[code] OTScanIt logfile created on: 23-05-2008 09:00:39 OTScanIt by OldTimer - Version 1.0.14.2 Folder = C:\Users\Bent\Desktop\OTScanIt Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): c:\pagefile.sys 5000 15000; %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 223,07 Gb Total Space | 72,12 Gb Free Space | 32,33% Space Free | Partition Type: NTFS Drive D: | 9,81 Gb Total Space | 2,91 Gb Free Space | 29,66% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BENT-BÆRBAR Current User Name: Bent Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 17272 bytes | Modified Date = 16-05-2008 01:06:57 | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 144760 bytes | Modified Date = 16-05-2008 01:19:24 | Attr = ] dphostw.exe -> %ProgramFiles%\DigitalPersona\Bin\DpHostW.exe -> DigitalPersona, Inc. [Ver = 4.2.1.988 | Size = 299008 bytes | Modified Date = 20-09-2007 21:02:58 | Attr = ] lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.10.13.1 | Size = 79136 bytes | Modified Date = 23-08-2007 17:40:48 | Attr = ] pnkbstra.exe -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 18-05-2008 15:06:43 | Attr = ] qpcapsvc.exe -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\QPCapSvc.exe -> [Ver = 5.00.3314 | Size = 271760 bytes | Modified Date = 01-10-2007 05:34:54 | Attr = ] richvideo.exe -> %ProgramFiles%\CyberLink\Shared Files\RichVideo.exe -> [Ver = 2.0.1120 | Size = 272024 bytes | Modified Date = 09-01-2007 12:25:30 | Attr = ] xaudio.exe -> %SystemRoot%\System32\drivers\XAudio.exe -> Conexant Systems, Inc. [Ver = 1.00.15.00 | Size = 386560 bytes | Modified Date = 18-10-2007 06:37:04 | Attr = ] hpqwmiex.exe -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 9 | Size = 135168 bytes | Modified Date = 03-05-2006 01:41:28 | Attr = ] qpsched.exe -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\QPSched.exe -> [Ver = 5.00.3327 | Size = 112016 bytes | Modified Date = 01-10-2007 05:34:54 | Attr = ] dpagent.exe -> %ProgramFiles%\DigitalPersona\Bin\DpAgent.exe -> DigitalPersona, Inc. [Ver = 3.0.0.2598 | Size = 671744 bytes | Modified Date = 20-09-2007 21:12:02 | Attr = ] syntpstart.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPStart.exe -> Synaptics, Inc. [Ver = 10.0.13.2 14Sep07 | Size = 102400 bytes | Modified Date = 15-09-2007 10:29:10 | Attr = ] qpservice.exe -> %ProgramFiles%\HP\QuickPlay\QPService.exe -> CyberLink Corp. [Ver = 4.5.0.0000 | Size = 181544 bytes | Modified Date = 01-10-2007 05:34:14 | Attr = ] qlbctrl.exe -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe -> Hewlett-Packard Development Company, L.P. [Ver = 6, 3, 5, 1 | Size = 202032 bytes | Modified Date = 20-09-2007 00:31:34 | Attr = ] syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 10.2.4 18Jan08 | Size = 1033512 bytes | Modified Date = 18-01-2008 19:31:22 | Attr = ] hpkbdapp.exe -> %ProgramFiles%\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe -> Hewlett-Packard Development Company, L.P. [Ver = 1.0.0.4 | Size = 554320 bytes | Modified Date = 04-09-2007 23:54:20 | Attr = ] hpwamain.exe -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3, 0, 8, 2 | Size = 480560 bytes | Modified Date = 13-09-2007 18:47:52 | Attr = ] wifimsg.exe -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3.0.4.1 | Size = 311296 bytes | Modified Date = 09-01-2007 01:53:06 | Attr = ] hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 16-02-2005 23:11:42 | Attr = ] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 79224 bytes | Modified Date = 16-05-2008 01:19:31 | Attr = ] isuspm.exe -> %AllUsersProfile%\Macrovision\FLEXnet Connect\6\ISUSPM.exe -> Macrovision Corporation [Ver = 6, 1, 100, 61372 | Size = 222128 bytes | Modified Date = 30-03-2007 01:41:26 | Attr = ] hpqtoaster.exe -> %ProgramFiles%\Hewlett-Packard\Shared\HpqToaster.exe -> [Ver = 1, 10, 1, 3 | Size = 677432 bytes | Modified Date = 16-05-2007 20:43:06 | Attr = R ] hphc_service.exe -> %ProgramFiles%\Hewlett-Packard\HP Health Check\hphc_service.exe -> Hewlett-Packard [Ver = 2.3.0.2 | Size = 65536 bytes | Modified Date = 20-09-2007 03:30:52 | Attr = ] syntphelper.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPHelper.exe -> Synaptics, Inc. [Ver = 10.2.4 18Jan08 | Size = 95528 bytes | Modified Date = 18-01-2008 19:31:32 | Attr = ] otscanit.exe -> OTScanIt.exe -> OldTimer Tools [Ver = 1.0.14.2 | Size = 373760 bytes | Modified Date = 22-05-2008 01:28:44 | Attr = ] [Win32 Services - Non-Microsoft Only] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 17272 bytes | Modified Date = 16-05-2008 01:06:57 | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 144760 bytes | Modified Date = 16-05-2008 01:19:24 | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 247160 bytes | Modified Date = 16-05-2008 01:19:00 | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 349560 bytes | Modified Date = 16-05-2008 01:16:59 | Attr = ] (CertPropSvc) Overførsel af certifikat [Win32_Shared | Unknown | Running] -> -> File not found (Com4Qlb) Com4Qlb [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -> Hewlett-Packard Development Company, L.P. [Ver = 1.0.0.1 | Size = 110592 bytes | Modified Date = 05-03-2007 20:30:06 | Attr = ] (DcomLaunch) Startprogram til DCOM Serverproces [Win32_Shared | Unknown | Running] -> -> File not found (DpHost) Biometric Authentication Service [Win32_Own | Auto | Running] -> %ProgramFiles%\DigitalPersona\Bin\DpHostW.exe -> DigitalPersona, Inc. [Ver = 4.2.1.988 | Size = 299008 bytes | Modified Date = 20-09-2007 21:02:58 | Attr = ] (DPS) Diagnosticeringspolitik-tjeneste [Win32_Shared | Unknown | Running] -> -> File not found (gpsvc) Gruppepolitikklient [Win32_Shared | Unknown | Running] -> -> File not found (HP Health Check Service) HP Health Check Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\HP Health Check\hphc_service.exe -> Hewlett-Packard [Ver = 2.3.0.2 | Size = 65536 bytes | Modified Date = 20-09-2007 03:30:52 | Attr = ] (hpqwmiex) hpqwmiex [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 9 | Size = 135168 bytes | Modified Date = 03-05-2006 01:41:28 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 22-10-2004 13:24:18 | Attr = ] (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found (LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.10.13.1 | Size = 79136 bytes | Modified Date = 23-08-2007 17:40:48 | Attr = ] (MSDTC) DTC (Distributed Transaction Coordinator) [Win32_Own | Unknown | Stopped] -> -> File not found (PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 18-05-2008 15:06:43 | Attr = ] (QPCapSvc) QuickPlay Background Capture Service (QBCS) [Win32_Own | Auto | Running] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\QPCapSvc.exe -> [Ver = 5.00.3314 | Size = 271760 bytes | Modified Date = 01-10-2007 05:34:54 | Attr = ] (QPSched) QuickPlay Task Scheduler (QTS) [Win32_Own | Auto | Running] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\QPSched.exe -> [Ver = 5.00.3327 | Size = 112016 bytes | Modified Date = 01-10-2007 05:34:54 | Attr = ] (RichVideo) Cyberlink RichVideo Service(CRVS) [Win32_Own | Auto | Running] -> %ProgramFiles%\CyberLink\Shared Files\RichVideo.exe -> [Ver = 2.0.1120 | Size = 272024 bytes | Modified Date = 09-01-2007 12:25:30 | Attr = ] (RpcSs) RPC (Remote Procedure Call ) [Win32_Shared | Unknown | Running] -> -> File not found (SCardSvr) Chipkort [Win32_Shared | Unknown | Stopped] -> -> File not found (Schedule) Opgavestyring [Win32_Shared | Unknown | Running] -> -> File not found (SCPolicySvc) Politik for fjernelse af chipkort [Win32_Shared | Unknown | Stopped] -> -> File not found (TrustedInstaller) Installationsprogram til Windows-moduler [Win32_Own | Unknown | Stopped] -> -> File not found (WdiServiceHost) Diagnosticeringstjenestevært [Win32_Shared | Unknown | Stopped] -> -> File not found (WdiSystemHost) Diagnosticeringssystemvært [Win32_Shared | Unknown | Running] -> -> File not found (XAudioService) XAudioService [Win32_Own | Auto | Running] -> %SystemRoot%\System32\drivers\XAudio.exe -> Conexant Systems, Inc. [Ver = 1.00.15.00 | Size = 386560 bytes | Modified Date = 18-10-2007 06:37:04 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> avast! -> ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> File not found DpAgent -> dpagent.exe [C:\Program Files\DigitalPersona\Bin\dpagent.exe] -> File not found HP Software Update -> HPWuSchd2.exe [C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe] -> File not found hpWirelessAssistant -> HPWAMain.exe [C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe] -> File not found MSServer -> %SystemRoot%\System32\yaywvTnM.dll [rundll32.exe C:\Windows\system32\yaywvTnM.dll,#1] -> [Ver = | Size = 58368 bytes | Modified Date = 16-05-2008 12:48:49 | Attr = ] NvCplDaemon -> %SystemRoot%\System32\nvcpl.dll [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 7.15.11.5665 | Size = 8497696 bytes | Modified Date = 19-09-2007 22:05:00 | Attr = ] NvMediaCenter -> %SystemRoot%\System32\nvmctray.dll [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 7.15.11.5665 | Size = 81920 bytes | Modified Date = 19-09-2007 22:05:00 | Attr = ] NvSvc -> %SystemRoot%\System32\nvsvc.dll [RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart] -> NVIDIA Corporation [Ver = 7.15.11.5665 | Size = 86016 bytes | Modified Date = 19-09-2007 22:05:00 | Attr = ] OnScreenDisplay -> HPKBDAPP.exe [C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe] -> File not found QlbCtrl -> QlbCtrl.exe [%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start] -> File not found QPService -> QPService.exe ["C:\Program Files\HP\QuickPlay\QPService.exe"] -> File not found SynTPEnh -> SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> File not found SynTPStart -> SynTPStart.exe [C:\Program Files\Synaptics\SynTP\SynTPStart.exe] -> File not found UCam_Menu -> ["C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"] -> File not found WAWifiMessage -> WiFiMsg.exe [C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe] -> File not found Windows Defender -> MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> File not found < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> ISUSPM -> %AllUsersProfile%\Macrovision\FLEXnet Connect\6\ISUSPM.exe ["C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler] -> Macrovision Corporation [Ver = 6, 1, 100, 61372 | Size = 222128 bytes | Modified Date = 30-03-2007 01:41:26 | Attr = ] MsnMsgr -> MsnMsgr.Exe ["C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background] -> File not found < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Sidebar -> Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> File not found < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Sidebar -> Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> File not found < Run [HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\] > -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> ISUSPM -> %AllUsersProfile%\Macrovision\FLEXnet Connect\6\ISUSPM.exe ["C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler] -> Macrovision Corporation [Ver = 6, 1, 100, 61372 | Size = 222128 bytes | Modified Date = 30-03-2007 01:41:26 | Attr = ] MsnMsgr -> MsnMsgr.Exe ["C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background] -> File not found < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {81AA6A16-B8CA-43C4-A347-A487764FF528} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\System32\yaywvTnM.dll [] -> [Ver = | Size = 58368 bytes | Modified Date = 16-05-2008 12:48:49 | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000] > -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 3 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableInstallerDetection -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableVirtualization -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ValidateAdminCodeSignatures -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\scforceoption -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\FilterAdministratorToken -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableUIADesktopToggle -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\SynchronousMachineGroupPolicy -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\SynchronousUserGroupPolicy -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_TEXT -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_BITMAP -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_OEMTEXT -> 7 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIB -> 8 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_PALETTE -> 9 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_UNICODETEXT -> 13 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIBV5 -> 17 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000] > -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 0 -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> TORiSAN CD-ROM CDR_C36 -> -> File not found NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> Cd-rom-driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> C:\Windows\System32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 67072 bytes | Modified Date = 19-01-2008 07:49:51 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> 5&222cc38b&0&0.0.0 [IDE\CdRomTSSTcorp_CDDVDW_TS-L632N________________0503____\5&222cc38b&0&0.0.0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> SCSI\CdRom&Ven_JC6211E&Prod_CLX245R&Rev_1.0\5&2c4f72d4&0&000000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\2 -> 5&1e5b04e0&1&0.0.0 [IDE\CdRomJC6211E_CLX245R_________________________1.0_____\5&1e5b04e0&1&0.0.0] -> File not found < Drives - Autoruns > -> -> autoexec.bat [REM Dummy file for NTVDM | ] -> %SystemDrive%\autoexec.bat [ NTFS ] -> [Ver = | Size = 24 bytes | Modified Date = 18-09-2006 23:43:36 | Attr = ] AUTOMODE [@echo off | IF EXIST C:\ST_RP\MANUALMODE ECHO MANUAL BATCH MODE ALREADY SET ! | IF NOT EXIST C:\ST_RP\MANUALMODE ECHO SET TO MANUAL BATCH EXECUTION ! | IF NOT EXIST C:\ST_RP\MANUALMODE IF EXIST C:\ST_RP\AUTOMODE DEL C:\ST_RP\AUTOMODE /F > NUL | IF NOT EXIST C:\ST_RP\MANUALMODE COPY C:\ST_RP\SET_AUTO_MODE.CMD C:\ST_RP\MANUALMODE > NUL | ECHO. | ] -> D:\AUTOMODE [ NTFS ] -> [Ver = | Size = 340 bytes | Modified Date = 11-09-2005 17:18:54 | Attr = HS] < HOSTS File > (27 bytes) -> C:\Windows\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://dk.msn.com/ -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\Windows\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://jp.dk/ -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\] > -> -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\: Main\\Local Page -> C:\Windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\: Main\\Start Page -> http://jp.dk/ -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> sydbank.dk .[https] -> Trusted sites -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\] > -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> sydbank.dk .