[code]
OTScanIt logfile created on: 15.03.2008 04:52:28
OTScanIt by OldTimer - Version 1.0.5.2     Folder = C:\Documents and Settings\dominic\Desktop\OTScanIt
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000807 | Country: Switzerland | Language: DES | Date Format: dd.MM.yyyy
 
1006.22 Mb Total Physical Memory | 652.68 Mb Available Physical Memory | 64.86% Memory free
2.36 Gb Paging File | 2.10 Gb Available in Paging File | 88.71% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024;
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 30.04 Gb Total Space | 17.90 Gb Free Space | 59.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 81.75 Gb Total Space | 30.31 Gb Free Space | 37.07% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LENOVO
Current User Name: dominic
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user

[Processes - Non-Microsoft Only]
ibmpmsvc.exe -> %SystemRoot%\system32\ibmpmsvc.exe -> Lenovo [Ver = 1.43 | Size = 36400 bytes | Modified Date = 31.05.2007 19:02:06 | Attr =    ]
btwdins.exe -> %ProgramFiles%\ThinkPad\Bluetooth Software\bin\btwdins.exe -> Broadcom Corporation. [Ver = 5.1.0.3100 | Size = 266295 bytes | Modified Date = 27.02.2007 17:35:04 | Attr =    ]
iaanotif.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> Intel Corporation [Ver = 7.8.0.1013 | Size = 178712 bytes | Modified Date = 03.10.2007 15:44:58 | Attr =    ]
syntplpr.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> Synaptics, Inc. [Ver = 7.5.17.25 10Aug07 | Size = 110592 bytes | Modified Date = 10.08.2007 18:30:40 | Attr =    ]
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 7.5.17.25 10Aug07 | Size = 512000 bytes | Modified Date = 10.08.2007 18:30:12 | Attr =    ]
tposdsvc.exe -> %ProgramFiles%\Lenovo\HOTKEY\TPOSDSVC.exe -> Lenovo Group Limited [Ver = 1.00 | Size = 66176 bytes | Modified Date = 09.03.2007 14:49:42 | Attr =    ]
actray.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACTray.exe -> Lenovo  [Ver = 4.42 | Size = 413696 bytes | Modified Date = 05.07.2007 14:58:40 | Attr =    ]
acwlicon.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACWLIcon.exe -> Lenovo  [Ver = 4.42 | Size = 126976 bytes | Modified Date = 05.07.2007 14:51:48 | Attr =    ]
trueimagemonitor.exe -> %ProgramFiles%\Acronis\TrueImageHome\TrueImageMonitor.exe -> Acronis [Ver = 11,0,0,8053 | Size = 2595616 bytes | Modified Date = 30.10.2007 20:06:42 | Attr =    ]
timountermonitor.exe -> %ProgramFiles%\Acronis\TrueImageHome\TimounterMonitor.exe -> Acronis [Ver = 4,0,0,452 | Size = 909208 bytes | Modified Date = 30.10.2007 20:11:48 | Attr =    ]
schedhlp.exe -> %CommonProgramFiles%\Acronis\Schedule2\schedhlp.exe -> Acronis [Ver = 1,0,0,247 | Size = 140568 bytes | Modified Date = 30.10.2007 20:07:40 | Attr =    ]
tponscr.exe -> %ProgramFiles%\Lenovo\HOTKEY\TPONSCR.exe -> Lenovo Group Limited [Ver = 1.00 | Size = 73776 bytes | Modified Date = 08.03.2007 13:16:48 | Attr =    ]
tpscrex.exe -> %ProgramFiles%\Lenovo\ZOOM\TpScrex.exe -> Lenovo Group Limited [Ver = 1.17 | Size = 91688 bytes | Modified Date = 06.09.2006 16:39:10 | Attr =    ]
pcsuite.exe -> %ProgramFiles%\Nokia\Nokia PC Suite 6\PCSuite.exe ->  [Ver = 6, 85, 11, 8 | Size = 695808 bytes | Modified Date = 10.12.2007 10:12:22 | Attr =    ]
bttray.exe -> %ProgramFiles%\ThinkPad\Bluetooth Software\BTTray.exe -> Broadcom Corporation. [Ver = 5.1.0.3100 | Size = 561213 bytes | Modified Date = 27.02.2007 17:43:30 | Attr =    ]
acprfmgrsvc.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -> Lenovo  [Ver = 4.42 | Size = 65536 bytes | Modified Date = 05.07.2007 15:05:04 | Attr =    ]
