[code]
OTScanIt logfile created on: 4/8/2008 4:13:48 PM
OTScanIt by OldTimer - Version 1.0.9.0 Folder = C:\OTScanit\OTScanIt
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.10 Mb Total Physical Memory | 664.30 Mb Available Physical Memory | 64.99% Memory free
2.40 Gb Paging File | 2.05 Gb Available in Paging File | 85.32% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 165.74 Gb Free Space | 71.20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 15.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SRINAGAR
Current User Name: Viewer
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
[Processes - Non-Microsoft Only]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/4/2008 2:27:08 PM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 4:25:21 AM | Attr = ]
rthdcpl.exe -> %SystemRoot%\RTHDCPL.EXE -> Realtek Semiconductor Corp. [Ver = 2.1.3.7 | Size = 16132608 bytes | Modified Date = 7/22/2007 4:27:12 PM | Attr = ]
pdvddxsrv.exe -> %ProgramFiles%\CyberLink\PowerDVD DX\PDVDDXSrv.exe -> CyberLink Corp. [Ver = 4, 5, 0, 0 | Size = 118784 bytes | Modified Date = 10/20/2006 6:23:38 PM | Attr = ]
cursorxp.exe -> %ProgramFiles%\CursorXP\CursorXP.exe -> [Ver = 1, 3, 0, 0 | Size = 128000 bytes | Modified Date = 1/19/2005 5:34:16 PM | Attr = ]
filebx.exe -> %ProgramFiles%\FileBX\FileBX.exe -> Hyperionics Technology LLC [Ver = 2, 0, 1, 0 | Size = 446464 bytes | Modified Date = 12/18/2007 1:18:03 PM | Attr = ]
pddlghlp.exe -> %ProgramFiles%\VCOM\PowerDesk\pddlghlp.exe -> V Communications, Inc. [Ver = 6.0.1.8 | Size = 40960 bytes | Modified Date = 8/2/2004 5:55:12 PM | Attr = ]
a2service.exe -> %ProgramFiles%\a-squared Free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.384 | Size = 366712 bytes | Modified Date = 1/7/2008 6:56:32 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 8:31:10 AM | Attr = ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 2/20/2008 10:36:56 PM | Attr = ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 2/20/2008 10:36:56 PM | Attr = ]
bocore.exe -> %ProgramFiles%\COMODO\CBOClean\BOCore.exe -> COMODO [Ver = 4.25.001 | Size = 69632 bytes | Modified Date = 8/7/2007 4:59:34 AM | Attr = ]
ftpsched.exe -> %ProgramFiles%\WS_FTP Pro\ftpsched.exe -> Ipswitch, Inc., 81 Hartwell Ave, Lexington MA 02421 [Ver = 1, 0, 0, 1 | Size = 212992 bytes | Modified Date = 2/17/2008 7:28:28 PM | Attr = ]
nbservice.exe -> %ProgramFiles%\Nero\Nero8\Nero BackItUp\NBService.exe -> Nero AG [Ver = 3, 2, 3, 0 | Size = 869672 bytes | Modified Date = 12/3/2007 2:21:24 PM | Attr = ]
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.5828 | Size = 163908 bytes | Modified Date = 5/27/2007 11:15:10 PM | Attr = ]
sp_rsser.exe -> %ProgramFiles%\Spyware Terminator\sp_rsser.exe -> Crawler.com [Ver = 2.1.0.284 | Size = 1097216 bytes | Modified Date = 2/18/2008 4:53:59 AM | Attr = ]
editplus.exe -> %ProgramFiles%\EditPlus 2\editplus.exe -> ES-Computing [Ver = 2, 3, 1, 406 | Size = 1423360 bytes | Modified Date = 3/4/2008 12:27:30 AM | Attr = ]
pdexplo.exe -> %ProgramFiles%\VCOM\PowerDesk\PDExplo.exe -> [Ver = | Size = 2121728 bytes | Modified Date = 8/2/2004 5:53:04 PM | Attr = ]
otscanit.exe -> %SystemDrive%\OTScanit\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.9.0 | Size = 369152 bytes | Modified Date = 4/4/2008 12:24:38 PM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(a2free) a-squared Free Service [Win32_Own | Auto | Running] -> %ProgramFiles%\a-squared Free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.384 | Size = 366712 bytes | Modified Date = 1/7/2008 6:56:32 PM | Attr = ]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/4/2008 2:27:08 PM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 5/30/2007 8:31:10 AM | Attr = ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 2/20/2008 10:36:56 PM | Attr = ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 2/20/2008 10:36:56 PM | Attr = ]
(BOCore) BOCore [Win32_Own | Auto | Running] -> %ProgramFiles%\COMODO\CBOClean\BOCore.exe -> COMODO [Ver = 4.25.001 | Size = 69632 bytes | Modified Date = 8/7/2007 4:59:34 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
(ftpqueue) Ipswitch WS_FTP Queue [Win32_Own | Auto | Running] -> %ProgramFiles%\WS_FTP Pro\ftpsched.exe -> Ipswitch, Inc., 81 Hartwell Ave, Lexington MA 02421 [Ver = 1, 0, 0, 1 | Size = 212992 bytes | Modified Date = 2/17/2008 7:28:28 PM | Attr = ]
(Nero BackItUp Scheduler 3) Nero BackItUp Scheduler 3 [Win32_Own | Auto | Running] -> %ProgramFiles%\Nero\Nero8\Nero BackItUp\NBService.exe -> Nero AG [Ver = 3, 2, 3, 0 | Size = 869672 bytes | Modified Date = 12/3/2007 2:21:24 PM | Attr = ]
(NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Nero\Lib\NMIndexingService.exe -> Nero AG [Ver = 3.2.5.0 | Size = 447784 bytes | Modified Date = 12/13/2007 7:10:56 PM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.5828 | Size = 163908 bytes | Modified Date = 5/27/2007 11:15:10 PM | Attr = ]
(sp_rssrv) Spyware Terminator Realtime Shield Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Spyware Terminator\sp_rsser.exe -> Crawler.com [Ver = 2.1.0.284 | Size = 1097216 bytes | Modified Date = 2/18/2008 4:53:59 AM | Attr = ]
(SRS Labs License Service) SRS Labs License Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SRS Labs Shared\Service\srslabslicenseservice.exe -> SRS Labs [Ver = 2.70.000 | Size = 72704 bytes | Modified Date = 3/5/2008 11:22:24 PM | Attr = ]
(stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SureThing Shared\stllssvr.exe -> MicroVision Development, Inc. [Ver = 1.2.447 | Size = 73728 bytes | Modified Date = 9/14/2006 3:54:34 PM | Attr = ]
(TuneUp.Defrag) TuneUp Drive Defrag Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.0.0.13 | Size = 307968 bytes | Modified Date = 3/4/2008 11:21:41 AM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe ["C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 6/11/2007 5:25:42 AM | Attr = ]
Ad-Watch -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe [C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe] -> Lavasoft AB [Ver = 7.0.2.6 | Size = 2684280 bytes | Modified Date = 1/11/2008 11:57:30 AM | Attr = ]
AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe [C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP] -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 2/20/2008 10:36:56 PM | Attr = ]
BOC-425 -> %ProgramFiles%\COMODO\CBOClean\BOC425.EXE [C:\PROGRA~1\Comodo\CBOClean\BOC425.exe] -> COMODO [Ver = 4.25.001 | Size = 338432 bytes | Modified Date = 8/8/2007 7:49:46 PM | Attr = ]
NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.11.5828 | Size = 8429568 bytes | Modified Date = 5/27/2007 11:14:34 PM | Attr = ]
PDVDDXSrv -> %ProgramFiles%\CyberLink\PowerDVD DX\PDVDDXSrv.exe ["C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"] -> CyberLink Corp. [Ver = 4, 5, 0, 0 | Size = 118784 bytes | Modified Date = 10/20/2006 6:23:38 PM | Attr = ]
RTHDCPL -> %SystemRoot%\RTHDCPL.EXE [RTHDCPL.EXE] -> Realtek Semiconductor Corp. [Ver = 2.1.3.7 | Size = 16132608 bytes | Modified Date = 7/22/2007 4:27:12 PM | Attr = ]
SpyBlocker -> %ProgramFiles%\SpyBlocker Software\spyblocker.exe [C:\Program Files\SpyBlocker Software\spyblocker.exe] -> SpyBlocker Software [Ver = 4.7500 | Size = 1720320 bytes | Modified Date = 1/12/2002 1:24:30 AM | Attr = ]
SpywareTerminator -> %ProgramFiles%\Spyware Terminator\SpywareTerminatorShield.Exe ["C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"] -> Crawler.com [Ver = 2.1.0.276 | Size = 2957824 bytes | Modified Date = 2/18/2008 4:53:59 AM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_05\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 144784 bytes | Modified Date = 2/22/2008 4:25:21 AM | Attr = ]
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
CursorXP -> %ProgramFiles%\CursorXP\CursorXP.exe [C:\Program Files\CursorXP\CursorXP.exe] -> [Ver = 1, 3, 0, 0 | Size = 128000 bytes | Modified Date = 1/19/2005 5:34:16 PM | Attr = ]
Spybot-S&D Security Center launcher -> %ProgramFiles%\Spybot - Search & Destroy\SDMain.exe [C:\Program Files\Spybot - Search & Destroy\SDMain.exe] -> Safer Networking Ltd. [Ver = 1, 0, 0, 5 | Size = 414544 bytes | Modified Date = 1/28/2008 11:43:28 AM | Attr = ]
SpybotSD TeaTimer -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> Safer Networking Limited [Ver = 1, 5, 2, 16 | Size = 2097488 bytes | Modified Date = 1/28/2008 11:43:40 AM | Attr = RHS]
Spyware Terminator Realtime Shield -> %ProgramFiles%\Spyware Terminator\SpywareTerminatorShield.Exe [C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe] -> Crawler.com [Ver = 2.1.0.276 | Size = 2957824 bytes | Modified Date = 2/18/2008 4:53:59 AM | Attr = ]
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 2/29/2008 4:03:46 PM | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\FileBox eXtender.lnk -> %ProgramFiles%\FileBX\FileBX.exe -> Hyperionics Technology LLC [Ver = 2, 0, 1, 0 | Size = 446464 bytes | Modified Date = 12/18/2007 1:18:03 PM | Attr = ]
< Viewer Startup Folder > -> C:\Documents and Settings\Viewer\Start Menu\Programs\Startup ->
%UserProfile%\Start Menu\Programs\Startup\Dialog Helper.lnk -> %ProgramFiles%\VCOM\PowerDesk\pddlghlp.exe -> V Communications, Inc. [Ver = 6.0.1.8 | Size = 40960 bytes | Modified Date = 8/2/2004 5:55:12 PM | Attr = ]
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
-> -> File not found
*MultiFile Done* -> ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 5/30/2007 8:29:58 AM | Attr = ]
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 12:55:48 PM | Attr = ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 4/19/2007 12:41:36 PM | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\MaxRecentDocs -> 15 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ClearRecentDocsOnExit -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> ->
< HOSTS File > (413490 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3251 domain(s) found. ->
26 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{FFFFFEF0-5B30-21D4-945D-000000000000} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Star Downloader\SDIEInt.dll [] -> [Ver = | Size = 135680 bytes | Modified Date = 2/26/2006 3:44:16 PM | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Crawler\Toolbar\ctbr.dll [&Crawler Toolbar] -> Crawler.com [Ver = 5.1.0.88 | Size = 1146880 bytes | Modified Date = 2/15/2008 9:01:28 AM | Attr = ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Crawler\Toolbar\ctbr.dll [&Crawler Toolbar] -> Crawler.com [Ver = 5.1.0.88 | Size = 1146880 bytes | Modified Date = 2/15/2008 9:01:28 AM | Attr = ]
WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Crawler\Toolbar\ctbr.dll [&Crawler Toolbar] -> Crawler.com [Ver = 5.1.0.88 | Size = 1146880 bytes | Modified Date = 2/15/2008 9:01:28 AM | Attr = ]
WebBrowser\\{71AAABE5-1F0F-11D7-BD6F-004854603DCE} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ]
{B06300D0-CCDE-11d2-92D3-0000F87A4A55}:{C651A691-CCD9-11D2-92D3-0000F87A4A55} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\webzone.dll [Add to R&estricted Zone] -> [Ver = 1, 0, 0, 1 | Size = 36864 bytes | Modified Date = 3/1/1999 12:03:28 PM | Attr = ]
{BF80219A-CCDD-11d2-92D3-0000F87A4A55}:{C651A693-CCD9-11D2-92D3-0000F87A4A55} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\webzone.dll [Add to Tr&usted Zone] -> [Ver = 1, 0, 0, 1 | Size = 36864 bytes | Modified Date = 3/1/1999 12:03:28 PM | Attr = ]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search && Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 1/28/2008 11:43:28 AM | Attr = ]
{FC09D8A3-C85A-11d2-92D0-0000F87A4A55}:{A58D06D4-CA90-11D2-92D2-0000F87A4A55} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\oline.dll [Offline] -> [Ver = 1, 0, 0, 1 | Size = 36864 bytes | Modified Date = 2/23/1999 7:00:28 PM | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr = ]
CmdMapping\\{B06300D0-CCDE-11d2-92D3-0000F87A4A55} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\webzone.dll [Add to R&estricted Zone] -> [Ver = 1, 0, 0, 1 | Size = 36864 bytes | Modified Date = 3/1/1999 12:03:28 PM | Attr = ]
CmdMapping\\{BF80219A-CCDD-11d2-92D3-0000F87A4A55} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\webzone.dll [Add to Tr&usted Zone] -> [Ver = 1, 0, 0, 1 | Size = 36864 bytes | Modified Date = 3/1/1999 12:03:28 PM | Attr = ]
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search && Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 1/28/2008 11:43:28 AM | Attr = ]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FC09D8A3-C85A-11d2-92D0-0000F87A4A55} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\oline.dll [Offline] -> [Ver = 1, 0, 0, 1 | Size = 36864 bytes | Modified Date = 2/23/1999 7:00:28 PM | Attr = ]
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Copy Location -> %SystemRoot%\Web\graburl.htm -> [Ver = | Size = 281 bytes | Modified Date = 2/18/1999 3:52:42 PM | Attr = ]
Crawler Search -> -> File not found
Download with Star Downloader -> %ProgramFiles%\Star Downloader\sdie.htm -> [Ver = | Size = 979 bytes | Modified Date = 2/4/2004 8:53:58 PM | Attr = ]
IEB: Browser: Resize Window -> %ProgramFiles%\IE Booster\window-size.htm -> File not found
IEB: Frame: Open in &New Window -> %ProgramFiles%\IE Booster\frame-open-in-new-window.htm -> File not found
IEB: Frame: Open in &This Window -> %ProgramFiles%\IE Booster\frame-open-in-this-window.htm -> File not found
IEB: Image: Copy Path to Clipboard -> %ProgramFiles%\IE Booster\image-copy-path-to-clipboard.htm -> File not found
IEB: Image: Show Image Data -> %ProgramFiles%\IE Booster\image-view-image-data.htm -> File not found
IEB: Link: Copy as caption -> %ProgramFiles%\IE Booster\link-copy.htm -> File not found
IEB: Page: Copy Title as Title -> %ProgramFiles%\IE Booster\page-copy-title.htm -> File not found
IEB: Page: Show Forms and Applets -> %ProgramFiles%\IE Booster\page-show-forms.htm -> File not found
IEB: Page: Show Hyperlinks -> %ProgramFiles%\IE Booster\page-view-hyperlinks.htm -> File not found
IEB: Page: Show Images -> %ProgramFiles%\IE Booster\page-show-images.htm -> File not found
IEB: Page: Show Source -> %ProgramFiles%\IE Booster\page-view-source.htm -> File not found
IEB: Page: Show Stylesheets -> %ProgramFiles%\IE Booster\page-view-stylesheets.htm -> File not found
IEB: Selection: Copy as plain text -> %ProgramFiles%\IE Booster\selection-copy-plaintext.htm -> File not found
IEB: Selection: Open in Browser -> %ProgramFiles%\IE Booster\selection-open-in-browser.htm -> File not found
IEB: Selection: Show Partial Source -> %ProgramFiles%\IE Booster\selection-show-source.htm -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
MyIE2 -> IEAK ->
MyIE2 0.3 -> IEAK ->
SV1 -> ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{64F78A9E-3BFB-48F3-A382-310492BF479D} -> (Intel(R) 82562V-2 10/100 Network Connection) ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
tbr:{4D25FB7A-8902-4291-960E-9ADA051CFBBF} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Crawler\Toolbar\ctbr.dll[] -> Crawler.com [Ver = 5.1.0.88 | Size = 1146880 bytes | Modified Date = 2/15/2008 9:01:28 AM | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab[Java Plug-in 1.5.0_06] ->
