.com [Ver = 1.0.0.1 | Size = 987832 bytes | Modified Date = 10/24/2007 2:57:00 PM | Attr = ] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\BitComet\tools\BitCometBHO_1.2.1.2.dll [BitComet Helper] -> BitComet [Ver = 20080116 | Size = 496952 bytes | Modified Date = 1/25/2008 6:06:28 AM | Attr = ] {4411C9B3-5302-76A3-5166-5A00CAC488BD} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\rvnh.dll [Reg Error: Value does not exist or could not be read.] -> File not found {6D363E5D-E028-4E5A-80B8-D6C96EE1DF8E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Outlook Express\vikide998.dll [Reg Error: Value does not exist or could not be read.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 5:25:19 AM | Attr = ] {AA1F9DDB-E605-4ba6-81D4-E427DEE012AD} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\TwcToolbarBho.dll [TwcToolbarBhoApp Class] -> [Ver = 1, 0, 0, 0 | Size = 73728 bytes | Modified Date = 5/9/2007 10:41:18 AM | Attr = ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {2E5E800E-6AC0-411E-940A-369530A35E43} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\TwcToolbarIe7.dll [The Weather Channel Toolbar] -> [Ver = 1, 2, 0, 1 | Size = 262144 bytes | Modified Date = 5/9/2007 11:24:10 AM | Attr = ] {5093EB4C-3E93-40AB-9266-B607BA87BDC8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\StumbleUpon\StumbleUponIEBar.dll [StumbleUpon Toolbar] -> stumbleupon.com [Ver = 1.0.0.1 | Size = 987832 bytes | Modified Date = 10/24/2007 2:57:00 PM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 5:25:19 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 5:25:19 AM | Attr = ] {2E5E800E-6AC0-411E-940A-369530A35E43}:BandCLSID -> Reg Error: Key does not exist or could not be opened. [The Weather Channel] -> File not found {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [BitComet] -> File not found < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 5:25:19 AM | Attr = ] CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &D&ownload &with BitComet -> %ProgramFiles%\BitComet\BitComet.exe -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 AM | Attr = ] &D&ownload all video with BitComet -> %ProgramFiles%\BitComet\BitComet.exe -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 AM | Attr = ] &D&ownload all with BitComet -> %ProgramFiles%\BitComet\BitComet.exe -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 AM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> SU 3.011 -> StumbleUpon Version String -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {1F3B0F6D-615F-4E78-9DAD-5EA680389DA7} -> (1394 Net Adapter) -> {42835F80-2414-4BCF-BAB8-7377D994797B} -> () -> {EEBAC4A1-5D34-4FE3-AC85-A5431A8D6B45} -> (SiS 900-Based PCI Fast Ethernet Adapter) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537}[HKEY_LOCAL_MACHINE] -> http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab[MSN Photo Upload Tool] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> {B8BE5E93-A60C-4D26-A2DC-220313175592}[HKEY_LOCAL_MACHINE] -> http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab[MSN Games - Installer] -> {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2_03] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> [Files/Folders - Created Within 30 days] BOOT.BAK -> %SystemDrive%\BOOT.BAK -> [Ver = | Size = 213 bytes | Created Date = 2/21/2008 3:24:27 PM | Attr = RHS] c9cd8e68b018dc62d5d5 -> %SystemDrive%\c9cd8e68b018dc62d5d5 -> [Folder | Created Date = 2/21/2008 1:59:10 PM | Attr = ] cmdcons -> %SystemDrive%\cmdcons -> [Folder | Created Date = 2/21/2008 3:23:43 PM | Attr = RHS] cmldr -> %SystemDrive%\cmldr -> [Ver = | Size = 260272 bytes | Created Date = 2/21/2008 3:24:15 PM | Attr = RHS] Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 2/23/2008 11:45:52 AM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 200855552 bytes | Created Date = 2/21/2008 3:19:04 PM | Attr = HS] QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 3/9/2008 4:57:03 PM | Attr = ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 2/21/2008 3:52:07 PM | Attr = HS] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 2/21/2008 3:11:11 PM | Attr = HS] Temp -> %SystemDrive%\Temp -> [Folder | Created Date = 3/8/2008 1:53:13 PM | Attr = ] 12520437.cpx -> %SystemRoot%\System32\dllcache\12520437.cpx -> [Ver = | Size = 2151 bytes | Created Date = 2/21/2008 12:56:18 PM | Attr = ] 12520850.cpx -> %SystemRoot%\System32\dllcache\12520850.cpx -> [Ver = | Size = 2233 bytes | Created Date = 2/21/2008 12:56:18 PM | Attr = ] big5.nls -> %SystemRoot%\System32\dllcache\big5.nls -> [Ver = | Size = 66728 bytes | Created Date = 2/21/2008 1:01:33 PM | Attr = ] bopomofo.nls -> %SystemRoot%\System32\dllcache\bopomofo.nls -> [Ver = | Size = 82172 bytes | Created Date = 2/21/2008 1:01:34 PM | Attr = ] cap7146.sys -> %SystemRoot%\System32\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 2/21/2008 1:10:00 PM | Attr = ] country.sys -> %SystemRoot%\System32\dllcache\country.sys -> [Ver = | Size = 27097 bytes | Created Date = 2/21/2008 1:10:04 PM | Attr = ] ctype.nls -> %SystemRoot%\System32\dllcache\ctype.nls -> [Ver = | Size = 8386 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_037.nls -> %SystemRoot%\System32\dllcache\c_037.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10000.nls -> %SystemRoot%\System32\dllcache\c_10000.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10001.nls -> %SystemRoot%\System32\dllcache\c_10001.nls -> [Ver = | Size = 162850 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10002.nls -> %SystemRoot%\System32\dllcache\c_10002.nls -> [Ver = | Size = 195618 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10003.nls -> %SystemRoot%\System32\dllcache\c_10003.nls -> [Ver = | Size = 177698 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10004.nls -> %SystemRoot%\System32\dllcache\c_10004.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10005.nls -> %SystemRoot%\System32\dllcache\c_10005.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10006.nls -> %SystemRoot%\System32\dllcache\c_10006.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10007.nls -> %SystemRoot%\System32\dllcache\c_10007.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10008.nls -> %SystemRoot%\System32\dllcache\c_10008.nls -> [Ver = | Size = 173602 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10010.nls -> %SystemRoot%\System32\dllcache\c_10010.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10017.nls -> %SystemRoot%\System32\dllcache\c_10017.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10021.nls -> %SystemRoot%\System32\dllcache\c_10021.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10029.nls -> %SystemRoot%\System32\dllcache\c_10029.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10079.nls -> %SystemRoot%\System32\dllcache\c_10079.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10081.nls -> %SystemRoot%\System32\dllcache\c_10081.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10082.nls -> %SystemRoot%\System32\dllcache\c_10082.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1026.nls -> %SystemRoot%\System32\dllcache\c_1026.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1047.nls -> %SystemRoot%\System32\dllcache\c_1047.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1140.nls -> %SystemRoot%\System32\dllcache\c_1140.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1141.nls -> %SystemRoot%\System32\dllcache\c_1141.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1142.nls -> %SystemRoot%\System32\dllcache\c_1142.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1143.nls -> %SystemRoot%\System32\dllcache\c_1143.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1144.nls -> %SystemRoot%\System32\dllcache\c_1144.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1145.nls -> %SystemRoot%\System32\dllcache\c_1145.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1146.nls -> %SystemRoot%\System32\dllcache\c_1146.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1147.nls -> %SystemRoot%\System32\dllcache\c_1147.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1148.nls -> %SystemRoot%\System32\dllcache\c_1148.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1149.nls -> %SystemRoot%\System32\dllcache\c_1149.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1250.nls -> %SystemRoot%\System32\dllcache\c_1250.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1251.nls -> %SystemRoot%\System32\dllcache\c_1251.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1252.nls -> %SystemRoot%\System32\dllcache\c_1252.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1253.nls -> %SystemRoot%\System32\dllcache\c_1253.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1254.nls -> %SystemRoot%\System32\dllcache\c_1254.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1255.nls -> %SystemRoot%\System32\dllcache\c_1255.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1256.nls -> %SystemRoot%\System32\dllcache\c_1256.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1257.nls -> %SystemRoot%\System32\dllcache\c_1257.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1258.nls -> %SystemRoot%\System32\dllcache\c_1258.