schedul2.exe -> %CommonProgramFiles%\Acronis\Schedule2\schedul2.exe -> Acronis [Ver = 1,0,0,247 | Size = 427288 bytes | Modified Date = 30.10.2007 20:07:38 | Attr =    ]
acs.exe -> %SystemRoot%\system32\acs.exe -> Atheros [Ver = 5.2.0.117 | Size = 364629 bytes | Modified Date = 21.03.2007 13:42:38 | Attr =    ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06.09.2007 13:28:18 | Attr =    ]
iaantmon.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.8.0.1013 | Size = 358936 bytes | Modified Date = 03.10.2007 15:45:02 | Attr =    ]
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.5666 | Size = 155716 bytes | Modified Date = 28.09.2007 08:06:00 | Attr =    ]
oodag.exe -> %SystemRoot%\system32\oodag.exe -> O&O Software GmbH [Ver = 8.0.1398 | Size = 225280 bytes | Modified Date = 11.05.2005 03:09:54 | Attr =    ]
trueimagetrystartservice.exe -> %CommonProgramFiles%\Acronis\Fomatik\TrueImageTryStartService.exe ->  [Ver =  | Size = 492720 bytes | Modified Date = 30.10.2007 20:51:44 | Attr =    ]
acsvc.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcSvc.exe -> Lenovo  [Ver = 4.42 | Size = 184320 bytes | Modified Date = 05.07.2007 15:03:32 | Attr =    ]
servicelayer.exe -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 6, 85, 91, 18 | Size = 353280 bytes | Modified Date = 10.12.2007 13:59:04 | Attr =    ]
nclusbsrv.exe -> %ProgramFiles%\PC Connectivity Solution\Transports\NclUSBSrv.exe ->  [Ver = 6, 85, 6, 7 | Size = 122880 bytes | Modified Date = 10.12.2007 13:59:40 | Attr =    ]
nclrssrv.exe -> %ProgramFiles%\PC Connectivity Solution\Transports\NclRSSrv.exe ->  [Ver = 6, 85, 4, 4 | Size = 117248 bytes | Modified Date = 23.10.2007 10:03:00 | Attr =    ]
nclbcbtsrv.exe -> %ProgramFiles%\PC Connectivity Solution\Transports\NclBCBTSrv.exe ->  [Ver = 6, 85, 4, 5 | Size = 100352 bytes | Modified Date = 23.10.2007 10:29:56 | Attr =    ]
svcguihlpr.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe -> Lenovo  [Ver = 4.42 | Size = 114688 bytes | Modified Date = 05.07.2007 15:04:18 | Attr =    ]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.5.2 | Size = 310784 bytes | Modified Date = 14.03.2008 14:57:26 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(AcPrfMgrSvc) Ac Profile Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -> Lenovo  [Ver = 4.42 | Size = 65536 bytes | Modified Date = 05.07.2007 15:05:04 | Attr =    ]
(AcrSch2Svc) Acronis Scheduler2 Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Acronis\Schedule2\schedul2.exe -> Acronis [Ver = 1,0,0,247 | Size = 427288 bytes | Modified Date = 30.10.2007 20:07:38 | Attr =    ]
(acs) Atheros Configuration Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\acs.exe -> Atheros [Ver = 5.2.0.117 | Size = 364629 bytes | Modified Date = 21.03.2007 13:42:38 | Attr =    ]
(AcSvc) Access Connections Main Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcSvc.exe -> Lenovo  [Ver = 4.42 | Size = 184320 bytes | Modified Date = 05.07.2007 15:03:32 | Attr =    ]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06.09.2007 13:28:18 | Attr =    ]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 14.03.2008 14:03:42 | Attr =    ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 14.03.2008 14:03:42 | Attr =    ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 14.03.2008 14:03:42 | Attr =    ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 345464 bytes | Modified Date = 14.03.2008 14:03:42 | Attr =    ]
(btwdins) Bluetooth Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ThinkPad\Bluetooth Software\bin\btwdins.exe -> Broadcom Corporation. [Ver = 5.1.0.3100 | Size = 266295 bytes | Modified Date = 27.02.2007 17:35:04 | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04.08.2004 08:56:50 | Attr =    ]