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] ->
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ ->
Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ not found. -> ->
[Registry - Additional Scans - Non-Microsoft Only]
< BotCheck > -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> ->
Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> ->
*Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) ->
*Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 6/15/2005 1:49:30 PM | Attr = ]
msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 10:21:15 AM | Attr = ]
wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49152 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 872 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 ->
*Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages ->
scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\enabledcom -> y ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> ->
*ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder ->
Windows NT Access Provider -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> C:\WINDOWS\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\System32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 12727 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> Microsoft Corporation [Ver = 12.0.4518.1014 | Size = 12813096 bytes | Modified Date = 10/27/2006 4:16:48 PM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SpyBlocker Software\spyblocker.exe -> C:\Program Files\SpyBlocker Software\spyblocker.exe [C:\Program Files\SpyBlocker Software\spyblocker.exe:*:Enabled:SpyBlocker] -> SpyBlocker Software [Ver = 4.7500 | Size = 1720320 bytes | Modified Date = 1/12/2002 1:24:30 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\WS_FTP Pro\ftp95pro.exe -> C:\Program Files\WS_FTP Pro\ftp95pro.exe [C:\Program Files\WS_FTP Pro\ftp95pro.exe:*:Enabled:WS_FTP 95] -> Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA [Ver = 2000, 4, 28, 1 | Size = 535552 bytes | Modified Date = 2/17/2008 7:28:28 PM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avginet.exe -> C:\Program Files\Grisoft\AVG7\avginet.exe [C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe] -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 510976 bytes | Modified Date = 2/20/2008 10:36:56 PM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avgamsvr.exe -> C:\Program Files\Grisoft\AVG7\avgamsvr.exe [C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe] -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 2/20/2008 10:36:56 PM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avgcc.exe -> C:\Program Files\Grisoft\AVG7\avgcc.exe [C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe] -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 2/20/2008 10:36:56 PM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BitTyrant\Azureus.exe -> C:\Program Files\BitTyrant\Azureus.exe [C:\Program Files\BitTyrant\Azureus.exe:*:Enabled:Azureus] -> Aelitis [Ver = 1.0.0.0 | Size = 219648 bytes | Modified Date = 12/18/2006 12:56:16 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent.exe -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> BitTorrent, Inc. [Ver = 1.8.0.8891 | Size = 566576 bytes | Modified Date = 3/9/2008 7:40:09 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Azureus\Azureus.exe -> C:\Program Files\Azureus\Azureus.exe [C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus Vuze] -> Azureus Inc [Ver = 3.0.0.0 | Size = 254976 bytes | Modified Date = 12/3/2007 8:28:42 PM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UltraEdit\UEDIT32.EXE -> C:\Program Files\UltraEdit\UEDIT32.EXE [C:\Program Files\UltraEdit\UEDIT32.EXE:*:Enabled:UltraEdit-32 Professional Text/Hex Editor] -> IDM Computer Solutions, Inc. [Ver = 8.00. | Size = 491008 bytes | Modified Date = 12/5/2000 9:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Description -> Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. ->
*DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DependOnService ->
RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/26/2005 12:39:49 AM | Attr = ]
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DisplayName -> Remote Registry ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k LocalService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ObjectName -> NT AUTHORITY\LocalService ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Group -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\FailureActions -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\\ServiceDll -> C:\WINDOWS\system32\regsvc.dll [%SystemRoot%\system32\regsvc.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\\Security -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\0 -> Root\LEGACY_REMOTEREGISTRY\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Type -> 16 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 4 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ImagePath -> C:\WINDOWS\system32\tlntsvr.exe [C:\WINDOWS\system32\tlntsvr.exe] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73216 bytes | Modified Date = 8/4/2004 6:00:00 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DisplayName -> Telnet ->
*DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnService ->
RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/26/2005 12:39:49 AM | Attr = ]
TCPIP -> -> File not found
NTLMSSP -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Description -> Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\\Security -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ ->
.bat [@ = batfile] -> -> File not found
.cmd [@ = cmdfile] -> -> File not found
.com [@ = comfile] -> -> File not found
.exe [@ = exefile] -> -> File not found
.pif [@ = piffile] -> -> File not found
.scr [@ = scrfile] -> -> File not found
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{0394CDC8-FABD-4ed8-B104-03393876DFDF} -> Roxio Creator Tools
{0609D0AF-1382-42BE-81DB-CF30F8B0F6E2} -> Serif PhotoPlus 6.0
{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} -> MSXML 6.0 Parser (KB933579)
{0D397393-9B50-4c52-84D5-77E344289F87} -> Roxio Creator Data
{23236FC2-648D-4ACF-AD16-68492D0F0AC9} -> FileBox eXtender
{281ECE39-F043-492B-8337-F2E546B5604A} -> PowerDVD
{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668} -> Roxio Drag-to-Disc
{30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Roxio Update Manager
{309375A3-0667-4EC6-9108-D9F5D0655F78} -> EmEditor Free (English)
{3248F0A8-6813-11D6-A77B-00B0D0150060} -> J2SE Runtime Environment 5.0 Update 6
{3248F0A8-6813-11D6-A77B-00B0D0160050} -> Java(TM) 6 Update 5
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} -> Sonic Activation Module
{3921A67A-5AB1-4E48-9444-C71814CF3027} -> VCRedistSetup
{3F92ABBB-6BBF-11D5-B229-002078017FBF} -> NetWaiting
{56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml
{5888428E-699C-4E71-BF71-94EE06B497DA} -> TuneUp Utilities 2008
{5905F42D-3F5F-4916-ADA6-94A3646AEE76} -> Dell Driver Reset Tool
{5FCCD531-1B38-4A94-924C-127F722F1033} -> Nero 8
{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} -> Roxio Creator Copy
{62230596-37E5-4618-A329-0D21F529A86F} -> Browser Address Error Redirector
{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler
{7131646D-CD3C-40F4-97B9-CD9E4E6262EF} -> Microsoft .NET Framework 2.0
{71414EC2-0684-4A15-A85A-E0E259D117AF} -> Microangelo Toolset 6
{76C24F39-B161-498F-BD8B-C64789812D13}_is1 -> ConvertXtoDVD 3.0.0.7
{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} -> Intel(R) PRO Network Connections 12.1.12.0
{83FFCFC7-88C6-41c6-8752-958A45325C82} -> Roxio Creator Audio
{8679D366-D73F-4303-92F7-853B13C1F424} -> Microangelo On Display
{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC} -> Roxio Creator BDAV Plugin
{90120000-0010-0409-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (English) 12
{90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
{90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007
{90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
{90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
{90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
{91120000-0013-0000-0000-0000000FF1CE} -> Microsoft Office Basic 2007
{A5BA14E0-7384-11D4-BAE7-00409631A2C8} -> Macromedia Extension Manager
{ABDA9912-5D00-11D4-BAE7-9367CA097955} -> Macromedia Dreamweaver 4
{AC76BA86-7AD7-1033-7B44-A70800000002} -> Adobe Reader 7.0.8
{B09DFBF9-9148-4070-A493-69D71455D983}_is1 -> Artweaver
{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy
{B6EC7388-E277-4A5B-8C8F-71067A41BA64} -> TextPad 5
{B8971880-0060-11D8-87CB-C2A1A3E71907}_is1 -> Index.dat Suite
{B93251B5-9209-4DAB-867C-AA98D91584CD} -> PowerDesk 6
{C04E32E0-0416-434D-AFB9-6969D703A9EF} -> MSXML 4.0 SP2 (KB936181)
{C252EB7B-7AE0-46DE-9BEE-DF681B885F13} -> Modem Diagnostic Tool
{C67570B3-2545-4E87-BD2C-5CDC71CDA13E} -> SRS Audio Sandbox
{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} -> Roxio Creator DE
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware Free Edition
{D642E38E-0D24-486C-9A2D-E316DD696F4B} -> Microsoft XML Parser
{D6DE02C7-1F47-11D4-9515-00105AE4B89A} -> Paint Shop Pro 7 Try And Buy
{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware 2007
{E646DCF0-5A68-11D5-B229-002078017FBF} -> Digital Line Detect
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
Adobe Flash Player ActiveX -> Adobe Flash Player ActiveX
AnalogX MaxMem -> AnalogX MaxMem
Arachnophilia 5.3_is1 -> Arachnophilia 5.3
a-squared Free_is1 -> a-squared Free 3.1
AVG7Uninstall -> AVG 7.5
AVGantiRootkit -> AVG Anti-Rootkit Free
AVGAntiSpyware75 -> AVG Anti-Spyware 7.5
Avidemux 2.4 -> Avidemux 2.4
AVIedit 3.38 -> AVIedit 3.38
AVS Video Tools 5.1_is1 -> AVS Video Tools 5.1
AVSDiscCreator_is1 -> AVS Disc Creator version 2.1
Azureus Vuze -> Azureus Vuze
BASICR -> Microsoft Office Basic 2007
BitTyrant -> BitTyrant
BugOff -> BugOff 1.10
CBOClean -> BOClean
CCleaner -> CCleaner (remove only)
CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1 -> Conexant D850 56K V.9x DFVc Modem
Crimson Editor -> Crimson Editor (remove only)
CToolbar_UNINSTALL -> Crawler Toolbar with Web Security Guard
CursorXP -> CursorXP
dBpowerAMP -> dBpowerAMP
EditPad Pro 6 -> JGsoft EditPad Pro 6 DEMO 6.1.2
EditPlus 2 -> EditPlus 2
ExplorerXP -> ExplorerXP (remove only)
FileBox eXtender -> FileBox eXtender
FileZilla Client -> FileZilla Client 3.0.8.1
Foxit PDF Editor -> Foxit PDF Editor
Foxit Reader -> Foxit Reader
GIMPshop -> GIMPshop 2.2.8
GOM Player -> GOM Player
HijackThis -> HijackThis 2.0.2
IcoFX_is1 -> IcoFX 1.5.01
IE Booster Web Browser Extensions_is1 -> IE Booster - Web Browser Extensions for IE
IE5WA -> Microsoft Internet Explorer 5 PowerTweaks Web Accessory
IrfanView -> IrfanView (remove only)
KB835221WXP -> High Definition Audio Driver Package - KB835221
KB885836 -> Windows XP Hotfix - KB885836
KB886185 -> Windows XP Hotfix - KB886185
KB888302 -> Windows XP Hotfix - KB888302
KB890859 -> Windows XP Hotfix - KB890859
KB893756 -> Security Update for Windows XP (KB893756)
KB894391 -> Update for Windows XP (KB894391)
KB896428 -> Security Update for Windows XP (KB896428)
KB898461 -> Update for Windows XP (KB898461)
KB899587 -> Security Update for Windows XP (KB899587)
KB900485 -> Update for Windows XP (KB900485)
KB900725 -> Security Update for Windows XP (KB900725)
KB901017 -> Security Update for Windows XP (KB901017)
KB902400 -> Security Update for Windows XP (KB902400)
KB905414 -> Security Update for Windows XP (KB905414)
KB905749 -> Security Update for Windows XP (KB905749)
KB910437 -> Update for Windows XP (KB910437)
KB911280 -> Update for Windows XP (KB911280)
KB911927 -> Security Update for Windows XP (KB911927)
KB913580 -> Security Update for Windows XP (KB913580)
KB914389 -> Security Update for Windows XP (KB914389)
KB916595 -> Update for Windows XP (KB916595)
KB920872 -> Update for Windows XP (KB920872)
KB922582 -> Update for Windows XP (KB922582)
KB922819 -> Security Update for Windows XP (KB922819)
KB923723 -> Security Update for Step By Step Interactive Training (KB923723)
KB927779 -> Security Update for Windows XP (KB927779)
KB927891 -> Update for Windows XP (KB927891)
KB930916 -> Update for Windows XP (KB930916)
KB931784 -> Security Update for Windows XP (KB931784)
KB937894 -> Security Update for Windows XP (KB937894)
KB939653 -> Security Update for Windows XP (KB939653)
KB941568 -> Security Update for Windows XP (KB941568)
KB941569 -> Security Update for Windows XP (KB941569)
KB941644 -> Security Update for Windows XP (KB941644)
KB942763 -> Update for Windows XP (KB942763)
KB942840 -> Update for Windows XP (KB942840)
KB943055 -> Security Update for Windows XP (KB943055)
KB943460 -> Security Update for Windows XP (KB943460)
KB943485 -> Security Update for Windows XP (KB943485)
KB944533 -> Security Update for Windows XP (KB944533)
KB944653 -> Security Update for Windows XP (KB944653)
KB946026 -> Security Update for Windows XP (KB946026)
KompoZer-0.7.10 -> KompoZer-0.7.10
LimeWire -> LimeWire 4.16.6
M928366 -> Microsoft .NET Framework 1.1 Hotfix (KB928366)
Magic ISO Maker v5.4 (build 0239) -> Magic ISO Maker v5.4 (build 0239)
Magic Music Editor_is1 -> Magic Music Editor v5.2.7
Magic Video Converter_is1 -> Magic Video Converter Trial Version (English) 7.9.6.1
Magic Video Studio_is1 -> Magic Video Studio Trial Version (English) 7.9.6.1
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
Malwarebytes' RogueRemover FREE_is1 -> Malwarebytes' RogueRemover
Maxthon -> Maxthon Browser (remove only)
MediaCoder -> MediaCoder 0.6.1
Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 -> Microsoft .NET Framework 2.0
Mozilla Firefox (2.0.0.13) -> Mozilla Firefox (2.0.0.13)
NoteTab Pro 5 Trial_is1 -> NoteTab Pro 5 Trial (Remove only)
NVIDIA Drivers -> NVIDIA Drivers
Nvu_is1 -> Nvu 1.0
PeerGuardian_is1 -> PeerGuardian 2.0
PowerISO -> PowerISO
PSPad editor_is1 -> PSPad editor
Revo Uninstaller -> Revo Uninstaller 1.50
ShellExView -> ShellExView
SpyBlocker -> SpyBlocker
Spyware Terminator_is1 -> Spyware Terminator
SpywareBlaster_is1 -> SpywareBlaster 4.0
Star Downloader Free -> Star Downloader Free
t@b ZS4 Video Editor_is1 -> t@b ZS4 Video Editor v0.958-686
TC UP -> Total Commander Ultima Prime 3.6.0.0
Teleport Pro -> Teleport Pro
TopStyle Lite (Version 1.5) -> TopStyle Lite (Version 1.5)
TopStyle3_is1 -> TopStyle (Version 3)
Tweak UI 2.10 -> Tweak UI
Ulead SmartSaver Pro 2.0 -> Ulead SmartSaver Pro 2.0 Trial Version
UltraEdit-32 -> UltraEdit-32 Uninstall
UltraExplorer_is1 -> UltraExplorer 1.5.0.3
VLC media player -> VideoLAN VLC media player 0.8.6d
Winamp -> Winamp
Windows Media Format Runtime -> Windows Media Format Runtime
WinGimp-2.0_is1 -> GIMP 2.4.4
WinHTTrack Website Copier_is1 -> WinHTTrack Website Copier 3.42
WinRAR archiver -> WinRAR archiver
WinZip -> WinZip
WS_FTPPro -> Ipswitch WS_FTP Pro Uninstall
Xenu_is1 -> Xenu's Link Sleuth
XN Resource Editor_is1 -> XNResourceEditor 3.0.0.1
xplorer2p -> xplorer² professional
Zwei-Stein_is1 -> Zwei-Stein Video Compositor 3.01 (Beta 2).
< Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
HomeSite 4.5 -> HomeSite 4.5
IconTweaker -> IconTweaker 1.12
Mmm -> Mmm
uTorrent -> µTorrent
[Files/Folders - Created Within 30 days]
0407 -> %SystemDrive%\0407 -> [Folder | Created Date = 4/7/2008 5:56:56 AM | Attr = ]
408 -> %SystemDrive%\408 -> [Folder | Created Date = 4/7/2008 10:37:19 PM | Attr = ]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 4/6/2008 5:52:18 PM | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 4/7/2008 1:08:57 PM | Attr = ]
experimentingwithresources -> %SystemDrive%\experimentingwithresources -> [Folder | Created Date = 3/24/2008 11:21:19 AM | Attr = ]
Fix180Sh.exe -> %SystemDrive%\Fix180Sh.exe -> Symantec Corporation [Ver = 1.0.5 | Size = 167080 bytes | Created Date = 4/6/2008 7:06:28 PM | Attr = ]
Free-SpyHunter-Scanner-Install.exe -> %SystemDrive%\Free-SpyHunter-Scanner-Install.exe -> [Ver = 3.4 | Size = 7525464 bytes | Created Date = 4/6/2008 7:06:28 PM | Attr = ]
goingtothepictureshow -> %SystemDrive%\goingtothepictureshow -> [Folder | Created Date = 3/24/2008 7:55:01 AM | Attr = ]
Neroblocker -> %SystemDrive%\Neroblocker -> [Folder | Created Date = 3/11/2008 2:14:04 AM | Attr = ]
OTScanit -> %SystemDrive%\OTScanit -> [Folder | Created Date = 4/7/2008 11:03:15 PM | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 4/6/2008 10:00:14 PM | Attr = HS]
rr-free-setup.exe -> %SystemDrive%\rr-free-setup.exe -> Malwarebytes [Ver = 1.0.0.0 | Size = 64089 bytes | Created Date = 4/7/2008 3:46:54 AM | Attr = ]
SDFix -> %SystemDrive%\SDFix -> [Folder | Created Date = 4/6/2008 5:15:14 PM | Attr = ]
smitfraudfix -> %SystemDrive%\smitfraudfix -> [Folder | Created Date = 4/7/2008 9:05:08 AM | Attr = ]
smitrem -> %SystemDrive%\smitrem -> [Folder | Created Date = 4/7/2008 8:22:12 AM | Attr = ]
spybotsd152.exe -> %SystemDrive%\spybotsd152.exe -> Safer Networking Limited [Ver = 1.5.2 | Size = 9722720 bytes | Created Date = 4/7/2008 3:46:54 AM | Attr = ]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 6342680 bytes | Created Date = 4/7/2008 3:46:58 AM | Attr = ]
tunez -> %SystemDrive%\tunez -> [Folder | Created Date = 3/24/2008 6:46:57 PM | Attr = ]
_OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 4/7/2008 10:52:57 PM | Attr = ]
AvgAsCln.sys -> %SystemRoot%\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 4/7/2008 11:03:53 AM | Attr = ]
pcouffin.sys -> %SystemRoot%\System32\drivers\pcouffin.sys -> VSO Software [Ver = 1.37 | Size = 47360 bytes | Created Date = 3/9/2008 5:08:57 PM | Attr = ]
AC3ACM.acm -> %SystemRoot%\System32\AC3ACM.acm -> fccHandler [Ver = 0, 7, 0, 0 | Size = 81920 bytes | Created Date = 3/9/2008 5:03:31 PM | Attr = ]
alf2cd.acm -> %SystemRoot%\System32\alf2cd.acm -> NCT Company [Ver = 2.03 | Size = 38912 bytes | Created Date = 3/9/2008 5:03:31 PM | Attr = ]
avisynth.dll -> %SystemRoot%\System32\avisynth.dll -> The Public [Ver = 2, 5, 7, 0 | Size = 314368 bytes | Created Date = 3/9/2008 5:08:53 PM | Attr = ]
cook3260.dll -> %SystemRoot%\System32\cook3260.dll -> RealNetworks, Inc. [Ver = 10.0.0.1625 | Size = 65602 bytes | Created Date = 4/4/2008 7:47:26 AM | Attr = ]
d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [Ver = | Size = 664 bytes | Created Date = 4/6/2008 4:08:59 PM | Attr = ]
devil.dll -> %SystemRoot%\System32\devil.dll -> Abysmal Software [Ver = 1.6.6 | Size = 719872 bytes | Created Date = 3/9/2008 5:08:53 PM | Attr = ]
divx.dll -> %SystemRoot%\System32\divx.dll -> DivXNetworks, Inc. [Ver = 5.0.5.830 | Size = 638976 bytes | Created Date = 3/9/2008 5:03:32 PM | Attr = ]
divxdec.ax -> %SystemRoot%\System32\divxdec.ax -> DivXNetworks, Inc. [Ver = 5.0.5.830 | Size = 221215 bytes | Created Date = 3/9/2008 5:03:32 PM | Attr = ]
drv23260.dll -> %SystemRoot%\System32\drv23260.dll -> RealNetworks, Inc. [Ver = 6.0.7.3928 | Size = 176165 bytes | Created Date = 4/4/2008 7:47:26 AM | Attr = ]
drv33260.dll -> %SystemRoot%\System32\drv33260.dll -> RealNetworks, Inc. [Ver = 6.0.7.4085 | Size = 208935 bytes | Created Date = 4/4/2008 7:47:26 AM | Attr = ]
drv43260.dll -> %SystemRoot%\System32\drv43260.dll -> RealNetworks, Inc. [Ver = 6.0.7.2389 | Size = 217127 bytes | Created Date = 4/4/2008 7:47:26 AM | Attr = ]
GroupPolicy -> %SystemRoot%\System32\GroupPolicy -> [Folder | Created Date = 3/11/2008 2:13:10 AM | Attr = H ]
ions.dll -> %SystemRoot%\System32\ions.dll -> OldTimer Tools [Ver = 1.0.9.0 | Size = 369152 bytes | Created Date = 4/8/2008 3:39:08 PM | Attr = ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/19/2008 1:45:49 PM | Attr = ]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Created Date = 3/19/2008 1:45:49 PM | Attr = ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/19/2008 1:45:49 PM | Attr = ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 3/19/2008 1:45:49 PM | Attr = ]
mcdvd_32.dll -> %SystemRoot%\System32\mcdvd_32.dll -> MainConcept [Ver = 2.0.4 | Size = 261632 bytes | Created Date = 3/9/2008 5:03:31 PM | Attr = ]
MSIXU.DLL -> %SystemRoot%\System32\MSIXU.DLL -> [Ver = | Size = 10496 bytes | Created Date = 4/7/2008 11:01:41 PM | Attr = ]
MSNSA32.dll -> %SystemRoot%\System32\MSNSA32.dll -> [Ver = | Size = 26880 bytes | Created Date = 4/7/2008 11:01:40 PM | Attr = ]
NCTAudioCDGrabber2.dll -> %SystemRoot%\System32\NCTAudioCDGrabber2.dll -> NCT [Ver = 2,6,2,92 | Size = 835584 bytes | Created Date = 3/9/2008 5:09:42 PM | Attr = ]
NCTAudioDesign2.dll -> %SystemRoot%\System32\NCTAudioDesign2.dll -> Online Media Technologies Ltd. [Ver = 2,6,1,108 | Size = 2084864 bytes | Created Date = 3/9/2008 5:09:42 PM | Attr = ]
NCTAudioDisplay2.dll -> %SystemRoot%\System32\NCTAudioDisplay2.dll -> Online Media Technologies Ltd. [Ver = 2,6,1,108 | Size = 417792 bytes | Created Date = 3/9/2008 5:09:42 PM | Attr = ]
NCTAudioEditor2.dll -> %SystemRoot%\System32\NCTAudioEditor2.dll -> Online Media Technologies Ltd. [Ver = 2,6,1,391 | Size = 880640 bytes | Created Date = 3/9/2008 5:09:42 PM | Attr = ]
NCTAudioFile2.dll -> %SystemRoot%\System32\NCTAudioFile2.dll -> NCT Company Ltd. [Ver = 2,6,1,643 | Size = 1986560 bytes | Created Date = 3/9/2008 5:09:42 PM | Attr = ]
NCTAudioInformation2.dll -> %SystemRoot%\System32\NCTAudioInformation2.dll -> Online Media Technologies Ltd. [Ver = 2,6,1,256 | Size = 1212416 bytes | Created Date = 3/9/2008 5:09:42 PM | Attr = ]
NCTAudioPlayer2.dll -> %SystemRoot%\System32\NCTAudioPlayer2.dll -> Online Media Technologies Ltd. [Ver = 2,6,2,279 | Size = 458752 bytes | Created Date = 3/9/2008 5:09:43 PM | Attr = ]
NCTAudioRecord2.dll -> %SystemRoot%\System32\NCTAudioRecord2.dll -> Online Media Technologies Ltd. [Ver = 2,6,2,238 | Size = 458752 bytes | Created Date = 3/9/2008 5:09:43 PM | Attr = ]
NCTAudioTransform2.dll -> %SystemRoot%\System32\NCTAudioTransform2.dll -> Online Media Technologies Ltd. [Ver = 2,6,2,180 | Size = 602112 bytes | Created Date = 3/9/2008 5:09:43 PM | Attr = ]
NCTAudioVisualization2.dll -> %SystemRoot%\System32\NCTAudioVisualization2.dll -> Online Media Technologies Ltd. [Ver = 2,6,1,109 | Size = 479232 bytes | Created Date = 3/9/2008 5:09:43 PM | Attr = ]
NCTWMAFile2.dll -> %SystemRoot%\System32\NCTWMAFile2.dll -> Online Media Technologies Ltd. [Ver = 2,6,2,141 | Size = 348160 bytes | Created Date = 3/9/2008 5:09:43 PM | Attr = ]
NCTWMAProfiles.prx -> %SystemRoot%\System32\NCTWMAProfiles.prx -> [Ver = | Size = 113486 bytes | Created Date = 3/9/2008 5:09:43 PM | Attr = ]
ntnut32.exe -> %SystemRoot%\System32\ntnut32.exe -> [Ver = | Size = 10752 bytes | Created Date = 4/7/2008 1:10:23 PM | Attr = ]
Pncrt.dll -> %SystemRoot%\System32\Pncrt.dll -> RealNetworks, Inc. [Ver = 4.20.0000 | Size = 273408 bytes | Created Date = 4/4/2008 7:47:26 AM | Attr = ]
rictions.dll -> %SystemRoot%\System32\rictions.dll -> OldTimer Tools [Ver = 1.0.9.0 | Size = 369152 bytes | Created Date = 4/8/2008 4:02:29 PM | Attr = ]
s.dll -> %SystemRoot%\System32\s.dll -> [Ver = | Size = 6656 bytes | Created Date = 4/6/2008 2:41:13 PM | Attr = ]
Scg726.acm -> %SystemRoot%\System32\Scg726.acm -> SHARP Corporation [Ver = 1, 0, 0, 3 | Size = 13239 bytes | Created Date = 3/9/2008 5:03:31 PM | Attr = ]
shdocpe.dll -> %SystemRoot%\System32\shdocpe.dll -> [Ver = | Size = 19968 bytes | Created Date = 4/7/2008 1:10:23 PM | Attr = ]
SIPSPI32.dll -> %SystemRoot%\System32\SIPSPI32.dll -> [Ver = | Size = 32000 bytes | Created Date = 4/7/2008 11:01:40 PM | Attr = ]
vct3216.acm -> %SystemRoot%\System32\vct3216.acm -> Voxware, Inc. [Ver = 1.6.0.17 | Size = 82944 bytes | Created Date = 3/9/2008 5:03:31 PM | Attr = ]
vp7vfw.dll -> %SystemRoot%\System32\vp7vfw.dll -> On2.com [Ver = 7,0,8,0 | Size = 626688 bytes | Created Date = 4/4/2008 7:47:25 AM | Attr = ]
WER8274.DLL -> %SystemRoot%\System32\WER8274.DLL -> [Ver = | Size = 9984 bytes | Created Date = 4/7/2008 11:01:41 PM | Attr = ]
xvid.ax -> %SystemRoot%\System32\xvid.ax -> [Ver = | Size = 53248 bytes | Created Date = 3/9/2008 5:03:32 PM | Attr = ]
xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [Ver = | Size = 524288 bytes | Created Date = 3/9/2008 5:03:31 PM | Attr = ]
xvidvfw.dll -> %SystemRoot%\System32\xvidvfw.dll -> [Ver = | Size = 139264 bytes | Created Date = 3/9/2008 5:03:31 PM | Attr = ]
123messenger.per -> %SystemRoot%\123messenger.per -> [Ver = | Size = 24320 bytes | Created Date = 4/7/2008 12:56:12 PM | Attr = ]
2020search.dll -> %SystemRoot%\2020search.dll -> [Ver = | Size = 15360 bytes | Created Date = 4/7/2008 11:01:42 PM | Attr = ]
2020search2.dll -> %SystemRoot%\2020search2.dll -> [Ver = | Size = 17664 bytes | Created Date = 4/7/2008 1:10:24 PM | Attr = ]
apphelp32.dll -> %SystemRoot%\apphelp32.dll -> [Ver = | Size = 20992 bytes | Created Date = 4/7/2008 11:01:38 PM | Attr = ]
asferror32.dll -> %SystemRoot%\asferror32.dll -> [Ver = | Size = 11264 bytes | Created Date = 4/7/2008 11:01:38 PM | Attr = ]
asycfilt32.dll -> %SystemRoot%\asycfilt32.dll -> [Ver = | Size = 32256 bytes | Created Date = 4/7/2008 11:01:38 PM | Attr = ]
athprxy32.dll -> %SystemRoot%\athprxy32.dll -> [Ver = | Size = 14592 bytes | Created Date = 4/7/2008 11:01:38 PM | Attr = ]
ati2dvaa32.dll -> %SystemRoot%\ati2dvaa32.dll -> [Ver = | Size = 18432 bytes | Created Date = 4/7/2008 11:01:38 PM | Attr = ]
ati2dvag32.dll -> %SystemRoot%\ati2dvag32.dll -> [Ver = | Size = 17920 bytes | Created Date = 4/7/2008 11:01:38 PM | Attr = ]
audiosrv32.dll -> %SystemRoot%\audiosrv32.dll -> [Ver = | Size = 25344 bytes | Created Date = 4/7/2008 11:01:39 PM | Attr = ]