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1361.nls -> %SystemRoot%\System32\dllcache\c_1361.nls -> [Ver = | Size = 189986 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_20000.nls -> %SystemRoot%\System32\dllcache\c_20000.nls -> [Ver = | Size = 180258 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_20001.nls -> %SystemRoot%\System32\dllcache\c_20001.nls -> [Ver = | Size = 186402 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_20002.nls -> %SystemRoot%\System32\dllcache\c_20002.nls -> [Ver = | Size = 173602 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_20003.nls -> %SystemRoot%\System32\dllcache\c_20003.nls -> [Ver = | Size = 185378 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_20004.nls -> %SystemRoot%\System32\dllcache\c_20004.nls -> [Ver = | Size = 180258 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_20005.nls -> %SystemRoot%\System32\dllcache\c_20005.nls -> [Ver = | Size = 187938 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_20105.nls -> %SystemRoot%\System32\dllcache\c_20105.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20106.nls -> %SystemRoot%\System32\dllcache\c_20106.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20107.nls -> %SystemRoot%\System32\dllcache\c_20107.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20108.nls -> %SystemRoot%\System32\dllcache\c_20108.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20127.nls -> %SystemRoot%\System32\dllcache\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20261.nls -> %SystemRoot%\System32\dllcache\c_20261.nls -> [Ver = | Size = 139810 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20269.nls -> %SystemRoot%\System32\dllcache\c_20269.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20273.nls -> %SystemRoot%\System32\dllcache\c_20273.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20277.nls -> %SystemRoot%\System32\dllcache\c_20277.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20278.nls -> %SystemRoot%\System32\dllcache\c_20278.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20280.nls -> %SystemRoot%\System32\dllcache\c_20280.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20284.nls -> %SystemRoot%\System32\dllcache\c_20284.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20285.nls -> %SystemRoot%\System32\dllcache\c_20285.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20290.nls -> %SystemRoot%\System32\dllcache\c_20290.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20297.nls -> %SystemRoot%\System32\dllcache\c_20297.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20420.nls -> %SystemRoot%\System32\dllcache\c_20420.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20423.nls -> %SystemRoot%\System32\dllcache\c_20423.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20424.nls -> %SystemRoot%\System32\dllcache\c_20424.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20833.nls -> %SystemRoot%\System32\dllcache\c_20833.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20838.nls -> %SystemRoot%\System32\dllcache\c_20838.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20866.nls -> %SystemRoot%\System32\dllcache\c_20866.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20871.nls -> %SystemRoot%\System32\dllcache\c_20871.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20880.nls -> %SystemRoot%\System32\dllcache\c_20880.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20905.nls -> %SystemRoot%\System32\dllcache\c_20905.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20924.nls -> %SystemRoot%\System32\dllcache\c_20924.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20932.nls -> %SystemRoot%\System32\dllcache\c_20932.nls -> [Ver = | Size = 180770 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20936.nls -> %SystemRoot%\System32\dllcache\c_20936.nls -> [Ver = | Size = 173602 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20949.nls -> %SystemRoot%\System32\dllcache\c_20949.nls -> [Ver = | Size = 177698 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_21025.nls -> %SystemRoot%\System32\dllcache\c_21025.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_21027.nls -> %SystemRoot%\System32\dllcache\c_21027.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_21866.nls -> %SystemRoot%\System32\dllcache\c_21866.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28591.nls -> %SystemRoot%\System32\dllcache\c_28591.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28592.nls -> %SystemRoot%\System32\dllcache\c_28592.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28593.nls -> %SystemRoot%\System32\dllcache\c_28593.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28594.nls -> %SystemRoot%\System32\dllcache\c_28594.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28595.nls -> %SystemRoot%\System32\dllcache\c_28595.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28596.nls -> %SystemRoot%\System32\dllcache\c_28596.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28597.nls -> %SystemRoot%\System32\dllcache\c_28597.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28598.nls -> %SystemRoot%\System32\dllcache\c_28598.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28599.nls -> %SystemRoot%\System32\dllcache\c_28599.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28603.nls -> %SystemRoot%\System32\dllcache\c_28603.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28605.nls -> %SystemRoot%\System32\dllcache\c_28605.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_437.nls -> %SystemRoot%\System32\dllcache\c_437.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_500.nls -> %SystemRoot%\System32\dllcache\c_500.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_708.nls -> %SystemRoot%\System32\dllcache\c_708.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_720.nls -> %SystemRoot%\System32\dllcache\c_720.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_737.nls -> %SystemRoot%\System32\dllcache\c_737.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_775.nls -> %SystemRoot%\System32\dllcache\c_775.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_850.nls -> %SystemRoot%\System32\dllcache\c_850.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_852.nls -> %SystemRoot%\System32\dllcache\c_852.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_855.nls -> %SystemRoot%\System32\dllcache\c_855.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_857.nls -> %SystemRoot%\System32\dllcache\c_857.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_858.nls -> %SystemRoot%\System32\dllcache\c_858.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_860.nls -> %SystemRoot%\System32\dllcache\c_860.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_861.nls -> %SystemRoot%\System32\dllcache\c_861.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_862.nls -> %SystemRoot%\System32\dllcache\c_862.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_863.nls -> %SystemRoot%\System32\dllcache\c_863.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_864.nls -> %SystemRoot%\System32\dllcache\c_864.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_865.nls -> %SystemRoot%\System32\dllcache\c_865.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_866.nls -> %SystemRoot%\System32\dllcache\c_866.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_869.nls -> %SystemRoot%\System32\dllcache\c_869.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_870.nls -> %SystemRoot%\System32\dllcache\c_870.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_874.nls -> %SystemRoot%\System32\dllcache\c_874.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_875.nls -> %SystemRoot%\System32\dllcache\c_875.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_932.nls -> %SystemRoot%\System32\dllcache\c_932.nls -> [Ver = | Size = 162850 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_936.nls -> %SystemRoot%\System32\dllcache\c_936.nls -> [Ver = | Size = 196642 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_949.nls -> %SystemRoot%\System32\dllcache\c_949.nls -> [Ver = | Size = 196642 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_950.nls -> %SystemRoot%\System32\dllcache\c_950.nls -> [Ver = | Size = 196642 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] dmload.sys -> %SystemRoot%\System32\dllcache\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Created Date = 2/21/2008 1:22:35 PM | Attr = ] fastopen.exe -> %SystemRoot%\System32\dllcache\fastopen.exe -> [Ver = | Size = 882 bytes | Created Date = 2/21/2008 1:10:07 PM | Attr = ] framd.ttf -> %SystemRoot%\System32\dllcache\framd.ttf -> [Ver = | Size = 135984 bytes | Created Date = 2/21/2008 1:10:08 PM | Attr = ] framdit.ttf -> %SystemRoot%\System32\dllcache\framdit.ttf -> [Ver = | Size = 152844 bytes | Created Date = 2/21/2008 1:10:08 PM | Attr = ] geo.nls -> %SystemRoot%\System32\dllcache\geo.nls -> [Ver = | Size = 24772 bytes | Created Date = 2/21/2008 1:29:11 PM | Attr = ] gm.dls -> %SystemRoot%\System32\dllcache\gm.dls -> [Ver = | Size = 3440660 bytes | Created Date = 2/21/2008 1:29:13 PM | Attr = ] jgdw400.dll -> %SystemRoot%\System32\dllcache\jgdw400.dll -> America Online [Ver = 106 | Size = 163840 bytes | Created Date = 2/21/2008 3:23:03 PM | Attr = ] jgpl400.dll -> %SystemRoot%\System32\dllcache\jgpl400.dll -> Johnson-Grace Company [Ver = 054 | Size = 27648 bytes | Created Date = 2/21/2008 3:23:03 PM | Attr = ] key01.sys -> %SystemRoot%\System32\dllcache\key01.sys -> [Ver = | Size = 42809 bytes | Created Date = 2/21/2008 1:10:10 PM | Attr = ] keyboard.sys -> %SystemRoot%\System32\dllcache\keyboard.sys -> [Ver = | Size = 42537 bytes | Created Date = 2/21/2008 1:10:10 PM | Attr = ] ksc.nls -> %SystemRoot%\System32\dllcache\ksc.nls -> [Ver = | Size = 47066 bytes | Created Date = 2/21/2008 1:10:10 PM | Attr = ] locale.nls -> %SystemRoot%\System32\dllcache\locale.nls -> [Ver = | Size = 249270 bytes | Created Date = 2/21/2008 1:37:16 PM | Attr = ] ltts1033.lxa -> %SystemRoot%\System32\dllcache\ltts1033.lxa -> [Ver = | Size = 643717 bytes | Created Date = 2/21/2008 1:37:16 PM | Attr = ] l_except.nls -> %SystemRoot%\System32\dllcache\l_except.nls -> [Ver = | Size = 168 bytes | Created Date = 2/21/2008 1:37:17 PM | Attr = ] l_intl.nls -> %SystemRoot%\System32\dllcache\l_intl.nls -> [Ver = | Size = 7046 bytes | Created Date = 2/21/2008 1:37:17 PM | Attr = ] marlett.ttf -> %SystemRoot%\System32\dllcache\marlett.ttf -> [Ver = | Size = 24124 bytes | Created Date = 2/21/2008 1:38:01 PM | Attr = ] micross.ttf -> %SystemRoot%\System32\dllcache\micross.ttf -> [Ver = | Size = 460728 bytes | Created Date = 2/21/2008 1:38:04 PM | Attr = ] mlang.dat -> %SystemRoot%\System32\dllcache\mlang.dat -> [Ver = | Size = 673088 bytes | Created Date = 2/21/2008 1:38:05 PM | Attr = ] mscdexnt.exe -> %SystemRoot%\System32\dllcache\mscdexnt.exe -> [Ver = | Size = 817 bytes | Created Date = 2/21/2008 1:38:10 PM | Attr = ] nls302en.lex -> %SystemRoot%\System32\dllcache\nls302en.lex -> [Ver = | Size = 4399505 bytes | Created Date = 2/21/2008 1:38:30 PM | Attr = ] ntdos404.sys -> %SystemRoot%\System32\dllcache\ntdos404.sys -> [Ver = | Size = 29146 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntdos411.sys -> %SystemRoot%\System32\dllcache\ntdos411.sys -> [Ver = | Size = 29370 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntdos412.sys -> %SystemRoot%\System32\dllcache\ntdos412.sys -> [Ver = | Size = 29274 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntdos804.sys -> %SystemRoot%\System32\dllcache\ntdos804.sys -> [Ver = | Size = 29146 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntio404.sys -> %SystemRoot%\System32\dllcache\ntio404.sys -> [Ver = | Size = 34560 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntio411.sys -> %SystemRoot%\System32\dllcache\ntio411.sys -> [Ver = | Size = 35648 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntio412.sys -> %SystemRoot%\System32\dllcache\ntio412.sys -> [Ver = | Size = 35424 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntio804.sys -> %SystemRoot%\System32\dllcache\ntio804.sys -> [Ver = | Size = 34560 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] odbcconf.rsp -> %SystemRoot%\System32\dllcache\odbcconf.rsp -> [Ver = | Size = 4310 bytes | Created Date = 2/21/2008 1:38:38 PM | Attr = ] oembios.bin -> %SystemRoot%\System32\dllcache\oembios.bin -> [Ver = | Size = 13107200 bytes | Created Date = 2/21/2008 1:38:38 PM | Attr = ] OEMBIOS.CAT -> %SystemRoot%\System32\dllcache\OEMBIOS.CAT -> [Ver = | Size = 7046 bytes | Created Date = 2/21/2008 1:38:42 PM | Attr = ] oembios.dat -> %SystemRoot%\System32\dllcache\oembios.dat -> [Ver = | Size = 4490 bytes | Created Date = 2/21/2008 1:38:42 PM | Attr = ] oembios.sig -> %SystemRoot%\System32\dllcache\oembios.sig -> [Ver = | Size = 6788 bytes | Created Date = 2/21/2008 1:38:42 PM | Attr = ] prc.nls -> %SystemRoot%\System32\dllcache\prc.nls -> [Ver = | Size = 83748 bytes | Created Date = 2/21/2008 1:38:53 PM | Attr = ] prcp.nls -> %SystemRoot%\System32\dllcache\prcp.nls -> [Ver = | Size = 83748 bytes | Created Date = 2/21/2008 1:38:53 PM | Attr = ] proctexe.ocx -> %SystemRoot%\System32\dllcache\proctexe.ocx -> Intel Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 81920 bytes | Created Date = 2/21/2008 1:38:53 PM | Attr = ] ptilink.sys -> %SystemRoot%\System32\dllcache\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Created Date = 2/21/2008 1:38:53 PM | Attr = ] r1033tts.lxa -> %SystemRoot%\System32\dllcache\r1033tts.lxa -> [Ver = | Size = 605050 bytes | Created Date = 2/21/2008 1:37:19 PM | Attr = ] sam.sdf -> %SystemRoot%\System32\dllcache\sam.sdf -> [Ver = | Size = 888 bytes | Created Date = 2/21/2008 1:38:53 PM | Attr = ] sam.spd -> %SystemRoot%\System32\dllcache\sam.spd -> [Ver = | Size = 1685606 bytes | Created Date = 2/21/2008 1:38:53 PM | Attr = ] share.exe -> %SystemRoot%\System32\dllcache\share.exe -> [Ver = | Size = 882 bytes | Created Date = 2/21/2008 1:38:56 PM | Attr = ] slbcsp.dll -> %SystemRoot%\System32\dllcache\slbcsp.dll -> Schlumberger Technology Corporation [Ver = 5.1.2600.2094 (xpsp_sp2_rc1.040308-1920) | Size = 306176 bytes | Created Date = 2/21/2008 1:38:59 PM | Attr = ] sortkey.nls -> %SystemRoot%\System32\dllcache\sortkey.nls -> [Ver = | Size = 262148 bytes | Created Date = 2/21/2008 1:39:00 PM | Attr = ] sorttbls.nls -> %SystemRoot%\System32\dllcache\sorttbls.nls -> [Ver = | Size = 22040 bytes | Created Date = 2/21/2008 1:39:00 PM | Attr = ] srframe.mmf -> %SystemRoot%\System32\dllcache\srframe.mmf -> [Ver = | Size = 984 bytes | Created Date = 2/21/2008 1:39:10 PM | Attr = ] tahoma.ttf -> %SystemRoot%\System32\dllcache\tahoma.ttf -> [Ver = | Size = 383140 bytes | Created Date = 2/21/2008 1:39:13 PM | Attr = ] tahomabd.ttf -> %SystemRoot%\System32\dllcache\tahomabd.ttf -> [Ver = | Size = 355436 bytes | Created Date = 2/21/2008 1:39:13 PM | Attr = ] twunk_16.exe -> %SystemRoot%\System32\dllcache\twunk_16.exe -> Twain Working Group [Ver = 1,7,0,0 | Size = 49680 bytes | Created Date = 2/21/2008 1:39:17 PM | Attr = ] unicode.nls -> %SystemRoot%\System32\dllcache\unicode.nls -> [Ver = | Size = 89588 bytes | Created Date = 2/21/2008 1:37:23 PM | Attr = ] win87em.dll -> %SystemRoot%\System32\dllcache\win87em.dll -> [Ver = | Size = 13312 bytes | Created Date = 2/21/2008 1:39:23 PM | Attr = ] wmerrenu.cat -> %SystemRoot%\System32\dllcache\wmerrenu.cat -> [Ver = | Size = 7334 bytes | Created Date = 2/21/2008 1:39:26 PM | Attr = ] xjis.nls -> %SystemRoot%\System32\dllcache\xjis.nls -> [Ver = | Size = 28288 bytes | Created Date = 2/21/2008 1:39:33 PM | Attr = ] 103C_HP_CPC_PW532AA-ABA SR1403WM NA520_YC_0Pres_QCNH515_E52NAheRED3_47_ISalmon_SASUSTek Computer INC._V1.04_B3.15_T051019_WXH2_L409_M192_J80_7AMD_8Sempron_91.81_#080221_N10390900_Z11C1048C_G10396330.MRK -> %SystemRoot%\System32\drivers\103C_HP_CPC_PW532AA-ABA SR1403WM NA520_YC_0Pres_QCNH515_E52NAheRED3_47_ISalmon_SASUSTek Computer INC._V1.04_B3.15_T051019_WXH2_L409_M192_J80_7AMD_8Sempron_91.81_#080221_N10390900_Z11C1048C_G10396330.MRK -> [Ver = | Size = 1854 bytes | Created Date = 2/21/2008 3:19:53 PM | Attr = RHS] atksgt.sys -> %SystemRoot%\System32\drivers\atksgt.sys -> [Ver = | Size = 278728 bytes | Created Date = 2/21/2008 8:34:15 PM | Attr = ] AvgAsCln.sys -> %SystemRoot%\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 3/8/2008 2:16:26 PM | Attr = ] Camd9080.sys -> %SystemRoot%\System32\drivers\Camd9080.sys -> Service & Quality Technology. [Ver = 1, 1, 0, 0 | Size = 24101 bytes | Created Date = 3/2/2008 9:12:02 PM | Attr = ] Capt9080.sys -> %SystemRoot%\System32\drivers\Capt9080.sys -> Service & Quality Technology. [Ver = 1, 2, 0, 1 | Size = 49002 bytes | Created Date = 3/2/2008 9:12:02 PM | Attr = ] dmload.sys -> %SystemRoot%\System32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Created Date = 2/21/2008 1:22:35 PM | Attr = ] gm.dls -> %SystemRoot%\System32\drivers\gm.dls -> [Ver = | Size = 3440660 bytes | Created Date = 2/21/2008 1:29:13 PM | Attr = ] lirsgt.sys -> %SystemRoot%\System32\drivers\lirsgt.sys -> [Ver = | Size = 25416 bytes | Created Date = 2/21/2008 8:34:14 PM | Attr = ] MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> %SystemRoot%\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [Ver = | Size = 0 bytes | Created Date = 2/21/2008 1:49:23 PM | Attr = H ] Msft_Kernel_NuidFltr_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [Ver = | Size = 0 bytes | Created Date = 2/21/2008 1:49:27 PM | Attr = H ] ptilink.sys -> %SystemRoot%\System32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Created Date = 2/21/2008 1:38:53 PM | Attr = ] SDTHOOK.SYS -> %SystemRoot%\System32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Created Date = 3/9/2008 12:08:24 PM | Attr = ] secdrv.sys -> %SystemRoot%\System32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Created Date = 2/21/2008 1:38:55 PM | Attr = ] sptd.sys -> %SystemRoot%\System32\drivers\sptd.sys -> [Ver = | Size = 682232 bytes | Created Date = 2/24/2008 8:47:27 AM | Attr = ] SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> Symantec Corporation [Ver = 11.6.8.1 | Size = 124016 bytes | Created Date = 2/26/2008 9:25:54 AM | Attr = ] symlcbrd.sys -> %SystemRoot%\System32\drivers\symlcbrd.sys -> Symantec Corporation [Ver = 1, 8, 54, 478 | Size = 4608 bytes | Created Date = 2/26/2008 9:26:08 AM | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Created Date = 2/21/2008 1:50:38 PM | Attr = ] MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 2/21/2008 1:50:43 PM | Attr = H ] 12520437.cpx -> %SystemRoot%\System32\12520437.cpx -> [Ver = | Size = 2151 bytes | Created Date = 2/21/2008 12:56:18 PM | Attr = ] 12520850.cpx -> %SystemRoot%\System32\12520850.cpx -> [Ver = | Size = 2233 bytes | Created Date = 2/21/2008 12:56:18 PM | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Created Date = 3/9/2008 9:29:55 AM | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 3/9/2008 9:30:27 AM | Attr = ] bios1.rom -> %SystemRoot%\System32\bios1.rom -> [Ver = | Size = 28420 bytes | Created Date = 2/21/2008 1:01:33 PM | Attr = ] bios4.rom -> %SystemRoot%\System32\bios4.rom -> [Ver = | Size = 8191 bytes | Created Date = 2/21/2008 1:01:33 PM | Attr = ] bitcometres.dll -> %SystemRoot%\System32\bitcometres.