[https] -> Trusted sites -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\] > -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> ssv.dll [SSVHelper Class] -> File not found {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKEY_LOCAL_MACHINE] -> WindowsLiveLogin.dll [Hjælp til tilmelding til Windows Live] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> ssv.dll [Sun Java Console] -> File not found {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKEY_LOCAL_MACHINE] -> ONBttnIE.dll [Send til OneNote] -> File not found {77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> SkypeIEPlugin.dll [Skype] -> File not found {92780B25-18CC-41C8-B9BE-3C9C571A8263}:BandCLSID -> REFIEBAR.DLL [Research] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> E&ksporter til Microsoft Excel -> -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\] > -> HKEY_USERS\S-1-5-21-2610512430-812213940-561383249-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> E&ksporter til Microsoft Excel -> -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {08382B47-A3A7-43C4-805D-C58D50E0A2BB} -> (Atheros AR5007 802.11b/g WiFi Adapter) -> {D343435F-A960-40DA-A30D-2A222C24A6AA} -> (NVIDIA nForce Networking Controller) -> < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKEY_LOCAL_MACHINE] -> MSGRAP~1.DLL[Reg Error: Value does not exist or could not be read.] -> File not found ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKEY_LOCAL_MACHINE] -> hxds.dll[HxProtocol Class] -> File not found msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKEY_LOCAL_MACHINE] -> MSGRAP~1.DLL[Reg Error: Value does not exist or could not be read.] -> File not found skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> SKYPE4~1.DLL[IEProtocolHandler Class] -> File not found < Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> text/xml:{807563E5-5146-11D5-A672-00B0D022E945}[HKEY_LOCAL_MACHINE] -> MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}[HKEY_LOCAL_MACHINE] -> http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab[QuickTime Plugin Control] -> {17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab[Windows Genuine Advantage Validation Tool] -> {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE}[HKEY_LOCAL_MACHINE] -> http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab[System Requirements Lab Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF}[HKEY_LOCAL_MACHINE] -> http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab[Facebook Photo Uploader 4] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/Downloaded Program Files/ImageUploader4_5.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/Downloaded Program Files/ImageUploader4_5.ocx\\.Owner -> {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/Downloaded Program Files/ImageUploader4_5.ocx\\{D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/Downloaded Program Files/sysreqlab2.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/Downloaded Program Files/sysreqlab2.dll\\.Owner -> {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/Downloaded Program Files/sysreqlab2.dll\\{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/System32/LegitCheckControl.DLL\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/System32/LegitCheckControl.DLL\\.Owner -> {17492023-C23A-453E-A040-C7C580BBF700} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/System32/LegitCheckControl.DLL\\{17492023-C23A-453E-A040-C7C580BBF700} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/System32/unicows.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/System32/unicows.dll\\.Owner -> {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/System32/unicows.dll\\{D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} -> -> [Registry - Additional Scans - Non-Microsoft Only] [Files/Folders - Created Within 90 days] 327882R2FWJFW -> %SystemDrive%\327882R2FWJFW -> [Folder | Created Date = 22-05-2008 11:25:42 | Attr = ] ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 22-05-2008 21:44:14 | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 3220111360 bytes | Created Date = 07-04-2008 00:15:04 | Attr = HS] MSOCache -> %SystemDrive%\MSOCache -> [Folder | Created Date = 06-04-2008 17:09:52 | Attr = RH ] NVIDIA -> %SystemDrive%\NVIDIA -> [Folder | Created Date = 27-04-2008 14:30:24 | Attr = ] PerfLogs -> %SystemDrive%\PerfLogs -> [Folder | Created Date = 23-04-2008 11:04:37 | Attr = ] QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 22-05-2008 11:25:54 | Attr = ] sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 232 bytes | Created Date = 21-04-2008 22:09:47 | Attr = H ] sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 232 bytes | Created Date = 06-05-2008 10:05:46 | Attr = H ] sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 232 bytes | Created Date = 06-05-2008 10:47:15 | Attr = H ] sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 232 bytes | Created Date = 20-05-2008 22:17:11 | Attr = H ] sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 232 bytes | Created Date = 21-05-2008 22:47:42 | Attr = H ] sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 232 bytes | Created Date = 22-05-2008 11:25:33 | Attr = H ] sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 232 bytes | Created Date = 22-05-2008 13:22:37 | Attr = H ] sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 232 bytes | Created Date = 22-05-2008 14:18:36 | Attr = H ] sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 232 bytes | Created Date = 22-05-2008 15:13:36 | Attr = H ] sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Created Date = 21-04-2008 22:09:47 | Attr = H ] sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Created Date = 06-05-2008 10:05:46 | Attr = H ] sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Created Date = 06-05-2008 10:47:15 | Attr = H ] sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Created Date = 20-05-2008 22:17:11 | Attr = H ] sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Created Date = 21-05-2008 22:47:42 | Attr = H ] sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Created Date = 22-05-2008 11:25:33 | Attr = H ] sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Created Date = 22-05-2008 13:22:37 | Attr = H ] sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Created Date = 22-05-2008 14:18:36 | Attr = H ] sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Created Date = 22-05-2008 15:13:36 | Attr = H ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 07-04-2008 00:15:02 | Attr = HS] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 21-05-2008 21:37:20 | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 22-05-2008 11:16:37 | Attr = ] 103C_HP_cNB_Pavilion dv6700 Notebook PC_Y5335KV_0U_QCNF80766NZ_E459053-DH1_4A_I30D0_SQuanta_V85.24_F.28_T080121_WV3-0_L406_M3071_J250_7AMD_8F82_92.00_#071108_N10DE0450;168C001C_(KN038EA#UUW)_XMOBILE_CN10_Z.MRK -> %SystemRoot%\System32\drivers\103C_HP_cNB_Pavilion dv6700 Notebook PC_Y5335KV_0U_QCNF80766NZ_E459053-DH1_4A_I30D0_SQuanta_V85.24_F.28_T080121_WV3-0_L406_M3071_J250_7AMD_8F82_92.00_#071108_N10DE0450;168C001C_(KN038EA#UUW)_XMOBILE_CN10_Z.MRK -> [Ver = | Size = 0 bytes | Created Date = 06-04-2008 16:26:29 | Attr = RHS] aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 20560 bytes | Created Date = 08-04-2008 23:17:54 | Attr = ] aswMonFlt.sys -> %SystemRoot%\System32\drivers\aswMonFlt.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 50768 bytes | Created Date = 08-04-2008 23:17:37 | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 23152 bytes | Created Date = 08-04-2008 23:17:58 | Attr = ] aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 78416 bytes | Created Date = 08-04-2008 23:17:54 | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 42912 bytes | Created Date = 08-04-2008 23:17:57 | Attr = ] athr.sys -> %SystemRoot%\System32\drivers\athr.sys -> Atheros Communications, Inc. [Ver = 7.3.1.25 built by: WinDDK | Size = 735232 bytes | Created Date = 26-02-2008 12:26:41 | Attr = ] atksgt.sys -> %SystemRoot%\System32\drivers\atksgt.sys -> [Ver = | Size = 278984 bytes | Created Date = 06-04-2008 21:02:46 | Attr = ] CHDRT32.sys -> %SystemRoot%\System32\drivers\CHDRT32.sys -> Conexant Systems Inc. [Ver = 4.36.7.0 built by: WinDDK | Size = 188416 bytes | Created Date = 04-03-2008 02:32:00 | Attr = ] HpqKbFiltr.sys -> %SystemRoot%\System32\drivers\HpqKbFiltr.sys -> Hewlett-Packard Development Company, L.P. [Ver = 1.0.0.1 built by: WinDDK | Size = 16768 bytes | Created Date = 26-02-2008 12:32:05 | Attr = ] HpqRemHid.sys -> %SystemRoot%\System32\drivers\HpqRemHid.sys -> Hewlett-Packard Development Company, L.P. [Ver = 1.0.0.0 built by: WinDDK | Size = 7168 bytes | Created Date = 26-02-2008 12:32:07 | Attr = ] lirsgt.sys -> %SystemRoot%\System32\drivers\lirsgt.sys -> [Ver = | Size = 25416 bytes | Created Date = 06-04-2008 21:02:46 | Attr = ] MsftWdf_Kernel_01007_Inbox_Critical.Wdf -> %SystemRoot%\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf -> [Ver = | Size = 3 bytes | Created Date = 23-04-2008 10:28:11 | Attr = ] Msft_Kernel_HpqKbFiltr_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf -> [Ver = | Size = 0 bytes | Created Date = 23-04-2008 11:00:16 | Attr = H ] Msft_Kernel_NuidFltr_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [Ver = | Size = 0 bytes | Created Date = 09-04-2008 15:12:10 | Attr = H ] Msft_Kernel_SynTP_01000.