autodisc32.dll -> %SystemRoot%\autodisc32.dll -> [Ver = | Size = 11520 bytes | Created Date = 4/7/2008 11:01:39 PM | Attr = ]
avifile32.dll -> %SystemRoot%\avifile32.dll -> [Ver = | Size = 32256 bytes | Created Date = 4/7/2008 11:01:39 PM | Attr = ]
avisynthex32.dll -> %SystemRoot%\avisynthex32.dll -> [Ver = | Size = 32256 bytes | Created Date = 4/7/2008 11:01:39 PM | Attr = ]
aviwrap32.dll -> %SystemRoot%\aviwrap32.dll -> [Ver = | Size = 30464 bytes | Created Date = 4/7/2008 11:01:39 PM | Attr = ]
bjam.dll -> %SystemRoot%\bjam.dll -> [Ver = | Size = 16896 bytes | Created Date = 4/7/2008 11:01:42 PM | Attr = ]
BOC425.INI -> %SystemRoot%\BOC425.INI -> [Ver = | Size = 11255 bytes | Created Date = 4/7/2008 11:41:52 AM | Attr = ]
browserad.dll -> %SystemRoot%\browserad.dll -> [Ver = | Size = 8448 bytes | Created Date = 4/7/2008 11:01:39 PM | Attr = ]
cdsm32.dll -> %SystemRoot%\cdsm32.dll -> [Ver = | Size = 30208 bytes | Created Date = 4/7/2008 11:01:42 PM | Attr = ]
changeurl_30.dll -> %SystemRoot%\changeurl_30.dll -> [Ver = | Size = 24320 bytes | Created Date = 4/7/2008 11:01:38 PM | Attr = ]
CMDLIC.DLL -> %SystemRoot%\CMDLIC.DLL -> COMODO [Ver = 1.0.1.2 | Size = 208896 bytes | Created Date = 4/7/2008 11:42:02 AM | Attr = ]
default.htm -> %SystemRoot%\default.htm -> [Ver = | Size = 1906 bytes | Created Date = 4/7/2008 7:25:24 AM | Attr = ]
didduid.ini -> %SystemRoot%\didduid.ini -> [Ver = | Size = 16640 bytes | Created Date = 4/7/2008 12:56:14 PM | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 4/6/2008 5:45:47 PM | Attr = ]
ERUNT -> %SystemRoot%\ERUNT -> [Folder | Created Date = 4/6/2008 5:19:21 PM | Attr = ]
fdsv.exe -> %SystemRoot%\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 4/6/2008 5:45:09 PM | Attr = ]
FLEOK -> %SystemRoot%\FLEOK -> [Folder | Created Date = 4/7/2008 11:01:40 PM | Attr = ]
grep.exe -> %SystemRoot%\grep.exe -> [Ver = | Size = 80412 bytes | Created Date = 4/6/2008 5:45:09 PM | Attr = ]
msa64chk.dll -> %SystemRoot%\msa64chk.dll -> [Ver = | Size = 8192 bytes | Created Date = 4/7/2008 11:01:40 PM | Attr = ]
msapasrc.dll -> %SystemRoot%\msapasrc.dll -> [Ver = | Size = 21248 bytes | Created Date = 4/7/2008 11:01:40 PM | Attr = ]
mspphe.dll -> %SystemRoot%\mspphe.dll -> [Ver = | Size = 18432 bytes | Created Date = 4/7/2008 11:01:42 PM | Attr = ]
mssvr.exe -> %SystemRoot%\mssvr.exe -> [Ver = | Size = 17152 bytes | Created Date = 4/7/2008 1:10:24 PM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Created Date = 3/26/2008 5:06:30 PM | Attr = ]
Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 4/6/2008 5:45:09 PM | Attr = ]
ntnut.exe -> %SystemRoot%\ntnut.exe -> [Ver = | Size = 24832 bytes | Created Date = 4/7/2008 11:01:40 PM | Attr = ]
PIF -> %SystemRoot%\PIF -> [Folder | Created Date = 3/31/2008 2:09:02 PM | Attr = H ]
pixwfcho.dll -> %SystemRoot%\pixwfcho.dll -> [Ver = | Size = 67584 bytes | Created Date = 4/6/2008 2:41:52 PM | Attr = ]
PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Created Date = 4/6/2008 5:54:15 PM | Attr = ]
saiemod.dll -> %SystemRoot%\saiemod.dll -> [Ver = | Size = 16896 bytes | Created Date = 4/7/2008 11:01:40 PM | Attr = ]
salm.exe -> %SystemRoot%\salm.exe -> [Ver = | Size = 20992 bytes | Created Date = 4/7/2008 1:10:23 PM | Attr = ]
sed.exe -> %SystemRoot%\sed.exe -> [Ver = | Size = 98816 bytes | Created Date = 4/6/2008 5:45:09 PM | Attr = ]
shdocpe.dll -> %SystemRoot%\shdocpe.dll -> [Ver = | Size = 12032 bytes | Created Date = 4/7/2008 11:01:39 PM | Attr = ]
shdocpl.dll -> %SystemRoot%\shdocpl.dll -> [Ver = | Size = 26880 bytes | Created Date = 4/7/2008 11:01:40 PM | Attr = ]
swin32.dll -> %SystemRoot%\swin32.dll -> [Ver = | Size = 10240 bytes | Created Date = 4/7/2008 11:01:42 PM | Attr = ]
swreg.exe -> %SystemRoot%\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 4/6/2008 5:45:09 PM | Attr = ]
swsc.exe -> %SystemRoot%\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 4/6/2008 5:45:09 PM | Attr = ]
swxcacls.exe -> %SystemRoot%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 4/6/2008 5:45:09 PM | Attr = ]
temp -> %SystemRoot%\temp -> [Folder | Created Date = 4/7/2008 9:16:08 AM | Attr = ]
UNBOC.EXE -> %SystemRoot%\UNBOC.EXE -> COMODO [Ver = 4.25.001 | Size = 235008 bytes | Created Date = 4/7/2008 11:42:03 AM | Attr = ]
updatetc.exe -> %SystemRoot%\updatetc.exe -> [Ver = | Size = 27392 bytes | Created Date = 4/7/2008 11:01:41 PM | Attr = ]
VFind.exe -> %SystemRoot%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 4/6/2008 5:45:09 PM | Attr = ]
voiceip.dll -> %SystemRoot%\voiceip.dll -> [Ver = | Size = 29184 bytes | Created Date = 4/7/2008 1:10:24 PM | Attr = ]
winsb.dll -> %SystemRoot%\winsb.dll -> [Ver = | Size = 9984 bytes | Created Date = 4/7/2008 11:01:39 PM | Attr = ]
WMSysPr8.prx -> %SystemRoot%\WMSysPr8.prx -> [Ver = | Size = 156910 bytes | Created Date = 3/9/2008 5:03:32 PM | Attr = ]
zip.exe -> %SystemRoot%\zip.exe -> [Ver = | Size = 68096 bytes | Created Date = 4/6/2008 5:45:09 PM | Attr = ]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
BOC425 -> %AllUsersProfile%\Application Data\BOC425 -> [Folder | Created Date = 4/7/2008 11:41:56 AM | Attr = ]
GRETECH -> %AllUsersProfile%\Application Data\GRETECH -> [Folder | Created Date = 3/9/2008 5:27:32 PM | Attr = ]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Created Date = 4/7/2008 12:28:11 PM | Attr = ]
Microangelo On Display -> %AllUsersProfile%\Application Data\Microangelo On Display -> [Folder | Created Date = 3/12/2008 11:37:56 PM | Attr = ]
Nero -> %AllUsersProfile%\Application Data\Nero -> [Folder | Created Date = 3/11/2008 1:30:12 AM | Attr = ]
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [Folder | Created Date = 4/7/2008 4:37:28 AM | Attr = ]
SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Created Date = 4/7/2008 3:48:20 AM | Attr = ]
vsosdk -> %AllUsersProfile%\Application Data\vsosdk -> [Folder | Created Date = 3/30/2008 7:06:16 PM | Attr = ]
zyzujypg.dll -> %AllUsersProfile%\Application Data\zyzujypg.dll -> [Ver = | Size = 67584 bytes | Created Date = 4/6/2008 2:41:52 PM | Attr = ]
AdobeUM -> %AppData%\AdobeUM -> [Folder | Created Date = 3/10/2008 11:26:40 AM | Attr = ]
dvdcss -> %AppData%\dvdcss -> [Folder | Created Date = 3/30/2008 7:22:18 PM | Attr = ]
ezpinst.exe -> %AppData%\ezpinst.exe -> [Ver = | Size = 81920 bytes | Created Date = 3/9/2008 5:08:57 PM | Attr = ]
FileZilla -> %AppData%\FileZilla -> [Folder | Created Date = 3/31/2008 2:54:23 PM | Attr = ]
GRETECH -> %AppData%\GRETECH -> [Folder | Created Date = 3/9/2008 5:26:54 PM | Attr = ]
Grisoft -> %AppData%\Grisoft -> [Folder | Created Date = 4/7/2008 11:04:32 AM | Attr = ]
HEXelon -> %AppData%\HEXelon -> [Folder | Created Date = 3/18/2008 4:22:20 PM | Attr = ]
Jasc -> %AppData%\Jasc -> [Folder | Created Date = 3/18/2008 3:37:07 PM | Attr = ]
Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Created Date = 4/7/2008 12:28:36 PM | Attr = ]
Nero -> %AppData%\Nero -> [Folder | Created Date = 3/11/2008 1:31:49 AM | Attr = ]
pcouffin.cat -> %AppData%\pcouffin.cat -> [Ver = | Size = 7887 bytes | Created Date = 3/9/2008 5:08:57 PM | Attr = ]
pcouffin.inf -> %AppData%\pcouffin.inf -> [Ver = | Size = 1144 bytes | Created Date = 3/9/2008 5:08:57 PM | Attr = ]
pcouffin.sys -> %AppData%\pcouffin.sys -> VSO Software [Ver = 1.37 | Size = 47360 bytes | Created Date = 3/9/2008 5:08:57 PM | Attr = ]
SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 4/7/2008 3:48:11 AM | Attr = ]
VCOM -> %AppData%\VCOM -> [Folder | Created Date = 3/21/2008 1:11:26 PM | Attr = ]
Vso -> %AppData%\Vso -> [Folder | Created Date = 3/9/2008 5:08:56 PM | Attr = ]
vso_ts_preview.xml -> %AppData%\vso_ts_preview.xml -> [Ver = | Size = 1346420 bytes | Created Date = 3/18/2008 3:58:04 PM | Attr = ]
Ahead -> %UserProfile%\Local Settings\Application Data\Ahead -> [Folder | Created Date = 3/11/2008 1:40:45 AM | Attr = ]
GHISLER -> %UserProfile%\Local Settings\Application Data\GHISLER -> [Folder | Created Date = 3/18/2008 4:34:52 PM | Attr = ]
Microangelo On Display -> %UserProfile%\Local Settings\Application Data\Microangelo On Display -> [Folder | Created Date = 3/12/2008 11:37:56 PM | Attr = ]
Microangelo Toolset 6 -> %UserProfile%\Local Settings\Application Data\Microangelo Toolset 6 -> [Folder | Created Date = 3/12/2008 11:43:52 PM | Attr = ]
Nero -> %UserProfile%\Local Settings\Application Data\Nero -> [Folder | Created Date = 3/11/2008 1:48:50 AM | Attr = ]
Stardock -> %UserProfile%\Local Settings\Application Data\Stardock -> [Folder | Created Date = 3/20/2008 7:40:30 AM | Attr = ]
ConvertXtoDVD -> %UserProfile%\My Documents\ConvertXtoDVD -> [Folder | Created Date = 3/23/2008 9:22:31 PM | Attr = ]
GomPlayer -> %UserProfile%\My Documents\GomPlayer -> [Folder | Created Date = 3/9/2008 5:26:54 PM | Attr = ]
Icons and Cursors -> %UserProfile%\My Documents\Icons and Cursors -> [Folder | Created Date = 3/12/2008 11:37:56 PM | Attr = ]
Nero Home -> %UserProfile%\My Documents\Nero Home -> [Folder | Created Date = 3/11/2008 1:49:22 AM | Attr = ]
PcSetup -> %UserProfile%\My Documents\PcSetup -> [Folder | Created Date = 3/9/2008 5:08:56 PM | Attr = ]
AVG Anti-Spyware.lnk -> %AllUsersProfile%\Desktop\AVG Anti-Spyware.lnk -> [Ver = | Size = 849 bytes | Created Date = 4/7/2008 11:04:03 AM | Attr = ]
FileZilla Client.lnk -> %AllUsersProfile%\Desktop\FileZilla Client.lnk -> [Ver = | Size = 1691 bytes | Created Date = 3/31/2008 2:54:00 PM | Attr = ]
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 696 bytes | Created Date = 4/7/2008 12:28:11 PM | Attr = ]
PowerISO.lnk -> %AllUsersProfile%\Desktop\PowerISO.lnk -> [Ver = | Size = 682 bytes | Created Date = 3/25/2008 9:40:07 PM | Attr = ]
RogueRemover FREE.lnk -> %AllUsersProfile%\Desktop\RogueRemover FREE.lnk -> [Ver = | Size = 695 bytes | Created Date = 4/7/2008 5:04:34 AM | Attr = ]
SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 780 bytes | Created Date = 4/7/2008 3:48:12 AM | Attr = ]
ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe -> [Ver = | Size = 1613559 bytes | Created Date = 4/6/2008 4:48:18 PM | Attr = ]
Fix180Sh.exe -> %UserProfile%\Desktop\Fix180Sh.exe -> Symantec Corporation [Ver = 1.0.5 | Size = 167080 bytes | Created Date = 4/6/2008 7:06:38 PM | Attr = ]
FixWebHancer.exe -> %UserProfile%\Desktop\FixWebHancer.exe -> [Ver = 1.0.2 | Size = 158352 bytes | Created Date = 4/6/2008 4:48:18 PM | Attr = ]