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Created Date = 2/23/2008 11:45:55 AM | Attr = ] bopomofo.uce -> %SystemRoot%\System32\bopomofo.uce -> [Ver = | Size = 22984 bytes | Created Date = 2/21/2008 1:01:34 PM | Attr = ] cmos.ram -> %SystemRoot%\System32\cmos.ram -> [Ver = | Size = 64 bytes | Created Date = 2/21/2008 1:10:02 PM | Attr = ] country.sys -> %SystemRoot%\System32\country.sys -> [Ver = | Size = 27097 bytes | Created Date = 2/21/2008 1:10:04 PM | Attr = ] ctype.nls -> %SystemRoot%\System32\ctype.nls -> [Ver = | Size = 8386 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_037.nls -> %SystemRoot%\System32\c_037.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10000.nls -> %SystemRoot%\System32\c_10000.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10006.nls -> %SystemRoot%\System32\c_10006.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10007.nls -> %SystemRoot%\System32\c_10007.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10010.nls -> %SystemRoot%\System32\c_10010.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10017.nls -> %SystemRoot%\System32\c_10017.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10029.nls -> %SystemRoot%\System32\c_10029.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10079.nls -> %SystemRoot%\System32\c_10079.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10081.nls -> %SystemRoot%\System32\c_10081.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_10082.nls -> %SystemRoot%\System32\c_10082.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1026.nls -> %SystemRoot%\System32\c_1026.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1250.nls -> %SystemRoot%\System32\c_1250.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1251.nls -> %SystemRoot%\System32\c_1251.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1252.nls -> %SystemRoot%\System32\c_1252.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1253.nls -> %SystemRoot%\System32\c_1253.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1254.nls -> %SystemRoot%\System32\c_1254.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1255.nls -> %SystemRoot%\System32\c_1255.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1256.nls -> %SystemRoot%\System32\c_1256.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1257.nls -> %SystemRoot%\System32\c_1257.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_1258.nls -> %SystemRoot%\System32\c_1258.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:05 PM | Attr = ] c_20127.nls -> %SystemRoot%\System32\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20261.nls -> %SystemRoot%\System32\c_20261.nls -> [Ver = | Size = 139810 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20866.nls -> %SystemRoot%\System32\c_20866.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_20905.nls -> %SystemRoot%\System32\c_20905.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_21866.nls -> %SystemRoot%\System32\c_21866.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28591.nls -> %SystemRoot%\System32\c_28591.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28592.nls -> %SystemRoot%\System32\c_28592.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28593.nls -> %SystemRoot%\System32\c_28593.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] C_28594.NLS -> %SystemRoot%\System32\C_28594.NLS -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] C_28595.NLS -> %SystemRoot%\System32\C_28595.NLS -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] C_28597.NLS -> %SystemRoot%\System32\C_28597.NLS -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28598.nls -> %SystemRoot%\System32\c_28598.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28599.nls -> %SystemRoot%\System32\c_28599.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28603.nls -> %SystemRoot%\System32\c_28603.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_28605.nls -> %SystemRoot%\System32\c_28605.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_437.nls -> %SystemRoot%\System32\c_437.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_500.nls -> %SystemRoot%\System32\c_500.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_737.nls -> %SystemRoot%\System32\c_737.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_775.nls -> %SystemRoot%\System32\c_775.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_850.nls -> %SystemRoot%\System32\c_850.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_852.nls -> %SystemRoot%\System32\c_852.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_855.nls -> %SystemRoot%\System32\c_855.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_857.nls -> %SystemRoot%\System32\c_857.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_860.nls -> %SystemRoot%\System32\c_860.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_861.nls -> %SystemRoot%\System32\c_861.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_863.nls -> %SystemRoot%\System32\c_863.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_865.nls -> %SystemRoot%\System32\c_865.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_866.nls -> %SystemRoot%\System32\c_866.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_869.nls -> %SystemRoot%\System32\c_869.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_874.nls -> %SystemRoot%\System32\c_874.nls -> [Ver = | Size = 66594 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_875.nls -> %SystemRoot%\System32\c_875.nls -> [Ver = | Size = 66082 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_932.nls -> %SystemRoot%\System32\c_932.nls -> [Ver = | Size = 162850 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_936.nls -> %SystemRoot%\System32\c_936.nls -> [Ver = | Size = 196642 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_949.nls -> %SystemRoot%\System32\c_949.nls -> [Ver = | Size = 196642 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] c_950.nls -> %SystemRoot%\System32\c_950.nls -> [Ver = | Size = 196642 bytes | Created Date = 2/21/2008 1:10:06 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Created Date = 2/21/2008 2:02:29 PM | Attr = RHS] dr6 -> %SystemRoot%\System32\dr6 -> [Folder | Created Date = 3/8/2008 1:53:22 PM | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Created Date = 2/23/2008 6:46:22 AM | Attr = ] dsound.vxd -> %SystemRoot%\System32\dsound.vxd -> [Ver = | Size = 81 bytes | Created Date = 2/21/2008 1:28:55 PM | Attr = ] dssec.dat -> %SystemRoot%\System32\dssec.dat -> [Ver = | Size = 218003 bytes | Created Date = 2/21/2008 1:28:56 PM | Attr = ] ech5 -> %SystemRoot%\System32\ech5 -> [Folder | Created Date = 3/8/2008 1:53:22 PM | Attr = ] ega.cpi -> %SystemRoot%\System32\ega.cpi -> [Ver = | Size = 127213 bytes | Created Date = 2/21/2008 1:05:36 PM | Attr = ] en-us -> %SystemRoot%\System32\en-us -> [Folder | Created Date = 2/21/2008 2:01:05 PM | Attr = ] esentprf.hxx -> %SystemRoot%\System32\esentprf.hxx -> [Ver = | Size = 6708 bytes | Created Date = 2/21/2008 1:05:37 PM | Attr = ] fastopen.exe -> %SystemRoot%\System32\fastopen.exe -> [Ver = | Size = 882 bytes | Created Date = 2/21/2008 1:10:07 PM | Attr = ] fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 3/9/2008 4:56:56 PM | Attr = ] GameFly_2.ico -> %SystemRoot%\System32\GameFly_2.ico -> [Ver = | Size = 72566 bytes | Created Date = 3/8/2008 2:11:39 PM | Attr = ] gb2312.uce -> %SystemRoot%\System32\gb2312.uce -> [Ver = | Size = 24006 bytes | Created Date = 2/21/2008 1:29:03 PM | Attr = ] geo.nls -> %SystemRoot%\System32\geo.nls -> [Ver = | Size = 24772 bytes | Created Date = 2/21/2008 1:29:11 PM | Attr = ] graphics.pro -> %SystemRoot%\System32\graphics.pro -> [Ver = | Size = 21232 bytes | Created Date = 2/21/2008 1:29:24 PM | Attr = ] grep.exe -> %SystemRoot%\System32\grep.exe -> [Ver = | Size = 80412 bytes | Created Date = 3/9/2008 4:56:56 PM | Attr = ] ideograf.uce -> %SystemRoot%\System32\ideograf.uce -> [Ver = | Size = 60458 bytes | Created Date = 2/21/2008 1:30:07 PM | Attr = ] instcat.sql -> %SystemRoot%\System32\instcat.sql -> [Ver = | Size = 956990 bytes | Created Date = 2/21/2008 1:30:48 PM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/8/2008 4:57:28 PM | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Created Date = 3/8/2008 4:57:28 PM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/8/2008 4:57:28 PM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 3/8/2008 4:57:28 PM | Attr = ] kanji_1.uce -> %SystemRoot%\System32\kanji_1.uce -> [Ver = | Size = 6948 bytes | Created Date = 2/21/2008 1:10:09 PM | Attr = ] kanji_2.uce -> %SystemRoot%\System32\kanji_2.uce -> [Ver = | Size = 8484 bytes | Created Date = 2/21/2008 1:10:09 PM | Attr = ] key01.sys -> %SystemRoot%\System32\key01.sys -> [Ver = | Size = 42809 bytes | Created Date = 2/21/2008 1:10:10 PM | Attr = ] keyboard.sys -> %SystemRoot%\System32\keyboard.sys -> [Ver = | Size = 42537 bytes | Created Date = 2/21/2008 1:10:10 PM | Attr = ] korean.uce -> %SystemRoot%\System32\korean.uce -> [Ver = | Size = 12876 bytes | Created Date = 2/21/2008 1:10:10 PM | Attr = ] lfbmp13n.dll -> %SystemRoot%\System32\lfbmp13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 