(IAANTMON) Intel(R) Matrix Storage Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.8.0.1013 | Size = 358936 bytes | Modified Date = 03.10.2007 15:45:02 | Attr =    ]
(IBMPMSVC) ThinkPad PM Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ibmpmsvc.exe -> Lenovo [Ver = 1.43 | Size = 36400 bytes | Modified Date = 31.05.2007 19:02:06 | Attr =    ]
(iPod Service) iPod-Dienst [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.4.1.2 | Size = 503608 bytes | Modified Date = 07.09.2007 16:55:02 | Attr =    ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.5666 | Size = 155716 bytes | Modified Date = 28.09.2007 08:06:00 | Attr =    ]
(O&O Defrag) O&O Defrag [Win32_Own | Auto | Running] -> %SystemRoot%\system32\oodag.exe -> O&O Software GmbH [Ver = 8.0.1398 | Size = 225280 bytes | Modified Date = 11.05.2005 03:09:54 | Attr =    ]
(ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Running] -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 6, 85, 91, 18 | Size = 353280 bytes | Modified Date = 10.12.2007 13:59:04 | Attr =    ]
(TryAndDecideService) Acronis Try And Decide Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Acronis\Fomatik\TrueImageTryStartService.exe ->  [Ver =  | Size = 492720 bytes | Modified Date = 30.10.2007 20:51:44 | Attr =    ]
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 75304 bytes | Modified Date = 14.03.2008 11:48:36 | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
Acronis Scheduler2 Service -> %CommonProgramFiles%\Acronis\Schedule2\schedhlp.exe -> Acronis [Ver = 1,0,0,247 | Size = 140568 bytes | Modified Date = 30.10.2007 20:07:40 | Attr =    ]
AcronisTimounterMonitor -> %ProgramFiles%\Acronis\TrueImageHome\TimounterMonitor.exe -> Acronis [Ver = 4,0,0,452 | Size = 909208 bytes | Modified Date = 30.10.2007 20:11:48 | Attr =    ]
ACTray -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACTray.exe -> Lenovo  [Ver = 4.42 | Size = 413696 bytes | Modified Date = 05.07.2007 14:58:40 | Attr =    ]
ACWLIcon -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACWLIcon.exe -> Lenovo  [Ver = 4.42 | Size = 126976 bytes | Modified Date = 05.07.2007 14:51:48 | Attr =    ]
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 14.03.2008 14:08:37 | Attr =    ]
BLOG -> %ProgramFiles%\ThinkPad\Utilities\BATLOGEX.DLL ->  [Ver =  | Size = 208896 bytes | Modified Date = 21.09.2007 01:19:00 | Attr =    ]
IAAnotif -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> Intel Corporation [Ver = 7.8.0.1013 | Size = 178712 bytes | Modified Date = 03.10.2007 15:44:58 | Attr =    ]
NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.5666 | Size = 8491008 bytes | Modified Date = 28.09.2007 08:06:00 | Attr =    ]
NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.5666 | Size = 81920 bytes | Modified Date = 28.09.2007 08:06:00 | Attr =    ]
nwiz -> %SystemRoot%\system32\nwiz.exe ->  [Ver =  | Size = 1626112 bytes | Modified Date = 28.09.2007 08:06:00 | Attr =    ]
PSQLLauncher -> %ProgramFiles%\ThinkVantage Fingerprint Software\launcher.exe -> UPEK Inc. [Ver = 5.6.2.3649 | Size = 48904 bytes | Modified Date = 14.08.2007 15:32:42 | Attr =    ]
PWRMGRTR -> %ProgramFiles%\ThinkPad\Utilities\PWRMGRTR.DLL -> Lenovo Group Limited [Ver = 1, 0, 0, 0 | Size = 200704 bytes | Modified Date = 21.09.2007 01:19:00 | Attr =    ]
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 7.5.17.25 10Aug07 | Size = 512000 bytes | Modified Date = 10.08.2007 18:30:12 | Attr =    ]
SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> Synaptics, Inc. [Ver = 7.5.17.25 10Aug07 | Size = 110592 bytes | Modified Date = 10.08.2007 18:30:40 | Attr =    ]