Free-SpyHunter-Scanner-Install.exe -> %UserProfile%\Desktop\Free-SpyHunter-Scanner-Install.exe -> [Ver = 3.4 | Size = 7525464 bytes | Created Date = 4/6/2008 7:06:38 PM | Attr = ]
Make a DVD.lnk -> %UserProfile%\Desktop\Make a DVD.lnk -> [Ver = | Size = 1675 bytes | Created Date = 3/24/2008 7:14:51 AM | Attr = ]
rr-free-setup.exe -> %UserProfile%\Desktop\rr-free-setup.exe -> Malwarebytes [Ver = 1.0.0.0 | Size = 690568 bytes | Created Date = 4/7/2008 3:47:24 AM | Attr = ]
Shortcut to WinRAR.exe.lnk -> %UserProfile%\Desktop\Shortcut to WinRAR.exe.lnk -> [Ver = | Size = 654 bytes | Created Date = 4/2/2008 10:55:30 AM | Attr = ]
Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk -> [Ver = | Size = 963 bytes | Created Date = 4/7/2008 4:37:31 AM | Attr = ]
SpywareBlaster.lnk -> %UserProfile%\Desktop\SpywareBlaster.lnk -> [Ver = | Size = 690 bytes | Created Date = 4/7/2008 11:50:31 AM | Attr = ]
Dialog Helper.lnk -> %UserProfile%\Start Menu\Programs\Startup\Dialog Helper.lnk -> [Ver = | Size = 720 bytes | Created Date = 3/21/2008 1:12:15 PM | Attr = ]
AVSMedia -> %CommonProgramFiles%\AVSMedia -> [Folder | Created Date = 3/9/2008 5:03:32 PM | Attr = ]
Nero -> %CommonProgramFiles%\Nero -> [Folder | Created Date = 3/11/2008 1:30:12 AM | Attr = ]
[Files/Folders - Modified Within 90 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG -> [Folder | Modified Date = 4/6/2008 5:03:00 PM | Attr = RH ]
0208notez.bak -> %SystemDrive%\0208notez.bak -> [Ver = | Size = 8159 bytes | Modified Date = 2/20/2008 6:24:00 AM | Attr = ]
0208notez.html -> %SystemDrive%\0208notez.html -> [Ver = | Size = 8745 bytes | Modified Date = 2/20/2008 6:25:53 AM | Attr = ]
0407 -> %SystemDrive%\0407 -> [Folder | Modified Date = 4/7/2008 10:52:57 PM | Attr = ]
408 -> %SystemDrive%\408 -> [Folder | Modified Date = 4/8/2008 4:05:54 PM | Attr = ]
aapage -> %SystemDrive%\aapage -> [Folder | Modified Date = 4/4/2008 11:59:35 PM | Attr = ]
adazzlingarray -> %SystemDrive%\adazzlingarray -> [Folder | Modified Date = 3/31/2008 9:30:58 PM | Attr = ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 2/17/2008 5:59:56 PM | Attr = RHS]
chamba -> %SystemDrive%\chamba -> [Folder | Modified Date = 3/20/2008 5:11:41 AM | Attr = ]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 4/6/2008 5:54:18 PM | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 4/7/2008 1:08:57 PM | Attr = ]
dell -> %SystemDrive%\dell -> [Folder | Modified Date = 2/18/2008 3:39:06 AM | Attr = ]
dell.sdr -> %SystemDrive%\dell.sdr -> [Ver = | Size = 7383 bytes | Modified Date = 2/13/2008 3:06:58 PM | Attr = RH ]
dloadedsubtitles -> %SystemDrive%\dloadedsubtitles -> [Folder | Modified Date = 2/28/2008 1:56:14 AM | Attr = ]
dloadedtorrentpoop -> %SystemDrive%\dloadedtorrentpoop -> [Folder | Modified Date = 3/10/2008 10:38:55 AM | Attr = ]
dloadedtorrents -> %SystemDrive%\dloadedtorrents -> [Folder | Modified Date = 4/6/2008 11:47:45 AM | Attr = ]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 2/17/2008 6:00:08 PM | Attr = ]
Download -> %SystemDrive%\Download -> [Folder | Modified Date = 3/4/2008 3:15:19 PM | Attr = ]
dwmxpfiles -> %SystemDrive%\dwmxpfiles -> [Folder | Modified Date = 3/6/2008 1:48:12 PM | Attr = ]
experimentingwithresources -> %SystemDrive%\experimentingwithresources -> [Folder | Modified Date = 3/24/2008 11:21:53 AM | Attr = ]
Fix180Sh.exe -> %SystemDrive%\Fix180Sh.exe -> Symantec Corporation [Ver = 1.0.5 | Size = 167080 bytes | Modified Date = 4/6/2008 6:59:00 PM | Attr = ]
Free-SpyHunter-Scanner-Install.exe -> %SystemDrive%\Free-SpyHunter-Scanner-Install.exe -> [Ver = 3.4 | Size = 7525464 bytes | Modified Date = 4/6/2008 6:34:16 PM | Attr = ]
goingtothepictureshow -> %SystemDrive%\goingtothepictureshow -> [Folder | Modified Date = 4/2/2008 8:46:36 PM | Attr = ]
i386 -> %SystemDrive%\i386 -> [Folder | Modified Date = 2/17/2008 10:26:12 PM | Attr = ]
iconz -> %SystemDrive%\iconz -> [Folder | Modified Date = 3/21/2008 11:26:10 AM | Attr = ]
metapad -> %SystemDrive%\metapad -> [Folder | Modified Date = 3/3/2008 11:19:42 AM | Attr = ]
MSOCache -> %SystemDrive%\MSOCache -> [Folder | Modified Date = 2/13/2008 3:27:37 PM | Attr = RH ]
Neroblocker -> %SystemDrive%\Neroblocker -> [Folder | Modified Date = 3/11/2008 2:14:04 AM | Attr = ]
OTScanit -> %SystemDrive%\OTScanit -> [Folder | Modified Date = 4/7/2008 11:03:15 PM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 4/7/2008 11:01:42 PM | Attr = R ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 4/7/2008 9:17:54 AM | Attr = HS]
rr-free-setup.exe -> %SystemDrive%\rr-free-setup.exe -> Malwarebytes [Ver = 1.0.0.0 | Size = 64089 bytes | Modified Date = 4/7/2008 3:06:04 AM | Attr = ]
scannedtorrentdloads -> %SystemDrive%\scannedtorrentdloads -> [Folder | Modified Date = 4/2/2008 1:25:33 PM | Attr = ]
SDFix -> %SystemDrive%\SDFix -> [Folder | Modified Date = 4/7/2008 6:48:41 AM | Attr = ]
Slurped Sites -> %SystemDrive%\Slurped Sites -> [Folder | Modified Date = 2/29/2008 10:46:33 AM | Attr = ]
smitfraudfix -> %SystemDrive%\smitfraudfix -> [Folder | Modified Date = 4/7/2008 9:05:54 AM | Attr = ]
smitrem -> %SystemDrive%\smitrem -> [Folder | Modified Date = 4/7/2008 9:06:11 AM | Attr = ]
spybotsd152.exe -> %SystemDrive%\spybotsd152.exe -> Safer Networking Limited [Ver = 1.5.2 | Size = 9722720 bytes | Modified Date = 4/7/2008 2:59:24 AM | Attr = ]
stealthispage -> %SystemDrive%\stealthispage -> [Folder | Modified Date = 3/10/2008 11:12:56 AM | Attr = ]
stufffromcd1 -> %SystemDrive%\stufffromcd1 -> [Folder | Modified Date = 2/17/2008 7:14:40 PM | Attr = ]
stufffromcd2 -> %SystemDrive%\stufffromcd2 -> [Folder | Modified Date = 2/17/2008 7:16:26 PM | Attr = ]
stufffromcd3 -> %SystemDrive%\stufffromcd3 -> [Folder | Modified Date = 2/17/2008 7:16:50 PM | Attr = ]
stufffromoldputer -> %SystemDrive%\stufffromoldputer -> [Folder | Modified Date = 3/7/2008 1:37:51 PM | Attr = ]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 6342680 bytes | Modified Date = 4/7/2008 2:25:58 AM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 3/4/2008 2:35:14 PM | Attr = HS]
TMP.html -> %SystemDrive%\TMP.html -> [Ver = | Size = 99579 bytes | Modified Date = 3/5/2008 1:15:12 AM | Attr = ]
torrentsofscannediles -> %SystemDrive%\torrentsofscannediles -> [Folder | Modified Date = 3/3/2008 3:13:59 AM | Attr = ]
tunez -> %SystemDrive%\tunez -> [Folder | Modified Date = 3/24/2008 6:47:12 PM | Attr = ]
varioustorrents -> %SystemDrive%\varioustorrents -> [Folder | Modified Date = 4/8/2008 8:35:39 AM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 4/8/2008 8:19:13 AM | Attr = ]
_OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 4/7/2008 10:52:57 PM | Attr = ]
1028_Dell_VOS_VOSTRO_400.mrk -> %SystemRoot%\System32\drivers\1028_Dell_VOS_VOSTRO_400.mrk -> [Ver = | Size = 7383 bytes | Modified Date = 2/13/2008 3:04:14 PM | Attr = ]
avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Modified Date = 2/20/2008 10:36:57 PM | Attr = ]
avg7rsw.sys -> %SystemRoot%\System32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 2/20/2008 10:36:59 PM | Attr = ]
avg7rsxp.sys -> %SystemRoot%\System32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 2/20/2008 10:37:00 PM | Attr = ]
avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Modified Date = 2/20/2008 10:37:00 PM | Attr = ]
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 26952 bytes | Modified Date = 2/20/2008 10:37:00 PM | Attr = ]
etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 4/7/2008 10:13:49 AM | Attr = ]
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 413490 bytes | Modified Date = 4/7/2008 10:13:49 AM | Attr = R ]
hosts.20080407-045149.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080407-045149.backup -> [Ver = | Size = 413352 bytes | Modified Date = 4/7/2008 4:33:56 AM | Attr = ]
hosts.20080407-101345.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080407-101345.backup -> [Ver = | Size = 413352 bytes | Modified Date = 4/7/2008 9:52:45 AM | Attr = ]
hosts.bak -> %SystemRoot%\System32\drivers\etc\hosts.bak -> [Ver = | Size = 413490 bytes | Modified Date = 4/7/2008 4:51:49 AM | Attr = ]
pcouffin.sys -> %SystemRoot%\System32\drivers\pcouffin.sys -> VSO Software [Ver = 1.37 | Size = 47360 bytes | Modified Date = 4/4/2008 7:47:30 AM | Attr = ]
scdemu.sys -> %SystemRoot%\System32\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 3, 9, 0, 0 | Size = 33292 bytes | Modified Date = 1/20/2008 3:07:58 AM | Attr = ]
sp_rsdrv2.sys -> %SystemRoot%\System32\drivers\sp_rsdrv2.sys -> [Ver = | Size = 138752 bytes | Modified Date = 2/18/2008 4:53:59 AM | Attr = ]
$ncsp$.inf -> %SystemRoot%\System32\$ncsp$.inf -> [Ver = | Size = 333 bytes | Modified Date = 2/13/2008 3:34:03 PM | Attr = ]
$winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 448 bytes | Modified Date = 2/17/2008 5:59:59 PM | Attr = ]
appmgmt -> %SystemRoot%\System32\appmgmt -> [Folder | Modified Date = 2/17/2008 10:24:45 PM | Attr = ]
BASSMOD.dll -> %SystemRoot%\System32\BASSMOD.dll -> [Ver = | Size = 10752 bytes | Modified Date = 3/4/2008 12:26:36 AM | Attr = ]
BuzzingBee.wav -> %SystemRoot%\System32\BuzzingBee.wav -> [Ver = | Size = 146650 bytes | Modified Date = 2/13/2008 3:26:18 PM | Attr = ]
CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 2/24/2008 8:05:49 PM | Attr = ]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 4/7/2008 1:09:55 PM | Attr = ]
Com -> %SystemRoot%\System32\Com -> [Folder | Modified Date = 2/24/2008 8:07:25 PM | Attr = ]
config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 2/13/2008 3:29:57 PM | Attr = ]
d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [Ver = | Size = 664 bytes | Modified Date = 4/8/2008 3:28:46 PM | Attr = ]
DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 3/11/2008 1:29:42 AM | Attr = ]
DLA -> %SystemRoot%\System32\DLA -> [Folder | Modified Date = 2/13/2008 3:33:26 PM | Attr = ]
dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 3/24/2008 7:15:15 AM | Attr = HS]
drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 4/7/2008 11:03:53 AM | Attr = ]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 135664 bytes | Modified Date = 3/6/2008 5:11:28 AM | Attr = ]
FxsTmp -> %SystemRoot%\System32\FxsTmp -> [Folder | Modified Date = 3/5/2008 11:35:22 AM | Attr = ]