57344 bytes | Created Date = 3/2/2008 9:21:02 PM | Attr = ] lfcmp13n.dll -> %SystemRoot%\System32\lfcmp13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 401408 bytes | Created Date = 3/2/2008 9:21:02 PM | Attr = ] lfgif13n.dll -> %SystemRoot%\System32\lfgif13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 69632 bytes | Created Date = 3/2/2008 9:21:02 PM | Attr = ] locale.nls -> %SystemRoot%\System32\locale.nls -> [Ver = | Size = 249270 bytes | Created Date = 2/21/2008 1:37:16 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Created Date = 2/21/2008 1:50:38 PM | Attr = ] lows8 -> %SystemRoot%\System32\lows8 -> [Folder | Created Date = 3/8/2008 1:53:22 PM | Attr = ] ltdis13n.dll -> %SystemRoot%\System32\ltdis13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 299008 bytes | Created Date = 3/2/2008 9:21:02 PM | Attr = ] ltefx13n.dll -> %SystemRoot%\System32\ltefx13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.068 | Size = 206336 bytes | Created Date = 3/2/2008 9:21:02 PM | Attr = ] ltfil13n.dll -> %SystemRoot%\System32\ltfil13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 163840 bytes | Created Date = 3/2/2008 9:21:02 PM | Attr = ] ltimg13n.dll -> %SystemRoot%\System32\ltimg13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 450560 bytes | Created Date = 3/2/2008 9:21:02 PM | Attr = ] ltkrn13n.dll -> %SystemRoot%\System32\ltkrn13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 462848 bytes | Created Date = 3/2/2008 9:21:02 PM | Attr = ] l_except.nls -> %SystemRoot%\System32\l_except.nls -> [Ver = | Size = 168 bytes | Created Date = 2/21/2008 1:37:17 PM | Attr = ] l_intl.nls -> %SystemRoot%\System32\l_intl.nls -> [Ver = | Size = 7046 bytes | Created Date = 2/21/2008 1:37:17 PM | Attr = ] mib.bin -> %SystemRoot%\System32\mib.bin -> [Ver = | Size = 46258 bytes | Created Date = 2/21/2008 1:38:04 PM | Attr = ] mlang.dat -> %SystemRoot%\System32\mlang.dat -> [Ver = | Size = 673088 bytes | Created Date = 2/21/2008 1:38:05 PM | Attr = ] mscdexnt.exe -> %SystemRoot%\System32\mscdexnt.exe -> [Ver = | Size = 817 bytes | Created Date = 2/21/2008 1:38:10 PM | Attr = ] noise.dat -> %SystemRoot%\System32\noise.dat -> [Ver = | Size = 741 bytes | Created Date = 2/21/2008 1:38:31 PM | Attr = ] noise.deu -> %SystemRoot%\System32\noise.deu -> [Ver = | Size = 149848 bytes | Created Date = 2/21/2008 1:38:31 PM | Attr = ] noise.esn -> %SystemRoot%\System32\noise.esn -> [Ver = | Size = 19684 bytes | Created Date = 2/21/2008 1:38:31 PM | Attr = ] noise.fra -> %SystemRoot%\System32\noise.fra -> [Ver = | Size = 49196 bytes | Created Date = 2/21/2008 1:38:31 PM | Attr = ] noise.ita -> %SystemRoot%\System32\noise.ita -> [Ver = | Size = 19618 bytes | Created Date = 2/21/2008 1:38:31 PM | Attr = ] noise.nld -> %SystemRoot%\System32\noise.nld -> [Ver = | Size = 13256 bytes | Created Date = 2/21/2008 1:38:31 PM | Attr = ] noise.sve -> %SystemRoot%\System32\noise.sve -> [Ver = | Size = 13730 bytes | Created Date = 2/21/2008 1:38:31 PM | Attr = ] noise.tha -> %SystemRoot%\System32\noise.tha -> [Ver = | Size = 697 bytes | Created Date = 2/21/2008 1:38:31 PM | Attr = ] ntdos404.sys -> %SystemRoot%\System32\ntdos404.sys -> [Ver = | Size = 29146 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntdos411.sys -> %SystemRoot%\System32\ntdos411.sys -> [Ver = | Size = 29370 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntdos412.sys -> %SystemRoot%\System32\ntdos412.sys -> [Ver = | Size = 29274 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntdos804.sys -> %SystemRoot%\System32\ntdos804.sys -> [Ver = | Size = 29146 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntimage.gif -> %SystemRoot%\System32\ntimage.gif -> [Ver = | Size = 48794 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntio404.sys -> %SystemRoot%\System32\ntio404.sys -> [Ver = | Size = 34560 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntio411.sys -> %SystemRoot%\System32\ntio411.sys -> [Ver = | Size = 35648 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntio412.sys -> %SystemRoot%\System32\ntio412.sys -> [Ver = | Size = 35424 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] ntio804.sys -> %SystemRoot%\System32\ntio804.sys -> [Ver = | Size = 34560 bytes | Created Date = 2/21/2008 1:38:34 PM | Attr = ] odbcconf.rsp -> %SystemRoot%\System32\odbcconf.rsp -> [Ver = | Size = 4310 bytes | Created Date = 2/21/2008 1:38:38 PM | Attr = ] oembios.bin -> %SystemRoot%\System32\oembios.bin -> [Ver = | Size = 13107200 bytes | Created Date = 2/21/2008 1:38:38 PM | Attr = ] oembios.dat -> %SystemRoot%\System32\oembios.dat -> [Ver = | Size = 4490 bytes | Created Date = 2/21/2008 1:38:42 PM | Attr = ] oembios.sig -> %SystemRoot%\System32\oembios.sig -> [Ver = | Size = 6788 bytes | Created Date = 2/21/2008 1:38:42 PM | Attr = ] pcl.sep -> %SystemRoot%\System32\pcl.sep -> [Ver = | Size = 114 bytes | Created Date = 2/21/2008 1:38:45 PM | Attr = ] perfd009.dat -> %SystemRoot%\System32\perfd009.dat -> [Ver = | Size = 28626 bytes | Created Date = 2/21/2008 1:38:46 PM | Attr = ] perfi009.dat -> %SystemRoot%\System32\perfi009.dat -> [Ver = | Size = 272128 bytes | Created Date = 2/21/2008 1:38:46 PM | Attr = ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Created Date = 2/21/2008 4:00:05 PM | Attr = ] proctexe.ocx -> %SystemRoot%\System32\proctexe.ocx -> Intel Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 81920 bytes | Created Date = 2/21/2008 1:38:53 PM | Attr = ] pscript.sep -> %SystemRoot%\System32\pscript.sep -> [Ver = | Size = 51 bytes | Created Date = 2/21/2008 1:38:53 PM | Attr = ] S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> Symantec Corporation [Ver = 11.6.8.1 | Size = 91904 bytes | Created Date = 2/26/2008 9:25:54 AM | Attr = ] sbc2 -> %SystemRoot%\System32\sbc2 -> [Folder | Created Date = 3/8/2008 1:53:22 PM | Attr = ] sed.exe -> %SystemRoot%\System32\sed.exe -> [Ver = | Size = 98816 bytes | Created Date = 3/9/2008 4:56:56 PM | Attr = ] share.exe -> %SystemRoot%\System32\share.exe -> [Ver = | Size = 882 bytes | Created Date = 2/21/2008 1:38:56 PM | Attr = ] shiftjis.uce -> %SystemRoot%\System32\shiftjis.uce -> [Ver = | Size = 16740 bytes | Created Date = 2/21/2008 1:38:57 PM | Attr = ] SiSApCom.dll -> %SystemRoot%\System32\SiSApCom.dll -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3830 | Size = 135168 bytes | Created Date = 2/24/2008 5:10:56 PM | Attr = ] SiSBase.dll -> %SystemRoot%\System32\SiSBase.dll -> Silicon Integrated Systems Corporation [Ver = 6.14.10.3830 | Size = 49152 bytes | Created Date = 2/24/2008 5:06:55 PM | Attr = ] SiSHook.dll -> %SystemRoot%\System32\SiSHook.dll -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3830 | Size = 65536 bytes | Created Date = 2/24/2008 5:10:56 PM | Attr = ] SiSParse.dll -> %SystemRoot%\System32\SiSParse.dll -> Silicon Integrated Systems Corporation [Ver = 6.14.10.3830 | Size = 258048 bytes | Created Date = 2/24/2008 5:06:55 PM | Attr = ] SiSPower.dll -> %SystemRoot%\System32\SiSPower.dll -> Silicon Integrated Systems Corporation [Ver = 6.14.10.3830 | Size = 53248 bytes | Created Date = 2/24/2008 5:10:52 PM | Attr = ] sistray.exe -> %SystemRoot%\System32\sistray.exe -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3830 | Size = 262144 bytes | Created Date = 2/24/2008 5:10:54 PM | Attr = ] slbcsp.dll -> %SystemRoot%\System32\slbcsp.dll -> Schlumberger Technology Corporation [Ver = 5.1.2600.2094 (xpsp_sp2_rc1.040308-1920) | Size = 306176 bytes | Created Date = 2/21/2008 1:38:59 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Created Date = 2/21/2008 3:14:15 PM | Attr = ] sortkey.nls -> %SystemRoot%\System32\sortkey.nls -> [Ver = | Size = 262148 bytes | Created Date = 2/21/2008 1:39:00 PM | Attr = ] sorttbls.nls -> %SystemRoot%\System32\sorttbls.nls -> [Ver = | Size = 22040 bytes | Created Date = 2/21/2008 1:39:00 PM | Attr = ] subrange.uce -> %SystemRoot%\System32\subrange.uce -> [Ver = | Size = 93702 bytes | Created Date = 2/21/2008 1:39:11 PM | Attr = ] swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 3/9/2008 4:56:56 PM | Attr = ] swsc.exe -> %SystemRoot%\System32\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 3/9/2008 4:56:56 PM | Attr = ] swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 3/9/2008 4:56:56 PM | Attr = ] sysprint.sep -> %SystemRoot%\System32\sysprint.sep -> [Ver = | Size = 3214 bytes | Created Date = 2/21/2008 1:39:12 PM | Attr = ] sysprtj.sep -> %SystemRoot%\System32\sysprtj.sep -> [Ver = | Size = 3577 bytes | Created Date = 2/21/2008 1:39:12 PM | Attr = ] TVMode.dll -> %SystemRoot%\System32\TVMode.dll -> Silicon Integrated Systems Corporation [Ver = 0.0.0.3830 | Size = 110592 bytes | Created Date = 2/24/2008 5:10:56 PM | Attr = ] TwcToolbarBho.dll -> %SystemRoot%\System32\TwcToolbarBho.dll -> [Ver = 1, 0, 0, 0 | Size = 73728 bytes | Created Date = 2/21/2008 4:32:49 PM | Attr = ] TwcToolbarIe7.dll -> %SystemRoot%\System32\TwcToolbarIe7.dll -> [Ver = 1, 2, 0, 1 | Size = 262144 bytes | Created Date = 2/21/2008 4:32:49 PM | Attr = ] TwcToolInstDll.dll -> %SystemRoot%\System32\TwcToolInstDll.dll -> TODO: [Ver = 1.0.0.1 | Size = 25600 bytes | Created Date = 2/21/2008 4:32:49 PM | Attr = ] typ2 -> %SystemRoot%\System32\typ2 -> [Folder | Created Date = 3/8/2008 1:53:22 PM | Attr = ] unicode.nls -> %SystemRoot%\System32\unicode.nls -> [Ver = | Size = 89588 bytes | Created Date = 2/21/2008 1:37:23 PM | Attr = ] v7vga.rom -> %SystemRoot%\System32\v7vga.rom -> [Ver = | Size = 18832 bytes | Created Date = 2/21/2008 1:39:18 PM | Attr = ] VFind.exe -> %SystemRoot%\System32\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 3/9/2008 4:56:56 PM | Attr = ] VGAunistlog.ini -> %SystemRoot%\System32\VGAunistlog.ini -> [Ver = | Size = 79621 bytes | Created Date = 2/21/2008 3:16:52 PM | Attr = ] wbcache.deu -> %SystemRoot%\System32\wbcache.deu -> [Ver = | Size = 65489 bytes | Created Date = 2/21/2008 1:39:19 PM | Attr = ] wbcache.enu -> %SystemRoot%\System32\wbcache.enu -> [Ver = | Size = 65489 bytes | Created Date = 2/21/2008 1:39:19 PM | Attr = ] wbcache.esn -> %SystemRoot%\System32\wbcache.esn -> [Ver = | Size = 65489 bytes | Created Date = 2/21/2008 1:39:19 PM | Attr = ] wbcache.fra -> %SystemRoot%\System32\wbcache.fra -> [Ver = | Size = 65489 bytes | Created Date = 2/21/2008 1:39:19 PM | Attr = ] wbcache.ita -> %SystemRoot%\System32\wbcache.ita -> [Ver = | Size = 65489 bytes | Created Date = 2/21/2008 1:39:19 PM | Attr = ] wbcache.nld -> %SystemRoot%\System32\wbcache.nld -> [Ver = | Size = 65489 bytes | Created Date = 2/21/2008 1:39:19 PM | Attr = ] wbcache.sve -> %SystemRoot%\System32\wbcache.sve -> [Ver = | Size = 65489 bytes | Created Date = 2/21/2008 1:39:19 PM | Attr = ] wbdbase.deu -> %SystemRoot%\System32\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Created Date = 2/21/2008 1:39:19 PM | Attr = ] wbdbase.enu -> %SystemRoot%\System32\wbdbase.enu -> [Ver = | Size = 957440 bytes | Created Date = 2/21/2008 1:39:19 PM | Attr = ] wbdbase.esn -> %SystemRoot%\System32\wbdbase.esn -> [Ver = | Size = 750080 bytes | Created Date = 2/21/2008 1:39:20 PM | Attr = ] wbdbase.fra -> %SystemRoot%\System32\wbdbase.fra -> [Ver = | Size = 786944 bytes | Created Date = 2/21/2008 1:39:20 PM | Attr = ] wbdbase.ita -> %SystemRoot%\System32\wbdbase.ita -> [Ver = | Size = 867840 bytes | Created Date = 2/21/2008 1:39:20 PM | Attr = ] wbdbase.nld -> %SystemRoot%\System32\wbdbase.nld -> [Ver = | Size = 1095680 bytes | Created Date = 2/21/2008 1:39:20 PM | Attr = ] wbdbase.sve -> %SystemRoot%\System32\wbdbase.sve -> [Ver = | Size = 937984 bytes | Created Date = 2/21/2008 1:39:20 PM | Attr = ] wdl.trm -> %SystemRoot%\System32\wdl.trm -> [Ver = | Size = 4096 bytes | Created Date = 2/21/2008 1:39:21 PM | Attr = ] win87em.dll -> %SystemRoot%\System32\win87em.dll -> [Ver = | Size = 13312 bytes | Created Date = 2/21/2008 1:39:23 PM | Attr = ] wmimgmt.msc -> %SystemRoot%\System32\wmimgmt.msc -> [Ver = | Size = 63488 bytes | Created Date = 2/21/2008 1:39:27 PM | Attr = ] XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Created Date = 2/21/2008 2:01:07 PM | Attr = ] zip.exe -> %SystemRoot%\System32\zip.exe -> [Ver = | Size = 68096 bytes | Created Date = 3/9/2008 4:56:56 PM | Attr = ] ZPORT4AS.dll -> %SystemRoot%\System32\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 3/9/2008 9:30:26 AM | Attr = ] $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Created Date = 2/21/2008 4:00:21 PM | Attr = H ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 2/21/2008 2:27:35 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 2/21/2008 2:27:12 PM | Attr = H ] assembly -> %SystemRoot%\assembly -> [Folder | Created Date = 2/21/2008 2:03:32 PM | Attr = R S] clock.avi -> %SystemRoot%\clock.avi -> [Ver = | Size = 82944 bytes | Created Date = 2/21/2008 1:10:02 PM | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 3/9/2008 4:57:31 PM | Attr = ] explorer.scf -> %SystemRoot%\explorer.scf -> [Ver = | Size = 80 bytes | Created Date = 2/21/2008 1:05:38 PM | Attr = ] Game.INI -> %SystemRoot%\Game.INI -> [Ver = | Size = 0 bytes | Created Date = 3/7/2008 10:26:51 AM | Attr = ] I386 -> %SystemRoot%\I386 -> [Folder | Created Date = 2/21/2008 2:08:42 PM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 2/21/2008 2:27:52 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 2/21/2008 2:29:59 PM | Attr = ] InstFunc.dll -> %SystemRoot%\InstFunc.dll -> Silicon Integrated Systems Corporation [Ver = 6.14.10.3830 | Size = 12288 bytes | Created Date = 2/24/2008 5:10:52 PM | Attr = ] InstFunc.exe -> %SystemRoot%\InstFunc.exe -> [Ver = | Size = 49152 bytes | Created Date = 2/24/2008 5:10:52 PM | Attr = ] lexstat.ini -> %SystemRoot%\lexstat.ini -> [Ver = | Size = 265 bytes | Created Date = 2/21/2008 3:27:54 PM | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 3/9/2008 9:48:56 AM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 2/21/2008 2:25:43 PM | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 3/9/2008 4:56:56 PM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 2/26/2008 7:03:43 PM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Created Date = 2/21/2008 2:03:25 PM | Attr = R ] PIF -> %SystemRoot%\PIF -> [Folder | Created Date = 3/6/2008 9:52:36 AM | Attr = H ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 2/21/2008 3:13:37 PM | Attr = ] Progress.exe -> %SystemRoot%\Progress.exe -> [Ver = 1, 0, 0, 1 | Size = 208896 bytes | Created Date = 2/24/2008 5:10:52 PM | Attr = ] RGVlIFNrZWxsZXk -> %SystemRoot%\RGVlIFNrZWxsZXk -> [Folder | Created Date = 3/8/2008 1:53:36 PM | Attr = HS] setup.pss -> %SystemRoot%\setup.pss -> [Folder | Created Date = 2/21/2008 3:23:38 PM | Attr = ] setupupd -> %SystemRoot%\setupupd -> [Folder | Created Date = 2/21/2008 3:23:15 PM | Attr = ] SiS -> %SystemRoot%\SiS -> [Folder | Created Date = 2/21/2008 3:16:57 PM | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 2/25/2008 2:32:44 PM | Attr = ] TEMP -> %SystemRoot%\TEMP -> [Folder | Created Date = 3/9/2008 5:27:15 PM | Attr = ] twunk_16.exe -> %SystemRoot%\twunk_16.exe -> Twain Working Group [Ver = 1,7,0,0 | Size = 49680 bytes | Created Date = 2/21/2008 1:39:17 PM | Attr = ] VGAsetup.ini -> %SystemRoot%\VGAsetup.ini -> [Ver = | Size = 93048 bytes | Created Date = 2/24/2008 5:11:31 PM | Attr = ] WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 2/21/2008 2:28:53 PM | Attr = ] Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [Ver = | Size = 9522 bytes | Created Date = 2/21/2008 1:01:50 PM | Attr = ] _default.pif -> %SystemRoot%\_default.pif -> [Ver = | Size = 707 bytes | Created Date = 2/21/2008 1:05:38 PM | Attr = ] Norton SystemWorks One Button Checkup.job -> %SystemRoot%\tasks\Norton SystemWorks One Button Checkup.job -> [Ver = | Size = 306 bytes | Created Date = 2/26/2008 9:26:40 AM | Attr = ] Symantec Drmc.job -> %SystemRoot%\tasks\Symantec Drmc.job -> [Ver = | Size = 322 bytes | Created Date = 2/26/2008 9:26:43 AM | Attr = ] Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job -> [Ver = | Size = 366 bytes | Created Date = 2/26/2008 9:26:43 AM | Attr = ] [Files/Folders - Modified Within 30 days] BOOT.BAK -> %SystemDrive%\BOOT.BAK -> [Ver = | Size = 213 bytes | Modified Date = 2/21/2008 3:15:59 PM | Attr = RHS] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 283 bytes | Modified Date = 2/21/2008 3:24:37 PM | Attr = RHS] c9cd8e68b018dc62d5d5 -> %SystemDrive%\c9cd8e68b018dc62d5d5 -> [Folder | Modified Date = 2/21/2008 1:59:13 PM | Attr = ] cmdcons -> %SystemDrive%\cmdcons -> [Folder | Modified Date = 2/21/2008 3:24:28 PM | Attr = RHS] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 2/21/2008 3:18:51 PM | Attr = ] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 3/8/2008 1:51:24 PM | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 200855552 bytes | Modified Date = 3/10/2008 3:42:02 PM | Attr = HS] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/9/2008 4:58:28 PM | Attr = ] QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 3/9/2008 5:27:10 PM | Attr = ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 2/26/2008 9:27:12 AM | Attr = HS] sysprep -> %SystemDrive%\sysprep -> [Folder | Modified Date = 2/21/2008 3:17:55 PM | Attr = ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 2/21/2008 3:13:49 PM | Attr = HS] Temp -> %SystemDrive%\Temp -> [Folder | Modified Date = 3/9/2008 4:58:28 PM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 3/9/2008 5:27:15 PM | Attr = ] 103C_HP_CPC_PW532AA-ABA SR1403WM NA520_YC_0Pres_QCNH515_E52NAheRED3_47_ISalmon_SASUSTek Computer INC._V1.04_B3.15_T051019_WXH2_L409_M192_J80_7AMD_8Sempron_91.81_#080221_N10390900_Z11C1048C_G10396330.MRK -> %SystemRoot%\System32\drivers\103C_HP_CPC_PW532AA-ABA SR1403WM NA520_YC_0Pres_QCNH515_E52NAheRED3_47_ISalmon_SASUSTek Computer INC._V1.04_B3.15_T051019_WXH2_L409_M192_J80_7AMD_8Sempron_91.81_#080221_N10390900_Z11C1048C_G10396330.MRK -> [Ver = | Size = 1854 bytes | Modified Date = 2/21/2008 3:19:57 PM | Attr = RHS] atksgt.sys -> %SystemRoot%\System32\drivers\atksgt.sys -> [Ver = | Size = 278728 bytes | Modified Date = 2/21/2008 8:34:15 PM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 3/9/2008 5:02:57 PM | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 27 bytes | Modified Date = 3/9/2008 5:02:57 PM | Attr = ] lirsgt.sys -> %SystemRoot%\System32\drivers\lirsgt.sys -> [Ver = | Size = 25416 bytes | Modified Date = 2/21/2008 8:34:14 PM | Attr = ] MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> %SystemRoot%\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 2/21/2008 1:49:23 PM | Attr = H ] Msft_Kernel_NuidFltr_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 2/21/2008 1:49:27 PM | Attr = H ] sptd.sys -> %SystemRoot%\System32\drivers\sptd.sys -> [Ver = | Size = 682232 bytes | Modified Date = 2/24/2008 8:47:28 AM | Attr = ] symlcbrd.sys -> %SystemRoot%\System32\drivers\symlcbrd.sys -> Symantec Corporation [Ver = 1, 8, 54, 478 | Size = 4608 bytes | Modified Date = 2/26/2008 9:26:08 AM | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Modified Date = 2/21/2008 1:51:15 PM | Attr = ] MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 2/21/2008 1:50:43 PM | Attr = H ] $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 993 bytes | Modified Date = 2/21/2008 3:17:55 PM | Attr = ] ActiveScan -> %SystemRoot%\System32\ActiveScan -> [Folder | Modified Date = 3/9/2008 12:39:57 PM | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 2/21/2008 1:52:33 PM | Attr = ] bitcometres.dll -> %SystemRoot%\System32\bitcometres.