TPHOTKEY -> %ProgramFiles%\Lenovo\HOTKEY\TPOSDSVC.exe -> Lenovo Group Limited [Ver = 1.00 | Size = 66176 bytes | Modified Date = 09.03.2007 14:49:42 | Attr =    ]
TrueImageMonitor.exe -> %ProgramFiles%\Acronis\TrueImageHome\TrueImageMonitor.exe -> Acronis [Ver = 11,0,0,8053 | Size = 2595616 bytes | Modified Date = 30.10.2007 20:06:42 | Attr =    ]
ZoneAlarm Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.462.000 | Size = 919016 bytes | Modified Date = 14.03.2008 14:08:37 | Attr =    ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> 
IMAIL-> Installed = 1 -> 
MAPI-> Installed = 1 -> 
MSFS-> Installed = 1 -> 
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
PC Suite Tray -> %ProgramFiles%\Nokia\Nokia PC Suite 6\PCSuite.exe ->  [Ver = 6, 85, 11, 8 | Size = 695808 bytes | Modified Date = 10.12.2007 10:12:22 | Attr =    ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
%AllUsersProfile%\Start Menu\Programs\Startup\BTTray.lnk -> %ProgramFiles%\ThinkPad\Bluetooth Software\BTTray.exe -> Broadcom Corporation. [Ver = 5.1.0.3100 | Size = 561213 bytes | Modified Date = 27.02.2007 17:43:30 | Attr =    ]
< dominic Startup Folder > -> C:\Documents and Settings\dominic\Start Menu\Programs\Startup -> 
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 20.12.2006 12:55:48 | Attr =    ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 282624 bytes | Modified Date = 27.02.2007 11:39:26 | Attr =    ]
ACNotify -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACNotify.dll -> Lenovo  [Ver = 4.42 | Size = 32768 bytes | Modified Date = 05.07.2007 14:52:32 | Attr =    ]
psfus -> %SystemRoot%\system32\psqlpwd.dll -> UPEK Inc. [Ver = 5.6.2.3649 | Size = 89600 bytes | Modified Date = 14.08.2007 15:54:08 | Attr =    ]
tpfnf2 -> %ProgramFiles%\Lenovo\HOTKEY\notifyf2.dll ->  [Ver =  | Size = 34344 bytes | Modified Date = 06.09.2006 16:37:30 | Attr =    ]
tphotkey -> %ProgramFiles%\Lenovo\HOTKEY\tphklock.dll ->  [Ver =  | Size = 28672 bytes | Modified Date = 14.12.2006 11:06:42 | Attr =    ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< HOSTS File > (686 bytes) -> C:\windows\System32\drivers\etc\Hosts -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\Start Page -> about:blank -> 
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22.10.2006 23:08:42 | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 22.02.2008 04:25:19 | Attr =    ]
{CC59E0F9-7E43-44FA-9FAA-8377850BF205} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Free Download Manager\iefdmcks.dll [FDMIECookiesBHO Class] ->  [Ver =  | Size = 81920 bytes | Modified Date = 20.08.2006 19:55:00 | Attr =    ]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 22.02.2008 04:25:19 | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 22.02.2008 04:25:19 | Attr =    ]
{CCA281CA-C863-46ef-9331-5C8D4460577F}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [@btrez.dll,-4015] -> File not found
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKEY_LOCAL_MACHINE] ->  [@btrez.dll,-4015] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Download all with Free Download Manager ->  -> File not found
Download selected with Free Download Manager ->  -> File not found
Download with Free Download Manager ->  -> File not found
Senden an &Bluetooth-Gerät... -> %ProgramFiles%\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ->  [Ver =  | Size = 2773 bytes | Modified Date = 16.08.2006 07:16:32 | Attr =    ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{212F8B92-6EE2-4001-88E1-5688479BF163} ->    (1394 Net Adapter) -> 
{4171FF5F-CA06-4842-B922-9755405852AB} ->    (Intel(R) 82566MM Gigabit Network Connection) -> 
{D98CF434-6D01-4171-82F9-7CAF2C29D25F} ->    (Intel(R) Wireless WiFi Link 4965AGN) -> 