GroupPolicy -> %SystemRoot%\System32\GroupPolicy -> [Folder | Modified Date = 3/11/2008 2:13:10 AM | Attr = H ]
ions.dll -> %SystemRoot%\System32\ions.dll -> OldTimer Tools [Ver = 1.0.9.0 | Size = 369152 bytes | Modified Date = 4/8/2008 3:39:08 PM | Attr = ]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 2/22/2008 1:23:35 AM | Attr = ]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Modified Date = 2/22/2008 2:33:31 AM | Attr = ]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Modified Date = 2/22/2008 1:23:39 AM | Attr = ]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Modified Date = 2/22/2008 2:33:32 AM | Attr = ]
Lang -> %SystemRoot%\System32\Lang -> [Folder | Modified Date = 2/13/2008 3:26:14 PM | Attr = ]
LoopyMusic.wav -> %SystemRoot%\System32\LoopyMusic.wav -> [Ver = | Size = 940794 bytes | Modified Date = 2/13/2008 3:26:18 PM | Attr = ]
Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Modified Date = 2/13/2008 3:32:14 PM | Attr = S]
MSIXU.DLL -> %SystemRoot%\System32\MSIXU.DLL -> [Ver = | Size = 10496 bytes | Modified Date = 4/7/2008 11:01:41 PM | Attr = ]
MSNSA32.dll -> %SystemRoot%\System32\MSNSA32.dll -> [Ver = | Size = 26880 bytes | Modified Date = 4/7/2008 11:01:40 PM | Attr = ]
ntnut32.exe -> %SystemRoot%\System32\ntnut32.exe -> [Ver = | Size = 10752 bytes | Modified Date = 4/7/2008 1:10:23 PM | Attr = ]
OEMINFO.INI -> %SystemRoot%\System32\OEMINFO.INI -> [Ver = | Size = 1124 bytes | Modified Date = 2/13/2008 3:04:14 PM | Attr = ]
OEMINFO.PNF -> %SystemRoot%\System32\OEMINFO.PNF -> [Ver = | Size = 3380 bytes | Modified Date = 2/13/2008 3:32:14 PM | Attr = ]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 64064 bytes | Modified Date = 3/18/2008 11:01:48 AM | Attr = ]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 405640 bytes | Modified Date = 3/18/2008 11:01:48 AM | Attr = ]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 474568 bytes | Modified Date = 3/18/2008 11:01:48 AM | Attr = ]
PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Modified Date = 2/24/2008 1:51:45 PM | Attr = ]
ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 2/13/2008 3:09:20 PM | Attr = ]
Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 3/4/2008 2:35:14 PM | Attr = ]
rictions.dll -> %SystemRoot%\System32\rictions.dll -> OldTimer Tools [Ver = 1.0.9.0 | Size = 369152 bytes | Modified Date = 4/8/2008 4:02:29 PM | Attr = ]
RTCOM -> %SystemRoot%\System32\RTCOM -> [Folder | Modified Date = 2/13/2008 3:24:41 PM | Attr = ]
s.dll -> %SystemRoot%\System32\s.dll -> [Ver = | Size = 6656 bytes | Modified Date = 4/6/2008 2:41:13 PM | Attr = ]
shdocpe.dll -> %SystemRoot%\System32\shdocpe.dll -> [Ver = | Size = 19968 bytes | Modified Date = 4/7/2008 1:10:23 PM | Attr = ]
SIPSPI32.dll -> %SystemRoot%\System32\SIPSPI32.dll -> [Ver = | Size = 32000 bytes | Modified Date = 4/7/2008 11:01:40 PM | Attr = ]
SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Modified Date = 2/24/2008 1:49:16 PM | Attr = ]
SpoonUninstall-dBpowerAMP.bmp -> %SystemRoot%\System32\SpoonUninstall-dBpowerAMP.bmp -> [Ver = | Size = 28898 bytes | Modified Date = 3/5/2008 11:48:51 PM | Attr = ]
SpoonUninstall-dBpowerAMP.dat -> %SystemRoot%\System32\SpoonUninstall-dBpowerAMP.dat -> [Ver = | Size = 57050 bytes | Modified Date = 3/5/2008 11:49:16 PM | Attr = ]
SpoonUninstall.exe -> %SystemRoot%\System32\SpoonUninstall.exe -> [Ver = | Size = 167424 bytes | Modified Date = 3/5/2008 11:49:16 PM | Attr = ]
TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.0.0.13 | Size = 307968 bytes | Modified Date = 3/4/2008 11:21:41 AM | Attr = ]
uxtuneup.dll -> %SystemRoot%\System32\uxtuneup.dll -> TuneUp Software GmbH [Ver = 2.0.0.10 | Size = 28416 bytes | Modified Date = 2/27/2008 2:15:14 PM | Attr = ]
wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 3/18/2008 11:01:48 AM | Attr = ]
WER8274.DLL -> %SystemRoot%\System32\WER8274.DLL -> [Ver = | Size = 9984 bytes | Modified Date = 4/7/2008 11:01:41 PM | Attr = ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 3/24/2008 7:56:44 AM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2/24/2008 8:08:23 PM | Attr = H ]
123messenger.per -> %SystemRoot%\123messenger.per -> [Ver = | Size = 24320 bytes | Modified Date = 4/7/2008 12:56:12 PM | Attr = ]
2020search.dll -> %SystemRoot%\2020search.dll -> [Ver = | Size = 15360 bytes | Modified Date = 4/7/2008 11:01:42 PM | Attr = ]
2020search2.dll -> %SystemRoot%\2020search2.dll -> [Ver = | Size = 17664 bytes | Modified Date = 4/7/2008 1:10:24 PM | Attr = ]
apphelp32.dll -> %SystemRoot%\apphelp32.dll -> [Ver = | Size = 20992 bytes | Modified Date = 4/7/2008 11:01:38 PM | Attr = ]
asferror32.dll -> %SystemRoot%\asferror32.dll -> [Ver = | Size = 11264 bytes | Modified Date = 4/7/2008 11:01:38 PM | Attr = ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 3/5/2008 7:41:58 AM | Attr = R S]
asycfilt32.dll -> %SystemRoot%\asycfilt32.dll -> [Ver = | Size = 32256 bytes | Modified Date = 4/7/2008 11:01:38 PM | Attr = ]
athprxy32.dll -> %SystemRoot%\athprxy32.dll -> [Ver = | Size = 14592 bytes | Modified Date = 4/7/2008 11:01:38 PM | Attr = ]
ati2dvaa32.dll -> %SystemRoot%\ati2dvaa32.dll -> [Ver = | Size = 18432 bytes | Modified Date = 4/7/2008 11:01:38 PM | Attr = ]
ati2dvag32.dll -> %SystemRoot%\ati2dvag32.dll -> [Ver = | Size = 17920 bytes | Modified Date = 4/7/2008 11:01:38 PM | Attr = ]
audiosrv32.dll -> %SystemRoot%\audiosrv32.dll -> [Ver = | Size = 25344 bytes | Modified Date = 4/7/2008 11:01:39 PM | Attr = ]
autodisc32.dll -> %SystemRoot%\autodisc32.dll -> [Ver = | Size = 11520 bytes | Modified Date = 4/7/2008 11:01:39 PM | Attr = ]
avifile32.dll -> %SystemRoot%\avifile32.dll -> [Ver = | Size = 32256 bytes | Modified Date = 4/7/2008 11:01:39 PM | Attr = ]
avisynthex32.dll -> %SystemRoot%\avisynthex32.dll -> [Ver = | Size = 32256 bytes | Modified Date = 4/7/2008 11:01:39 PM | Attr = ]
aviwrap32.dll -> %SystemRoot%\aviwrap32.dll -> [Ver = | Size = 30464 bytes | Modified Date = 4/7/2008 11:01:39 PM | Attr = ]
bjam.dll -> %SystemRoot%\bjam.dll -> [Ver = | Size = 16896 bytes | Modified Date = 4/7/2008 11:01:42 PM | Attr = ]
BOC425.INI -> %SystemRoot%\BOC425.INI -> [Ver = | Size = 11255 bytes | Modified Date = 4/8/2008 3:37:15 PM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 4/8/2008 3:28:37 PM | Attr = S]
browserad.dll -> %SystemRoot%\browserad.dll -> [Ver = | Size = 8448 bytes | Modified Date = 4/7/2008 11:01:39 PM | Attr = ]
cdsm32.dll -> %SystemRoot%\cdsm32.dll -> [Ver = | Size = 30208 bytes | Modified Date = 4/7/2008 11:01:42 PM | Attr = ]
changeurl_30.dll -> %SystemRoot%\changeurl_30.dll -> [Ver = | Size = 24320 bytes | Modified Date = 4/7/2008 11:01:38 PM | Attr = ]
Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 3/11/2008 1:30:11 AM | Attr = ]
default.htm -> %SystemRoot%\default.htm -> [Ver = | Size = 1906 bytes | Modified Date = 4/8/2008 8:17:34 AM | Attr = ]
didduid.ini -> %SystemRoot%\didduid.ini -> [Ver = | Size = 16640 bytes | Modified Date = 4/7/2008 12:56:14 PM | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2/13/2008 3:26:51 PM | Attr = S]
erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 4/7/2008 1:09:36 PM | Attr = ]
ERUNT -> %SystemRoot%\ERUNT -> [Folder | Modified Date = 4/6/2008 5:19:30 PM | Attr = ]
FLEOK -> %SystemRoot%\FLEOK -> [Folder | Modified Date = 4/8/2008 8:19:13 AM | Attr = ]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 2/21/2008 10:39:26 PM | Attr = R S]
ftpcache -> %SystemRoot%\ftpcache -> [Folder | Modified Date = 3/5/2008 11:13:19 PM | Attr = HS]
GPInstall.exe -> %SystemRoot%\GPInstall.exe -> Qsc [Ver = 5.0.3.32 | Size = 796672 bytes | Modified Date = 2/18/2008 5:26:00 AM | Attr = ]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 3/31/2008 2:35:11 PM | Attr = ]
HomeSite.ini -> %SystemRoot%\HomeSite.ini -> [Ver = | Size = 239 bytes | Modified Date = 3/6/2008 9:15:23 AM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1891 bytes | Modified Date = 3/8/2008 10:00:04 AM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 3/18/2008 3:55:55 PM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 4/8/2008 8:19:13 AM | Attr = HS]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 3/5/2008 7:41:58 AM | Attr = ]
msa64chk.dll -> %SystemRoot%\msa64chk.dll -> [Ver = | Size = 8192 bytes | Modified Date = 4/7/2008 11:01:40 PM | Attr = ]
msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 2/13/2008 3:21:05 PM | Attr = ]
msapasrc.dll -> %SystemRoot%\msapasrc.dll -> [Ver = | Size = 21248 bytes | Modified Date = 4/7/2008 11:01:40 PM | Attr = ]
mspphe.dll -> %SystemRoot%\mspphe.dll -> [Ver = | Size = 18432 bytes | Modified Date = 4/7/2008 11:01:42 PM | Attr = ]
mssvr.exe -> %SystemRoot%\mssvr.exe -> [Ver = | Size = 17152 bytes | Modified Date = 4/7/2008 1:10:24 PM | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 4/1/2008 11:56:50 PM | Attr = ]
Noslip -> %SystemRoot%\Noslip -> [Folder | Modified Date = 2/28/2008 8:44:24 AM | Attr = ]
ntnut.exe -> %SystemRoot%\ntnut.exe -> [Ver = | Size = 24832 bytes | Modified Date = 4/7/2008 11:01:40 PM | Attr = ]
PIF -> %SystemRoot%\PIF -> [Folder | Modified Date = 3/31/2008 2:09:02 PM | Attr = H ]
pixwfcho.dll -> %SystemRoot%\pixwfcho.dll -> [Ver = | Size = 67584 bytes | Modified Date = 4/6/2008 2:41:52 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 4/8/2008 3:39:08 PM | Attr = ]
PreviewSoft -> %SystemRoot%\PreviewSoft -> [Folder | Modified Date = 2/28/2008 8:44:26 AM | Attr = ]
PROTOCOL.INI -> %SystemRoot%\PROTOCOL.INI -> [Ver = | Size = 0 bytes | Modified Date = 3/5/2008 11:11:22 PM | Attr = ]
PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Modified Date = 4/6/2008 5:54:15 PM | Attr = ]
RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Modified Date = 2/22/2008 10:52:58 PM | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 4/2/2008 12:07:36 PM | Attr = ]
repair -> %SystemRoot%\repair -> [Folder | Modified Date = 2/13/2008 3:34:01 PM | Attr = ]
saiemod.dll -> %SystemRoot%\saiemod.dll -> [Ver = | Size = 16896 bytes | Modified Date = 4/7/2008 11:01:40 PM | Attr = ]
salm.exe -> %SystemRoot%\salm.exe -> [Ver = | Size = 20992 bytes | Modified Date = 4/7/2008 1:10:23 PM | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 2/22/2008 11:49:55 PM | Attr = ]
shdocpe.dll -> %SystemRoot%\shdocpe.dll -> [Ver = | Size = 12032 bytes | Modified Date = 4/7/2008 11:01:39 PM | Attr = ]