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Modified Date = 2/23/2008 11:45:55 AM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 2/26/2008 10:52:43 AM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 3/9/2008 5:10:52 PM | Attr = ] Com -> %SystemRoot%\System32\Com -> [Folder | Modified Date = 2/21/2008 1:44:50 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 3/9/2008 5:01:17 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 3/2/2008 9:13:33 PM | Attr = RHS] dr6 -> %SystemRoot%\System32\dr6 -> [Folder | Modified Date = 3/8/2008 4:16:47 PM | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 3/9/2008 5:11:40 PM | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 2/27/2008 10:18:34 AM | Attr = ] ech5 -> %SystemRoot%\System32\ech5 -> [Folder | Modified Date = 3/8/2008 3:05:02 PM | Attr = ] en-us -> %SystemRoot%\System32\en-us -> [Folder | Modified Date = 2/26/2008 10:37:51 AM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 212080 bytes | Modified Date = 2/26/2008 10:42:41 AM | Attr = ] GameFly_2.ico -> %SystemRoot%\System32\GameFly_2.ico -> [Ver = | Size = 72566 bytes | Modified Date = 3/8/2008 2:11:39 PM | Attr = ] ias -> %SystemRoot%\System32\ias -> [Folder | Modified Date = 2/21/2008 2:08:31 PM | Attr = ] icsxml -> %SystemRoot%\System32\icsxml -> [Folder | Modified Date = 2/21/2008 2:08:31 PM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 2/22/2008 2:23:35 AM | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Modified Date = 2/22/2008 3:33:31 AM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 2/22/2008 2:23:39 AM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Modified Date = 2/22/2008 3:33:32 AM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 2/21/2008 1:50:38 PM | Attr = ] lows8 -> %SystemRoot%\System32\lows8 -> [Folder | Modified Date = 3/8/2008 1:53:22 PM | Attr = ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Modified Date = 2/22/2008 10:11:05 AM | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 2/21/2008 1:52:33 PM | Attr = ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Modified Date = 2/21/2008 2:08:34 PM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 71980 bytes | Modified Date = 3/9/2008 7:55:46 AM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 442966 bytes | Modified Date = 3/9/2008 7:55:47 AM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 524780 bytes | Modified Date = 3/9/2008 7:55:44 AM | Attr = ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Modified Date = 2/21/2008 4:00:05 PM | Attr = ] ras -> %SystemRoot%\System32\ras -> [Folder | Modified Date = 2/21/2008 2:08:34 PM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 2/26/2008 10:52:48 AM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 2/21/2008 2:08:21 PM | Attr = ] sbc2 -> %SystemRoot%\System32\sbc2 -> [Folder | Modified Date = 3/8/2008 2:02:59 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Modified Date = 2/21/2008 3:14:15 PM | Attr = ] ssmute.ini -> %SystemRoot%\System32\ssmute.ini -> [Ver = | Size = 2154 bytes | Modified Date = 2/21/2008 3:23:22 PM | Attr = ] typ2 -> %SystemRoot%\System32\typ2 -> [Folder | Modified Date = 3/8/2008 1:53:22 PM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Modified Date = 2/21/2008 2:43:56 PM | Attr = ] VGAunistlog.ini -> %SystemRoot%\System32\VGAunistlog.ini -> [Ver = | Size = 79621 bytes | Modified Date = 2/24/2008 5:11:44 PM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 3/9/2008 12:45:36 PM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 3/6/2008 3:03:50 PM | Attr = ] XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Modified Date = 2/26/2008 10:37:48 AM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2/26/2008 10:51:20 AM | Attr = H ] $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Modified Date = 2/21/2008 4:00:22 PM | Attr = H ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 2/21/2008 2:27:35 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 2/21/2008 2:27:12 PM | Attr = H ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 3/9/2008 12:29:05 PM | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 2/26/2008 11:35:09 AM | Attr = R S] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 3/10/2008 3:42:03 PM | Attr = S] Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 2/21/2008 2:08:12 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 3/9/2008 12:29:40 PM | Attr = S] erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 3/9/2008 5:01:07 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 2/25/2008 3:13:43 PM | Attr = R S] Game.INI -> %SystemRoot%\Game.INI -> [Ver = | Size = 0 bytes | Modified Date = 3/7/2008 10:26:51 AM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 2/25/2008 1:54:58 PM | Attr = ] I386 -> %SystemRoot%\I386 -> [Folder | Modified Date = 2/21/2008 3:21:29 PM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 2/21/2008 2:28:40 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 2/22/2008 8:57:42 PM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 2/22/2008 8:57:47 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 3/9/2008 9:30:37 AM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/8/2008 4:57:54 PM | Attr = HS] lexstat.ini -> %SystemRoot%\lexstat.ini -> [Ver = | Size = 265 bytes | Modified Date = 3/8/2008 12:30:19 PM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 2/21/2008 2:28:48 PM | Attr = ] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 2/26/2008 11:35:13 AM | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 3/9/2008 9:48:56 AM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 2/21/2008 2:43:57 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 2/21/2008 4:26:09 PM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 2/26/2008 7:03:43 PM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Modified Date = 2/21/2008 2:08:01 PM | Attr = R ] pchealth -> %SystemRoot%\pchealth -> [Folder | Modified Date = 2/21/2008 3:38:51 PM | Attr = ] PIF -> %SystemRoot%\PIF -> [Folder | Modified Date = 3/6/2008 9:52:36 AM | Attr = H ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 3/10/2008 4:05:30 PM | Attr = ] RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Modified Date = 2/21/2008 1:46:05 PM | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2/21/2008 4:12:56 PM | Attr = ] RGVlIFNrZWxsZXk -> %SystemRoot%\RGVlIFNrZWxsZXk -> [Folder | Modified Date = 3/8/2008 3:05:02 PM | Attr = HS] security -> %SystemRoot%\security -> [Folder | Modified Date = 2/21/2008 1:52:05 PM | Attr = ] setup.pss -> %SystemRoot%\setup.pss -> [Folder | Modified Date = 2/21/2008 3:23:38 PM | Attr = ] setupupd -> %SystemRoot%\setupupd -> [Folder | Modified Date = 2/21/2008 3:23:34 PM | Attr = ] SiS -> %SystemRoot%\SiS -> [Folder | Modified Date = 2/21/2008 3:17:13 PM | Attr = ] SMINST -> %SystemRoot%\SMINST -> [Folder | Modified Date = 2/21/2008 2:08:42 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 3/9/2008 12:39:51 PM | Attr = ] srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 2/21/2008 2:08:19 PM | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 2/25/2008 2:32:44 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 3/9/2008 12:39:53 PM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 3/9/2008 5:24:45 PM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 3/10/2008 7:49:52 AM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2/26/2008 9:26:43 AM | Attr = S] TEMP -> %SystemRoot%\TEMP -> [Folder | Modified Date = 3/10/2008 3:45:14 PM | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 3/2/2008 9:12:02 PM | Attr = ] WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 2/21/2008 2:28:53 PM | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Modified Date = 2/21/2008 2:08:17 PM | Attr = R ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 550 bytes | Modified Date = 3/9/2008 9:38:49 AM | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 2/26/2008 10:35:09 AM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 2/21/2008 1:45:51 PM | Attr = ] Norton SystemWorks One Button Checkup.job -> %SystemRoot%\tasks\Norton SystemWorks One Button Checkup.job -> [Ver = | Size = 306 bytes | Modified Date = 3/3/2008 1:57:54 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/10/2008 3:42:06 PM | Attr = H ] Symantec Drmc.job -> %SystemRoot%\tasks\Symantec Drmc.job -> [Ver = | Size = 322 bytes | Modified Date = 3/7/2008 1:00:00 AM | Attr = ] Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job -> [Ver = | Size = 366 bytes | Modified Date = 3/9/2008 8:44:21 PM | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 7906 bytes | Modified Date = 3/10/2008 3:43:59 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 7906 bytes | Modified Date = 3/10/2008 3:43:59 PM | Attr = ] rtdrvmon.exe -> C:\Documents and Settings\Compaq_Owner\Local Settings\temp\rtdrvmon.exe -> Realtek [Ver = 1, 0, 0, 3 | Size = 40960 bytes | Modified Date = 3/10/2008 3:58:29 PM | Attr = ] 4 C:\Documents and Settings\Compaq_Owner\Local Settings\temp\*.tmp files -> C:\Documents and Settings\Compaq_Owner\Local Settings\temp\*.tmp -> ojdgerry261A8E5.