{EA499736-6209-4C42-A165-E20F85F6699B} ->    () -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 28, 2 | Size = 1934672 bytes | Modified Date = 12.12.2007 15:20:48 | Attr = R  ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}[HKEY_LOCAL_MACHINE] -> http://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab[CKAVWebScan Object] -> 
{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE}[HKEY_LOCAL_MACHINE] -> http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab[System Requirements Lab Class] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/as5free/asinst.cab[ActiveScan Installer Class] -> 
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> 
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 



[Files/Folders - Created Within 30 days]
BOOT.BAK -> %SystemDrive%\BOOT.BAK ->  [Ver =  | Size = 211 bytes | Created Date = 11.03.2008 11:43:32 | Attr =  HS]
cmdcons -> %SystemDrive%\cmdcons ->  [Folder | Created Date = 11.03.2008 11:43:13 | Attr = RHS]
cmldr -> %SystemDrive%\cmldr ->  [Ver =  | Size = 260272 bytes | Created Date = 11.03.2008 11:43:29 | Attr = RHS]
Deckard -> %SystemDrive%\Deckard ->  [Folder | Created Date = 12.03.2008 18:59:07 | Attr =    ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1055174656 bytes | Created Date = 14.03.2008 14:33:06 | Attr =  HS]
QooBox -> %SystemDrive%\QooBox ->  [Folder | Created Date = 11.03.2008 12:06:13 | Attr =    ]
SAV32CLI -> %SystemDrive%\SAV32CLI ->  [Folder | Created Date = 14.03.2008 14:04:36 | Attr =    ]
SDFix -> %SystemDrive%\SDFix ->  [Folder | Created Date = 13.03.2008 11:50:50 | Attr =    ]
test -> %SystemDrive%\test ->  [Folder | Created Date = 13.03.2008 11:53:24 | Attr =    ]
aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Created Date = 13.03.2008 13:18:09 | Attr =    ]
aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Created Date = 13.03.2008 13:18:08 | Attr =    ]
aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Created Date = 13.03.2008 13:18:08 | Attr =    ]
aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Created Date = 13.03.2008 13:18:09 | Attr =    ]
aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Created Date = 13.03.2008 13:18:09 | Attr =    ]
nmrgdnsgghrq.sys -> %SystemRoot%\System32\drivers\nmrgdnsgghrq.sys -> Panda Software International [Ver = 1, 0, 0, 5 | Size = 8576 bytes | Created Date = 11.03.2008 17:22:28 | Attr =    ]
SDTHOOK.SYS -> %SystemRoot%\System32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Created Date = 11.03.2008 17:23:33 | Attr =    ]
ActiveScan -> %SystemRoot%\System32\ActiveScan ->  [Folder | Created Date = 11.03.2008 17:10:46 | Attr =    ]
1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> 
actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx ->  [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 13.03.2008 13:18:01 | Attr =    ]
asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 11.03.2008 17:11:13 | Attr =    ]
aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 837496 bytes | Created Date = 13.03.2008 13:18:01 | Attr =    ]
AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 95608 bytes | Created Date = 13.03.2008 13:18:09 | Attr =    ]
fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 11.03.2008 12:06:10 | Attr =    ]
grep.exe -> %SystemRoot%\System32\grep.exe ->  [Ver =  | Size = 80412 bytes | Created Date = 11.03.2008 12:06:10 | Attr =    ]
Help.ico -> %SystemRoot%\System32\Help.ico ->  [Ver =  | Size = 1406 bytes | Created Date = 11.03.2008 17:10:49 | Attr =    ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 10.03.2008 15:14:06 | Attr =    ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 10.03.2008 15:14:06 | Attr =    ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 10.03.2008 15:14:06 | Attr =    ]