shdocpl.dll -> %SystemRoot%\shdocpl.dll -> [Ver = | Size = 26880 bytes | Modified Date = 4/7/2008 11:01:40 PM | Attr = ]
SHELLNEW -> %SystemRoot%\SHELLNEW -> [Folder | Modified Date = 2/13/2008 3:28:16 PM | Attr = ]
smscfg.ini -> %SystemRoot%\smscfg.ini -> [Ver = | Size = 61 bytes | Modified Date = 2/13/2008 3:34:07 PM | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 2/24/2008 1:49:21 PM | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 2/23/2008 3:00:09 PM | Attr = ]
swin32.dll -> %SystemRoot%\swin32.dll -> [Ver = | Size = 10240 bytes | Modified Date = 4/7/2008 11:01:42 PM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 2/20/2008 10:36:19 PM | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 435 bytes | Modified Date = 4/8/2008 8:24:13 AM | Attr = ]
system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 4/8/2008 4:02:29 PM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 3/8/2008 4:27:31 AM | Attr = S]
temp -> %SystemRoot%\temp -> [Folder | Modified Date = 4/8/2008 3:30:24 PM | Attr = ]
UEDIT32.INI -> %SystemRoot%\UEDIT32.INI -> [Ver = | Size = 6615 bytes | Modified Date = 3/31/2008 2:53:00 PM | Attr = ]
ulead.dat -> %SystemRoot%\ulead.dat -> [Folder | Modified Date = 2/28/2008 8:47:02 AM | Attr = ]
ULead32.ini -> %SystemRoot%\ULead32.ini -> [Ver = | Size = 201 bytes | Modified Date = 2/28/2008 8:50:34 AM | Attr = ]
updatetc.exe -> %SystemRoot%\updatetc.exe -> [Ver = | Size = 27392 bytes | Modified Date = 4/7/2008 11:01:41 PM | Attr = ]
voiceip.dll -> %SystemRoot%\voiceip.dll -> [Ver = | Size = 29184 bytes | Modified Date = 4/7/2008 1:10:24 PM | Attr = ]
Web -> %SystemRoot%\Web -> [Folder | Modified Date = 2/18/2008 6:08:46 AM | Attr = R ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 982 bytes | Modified Date = 4/1/2008 5:22:39 PM | Attr = ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 120 bytes | Modified Date = 2/28/2008 8:44:26 AM | Attr = ]
winsb.dll -> %SystemRoot%\winsb.dll -> [Ver = | Size = 9984 bytes | Modified Date = 4/7/2008 11:01:39 PM | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 3/11/2008 1:41:28 AM | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 3/9/2008 5:09:50 PM | Attr = ]
wow.cfg -> %SystemRoot%\wow.cfg -> [Ver = | Size = 119 bytes | Modified Date = 3/5/2008 11:31:48 PM | Attr = ]
WS_FTP.EXT -> %SystemRoot%\WS_FTP.EXT -> [Ver = | Size = 31 bytes | Modified Date = 3/31/2008 2:23:22 PM | Attr = ]
zipinst.exe -> %SystemRoot%\zipinst.exe -> NirSoft [Ver = 1.21 | Size = 39424 bytes | Modified Date = 2/21/2008 4:20:34 AM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 4/8/2008 3:28:42 PM | Attr = H ]
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8408 bytes | Modified Date = 2/18/2008 10:32:10 PM | Attr = ]
SALM.EXE -> C:\WINDOWS\temp\SALM.EXE -> [Ver = | Size = 26368 bytes | Modified Date = 4/7/2008 1:10:23 PM | Attr = ]
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
Adobe -> %AllUsersProfile%\Application Data\Adobe -> [Folder | Modified Date = 2/13/2008 3:32:22 PM | Attr = ]
avg7 -> %AllUsersProfile%\Application Data\avg7 -> [Folder | Modified Date = 2/20/2008 10:42:41 PM | Attr = ]
BOC425 -> %AllUsersProfile%\Application Data\BOC425 -> [Folder | Modified Date = 4/7/2008 11:46:59 AM | Attr = ]
comodo -> %AllUsersProfile%\Application Data\comodo -> [Folder | Modified Date = 3/8/2008 5:00:22 PM | Attr = ]
Dell -> %AllUsersProfile%\Application Data\Dell -> [Folder | Modified Date = 2/13/2008 3:27:18 PM | Attr = ]
Google -> %AllUsersProfile%\Application Data\Google -> [Folder | Modified Date = 2/13/2008 3:30:05 PM | Attr = ]
GRETECH -> %AllUsersProfile%\Application Data\GRETECH -> [Folder | Modified Date = 3/9/2008 5:27:32 PM | Attr = ]
Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Modified Date = 4/7/2008 11:03:36 AM | Attr = ]
IconTweaker -> %AllUsersProfile%\Application Data\IconTweaker -> [Folder | Modified Date = 2/21/2008 4:10:48 AM | Attr = ]
InstallShield -> %AllUsersProfile%\Application Data\InstallShield -> [Folder | Modified Date = 2/13/2008 3:26:51 PM | Attr = ]
Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Modified Date = 3/3/2008 2:43:09 AM | Attr = ]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Modified Date = 4/7/2008 12:28:11 PM | Attr = ]
Microangelo On Display -> %AllUsersProfile%\Application Data\Microangelo On Display -> [Folder | Modified Date = 3/12/2008 11:37:56 PM | Attr = ]
Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Modified Date = 2/17/2008 10:46:13 PM | Attr = S]
Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help -> [Folder | Modified Date = 2/18/2008 9:51:56 PM | Attr = ]
Nero -> %AllUsersProfile%\Application Data\Nero -> [Folder | Modified Date = 3/11/2008 1:30:13 AM | Attr = ]
Sonic -> %AllUsersProfile%\Application Data\Sonic -> [Folder | Modified Date = 2/13/2008 3:27:01 PM | Attr = ]
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [Folder | Modified Date = 4/7/2008 4:52:09 AM | Attr = ]
Spyware Terminator -> %AllUsersProfile%\Application Data\Spyware Terminator -> [Folder | Modified Date = 4/7/2008 8:51:52 AM | Attr = ]
SRS Labs -> %AllUsersProfile%\Application Data\SRS Labs -> [Folder | Modified Date = 3/5/2008 11:22:34 PM | Attr = ]
SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 4/7/2008 3:48:20 AM | Attr = ]
TEMP -> %AllUsersProfile%\Application Data\TEMP -> [Folder | Modified Date = 2/17/2008 10:22:46 PM | Attr = ]
@Alternate Data Stream - 113 bytes -> %AllUsersProfile%\Application Data\TEMP:62E2D794
TuneUp Software -> %AllUsersProfile%\Application Data\TuneUp Software -> [Folder | Modified Date = 3/4/2008 11:21:37 AM | Attr = ]
vsosdk -> %AllUsersProfile%\Application Data\vsosdk -> [Folder | Modified Date = 3/30/2008 7:06:16 PM | Attr = ]
zyzujypg.dll -> %AllUsersProfile%\Application Data\zyzujypg.dll -> [Ver = | Size = 67584 bytes | Modified Date = 4/6/2008 2:41:52 PM | Attr = ]
{527EE0A6-618B-4814-8449-DB8C2DBEE577} -> %AllUsersProfile%\Application Data\{527EE0A6-618B-4814-8449-DB8C2DBEE577} -> [Folder | Modified Date = 2/20/2008 11:44:05 PM | Attr = H ]
Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 2/22/2008 9:42:37 AM | Attr = ]
AdobeUM -> %AppData%\AdobeUM -> [Folder | Modified Date = 3/10/2008 11:26:40 AM | Attr = ]
Artweaver -> %AppData%\Artweaver -> [Folder | Modified Date = 2/21/2008 10:55:18 PM | Attr = ]
AVG7 -> %AppData%\AVG7 -> [Folder | Modified Date = 4/6/2008 4:11:39 PM | Attr = ]
BitTyrant -> %AppData%\BitTyrant -> [Folder | Modified Date = 3/9/2008 9:09:43 AM | Attr = ]
Blumentals -> %AppData%\Blumentals -> [Folder | Modified Date = 3/5/2008 11:13:12 PM | Attr = ]
ColorCop -> %AppData%\ColorCop -> [Folder | Modified Date = 3/24/2008 8:48:15 AM | Attr = ]
Comodo -> %AppData%\Comodo -> [Folder | Modified Date = 3/9/2008 5:05:52 AM | Attr = ]
dvdcss -> %AppData%\dvdcss -> [Folder | Modified Date = 3/30/2008 7:22:18 PM | Attr = ]
EditPlus 2 -> %AppData%\EditPlus 2 -> [Folder | Modified Date = 3/10/2008 9:09:06 AM | Attr = ]
ezpinst.exe -> %AppData%\ezpinst.exe -> [Ver = | Size = 81920 bytes | Modified Date = 3/9/2008 5:09:23 PM | Attr = ]
FileZilla -> %AppData%\FileZilla -> [Folder | Modified Date = 3/31/2008 3:59:26 PM | Attr = ]
Google -> %AppData%\Google -> [Folder | Modified Date = 2/17/2008 7:14:00 PM | Attr = ]
GRETECH -> %AppData%\GRETECH -> [Folder | Modified Date = 3/9/2008 5:26:54 PM | Attr = ]
Grisoft -> %AppData%\Grisoft -> [Folder | Modified Date = 4/7/2008 11:04:32 AM | Attr = ]
gtk-2.0 -> %AppData%\gtk-2.0 -> [Folder | Modified Date = 3/9/2008 5:00:34 PM | Attr = ]
Helios -> %AppData%\Helios -> [Folder | Modified Date = 3/3/2008 12:13:10 AM | Attr = ]
Help -> %AppData%\Help -> [Folder | Modified Date = 3/3/2008 9:08:47 AM | Attr = ]
HEXelon -> %AppData%\HEXelon -> [Folder | Modified Date = 3/18/2008 4:22:20 PM | Attr = ]
Hyperionics -> %AppData%\Hyperionics -> [Folder | Modified Date = 2/20/2008 7:29:25 AM | Attr = ]
IcoFX -> %AppData%\IcoFX -> [Folder | Modified Date = 2/21/2008 4:18:17 AM | Attr = ]
IconTweaker -> %AppData%\IconTweaker -> [Folder | Modified Date = 2/21/2008 4:10:48 AM | Attr = ]
InstallShield -> %AppData%\InstallShield -> [Folder | Modified Date = 2/13/2008 3:23:27 PM | Attr = ]
Jasc -> %AppData%\Jasc -> [Folder | Modified Date = 3/18/2008 3:37:07 PM | Attr = ]
JGsoft -> %AppData%\JGsoft -> [Folder | Modified Date = 3/6/2008 6:11:20 PM | Attr = ]
KompoZer -> %AppData%\KompoZer -> [Folder | Modified Date = 2/21/2008 4:04:03 AM | Attr = ]
LimeWire -> %AppData%\LimeWire -> [Folder | Modified Date = 2/23/2008 12:27:27 PM | Attr = ]
Macromedia -> %AppData%\Macromedia -> [Folder | Modified Date = 2/17/2008 7:38:31 PM | Attr = ]
Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Modified Date = 4/7/2008 12:28:36 PM | Attr = ]
Microsoft -> %AppData%\Microsoft -> [Folder | Modified Date = 3/5/2008 11:22:12 PM | Attr = S]
Mozilla -> %AppData%\Mozilla -> [Folder | Modified Date = 2/20/2008 8:57:15 AM | Attr = ]
Nero -> %AppData%\Nero -> [Folder | Modified Date = 3/11/2008 1:31:49 AM | Attr = ]
NoteTab Pro -> %AppData%\NoteTab Pro -> [Folder | Modified Date = 2/22/2008 9:02:45 PM | Attr = ]
Nvu -> %AppData%\Nvu -> [Folder | Modified Date = 2/21/2008 4:06:32 AM | Attr = ]
pcouffin.cat -> %AppData%\pcouffin.cat -> [Ver = | Size = 7887 bytes | Modified Date = 4/4/2008 7:47:30 AM | Attr = ]
pcouffin.inf -> %AppData%\pcouffin.inf -> [Ver = | Size = 1144 bytes | Modified Date = 4/4/2008 7:47:30 AM | Attr = ]
pcouffin.sys -> %AppData%\pcouffin.sys -> VSO Software [Ver = 1.37 | Size = 47360 bytes | Modified Date = 4/4/2008 7:47:30 AM | Attr = ]
PSpad -> %AppData%\PSpad -> [Folder | Modified Date = 2/21/2008 10:57:52 PM | Attr = ]
Spyware Terminator -> %AppData%\Spyware Terminator -> [Folder | Modified Date = 4/8/2008 8:37:13 AM | Attr = ]
Sun -> %AppData%\Sun -> [Folder | Modified Date = 2/23/2008 3:00:09 PM | Attr = ]
SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 4/7/2008 3:48:11 AM | Attr = ]
Trellian -> %AppData%\Trellian -> [Folder | Modified Date = 2/21/2008 4:09:07 AM | Attr = ]
TuneUp Software -> %AppData%\TuneUp Software -> [Folder | Modified Date = 3/4/2008 11:21:41 AM | Attr = ]
uTorrent -> %AppData%\uTorrent -> [Folder | Modified Date = 4/6/2008 1:14:42 PM | Attr = ]
VCOM -> %AppData%\VCOM -> [Folder | Modified Date = 3/21/2008 1:11:26 PM | Attr = ]
vlc -> %AppData%\vlc -> [Folder | Modified Date = 2/27/2008 6:41:26 AM | Attr = ]