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_SynTP_01000.Wdf -> [Ver = | Size = 0 bytes | Created Date = 26-02-2008 12:23:05 | Attr = H ] Msft_User_WpdFs_01_00_00.Wdf -> %SystemRoot%\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 23-04-2008 19:13:41 | Attr = H ] nvphy.bin -> %SystemRoot%\System32\drivers\nvphy.bin -> [Ver = | Size = 1732 bytes | Created Date = 26-02-2008 12:20:15 | Attr = ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Created Date = 18-05-2008 15:06:43 | Attr = ] rimmptsk.sys -> %SystemRoot%\System32\drivers\rimmptsk.sys -> REDC [Ver = 6.00.02.03 | Size = 39936 bytes | Created Date = 26-02-2008 12:24:40 | Attr = ] rimsptsk.sys -> %SystemRoot%\System32\drivers\rimsptsk.sys -> REDC [Ver = 6.00.01.10 | Size = 42496 bytes | Created Date = 26-02-2008 12:24:40 | Attr = ] rixdptsk.sys -> %SystemRoot%\System32\drivers\rixdptsk.sys -> REDC [Ver = 6.00.01.12 | Size = 37376 bytes | Created Date = 26-02-2008 12:24:40 | Attr = ] sptd.sys -> %SystemRoot%\System32\drivers\sptd.sys -> [Ver = | Size = 685816 bytes | Created Date = 06-04-2008 16:53:01 | Attr = ] actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 08-04-2008 23:17:37 | Attr = ] AGEIA -> %SystemRoot%\System32\AGEIA -> [Folder | Created Date = 18-05-2008 19:36:41 | Attr = ] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 1152888 bytes | Created Date = 08-04-2008 23:17:37 | Attr = ] athr.sys -> %SystemRoot%\System32\athr.sys -> Atheros Communications, Inc. [Ver = 7.3.1.25 built by: WinDDK | Size = 735232 bytes | Created Date = 26-02-2008 12:26:41 | Attr = ] athrext.cat -> %SystemRoot%\System32\athrext.cat -> [Ver = | Size = 10844 bytes | Created Date = 26-02-2008 12:26:41 | Attr = ] atmfd.dll -> %SystemRoot%\System32\atmfd.dll -> Adobe Systems Incorporated [Ver = 5.1 Build 226 | Size = 289792 bytes | Created Date = 23-04-2008 10:28:30 | Attr = ] AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 95608 bytes | Created Date = 08-04-2008 23:17:54 | Attr = ] BttnCmn.dll -> %SystemRoot%\System32\BttnCmn.dll -> Hewlett-Packard Company [Ver = 3, 0, 0, 1 | Size = 987136 bytes | Created Date = 26-02-2008 12:32:05 | Attr = ] BttnCmns.dll -> %SystemRoot%\System32\BttnCmns.dll -> Hewlett-Packard Company [Ver = 3, 0, 0, 3 | Size = 1560576 bytes | Created Date = 26-02-2008 12:32:05 | Attr = ] BttnCmns_64.dll -> %SystemRoot%\System32\BttnCmns_64.dll -> Hewlett-Packard Company [Ver = 3, 0, 0, 3 | Size = 1560576 bytes | Created Date = 26-02-2008 12:32:05 | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,223,0 | Size = 107888 bytes | Created Date = 22-05-2008 20:27:54 | Attr = ] CnxtAp32.dll -> %SystemRoot%\System32\CnxtAp32.dll -> Conexant Systems Inc. [Ver = 4.36.7.0 | Size = 2125312 bytes | Created Date = 04-03-2008 02:34:00 | Attr = ] de -> %SystemRoot%\System32\de -> [Folder | Created Date = 26-02-2008 12:37:50 | Attr = ] Defrag.exe -> %SystemRoot%\System32\Defrag.exe -> Microsoft Corp. [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 226816 bytes | Created Date = 23-04-2008 10:29:22 | Attr = ] dfrgfat.exe -> %SystemRoot%\System32\dfrgfat.exe -> Microsoft Corp. [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 96768 bytes | Created Date = 23-04-2008 10:29:27 | Attr = ] DfrgNtfs.exe -> %SystemRoot%\System32\DfrgNtfs.exe -> Microsoft Corp. [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 163840 bytes | Created Date = 23-04-2008 10:30:30 | Attr = ] directx -> %SystemRoot%\System32\directx -> [Folder | Created Date = 06-04-2008 20:44:29 | Attr = ] DivXCodecVersionChecker.exe -> %SystemRoot%\System32\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 0,0,0,0 | Size = 161096 bytes | Created Date = 31-03-2008 23:25:52 | Attr = ] dot3.tmf -> %SystemRoot%\System32\dot3.tmf -> [Ver = | Size = 289467 bytes | Created Date = 23-04-2008 10:29:28 | Attr = ] eaphost.tmf -> %SystemRoot%\System32\eaphost.tmf -> [Ver = | Size = 206830 bytes | Created Date = 23-04-2008 10:31:11 | Attr = ] es -> %SystemRoot%\System32\es -> [Folder | Created Date = 26-02-2008 12:37:50 | Attr = ] esrb.rs -> %SystemRoot%\System32\esrb.rs -> Microsoft [Ver = 1.0.0.1 | Size = 51712 bytes | Created Date = 23-04-2008 10:28:46 | Attr = ] ff_vfw.dll -> %SystemRoot%\System32\ff_vfw.dll -> [Ver = | Size = 7680 bytes | Created Date = 29-03-2008 01:41:32 | Attr = ] fr -> %SystemRoot%\System32\fr -> [Folder | Created Date = 26-02-2008 12:37:50 | Attr = ] fsmgmt.msc -> %SystemRoot%\System32\fsmgmt.msc -> [Ver = | Size = 144909 bytes | Created Date = 23-04-2008 10:28:14 | Attr = ] GameUXLegacyGDFs.dll -> %SystemRoot%\System32\GameUXLegacyGDFs.dll -> Microsoft [Ver = 1.0.0.1 | Size = 4240384 bytes | Created Date = 23-04-2008 10:30:29 | Attr = ] gatherWiredInfo.vbs -> %SystemRoot%\System32\gatherWiredInfo.vbs -> [Ver = | Size = 12198 bytes | Created Date = 23-04-2008 10:28:15 | Attr = ] gatherWirelessInfo.vbs -> %SystemRoot%\System32\gatherWirelessInfo.vbs -> [Ver = | Size = 15181 bytes | Created Date = 23-04-2008 10:28:14 | Attr = ] grb.rs -> %SystemRoot%\System32\grb.rs -> Microsoft [Ver = 1.0.0.1 | Size = 16896 bytes | Created Date = 23-04-2008 10:29:56 | Attr = ] Hauppauge -> %SystemRoot%\System32\Hauppauge -> [Folder | Created Date = 26-02-2008 12:27:03 | Attr = ] hcwi2c32.dll -> %SystemRoot%\System32\hcwi2c32.dll -> Hauppauge Computer Works, Inc. [Ver = 2.26.24283 | Size = 98360 bytes | Created Date = 26-02-2008 12:27:01 | Attr = ] hcwpnp32.dll -> %SystemRoot%\System32\hcwpnp32.dll -> Hauppauge Computer Works [Ver = 4.78.25121 | Size = 258104 bytes | Created Date = 26-02-2008 12:27:02 | Attr = ] hcwutl32.dll -> %SystemRoot%\System32\hcwutl32.dll -> Hauppauge Computer Works [Ver = 3.9.24283 | Size = 36921 bytes | Created Date = 26-02-2008 12:27:01 | Attr = ] hcwutl32_priv.dll -> %SystemRoot%\System32\hcwutl32_priv.dll -> Hauppauge Computer Works [Ver = 3.9.24283 | Size = 36921 bytes | Created Date = 26-02-2008 12:27:01 | Attr = ] IasMigPlugin.dll -> %SystemRoot%\System32\IasMigPlugin.dll -> Microsoft [Ver = 1.0.0.1 | Size = 445952 bytes | Created Date = 23-04-2008 10:30:52 | Attr = ] it -> %SystemRoot%\System32\it -> [Folder | Created Date = 26-02-2008 12:37:50 | Attr = ] ja -> %SystemRoot%\System32\ja -> [Folder | Created Date = 26-02-2008 12:37:51 | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 14-04-2008 08:23:26 | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 14-04-2008 08:23:26 | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 14-04-2008 08:23:26 | Attr = ] ko -> %SystemRoot%\System32\ko -> [Folder | Created Date = 26-02-2008 12:37:51 | Attr = ] l3codeca.acm -> %SystemRoot%\System32\l3codeca.acm -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 9, 0, 0401 | Size = 62464 bytes | Created Date = 23-04-2008 10:28:25 | Attr = ] l3codecp.acm -> %SystemRoot%\System32\l3codecp.acm -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 3, 4, 0, 0 | Size = 220672 bytes | Created Date = 23-04-2008 10:28:44 | Attr = ] locale.nls -> %SystemRoot%\System32\locale.nls -> [Ver = | Size = 3662296 bytes | Created Date = 23-04-2008 10:30:32 | Attr = ] LOG -> %SystemRoot%\System32\LOG -> [Ver = | Size = 81 bytes | Created Date = 06-04-2008 16:36:23 | Attr = ] msjetoledb40.dll -> %SystemRoot%\System32\msjetoledb40.dll -> [Ver = | Size = 368640 bytes | Created Date = 23-04-2008 10:28:50 | Attr = ] netathr.inf -> %SystemRoot%\System32\netathr.inf -> [Ver = | Size = 6483 bytes | Created Date = 26-02-2008 12:26:41 | Attr = ] nvcpl.cpl -> %SystemRoot%\System32\nvcpl.cpl -> NVIDIA Corporation [Ver = 1.4.200.10 | Size = 413696 bytes | Created Date = 26-02-2008 12:22:01 | Attr = ] nvcplui.exe -> %SystemRoot%\System32\nvcplui.exe -> NVIDIA Corporation [Ver = 1.4.200.10 | Size = 753664 bytes | Created Date = 26-02-2008 12:22:01 | Attr = ] nvcpluir.dll -> %SystemRoot%\System32\nvcpluir.dll -> NVIDIA Corporation [Ver = 1.4.200.10 | Size = 1073152 bytes | Created Date = 26-02-2008 12:22:02 | Attr = ] nvexpbar.dll -> %SystemRoot%\System32\nvexpbar.dll -> NVIDIA Corporation [Ver = 1.4.200.10 | Size = 307200 bytes | Created Date = 26-02-2008 12:22:01 | Attr = ] nvnrm.nvu -> %SystemRoot%\System32\nvnrm.nvu -> [Ver = | Size = 3903 bytes | Created Date = 26-02-2008 12:20:22 | Attr = ] nvsmb.nvu -> %SystemRoot%\System32\nvsmb.nvu -> [Ver = | Size = 1864 bytes | Created Date = 26-02-2008 12:20:00 | Attr = ] nvsmu.nvu -> %SystemRoot%\System32\nvsmu.nvu -> [Ver = | Size = 528 bytes | Created Date = 26-02-2008 12:20:08 | Attr = ] nvusmb.exe -> %SystemRoot%\System32\nvusmb.