Kaspersky Lab -> %SystemRoot%\System32\Kaspersky Lab ->  [Folder | Created Date = 12.03.2008 11:08:40 | Attr =    ]
pavas.ico -> %SystemRoot%\System32\pavas.ico ->  [Ver =  | Size = 30590 bytes | Created Date = 11.03.2008 17:10:48 | Attr =    ]
sed.exe -> %SystemRoot%\System32\sed.exe ->  [Ver =  | Size = 98816 bytes | Created Date = 11.03.2008 12:06:10 | Attr =    ]
swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 11.03.2008 12:06:10 | Attr =    ]
swsc.exe -> %SystemRoot%\System32\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 11.03.2008 12:06:10 | Attr =    ]
swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 11.03.2008 12:06:10 | Attr =    ]
Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico ->  [Ver =  | Size = 2550 bytes | Created Date = 11.03.2008 17:10:49 | Attr =    ]
VFind.exe -> %SystemRoot%\System32\VFind.exe ->  [Ver =  | Size = 49152 bytes | Created Date = 11.03.2008 12:06:10 | Attr =    ]
zip.exe -> %SystemRoot%\System32\zip.exe ->  [Ver =  | Size = 68096 bytes | Created Date = 11.03.2008 12:06:10 | Attr =    ]
ZPORT4AS.dll -> %SystemRoot%\System32\ZPORT4AS.dll ->  [Ver =  | Size = 11776 bytes | Created Date = 11.03.2008 17:11:13 | Attr =    ]
assembly -> %SystemRoot%\assembly ->  [Folder | Created Date = 03.03.2008 19:58:07 | Attr = R S]
10 C:\windows\*.tmp files -> C:\windows\*.tmp -> 
CSC -> %SystemRoot%\CSC ->  [Folder | Created Date = 14.03.2008 14:21:37 | Attr =    ]
erdnt -> %SystemRoot%\erdnt ->  [Folder | Created Date = 11.03.2008 12:06:38 | Attr =    ]
ERUNT -> %SystemRoot%\ERUNT ->  [Folder | Created Date = 13.03.2008 13:49:48 | Attr =    ]
eSellerateEngine.dll -> %SystemRoot%\eSellerateEngine.dll -> eSellerate Inc. [Ver = 3.6.5.0 | Size = 360580 bytes | Created Date = 03.03.2008 20:02:24 | Attr =    ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET ->  [Folder | Created Date = 03.03.2008 19:57:27 | Attr =    ]
Minidump -> %SystemRoot%\Minidump ->  [Folder | Created Date = 11.03.2008 18:42:09 | Attr =    ]
Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 11.03.2008 12:06:10 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Created Date = 05.03.2008 21:10:49 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Created Date = 05.03.2008 21:10:49 | Attr =  H ]
setup.pss -> %SystemRoot%\setup.pss ->  [Folder | Created Date = 11.03.2008 11:43:11 | Attr =    ]
Sun -> %SystemRoot%\Sun ->  [Folder | Created Date = 29.02.2008 19:12:11 | Attr =    ]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Created Date = 14.03.2008 14:18:29 | Attr =    ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 282 bytes | Modified Date = 11.03.2008 11:43:33 | Attr = RHS]
cmdcons -> %SystemDrive%\cmdcons ->  [Folder | Modified Date = 11.03.2008 11:43:33 | Attr = RHS]
Deckard -> %SystemDrive%\Deckard ->  [Folder | Modified Date = 12.03.2008 18:59:07 | Attr =    ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1055174656 bytes | Modified Date = 15.03.2008 04:15:23 | Attr =  HS]
Program Files -> %ProgramFiles% ->  [Folder | Modified Date = 13.03.2008 13:15:45 | Attr = R  ]
QooBox -> %SystemDrive%\QooBox ->  [Folder | Modified Date = 14.03.2008 14:18:26 | Attr =    ]
SAV32CLI -> %SystemDrive%\SAV32CLI ->  [Folder | Modified Date = 14.03.2008 14:04:37 | Attr =    ]
SDFix -> %SystemDrive%\SDFix ->  [Folder | Modified Date = 14.03.2008 14:38:23 | Attr =    ]
System Volume Information -> %SystemDrive%\System Volume Information ->  [Folder | Modified Date = 12.03.2008 18:59:36 | Attr =  HS]
test -> %SystemDrive%\test ->  [Folder | Modified Date = 13.03.2008 12:03:34 | Attr =    ]