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\temp\ojdgerry261A8E5.dll -> [Ver = | Size = 53248 bytes | Modified Date = 3/10/2008 4:05:14 PM | Attr = ] 4 C:\Documents and Settings\Compaq_Owner\Local Settings\temp\*.tmp files -> C:\Documents and Settings\Compaq_Owner\Local Settings\temp\*.tmp -> rtdrvmon.exe -> C:\WINDOWS\TEMP\rtdrvmon.exe -> Realtek [Ver = 1, 0, 0, 3 | Size = 40960 bytes | Modified Date = 3/10/2008 3:42:10 PM | Attr = ] [File - Lop Check: Additional Folder Scans - Non-Microsoft Only] C:\Documents and Settings\All Users\Application Data\ -> C:\Documents and Settings\All Users\Application Data -> [Folder | Modified Date = 3/8/2008 3:11:00 PM | Attr = RH ] Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [Folder | Modified Date = 1/28/2005 2:46:45 PM | Attr = ] Grisoft -> C:\Documents and Settings\All Users\Application Data\Grisoft -> [Folder | Modified Date = 3/8/2008 2:16:23 PM | Attr = ] Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [Folder | Modified Date = 2/27/2008 10:17:33 AM | Attr = S] Motive -> C:\Documents and Settings\All Users\Application Data\Motive -> [Folder | Modified Date = 1/28/2005 3:01:26 PM | Attr = ] QuickTime -> C:\Documents and Settings\All Users\Application Data\QuickTime -> [Folder | Modified Date = 1/28/2005 2:53:21 PM | Attr = ] Rabio -> C:\Documents and Settings\All Users\Application Data\Rabio -> [Folder | Modified Date = 3/8/2008 1:56:53 PM | Attr = ] SBSI -> C:\Documents and Settings\All Users\Application Data\SBSI -> [Folder | Modified Date = 1/28/2005 2:23:19 PM | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 3/8/2008 3:11:00 PM | Attr = ] Symantec -> C:\Documents and Settings\All Users\Application Data\Symantec -> [Folder | Modified Date = 2/26/2008 9:25:39 AM | Attr = ] Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 2/21/2008 1:21:14 PM | Attr = ] WLInstaller -> C:\Documents and Settings\All Users\Application Data\WLInstaller -> [Folder | Modified Date = 2/27/2008 10:16:41 AM | Attr = ] C:\Documents and Settings\Compaq_Owner\Application Data\ -> C:\Documents and Settings\Compaq_Owner\Application Data -> [Folder | Modified Date = 3/9/2008 7:58:12 PM | Attr = RH ] Adobe -> C:\Documents and Settings\Compaq_Owner\Application Data\Adobe -> [Folder | Modified Date = 2/22/2008 10:11:47 AM | Attr = ] Apple Computer -> C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer -> [Folder | Modified Date = 1/28/2005 2:53:46 PM | Attr = ] Grisoft -> C:\Documents and Settings\Compaq_Owner\Application Data\Grisoft -> [Folder | Modified Date = 3/8/2008 2:16:59 PM | Attr = ] Identities -> C:\Documents and Settings\Compaq_Owner\Application Data\Identities -> [Folder | Modified Date = 11/4/2004 1:19:54 AM | Attr = ] InterMute -> C:\Documents and Settings\Compaq_Owner\Application Data\InterMute -> [Folder | Modified Date = 1/28/2005 3:17:01 PM | Attr = ] InterVideo -> C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo -> [Folder | Modified Date = 3/9/2008 7:58:12 PM | Attr = ] Macromedia -> C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia -> [Folder | Modified Date = 2/21/2008 3:29:18 PM | Attr = ] Microsoft -> C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft -> [Folder | Modified Date = 2/25/2008 2:01:57 PM | Attr = S] Motive -> C:\Documents and Settings\Compaq_Owner\Application Data\Motive -> [Folder | Modified Date = 2/26/2008 10:15:27 AM | Attr = ] Mozilla -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla -> [Folder | Modified Date = 2/26/2008 7:03:37 PM | Attr = ] Real -> C:\Documents and Settings\Compaq_Owner\Application Data\Real -> [Folder | Modified Date = 2/28/2008 1:04:07 PM | Attr = ] SampleView -> C:\Documents and Settings\Compaq_Owner\Application Data\SampleView -> [Folder | Modified Date = 1/28/2005 3:11:13 PM | Attr = ] StumbleUpon -> C:\Documents and Settings\Compaq_Owner\Application Data\StumbleUpon -> [Folder | Modified Date = 2/28/2008 2:06:00 PM | Attr = ] Sun -> C:\Documents and Settings\Compaq_Owner\Application Data\Sun -> [Folder | Modified Date = 1/28/2005 2:27:07 PM | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 3/8/2008 3:10:50 PM | Attr = ] Symantec -> C:\Documents and Settings\Compaq_Owner\Application Data\Symantec -> [Folder | Modified Date = 2/26/2008 9:49:27 AM | Attr = ] WinRAR -> C:\Documents and Settings\Compaq_Owner\Application Data\WinRAR -> [Folder | Modified Date = 2/23/2008 9:03:58 PM | Attr = ] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [Folder | Modified Date = 2/26/2008 9:26:43 AM | Attr = S] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 8/4/2004 9:00:00 PM | Attr = RH ] Norton SystemWorks One Button Checkup.job -> C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job -> [Ver = | Size = 306 bytes | Modified Date = 3/3/2008 1:57:54 PM | Attr = ] SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/10/2008 3:42:06 PM | Attr = H ] Symantec Drmc.job -> C:\WINDOWS\Tasks\Symantec Drmc.job -> [Ver = | Size = 322 bytes | Modified Date = 3/7/2008 1:00:00 AM | Attr = ] Symantec NetDetect.job -> C:\WINDOWS\Tasks\Symantec NetDetect.job -> [Ver = | Size = 366 bytes | Modified Date = 3/9/2008 8:44:21 PM | Attr = ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] [CatchMe Rootkit Scan by GMER] < Windows folder & sub-folders > scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:e2,4b,83,b7,97,6c,43,eb,af,3d,e7,da,9d,c4,77,10,f8,85,e4,a8,a8,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,3a,2b,ce,3b,23,e7,23,d2,ce,89,58,35,8a,8f,bf,a9,7c,.. "khjeh"=hex:a8,63,2c,06,76,10,2e,fe,45,03,0f,e3,51,ef,d9,c1,78,53,49,a1,09,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:78,fb,88,09,9c,2f,5d,bf,c5,77,e7,ae,49,ae,ba,eb,8e,74,ad,6d,5d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:e2,4b,83,b7,97,6c,43,eb,af,3d,e7,da,9d,c4,77,10,f8,85,e4,a8,a8,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,3a,2b,ce,3b,23,e7,23,d2,ce,89,58,35,8a,8f,bf,a9,7c,.. "khjeh"=hex:a8,63,2c,06,76,10,2e,fe,45,03,0f,e3,51,ef,d9,c1,78,53,49,a1,09,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:78,fb,88,09,9c,2f,5d,bf,c5,77,e7,ae,49,ae,ba,eb,8e,74,ad,6d,5d,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 < Document and Settings folder & sub folders > scanning hidden files ... C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\Compaq_Owner\Desktop\ChurchStuff\church.jpg:SummaryInformation 304 bytes C:\Documents and Settings\Compaq_Owner\Desktop\ChurchStuff\church.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} 0 bytes C:\Documents and Settings\Compaq_Owner\Desktop\ChurchStuff\indoorpicfixed.jpg:SummaryInformation 304 bytes C:\Documents and Settings\Compaq_Owner\Desktop\ChurchStuff\indoorpicfixed.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} 0 bytes C:\Documents and Settings\Compaq_Owner\Desktop\ChurchStuff\outdoorchpic.jpg:SummaryInformation 304 bytes C:\Documents and Settings\Compaq_Owner\Desktop\ChurchStuff\outdoorchpic.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} 0 bytes C:\Documents and Settings\Compaq_Owner\Desktop\ChurchStuff\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\Compaq_Owner\Favorites\Games\Free Games - MoFunZone.com.url:favicon 17542 bytes C:\Documents and Settings\Compaq_Owner\Favorites\Games\Game Trading Zone - Home Page.url:favicon 3638 bytes C:\Documents and Settings\Compaq_Owner\Favorites\Games\http--www.escapegames24.com-.url:favicon 3638 bytes C:\Documents and Settings\Compaq_Owner\Favorites\Games\Room Escape games, Point'n'Click games, Puzzle games, walkthroughs and more Free Web Games at FreeGamesNews.com.url:favicon 3638 bytes C:\Documents and Settings\Compaq_Owner\Favorites\Games\Video Game Cheats - Video Game Reviews - Video Game Codes - Video Game Web Site - GameFAQs.url:favicon 1406 bytes C:\Documents and Settings\Compaq_Owner\Favorites\Microsoft Websites\Microsoft Windows Update.url:favicon 25214 bytes C:\Documents and Settings\Compaq_Owner\Favorites\MorningSites\Comcast.net Home.url:favicon 5430 bytes C:\Documents and Settings\Compaq_Owner\Favorites\MorningSites\Google.url:favicon 1406 bytes C:\Documents and Settings\Compaq_Owner\Favorites\MorningSites\http--www.msnbc.msn.com-.url:favicon 1718 bytes C:\Documents and Settings\Compaq_Owner\Favorites\MorningSites\Yahoo!.url:favicon 1150 bytes C:\Documents and Settings\Compaq_Owner\Favorites\Torrents\Torrent Search Torrent Finder Torrent Search Engine.url:favicon 4302 bytes C:\Documents and Settings\Compaq_Owner\Favorites\Utilities\You Must Read This Before Posting A Hijackthis Log - Geeks to Go!.url:favicon 1406 bytes C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Messenger\ozzette@hotmail.com\SharingMetadata\dls.love@hotmail.com\DFSR\Staging\CS{FD78D2B1-E6E3-8804-844D-32FDAF864274}\01\10-{FD78D2B1-E6E3-8804-844D-32FDAF864274}-v1-{F4C01346-CB67-4704-9146-781B67F8E597}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API C:\Documents and Settings\Compaq_Owner\My Documents\My Pictures\Dana's2008\Thumbs.db:encryptable 0 bytes scan completed successfully hidden files: 25 < End of report > [/code]