Vso -> %AppData%\Vso -> [Folder | Modified Date = 4/6/2008 2:40:15 PM | Attr = ]
vso_ts_preview.xml -> %AppData%\vso_ts_preview.xml -> [Ver = | Size = 1346420 bytes | Modified Date = 4/6/2008 2:40:15 PM | Attr = ]
VSRevoGroup -> %AppData%\VSRevoGroup -> [Folder | Modified Date = 2/21/2008 11:33:25 PM | Attr = ]
Winamp -> %AppData%\Winamp -> [Folder | Modified Date = 2/22/2008 11:48:31 PM | Attr = ]
Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [Folder | Modified Date = 3/10/2008 11:25:58 AM | Attr = ]
Ahead -> %UserProfile%\Local Settings\Application Data\Ahead -> [Folder | Modified Date = 3/11/2008 1:40:45 AM | Attr = ]
ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory -> [Folder | Modified Date = 2/21/2008 9:42:03 PM | Attr = ]
BVRP Software -> %UserProfile%\Local Settings\Application Data\BVRP Software -> [Folder | Modified Date = 2/13/2008 3:23:28 PM | Attr = ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 13312 bytes | Modified Date = 3/7/2008 8:16:40 AM | Attr = ]
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 23576 bytes | Modified Date = 2/13/2008 3:33:48 PM | Attr = ]
GHISLER -> %UserProfile%\Local Settings\Application Data\GHISLER -> [Folder | Modified Date = 3/18/2008 4:34:52 PM | Attr = ]
Google -> %UserProfile%\Local Settings\Application Data\Google -> [Folder | Modified Date = 2/17/2008 7:11:39 PM | Attr = ]
Help -> %UserProfile%\Local Settings\Application Data\Help -> [Folder | Modified Date = 2/18/2008 11:45:46 PM | Attr = ]
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 1579358 bytes | Modified Date = 3/4/2008 1:08:02 PM | Attr = H ]
Microangelo On Display -> %UserProfile%\Local Settings\Application Data\Microangelo On Display -> [Folder | Modified Date = 3/12/2008 11:37:56 PM | Attr = ]
Microangelo Toolset 6 -> %UserProfile%\Local Settings\Application Data\Microangelo Toolset 6 -> [Folder | Modified Date = 3/12/2008 11:43:52 PM | Attr = ]
Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 3/21/2008 11:03:23 AM | Attr = ]
Microsoft Help -> %UserProfile%\Local Settings\Application Data\Microsoft Help -> [Folder | Modified Date = 2/13/2008 3:28:06 PM | Attr = ]
Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [Folder | Modified Date = 2/20/2008 8:57:15 AM | Attr = ]
Nero -> %UserProfile%\Local Settings\Application Data\Nero -> [Folder | Modified Date = 3/11/2008 1:48:50 AM | Attr = ]
PowerDVD DX -> %UserProfile%\Local Settings\Application Data\PowerDVD DX -> [Folder | Modified Date = 2/13/2008 3:27:18 PM | Attr = ]
Roxio -> %UserProfile%\Local Settings\Application Data\Roxio -> [Folder | Modified Date = 2/13/2008 3:33:44 PM | Attr = ]
SingleClick Systems -> %UserProfile%\Local Settings\Application Data\SingleClick Systems -> [Folder | Modified Date = 2/13/2008 3:30:17 PM | Attr = ]
SRS Labs -> %UserProfile%\Local Settings\Application Data\SRS Labs -> [Folder | Modified Date = 3/5/2008 11:22:48 PM | Attr = ]
Stardock -> %UserProfile%\Local Settings\Application Data\Stardock -> [Folder | Modified Date = 3/20/2008 7:40:30 AM | Attr = ]
SupportSoft -> %UserProfile%\Local Settings\Application Data\SupportSoft -> [Folder | Modified Date = 2/17/2008 7:29:44 PM | Attr = ]
WebPage -> %UserProfile%\Local Settings\Application Data\WebPage -> [Folder | Modified Date = 2/21/2008 4:07:55 AM | Attr = ]
WMTools Downloaded Files -> %UserProfile%\Local Settings\Application Data\WMTools Downloaded Files -> [Folder | Modified Date = 3/4/2008 1:06:18 AM | Attr = ]
{3248F0A6-6813-11D6-A77B-00B0D0150060} -> %UserProfile%\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060} -> [Folder | Modified Date = 2/13/2008 3:21:35 PM | Attr = ]
.zs4 -> %UserProfile%\My Documents\.zs4 -> [Folder | Modified Date = 3/5/2008 7:00:50 AM | Attr = ]
0208.Theme -> %UserProfile%\My Documents\0208.Theme -> [Ver = | Size = 5710 bytes | Modified Date = 2/18/2008 10:01:08 AM | Attr = ]
a-squared -> %UserProfile%\My Documents\a-squared -> [Folder | Modified Date = 2/22/2008 7:53:43 AM | Attr = ]
a-squared Free -> %UserProfile%\My Documents\a-squared Free -> [Folder | Modified Date = 2/22/2008 8:13:46 AM | Attr = ]
ConvertXtoDVD -> %UserProfile%\My Documents\ConvertXtoDVD -> [Folder | Modified Date = 4/5/2008 6:03:40 PM | Attr = ]
desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [Ver = | Size = 77 bytes | Modified Date = 2/17/2008 6:00:17 PM | Attr = HS]
GomPlayer -> %UserProfile%\My Documents\GomPlayer -> [Folder | Modified Date = 3/9/2008 5:26:54 PM | Attr = ]
Icons and Cursors -> %UserProfile%\My Documents\Icons and Cursors -> [Folder | Modified Date = 3/12/2008 11:37:56 PM | Attr = ]
LimeWire -> %UserProfile%\My Documents\LimeWire -> [Folder | Modified Date = 2/22/2008 9:48:19 PM | Attr = ]
miscdloads -> %UserProfile%\My Documents\miscdloads -> [Folder | Modified Date = 2/23/2008 2:03:14 PM | Attr = ]
My Google Gadgets -> %UserProfile%\My Documents\My Google Gadgets -> [Folder | Modified Date = 2/13/2008 3:33:53 PM | Attr = ]
My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 2/17/2008 6:00:17 PM | Attr = R S]
My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 3/24/2008 5:34:56 AM | Attr = R S]
My Videos -> %UserProfile%\My Documents\My Videos -> [Folder | Modified Date = 3/3/2008 12:50:27 AM | Attr = R S]
Nero Home -> %UserProfile%\My Documents\Nero Home -> [Folder | Modified Date = 3/11/2008 1:49:22 AM | Attr = ]
PcSetup -> %UserProfile%\My Documents\PcSetup -> [Folder | Modified Date = 3/9/2008 5:08:57 PM | Attr = ]
AVG Anti-Spyware.lnk -> %AllUsersProfile%\Desktop\AVG Anti-Spyware.lnk -> [Ver = | Size = 849 bytes | Modified Date = 4/7/2008 11:04:03 AM | Attr = ]
FileZilla Client.lnk -> %AllUsersProfile%\Desktop\FileZilla Client.lnk -> [Ver = | Size = 1691 bytes | Modified Date = 3/31/2008 2:54:00 PM | Attr = ]
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 696 bytes | Modified Date = 4/7/2008 12:28:11 PM | Attr = ]
PowerISO.lnk -> %AllUsersProfile%\Desktop\PowerISO.lnk -> [Ver = | Size = 682 bytes | Modified Date = 3/25/2008 9:40:07 PM | Attr = ]
RogueRemover FREE.lnk -> %AllUsersProfile%\Desktop\RogueRemover FREE.lnk -> [Ver = | Size = 695 bytes | Modified Date = 4/7/2008 5:04:34 AM | Attr = ]
SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 780 bytes | Modified Date = 4/7/2008 3:48:12 AM | Attr = ]
ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe -> [Ver = | Size = 1613559 bytes | Modified Date = 4/6/2008 4:34:36 PM | Attr = ]
Fix180Sh.exe -> %UserProfile%\Desktop\Fix180Sh.exe -> Symantec Corporation [Ver = 1.0.5 | Size = 167080 bytes | Modified Date = 4/6/2008 6:59:00 PM | Attr = ]
FixWebHancer.exe -> %UserProfile%\Desktop\FixWebHancer.exe -> [Ver = 1.0.2 | Size = 158352 bytes | Modified Date = 4/6/2008 4:37:56 PM | Attr = ]
Free-SpyHunter-Scanner-Install.exe -> %UserProfile%\Desktop\Free-SpyHunter-Scanner-Install.exe -> [Ver = 3.4 | Size = 7525464 bytes | Modified Date = 4/6/2008 6:34:16 PM | Attr = ]
grafix -> %UserProfile%\Desktop\grafix -> [Folder | Modified Date = 3/19/2008 1:50:07 PM | Attr = R ]
installedapps -> %UserProfile%\Desktop\installedapps -> [Folder | Modified Date = 3/24/2008 7:00:57 PM | Attr = R ]
junque -> %UserProfile%\Desktop\junque -> [Folder | Modified Date = 4/7/2008 4:56:23 AM | Attr = R ]
Make a DVD.lnk -> %UserProfile%\Desktop\Make a DVD.lnk -> [Ver = | Size = 1675 bytes | Modified Date = 3/24/2008 7:21:36 AM | Attr = ]
makepage -> %UserProfile%\Desktop\makepage -> [Folder | Modified Date = 3/21/2008 11:10:33 AM | Attr = R ]
makeup -> %UserProfile%\Desktop\makeup -> [Folder | Modified Date = 3/21/2008 11:13:05 AM | Attr = R ]
mediastuff -> %UserProfile%\Desktop\mediastuff -> [Folder | Modified Date = 3/25/2008 10:34:00 PM | Attr = R ]
rr-free-setup.exe -> %UserProfile%\Desktop\rr-free-setup.exe -> Malwarebytes [Ver = 1.0.0.0 | Size = 690568 bytes | Modified Date = 4/7/2008 5:03:45 AM | Attr = ]
sekur -> %UserProfile%\Desktop\sekur -> [Folder | Modified Date = 3/10/2008 10:30:19 AM | Attr = R ]
Shortcut to WinRAR.exe.lnk -> %UserProfile%\Desktop\Shortcut to WinRAR.exe.lnk -> [Ver = | Size = 654 bytes | Modified Date = 4/2/2008 10:55:30 AM | Attr = ]
Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk -> [Ver = | Size = 963 bytes | Modified Date = 4/7/2008 10:54:59 AM | Attr = ]
SpywareBlaster.lnk -> %UserProfile%\Desktop\SpywareBlaster.lnk -> [Ver = | Size = 690 bytes | Modified Date = 4/7/2008 11:50:31 AM | Attr = ]
stuff -> %UserProfile%\Desktop\stuff -> [Folder | Modified Date = 3/22/2008 10:37:09 PM | Attr = R ]
utilz -> %UserProfile%\Desktop\utilz -> [Folder | Modified Date = 3/25/2008 10:34:09 PM | Attr = R ]
FileBox eXtender.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\FileBox eXtender.lnk -> [Ver = | Size = 618 bytes | Modified Date = 2/20/2008 11:44:05 PM | Attr = ]
Dialog Helper.lnk -> %UserProfile%\Start Menu\Programs\Startup\Dialog Helper.lnk -> [Ver = | Size = 720 bytes | Modified Date = 3/21/2008 1:12:15 PM | Attr = ]
Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 2/13/2008 3:32:24 PM | Attr = ]
AVSMedia -> %CommonProgramFiles%\AVSMedia -> [Folder | Modified Date = 3/9/2008 5:03:48 PM | Attr = ]
DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Modified Date = 2/13/2008 3:29:36 PM | Attr = ]
InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Modified Date = 2/13/2008 3:26:51 PM | Attr = ]
Java -> %CommonProgramFiles%\Java -> [Folder | Modified Date = 2/13/2008 3:21:39 PM | Attr = ]
Macromedia -> %CommonProgramFiles%\Macromedia -> [Folder | Modified Date = 3/6/2008 12:36:12 PM | Attr = ]
Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 3/11/2008 1:28:29 AM | Attr = ]
Nero -> %CommonProgramFiles%\Nero -> [Folder | Modified Date = 3/11/2008 1:31:00 AM | Attr = ]
Roxio Shared -> %CommonProgramFiles%\Roxio Shared -> [Folder | Modified Date = 2/13/2008 3:26:42 PM | Attr = ]
Sonic Shared -> %CommonProgramFiles%\Sonic Shared -> [Folder | Modified Date = 2/13/2008 3:26:43 PM | Attr = ]
SRS Labs Shared -> %CommonProgramFiles%\SRS Labs Shared -> [Folder | Modified Date = 3/5/2008 11:22:24 PM | Attr = ]
SureThing Shared -> %CommonProgramFiles%\SureThing Shared -> [Folder | Modified Date = 2/13/2008 3:26:54 PM | Attr = ]
System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 2/13/2008 3:28:35 PM | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 4/7/2008 3:47:29 AM | Attr = ]
[File - Purity Scan: Additional Folder Scans - Non-Microsoft Only]
< End of report >
[/code]