WINDOWS -> %SystemRoot% ->  [Folder | Modified Date = 14.03.2008 14:21:37 | Attr =    ]
etc -> %SystemRoot%\System32\drivers\etc ->  [Folder | Modified Date = 14.03.2008 14:25:58 | Attr =    ]
HOSTS -> %SystemRoot%\System32\drivers\etc\HOSTS ->  [Ver =  | Size = 686 bytes | Modified Date = 14.03.2008 14:25:58 | Attr =    ]
hosts.bak -> %SystemRoot%\System32\drivers\etc\hosts.bak ->  [Ver =  | Size = 27 bytes | Modified Date = 11.03.2008 12:30:48 | Attr =    ]
ActiveScan -> %SystemRoot%\System32\ActiveScan ->  [Folder | Modified Date = 11.03.2008 18:24:36 | Attr =    ]
1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> 
CatRoot2 -> %SystemRoot%\System32\CatRoot2 ->  [Folder | Modified Date = 14.03.2008 14:17:07 | Attr =    ]
config -> %SystemRoot%\System32\config ->  [Folder | Modified Date = 14.03.2008 14:09:04 | Attr =    ]
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT ->  [Ver =  | Size = 2626 bytes | Modified Date = 14.03.2008 10:58:16 | Attr =    ]
dllcache -> %SystemRoot%\System32\dllcache ->  [Folder | Modified Date = 07.03.2008 19:01:57 | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers ->  [Folder | Modified Date = 15.03.2008 04:48:26 | Attr =  H ]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT ->  [Ver =  | Size = 117360 bytes | Modified Date = 11.03.2008 10:27:41 | Attr =    ]
Help.ico -> %SystemRoot%\System32\Help.ico ->  [Ver =  | Size = 1406 bytes | Modified Date = 11.03.2008 17:10:49 | Attr =    ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 22.02.2008 01:23:35 | Attr =    ]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Modified Date = 22.02.2008 02:33:31 | Attr =    ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 22.02.2008 01:23:39 | Attr =    ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Modified Date = 22.02.2008 02:33:32 | Attr =    ]
Kaspersky Lab -> %SystemRoot%\System32\Kaspersky Lab ->  [Folder | Modified Date = 12.03.2008 11:08:40 | Attr =    ]
mui -> %SystemRoot%\System32\mui ->  [Folder | Modified Date = 03.03.2008 19:57:32 | Attr =    ]
OODBS.lor -> %SystemRoot%\System32\OODBS.lor ->  [Ver =  | Size = 18915 bytes | Modified Date = 15.03.2008 04:15:22 | Attr =    ]
pavas.ico -> %SystemRoot%\System32\pavas.ico ->  [Ver =  | Size = 30590 bytes | Modified Date = 11.03.2008 17:10:49 | Attr =    ]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat ->  [Ver =  | Size = 58930 bytes | Modified Date = 15.03.2008 04:21:48 | Attr =    ]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat ->  [Ver =  | Size = 392630 bytes | Modified Date = 15.03.2008 04:21:48 | Attr =    ]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI ->  [Ver =  | Size = 458340 bytes | Modified Date = 15.03.2008 04:21:48 | Attr =    ]
ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups ->  [Folder | Modified Date = 03.03.2008 20:13:29 | Attr =    ]
Restore -> %SystemRoot%\System32\Restore ->  [Folder | Modified Date = 12.03.2008 18:59:36 | Attr =    ]
Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico ->  [Ver =  | Size = 2550 bytes | Modified Date = 11.03.2008 17:10:49 | Attr =    ]
vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml ->  [Ver =  | Size = 352186 bytes | Modified Date = 08.03.2008 01:27:12 | Attr =  H ]
wbem -> %SystemRoot%\System32\wbem ->  [Folder | Modified Date = 11.03.2008 17:54:18 | Attr =    ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl ->  [Ver =  | Size = 2206 bytes | Modified Date = 12.03.2008 19:30:47 | Attr =    ]
zllictbl.dat -> %SystemRoot%\System32\zllictbl.dat ->  [Ver =  | Size = 4212 bytes | Modified Date = 10.03.2008 13:31:24 | Attr =  H ]
ZoneLabs -> %SystemRoot%\System32\ZoneLabs ->  [Folder | Modified Date = 11.03.2008 17:54:29 | Attr =    ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Modified Date = 05.03.2008 18:45:53 | Attr =  H ]
10 C:\windows\*.tmp files -> C:\windows\*.tmp -> 
AppPatch -> %SystemRoot%\AppPatch ->  [Folder | Modified Date = 11.03.2008 17:47:59 | Attr =    ]
assembly -> %SystemRoot%\assembly ->  [Folder | Modified Date = 10.03.2008 15:41:53 | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 15.03.2008 04:15:27 | Attr =   S]
CSC -> %SystemRoot%\CSC ->  [Folder | Modified Date = 14.03.2008 14:21:37 | Attr =    ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Modified Date = 12.03.2008 19:00:04 | Attr =   S]
erdnt -> %SystemRoot%\erdnt ->  [Folder | Modified Date = 14.03.2008 14:08:58 | Attr =    ]
ERUNT -> %SystemRoot%\ERUNT ->  [Folder | Modified Date = 13.03.2008 13:49:49 | Attr =    ]
Fonts -> %SystemRoot%\Fonts ->  [Folder | Modified Date = 10.03.2008 15:41:06 | Attr = R S]
ie7updates -> %SystemRoot%\ie7updates ->  [Folder | Modified Date = 07.03.2008 19:01:35 | Attr =    ]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1355 bytes | Modified Date = 07.03.2008 19:01:53 | Attr =    ]
inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 12.03.2008 11:08:39 | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 11.03.2008 16:05:59 | Attr =  HS]
Internet Logs -> %SystemRoot%\Internet Logs ->  [Folder | Modified Date = 11.03.2008 17:50:05 | Attr =    ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET ->  [Folder | Modified Date = 09.03.2008 18:00:26 | Attr =    ]
Minidump -> %SystemRoot%\Minidump ->  [Folder | Modified Date = 13.03.2008 19:50:57 | Attr =    ]
pchealth -> %SystemRoot%\pchealth ->  [Folder | Modified Date = 03.03.2008 19:57:27 | Attr =    ]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Modified Date = 15.03.2008 04:51:42 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Modified Date = 09.03.2008 17:30:12 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Modified Date = 09.03.2008 17:30:12 | Attr =  H ]
setup.pss -> %SystemRoot%\setup.pss ->  [Folder | Modified Date = 11.03.2008 11:43:11 | Attr =    ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution ->  [Folder | Modified Date = 11.03.2008 17:51:02 | Attr =    ]
Sun -> %SystemRoot%\Sun ->  [Folder | Modified Date = 29.02.2008 19:12:11 | Attr =    ]
system -> %SystemRoot%\system ->  [Folder | Modified Date = 13.03.2008 13:15:45 | Attr =    ]
system.ini -> %SystemRoot%\system.ini ->  [Ver =  | Size = 227 bytes | Modified Date = 14.03.2008 14:17:14 | Attr =    ]
system32 -> %SystemRoot%\system32 ->  [Folder | Modified Date = 15.03.2008 04:21:48 | Attr =    ]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Modified Date = 15.03.2008 04:33:12 | Attr =    ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 536 bytes | Modified Date = 11.03.2008 17:19:33 | Attr =    ]
winamp.ini -> %SystemRoot%\winamp.ini ->  [Ver =  | Size = 155 bytes | Modified Date = 12.03.2008 21:24:07 | Attr =    ]
WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Modified Date = 03.03.2008 19:58:08 | Attr =    ]
PMTask.job -> %SystemRoot%\tasks\PMTask.job ->  [Ver =  | Size = 304 bytes | Modified Date = 15.03.2008 04:17:01 | Attr =    ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 15.03.2008 04:15:27 | Attr =  H ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat ->  [Ver =  | Size = 5470 bytes | Modified Date = 15.03.2008 04:18:35 | Attr =    ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat ->  [Ver =  | Size = 5470 bytes | Modified Date = 15.03.2008 04:18:35 | Attr =    ]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat ->  [Ver =  | Size = 3804 bytes | Modified Date = 27.01.2008 20:25:57 | Attr =    ]

< End of report >
[/code]