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 56 | Size = 356352 bytes | Created Date = 26-02-2008 12:20:00 | Attr = ] nvusmu.exe -> %SystemRoot%\System32\nvusmu.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 56 | Size = 356352 bytes | Created Date = 26-02-2008 12:20:08 | Attr = ] onex.tmf -> %SystemRoot%\System32\onex.tmf -> [Ver = | Size = 261163 bytes | Created Date = 23-04-2008 10:29:23 | Attr = ] perfmon.msc -> %SystemRoot%\System32\perfmon.msc -> [Ver = | Size = 145455 bytes | Created Date = 23-04-2008 10:28:11 | Attr = ] PhysX.cpl -> %SystemRoot%\System32\PhysX.cpl -> NVIDIA Corporation [Ver = 08, 04, 30, 0 | Size = 390432 bytes | Created Date = 06-05-2008 16:54:56 | Attr = ] PhysXLoader.dll -> %SystemRoot%\System32\PhysXLoader.dll -> AGEIA Technologies, Inc. [Ver = 2, 8, 1, 4 | Size = 70944 bytes | Created Date = 30-04-2008 13:55:16 | Attr = ] pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Created Date = 30-03-2008 13:42:39 | Attr = ] pndx5016.dll -> %SystemRoot%\System32\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Created Date = 30-03-2008 13:42:40 | Attr = ] pndx5032.dll -> %SystemRoot%\System32\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Created Date = 30-03-2008 13:42:40 | Attr = ] PnkBstrA.exe -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Created Date = 18-05-2008 15:06:44 | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 103736 bytes | Created Date = 18-05-2008 15:06:36 | Attr = ] PresentationCFFRasterizerNative_v0300.dll -> %SystemRoot%\System32\PresentationCFFRasterizerNative_v0300.dll -> Adobe Systems Incorporated [Ver = 3.0.6920.1109 (lh_tools_devdiv_wpf.071009-1109) | Size = 106520 bytes | Created Date = 23-04-2008 10:29:15 | Attr = ] RacUR.xml -> %SystemRoot%\System32\RacUR.xml -> [Ver = | Size = 9987 bytes | Created Date = 23-04-2008 10:28:28 | Attr = ] rixdicon.dll -> %SystemRoot%\System32\rixdicon.dll -> [Ver = | Size = 16480 bytes | Created Date = 26-02-2008 12:24:40 | Attr = ] rmoc3260.dll -> %SystemRoot%\System32\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.50 | Size = 185944 bytes | Created Date = 30-03-2008 13:42:45 | Attr = ] Robocopy.exe -> %SystemRoot%\System32\Robocopy.exe -> Microsoft [Ver = 5, 1, 10, 1027 | Size = 87552 bytes | Created Date = 23-04-2008 10:29:12 | Attr = ] ru -> %SystemRoot%\System32\ru -> [Folder | Created Date = 26-02-2008 12:37:51 | Attr = ] sizelimit.ocx -> %SystemRoot%\System32\sizelimit.ocx -> Prive [Ver = 1.00 | Size = 28672 bytes | Created Date = 08-04-2008 20:29:42 | Attr = ] slmgr.vbs -> %SystemRoot%\System32\slmgr.vbs -> [Ver = | Size = 80047 bytes | Created Date = 23-04-2008 10:29:07 | Attr = ] SMBHelperClass.dll -> %SystemRoot%\System32\SMBHelperClass.dll -> Microsoft [Ver = 1.0.0.1 | Size = 83456 bytes | Created Date = 23-04-2008 10:31:01 | Attr = ] snymsico.dll -> %SystemRoot%\System32\snymsico.dll -> Sony Corporation [Ver = 1, 0, 0, 09120 | Size = 90112 bytes | Created Date = 26-02-2008 12:24:40 | Attr = ] StructuredQuerySchema.bin -> %SystemRoot%\System32\StructuredQuerySchema.bin -> [Ver = | Size = 100043 bytes | Created Date = 23-04-2008 10:28:32 | Attr = ] systemsf.ebd -> %SystemRoot%\System32\systemsf.ebd -> [Ver = | Size = 132148 bytes | Created Date = 23-04-2008 10:30:40 | Attr = ] tcpmon.ini -> %SystemRoot%\System32\tcpmon.ini -> [Ver = | Size = 60124 bytes | Created Date = 23-04-2008 10:28:28 | Attr = ] tr -> %SystemRoot%\System32\tr -> [Folder | Created Date = 26-02-2008 12:37:51 | Attr = ] VSFilter.dll -> %SystemRoot%\System32\VSFilter.dll -> Gabest [Ver = 1, 0, 1, 4 | Size = 966656 bytes | Created Date = 07-03-2008 00:29:44 | Attr = ] WFP.TMF -> %SystemRoot%\System32\WFP.TMF -> [Ver = | Size = 175508 bytes | Created Date = 23-04-2008 10:29:56 | Attr = ] winrm.vbs -> %SystemRoot%\System32\winrm.vbs -> [Ver = | Size = 195122 bytes | Created Date = 23-04-2008 10:29:27 | Attr = ] wlan.tmf -> %SystemRoot%\System32\wlan.tmf -> [Ver = | Size = 1675370 bytes | Created Date = 23-04-2008 10:31:11 | Attr = ] WlanMmHC.dll -> %SystemRoot%\System32\WlanMmHC.dll -> Microsoft [Ver = 1.0.0.1 | Size = 41472 bytes | Created Date = 23-04-2008 10:28:30 | Attr = ] yaywvTnM.dll -> %SystemRoot%\System32\yaywvTnM.dll -> [Ver = | Size = 58368 bytes | Created Date = 23-05-2008 08:54:26 | Attr = ] hpsysdrv.dat -> %SystemRoot%\System\hpsysdrv.dat -> [Ver = | Size = 44 bytes | Created Date = 06-04-2008 16:36:21 | Attr = ] DPDrv -> %SystemRoot%\DPDrv -> [Folder | Created Date = 26-02-2008 12:37:49 | Attr = ] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 22-05-2008 11:26:15 | Attr = ] fdsv.exe -> %SystemRoot%\fdsv.exe -> Smallfrogs Studio [Ver = 1, 2, 0, 22 | Size = 89504 bytes | Created Date = 22-05-2008 11:25:53 | Attr = ] grep.exe -> %SystemRoot%\grep.exe -> [Ver = | Size = 80412 bytes | Created Date = 22-05-2008 11:25:53 | Attr = ] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = | Size = 282171548 bytes | Created Date = 22-05-2008 21:32:40 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 22-05-2008 21:33:31 | Attr = ] msdownld.tmp -> %SystemRoot%\msdownld.tmp -> [Folder | Created Date = 06-04-2008 20:44:33 | Attr = H ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 22-05-2008 11:25:53 | Attr = ] Options -> %SystemRoot%\Options -> [Folder | Created Date = 26-02-2008 12:26:41 | Attr = ] patchw32.dll -> %SystemRoot%\patchw32.dll -> [Ver = | Size = 215144 bytes | Created Date = 22-05-2008 20:12:17 | Attr = ] PCHEALTH -> %SystemRoot%\PCHEALTH -> [Folder | Created Date = 06-04-2008 16:28:47 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 26-02-2008 12:11:31 | Attr = ] sed.exe -> %SystemRoot%\sed.exe -> [Ver = | Size = 98816 bytes | Created Date = 22-05-2008 11:25:53 | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 26-02-2008 12:16:21 | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 22-04-2008 10:14:32 | Attr = ] swreg.exe -> %SystemRoot%\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 22-05-2008 21:44:10 | Attr = ] swsc.exe -> %SystemRoot%\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 22-05-2008 11:25:53 | Attr = ] swxcacls.exe -> %SystemRoot%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 22-05-2008 11:25:43 | Attr = ] TEMP -> %SystemRoot%\TEMP -> [Folder | Created Date = 22-05-2008 21:47:19 | Attr = ] VFind.exe -> %SystemRoot%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 22-05-2008 11:25:53 | Attr = ] zip.exe -> %SystemRoot%\zip.exe -> [Ver = | Size = 68096 bytes | Created Date = 22-05-2008 11:25:53 | Attr = ] Uniblue SpeedUpMyPC Nag.job -> %SystemRoot%\tasks\Uniblue SpeedUpMyPC Nag.job -> [Ver = | Size = 268 bytes | Created Date = 27-04-2008 20:53:45 | Attr = ] Uniblue SpeedUpMyPC.job -> %SystemRoot%\tasks\Uniblue SpeedUpMyPC.job -> [Ver = | Size = 390 bytes | Created Date = 27-04-2008 20:53:45 | Attr = ] User_Feed_Synchronization-{B414613E-EE91-4E26-84CD-7395231C5DBE}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{B414613E-EE91-4E26-84CD-7395231C5DBE}.job -> [Ver = | Size = 420 bytes | Created Date = 06-04-2008 19:06:01 | Attr = H ] [Files Created - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Adobe -> [Folder | Created Date = 06-04-2008 16:29:58 | Attr = ] Atheros -> %AllUsersProfile%\Atheros -> [Folder | Created Date = 26-02-2008 12:26:36 | Attr = ] Azureus -> %AllUsersProfile%\Azureus -> [Folder | Created Date = 06-04-2008 17:48:50 | Attr = ] BM38bbed8b.xml -> %AllUsersProfile%\BM38bbed8b.xml -> [Ver = | Size = 109807 bytes | Created Date = 17-05-2008 14:52:32 | Attr = ] CyberLink -> %AllUsersProfile%\CyberLink -> [Folder | Created Date = 26-02-2008 12:31:36 | Attr = ] DAEMON Tools Pro -> %AllUsersProfile%\DAEMON Tools Pro -> [Folder | Created Date = 06-04-2008 17:59:10 | Attr = ] ezsid.dat -> %AllUsersProfile%\ezsid.dat -> [Ver = | Size = 32 bytes | Created Date = 17-04-2008 19:37:58 | Attr = ] HP -> %AllUsersProfile%\HP -> [Folder | Created Date = 08-04-2008 12:21:20 | Attr = ] Macrovision -> %AllUsersProfile%\Macrovision -> [Folder | Created Date = 26-02-2008 12:37:47 | Attr = ] Microsoft Help -> %AllUsersProfile%\Microsoft Help -> [Folder | Created Date = 06-04-2008 17:11:30 | Attr = ] NVIDIA -> %AllUsersProfile%\NVIDIA -> [Folder | Created Date = 26-02-2008 12:38:49 | Attr = ] pskt.ini -> %AllUsersProfile%\pskt.ini -> [Ver = | Size = 22 bytes | Created Date = 17-05-2008 14:52:32 | Attr = ] Skype -> %AllUsersProfile%\Skype -> [Folder | Created Date = 17-04-2008 19:34:41 | Attr = ] THQ -> %AllUsersProfile%\THQ -> [Folder | Created Date = 18-05-2008 19:35:12 | Attr = ] Ubisoft -> %AllUsersProfile%\Ubisoft -> [Folder | Created Date = 09-04-2008 09:28:00 | Attr = ] WLInstaller -> %AllUsersProfile%\WLInstaller -> [Folder | Created Date = 07-04-2008 19:44:32 | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Created Date = 07-04-2008 19:50:32 | Attr = ] Azureus -> %AppData%\Azureus -> [Folder | Created Date = 06-04-2008 17:48:47 | Attr = ] CyberLink -> %AppData%\CyberLink -> [Folder | Created Date = 08-04-2008 12:21:22 | Attr = ] DAEMON Tools Pro -> %AppData%\DAEMON Tools Pro -> [Folder | Created Date = 06-04-2008 17:35:07 | Attr = ] DigitalPersona -> %AppData%\DigitalPersona -> [Folder | Created Date = 06-04-2008 16:36:51 | Attr = ] DivX -> %AppData%\DivX -> [Folder | Created Date = 06-04-2008 22:17:57 | Attr = ] dvdcss -> %AppData%\dvdcss -> [Folder | Created Date = 25-04-2008 20:22:00 | Attr = ] Google -> %AppData%\Google -> [Folder | Created Date = 17-04-2008 19:55:49 | Attr = ] Hewlett-Packard -> %AppData%\Hewlett-Packard -> [Folder | Created Date = 06-04-2008 16:33:48 | Attr = ] HP -> %AppData%\HP -> [Folder | Created Date = 08-04-2008 12:21:20 | Attr = ] Identities -> %AppData%\Identities -> [Folder | Created Date = 06-04-2008 16:36:35 | Attr = ] InstallShield -> %AppData%\InstallShield -> [Folder | Created Date = 09-04-2008 09:10:29 | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Created Date = 06-04-2008 16:34:26 | Attr = ] Macrovision -> %AppData%\Macrovision -> [Folder | Created Date = 06-04-2008 16:26:24 | Attr = ] Media Center Programs -> %AppData%\Media Center Programs -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = S] nvModes.001 -> %AppData%\nvModes.001 -> [Ver = | Size = 194788 bytes | Created Date = 06-04-2008 17:03:03 | Attr = ] nvModes.dat -> %AppData%\nvModes.dat -> [Ver = | Size = 194788 bytes | Created Date = 06-04-2008 16:48:29 | Attr = ] Real -> %AppData%\Real -> [Folder | Created Date = 18-04-2008 11:06:02 | Attr = ] SeriousBit -> %AppData%\SeriousBit -> [Folder | Created Date = 27-04-2008 14:39:32 | Attr = ] Skype -> %AppData%\Skype -> [Folder | Created Date = 17-04-2008 19:35:05 | Attr = ] skypePM -> %AppData%\skypePM -> [Folder | Created Date = 17-04-2008 19:37:58 | Attr = ] Symantec -> %AppData%\Symantec -> [Folder | Created Date = 06-04-2008 16:37:18 | Attr = ] Ubisoft -> %AppData%\Ubisoft -> [Folder | Created Date = 09-04-2008 09:28:00 | Attr = ] Uniblue -> %AppData%\Uniblue -> [Folder | Created Date = 27-04-2008 20:53:47 | Attr = ] vlc -> %AppData%\vlc -> [Folder | Created Date = 20-04-2008 13:12:31 | Attr = ] Adobe -> %UserProfile%\AppData\Local\Adobe -> [Folder | Created Date = 06-04-2008 16:30:30 | Attr = ] Application Data -> %UserProfile%\AppData\Local\Application Data -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = HS] Apps -> %UserProfile%\AppData\Local\Apps -> [Folder | Created Date = 06-04-2008 20:53:26 | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 67072 bytes | Created Date = 06-04-2008 17:17:26 | Attr = ] DigitalPersona -> %UserProfile%\AppData\Local\DigitalPersona -> [Folder | Created Date = 06-04-2008 16:36:51 | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\AppData\Local\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 103160 bytes | Created Date = 06-04-2008 16:37:06 | Attr = ] Google -> %UserProfile%\AppData\Local\Google -> [Folder | Created Date = 17-04-2008 19:55:33 | Attr = ] IconCache.db -> %UserProfile%\AppData\Local\IconCache.db -> [Ver = | Size = 3457629 bytes | Created Date = 18-04-2008 14:33:09 | Attr = H ] Microsoft -> %UserProfile%\AppData\Local\Microsoft -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = ] Microsoft Games -> %UserProfile%\AppData\Local\Microsoft Games -> [Folder | Created Date = 07-04-2008 20:41:44 | Attr = ] Microsoft Help -> %UserProfile%\AppData\Local\Microsoft Help -> [Folder | Created Date = 06-04-2008 17:11:35 | Attr = ] Oversigt -> %UserProfile%\AppData\Local\Oversigt -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = HS] PunkBuster -> %UserProfile%\AppData\Local\PunkBuster -> [Folder | Created Date = 18-05-2008 15:06:36 | Attr = ] QuickPlay -> %UserProfile%\AppData\Local\QuickPlay -> [Folder | Created Date = 06-04-2008 16:37:15 | Attr = ] Temp -> %UserProfile%\AppData\Local\Temp -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = ] Temporary Internet Files -> %UserProfile%\AppData\Local\Temporary Internet Files -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = HS] The Witcher -> %UserProfile%\AppData\Local\The Witcher -> [Folder | Created Date = 06-04-2008 21:02:59 | Attr = ] VirtualStore -> %UserProfile%\AppData\Local\VirtualStore -> [Folder | Created Date = 06-04-2008 16:36:30 | Attr = ] Zattoo -> %UserProfile%\AppData\Local\Zattoo -> [Folder | Created Date = 25-04-2008 23:42:26 | Attr = ] ZattooPlayer -> %UserProfile%\AppData\Local\ZattooPlayer -> [Folder | Created Date = 25-04-2008 23:42:31 | Attr = ] hpqp.ini -> %SystemDrive%\Users\Public\Documents\hpqp.ini -> [Ver = | Size = 163 bytes | Created Date = 26-02-2008 12:32:00 | Attr = ] MCE Logs -> %SystemDrive%\Users\Public\Documents\MCE Logs -> [Folder | Created Date = 06-04-2008 20:37:36 | Attr = HS] 01 Violet Hill.MP3 -> %UserProfile%\Documents\01 Violet Hill.MP3 -> [Ver = | Size = 5675037 bytes | Created Date = 30-04-2008 08:52:31 | Attr = ] Assistentopgave om Hypovolæmisk shock.docx -> %UserProfile%\Documents\Assistentopgave om Hypovolæmisk shock.docx -> [Ver = | Size = 11618 bytes | Created Date = 08-04-2008 12:36:03 | Attr = ] Azureus Downloads -> %UserProfile%\Documents\Azureus Downloads -> [Folder | Created Date = 06-04-2008 17:48:54 | Attr = ] BackupRegistry(20080427).reg -> %UserProfile%\Documents\BackupRegistry(20080427).reg -> [Ver = | Size = 229363620 bytes | Created Date = 27-04-2008 17:17:43 | Attr = ] BackupRegistry(200804272).reg -> %UserProfile%\Documents\BackupRegistry(200804272).reg -> [Ver = | Size = 208148458 bytes | Created Date = 27-04-2008 20:04:35 | Attr = ] Billeder -> %UserProfile%\Documents\Billeder -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = HS] coldplay_violethill.zip -> %UserProfile%\Documents\coldplay_violethill.zip -> [Ver = | Size = 5652733 bytes | Created Date = 30-04-2008 08:52:14 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Documents\coldplay_violethill.zip:Zone.Identifier desktop.ini -> %UserProfile%\Documents\desktop.ini -> [Ver = | Size = 402 bytes | Created Date = 06-04-2008 16:36:44 | Attr = HS] Mine delemapper.lnk -> %UserProfile%\Documents\Mine delemapper.lnk -> [Ver = | Size = 487 bytes | Created Date = 07-04-2008 19:34:16 | Attr = ] Modtagne filer -> %UserProfile%\Documents\Modtagne filer -> [Folder | Created Date = 06-04-2008 16:36:53 | Attr = ] Musik -> %UserProfile%\Documents\Musik -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = HS] My Games -> %UserProfile%\Documents\My Games -> [Folder | Created Date = 18-05-2008 20:38:22 | Attr = ] My Web Sites -> %UserProfile%\Documents\My Web Sites -> [Folder | Created Date = 16-05-2008 14:00:34 | Attr = S] NFS ProStreet -> %UserProfile%\Documents\NFS ProStreet -> [Folder | Created Date = 18-05-2008 15:08:31 | Attr = ] The Witcher -> %UserProfile%\Documents\The Witcher -> [Folder | Created Date = 06-04-2008 21:02:59 | Attr = ] Videoer -> %UserProfile%\Documents\Videoer -> [Folder | Created Date = 06-04-2008 16:25:21 | Attr = HS] DAEMON Tools Pro.lnk -> %SystemDrive%\Users\Public\Desktop\DAEMON Tools Pro.lnk -> [Ver = | Size = 1717 bytes | Created Date = 06-04-2008 17:56:06 | Attr = ] Skype.lnk -> %SystemDrive%\Users\Public\Desktop\Skype.lnk -> [Ver = | Size = 2367 bytes | Created Date = 17-04-2008 19:34:51 | Attr = ] VLC media player.lnk -> %SystemDrive%\Users\Public\Desktop\VLC media player.lnk -> [Ver = | Size = 859 bytes | Created Date = 20-04-2008 13:12:15 | Attr = ] 175.16_geforce_winvista_32bit_english_whql.exe -> %UserProfile%\Desktop\175.16_geforce_winvista_32bit_english_whql.exe -> NVIDIA Corporation [Ver = | Size = 38055000 bytes | Created Date = 22-05-2008 22:21:52 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\175.16_geforce_winvista_32bit_english_whql.exe:Zone.Identifier adecco.pdf -> %UserProfile%\Desktop\adecco.pdf -> [Ver = | Size = 182996 bytes | Created Date = 15-05-2008 22:01:31 | Attr = ] b-flu102.7z -> %UserProfile%\Desktop\b-flu102.7z -> [Ver = | Size = 8289845 bytes | Created Date = 22-05-2008 20:31:16 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\b-flu102.7z:Zone.Identifier battery.nfo -> %UserProfile%\Desktop\battery.nfo -> [Ver = | Size = 5428 bytes | Created Date = 22-05-2008 20:31:20 | Attr = ] ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe -> [Ver = | Size = 1819998 bytes | Created Date = 22-05-2008 11:18:55 | Attr = ] desktop.ini -> %UserProfile%\Desktop\desktop.ini -> [Ver = | Size = 282 bytes | Created Date = 06-04-2008 16:36:44 | Attr = HS] EFIS_Patch_All_to_v1.0.2.exe -> %UserProfile%\Desktop\EFIS_Patch_All_to_v1.0.2.exe -> [Ver = | Size = 192363934 bytes | Created Date = 22-05-2008 20:11:50 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\EFIS_Patch_All_to_v1.0.2.exe:Zone.Identifier FLV Player.lnk -> %UserProfile%\Desktop\FLV Player.lnk -> [Ver = | Size = 823 bytes | Created Date = 20-04-2008 13:14:20 | Attr = ] Free-SpyHunter-Scanner-ri-Install.exe -> %UserProfile%\Desktop\Free-SpyHunter-Scanner-ri-Install.exe -> [Ver = 3.4 | Size = 7605608 bytes | Created Date = 21-05-2008 21:07:56 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\Free-SpyHunter-Scanner-ri-Install.exe:Zone.Identifier Guru3D.com -> %UserProfile%\Desktop\Guru3D.com -> [Folder | Created Date = 22-05-2008 22:33:49 | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1874 bytes | Created Date = 21-05-2008 21:22:35 | Attr = ] openal32.rar -> %UserProfile%\Desktop\openal32.rar -> [Ver = | Size = 44522 bytes | Created Date = 22-05-2008 19:57:37 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\openal32.rar:Zone.Identifier OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.2 | Size = 291328 bytes | Created Date = 22-05-2008 11:15:48 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 23-05-2008 08:58:53 | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 544324 bytes | Created Date = 23-05-2008 08:57:40 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier RivaTuner209-[Guru3D.com].exe -> %UserProfile%\Desktop\RivaTuner209-[Guru3D.com].exe -> [Ver = | Size = 2393870 bytes | Created Date = 22-05-2008 22:33:42 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\RivaTuner209-[Guru3D.com].exe:Zone.Identifier VirtumundoBeGone.exe -> %UserProfile%\Desktop\VirtumundoBeGone.exe -> Business Information Solutions [Ver = 1.5 | Size = 96978 bytes | Created Date = 21-05-2008 22:09:10 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\VirtumundoBeGone.exe:Zone.Identifier Vista Manager.lnk -> %UserProfile%\Desktop\Vista Manager.lnk -> [Ver = | Size = 2561 bytes | Created Date = 27-04-2008 14:48:38 | Attr = ] VundoFix.exe -> %UserProfile%\Desktop\VundoFix.exe -> Atribune.org [Ver = 7.00.0005 | Size = 214528 bytes | Created Date = 21-05-2008 21:37:05 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\VundoFix.exe:Zone.Identifier desktop.ini -> %AppData%\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 174 bytes | Created Date = 06-04-2008 16:36:44 | Attr = HS] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Created Date = 07-04-2008 19:56:55 | Attr = ] DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Created Date = 06-04-2008 17:14:09 | Attr = ] LightScribe -> %CommonProgramFiles%\LightScribe -> [Folder | Created Date = 06-04-2008 16:28:17 | Attr = ] Real -> %CommonProgramFiles%\Real -> [Folder | Created Date = 18-04-2008 11:06:29 | Attr = ] Skype -> %CommonProgramFiles%\Skype -> [Folder | Created Date = 17-04-2008 19:34:47 | Attr = ] WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller -> [Folder | Created Date = 07-04-2008 19:45:31 | Attr = HS] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 18-05-2008 19:36:27 | Attr = ] Adobe -> %ProgramFiles%\Adobe -> [Folder | Created Date = 06-04-2008 16:29:40 | Attr = ] AGEIA Technologies -> %ProgramFiles%\AGEIA Technologies -> [Folder | Created Date = 18-05-2008 19:36:39 | Attr = ] Alwil Software -> %ProgramFiles%\Alwil Software -> [Folder | Created Date = 08-04-2008 23:17:29 | Attr = ] Atheros -> %ProgramFiles%\Atheros -> [Folder | Created Date = 26-02-2008 12:26:41 | Attr = ] Azureus -> %ProgramFiles%\Azureus -> [Folder | Created Date = 06-04-2008 17:47:01 | Attr = ] CONEXANT -> %ProgramFiles%\CONEXANT -> [Folder | Created Date = 26-02-2008 12:23:48 | Attr = ] DAEMON Tools Pro -> %ProgramFiles%\DAEMON Tools Pro -> [Folder | Created Date = 06-04-2008 17:33:19 | Attr = ] DigitalPersona -> %ProgramFiles%\DigitalPersona -> [Folder | Created Date = 26-02-2008 12:37:47 | Attr = ] DivX -> %ProgramFiles%\DivX -> [Folder | Created Date = 06-04-2008 20:47:39 | Attr = ] Electronic Arts -> %ProgramFiles%\Electronic Arts -> [Folder | Created Date = 16-05-2008 20:55:46 | Attr = ] Enigma Software Group -> %ProgramFiles%\Enigma Software Group -> [Folder | Created Date = 21-05-2008 21:08:05 | Attr = ] Fingerprint Sensor -> %ProgramFiles%\Fingerprint Sensor -> [Folder | Created Date = 26-02-2008 12:24:19 | Attr = ] FLV Player -> %ProgramFiles%\FLV Player -> [Folder | Created Date = 20-04-2008 13:14:20 | Attr = ] Gabest -> %ProgramFiles%\Gabest -> [Folder | Created Date = 06-04-2008 16:53:51 | Attr = ] HP -> %ProgramFiles%\HP -> [Folder | Created Date = 26-02-2008 12:30:24 | Attr = ] HPQ -> %ProgramFiles%\HPQ -> [Folder | Created Date = 26-02-2008 12:32:07 | Attr = ] MegaSpoof -> %ProgramFiles%\MegaSpoof -> [Folder | Created Date = 08-04-2008 20:29:42 | Attr = ] Microsoft Office -> %ProgramFiles%\Microsoft Office -> [Folder | Created Date = 06-04-2008 16:32:32 | Attr = ] Microsoft Silverlight -> %ProgramFiles%\Microsoft Silverlight -> [Folder | Created Date = 09-04-2008 15:11:23 | Attr = ] Microsoft Visual Studio -> %ProgramFiles%\Microsoft Visual Studio -> [Folder | Created Date = 06-04-2008 17:14:09 | Attr = ] Microsoft Works -> %ProgramFiles%\Microsoft Works -> [Folder | Created Date = 06-04-2008 16:31:55 | Attr = ] Microsoft.NET -> %ProgramFiles%\Microsoft.NET -> [Folder | Created Date = 06-04-2008 17:13:40 | Attr = ] NetWaiting -> %ProgramFiles%\NetWaiting -> [Folder | Created Date = 26-02-2008 12:24:02 | Attr = ] QuickTime -> %ProgramFiles%\QuickTime -> [Folder | Created Date = 20-04-2008 17:38:34 | Attr = ] RivaTuner v2.09 -> %ProgramFiles%\RivaTuner v2.09 -> [Folder | Created Date = 22-05-2008 22:34:08 | Attr = ] Skype -> %ProgramFiles%\Skype -> [Folder | Created Date = 17-04-2008 19:34:48 | Attr = ] Sydbank -> %ProgramFiles%\Sydbank -> [Folder | Created Date = 01-05-2008 19:42:34 | Attr = ] Synaptics -> %ProgramFiles%\Synaptics -> [Folder | Created Date = 26-02-2008 12:22:41 | Attr = ] SystemRequirementsLab -> %ProgramFiles%\SystemRequirementsLab -> [Folder | Created Date = 27-04-2008 14:33:15 | Attr = ] THQ -> %ProgramFiles%\THQ -> [Folder | Created Date = 18-05-2008 19:04:48 | Attr = ] Trend Micro -> %ProgramFiles%\Trend Micro -> [Folder | Created Date = 21-05-2008 21:22:35 | Attr = ] Ubisoft -> %ProgramFiles%\Ubisoft -> [Folder | Created Date = 09-04-2008 09:10:44 | Attr = ] unisecur -> %ProgramFiles%\unisecur -> [Folder | Created Date = 27-04-2008 19:38:11 | Attr = ] VideoLAN -> %ProgramFiles%\VideoLAN -> [Folder | Created Date = 06-04-2008 16:54:35 | Attr = ] VistaCodecPack -> %ProgramFiles%\VistaCodecPack -> [Folder | Created Date = 27-04-2008 14:38:05 | Attr = ] Windows Live -> %ProgramFiles%\Windows Live -> [Folder | Created Date = 07-04-2008 19:45:09 | Attr = ] Windows Live Toolbar -> %ProgramFiles%\Windows Live Toolbar -> [Folder | Created Date = 11-04-2008 23:38:40 | Attr = ] WinRAR -> %ProgramFiles%\WinRAR -> [Folder | Created Date = 06-04-2008 16:54:06 | Attr = ] WinTV -> %ProgramFiles%\WinTV -> [Folder | Created Date = 26-02-2008 12:27:02 | Attr = ] Yamicsoft -> %ProgramFiles%\Yamicsoft -> [Folder | Created Date = 27-04-2008 14:48:35 | Attr = ] [Files/Folders - Modified Within 90 days] $RECYCLE.BIN -> %SystemDrive%\$RECYCLE.BIN -> [Folder | Modified Date = 16-04-2008 20:29:10 | Attr = HS] 327882R2FWJFW -> %SystemDrive%\327882R2FWJFW -> [Folder | Modified Date = 22-05-2008 21:44:14 | Attr = ] boot -> %SystemDrive%\boot -> [Folder | Modified Date = 01-05-2008 20:15:17 | Attr = HS] ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 22-05-2008 21:48:55 | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 3220111360 bytes | Modified Date = 23-05-2008 08:52:27 | Attr = HS] MSOCache -> %SystemDrive%\MSOCache -> [Folder | Modified Date = 06-04-2008 17:09:52 | Attr = RH ] NVIDIA -> %SystemDrive%\NVIDIA -> [Folder | Modified Date = 27-04-2008 14:30:24 | Attr = ] PerfLogs -> %SystemDrive%\PerfLogs -> [Folder | Modified Date = 23-04-2008 11:04:37 | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 23-05-2008 08:55:09 | Attr = R ] ProgramData -> %AllUsersProfile% -> [Folder | Modified Date = 18-05-2008 19:35:12 | Attr = H ] QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 22-05-2008 21:48:35 | Attr = ] sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 232 bytes | Modified Date = 21-04-2008 22:09:47 | Attr = H ] sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 232 bytes | Modified Date = 06-05-2008 10:05:46 | Attr = H ] sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 232 bytes | Modified Date = 06-05-2008 10:47:15 | Attr = H ] sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 232 bytes | Modified Date = 20-05-2008 22:17:11 | Attr = H ] sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 232 bytes | Modified Date = 21-05-2008 22:47:42 | Attr = H ] sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 232 bytes | Modified Date = 22-05-2008 11:25:33 | Attr = H ] sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 232 bytes | Modified Date = 22-05-2008 13:22:37 | Attr = H ] sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 232 bytes | Modified Date = 22-05-2008 14:18:36 | Attr = H ] sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 232 bytes | Modified Date = 22-05-2008 15:13:36 | Attr = H ] sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 21-04-2008 22:09:47 | Attr = H ] sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 06-05-2008 10:05:46 | Attr = H ] sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 06-05-2008 10:47:15 | Attr = H ] sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 20-05-2008 22:17:11 | Attr = H ] sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 21-05-2008 22:47:42 | Attr = H ] sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 22-05-2008 11:25:33 | Attr = H ] sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 22-05-2008 13:22:37 | Attr = H ] sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Modified Date = 22-05-2008 14:18:36 | Attr = H ] sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Modified Date = 22-05-2008 15:13:36 | Attr = H ] SWSETUP -> %SystemDrive%\SWSETUP -> [Folder | Modified Date = 05-05-2008 12:51:10 | Attr = ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 22-05-2008 21:40:04 | Attr = HS] System.sav -> %SystemDrive%\System.sav -> [Folder | Modified Date = 06-04-2008 16:33:34 | Attr = H ] Users -> %SystemDrive%\Users -> [Folder | Modified Date = 16-04-2008 20:28:45 | Attr = R ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 21-05-2008 21:37:20 | Attr = ] Windows -> %SystemRoot% -> [Folder | Modified Date = 22-05-2008 21:48:36 | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 22-05-2008 11:16:37 | Attr = ] 103C_HP_cNB_Pavilion dv6700 Notebook PC_Y5335KV_0U_QCNF80766NZ_E459053-DH1_4A_I30D0_SQuanta_V85.24_F.28_T080121_WV3-0_L406_M3071_J250_7AMD_8F82_92.00_#071108_N10DE0450;168C001C_(KN038EA#UUW)_XMOBILE_CN10_Z.MRK -> %SystemRoot%\System32\drivers\103C_HP_cNB_Pavilion dv6700 Notebook PC_Y5335KV_0U_QCNF80766NZ_E459053-DH1_4A_I30D0_SQuanta_V85.24_F.28_T080121_WV3-0_L406_M3071_J250_7AMD_8F82_92.00_#071108_N10DE0450;168C001C_(KN038EA#UUW)_XMOBILE_CN10_Z.MRK -> [Ver = | Size = 0 bytes | Modified Date = 06-04-2008 16:26:29 | Attr = RHS] aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 20560 bytes | Modified Date = 16-05-2008 01:16:06 | Attr = ] aswMonFlt.sys -> %SystemRoot%\System32\drivers\aswMonFlt.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 50768 bytes | Modified Date = 16-05-2008 01:18:00 | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 23152 bytes | Modified Date = 16-05-2008 01:15:29 | Attr = ] aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 78416 bytes | Modified Date = 16-05-2008 01:20:32 | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1201.0 | Size = 42912 bytes | Modified Date = 16-05-2008 01:14:11 | Attr = ] atksgt.sys -> %SystemRoot%\System32\drivers\atksgt.sys -> [Ver = | Size = 278984 bytes | Modified Date = 06-04-2008 21:02:46 | Attr = ] CHDRT32.sys -> %SystemRoot%\System32\drivers\CHDRT32.sys -> Conexant Systems Inc. [Ver = 4.36.7.0 built by: WinDDK | Size = 188416 bytes | Modified Date = 04-03-2008 02:32:00 | Attr = ] da-DK -> %SystemRoot%\System32\drivers\da-DK -> [Folder | Modified Date = 23-04-2008 11:05:06 | Attr = ] en-US -> %SystemRoot%\System32\drivers\en-US -> [Folder | Modified Date = 06-04-2008 18:42:15 | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 22-05-2008 11:30:47 | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 27 bytes | Modified Date = 22-05-2008 11:30:47 | Attr = ] lirsgt.sys -> %SystemRoot%\System32\drivers\lirsgt.sys -> [Ver = | Size = 25416 bytes | Modified Date = 06-04-2008 21:02:46 | Attr = ] Msft_Kernel_HpqKbFiltr_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 23-04-2008 11:00:16 | Attr = H ] Msft_Kernel_NuidFltr_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 09-04-2008 15:12:10 | Attr = H ] Msft_Kernel_SynTP_01000.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_SynTP_01000.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 26-02-2008 12:23:05 | Attr = H ] Msft_User_WpdFs_01_00_00.Wdf -> %SystemRoot%\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 23-04-2008 19:13:41 | Attr = H ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Modified Date = 18-05-2008 15:08:20 | Attr = ] sptd.sys -> %SystemRoot%\System32\drivers\sptd.sys -> [Ver = | Size = 685816 bytes | Modified Date = 06-04-2008 16:53:01 | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Modified Date = 23-04-2008 11:00:56 | Attr = ] Msft_User_WpdFs_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 08-04-2008 12:56:00 | Attr = H ] 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3296 bytes | Modified Date = 23-05-2008 08:52:35 | Attr = H ] 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3296 bytes | Modified Date = 23-05-2008 08:52:35 | Attr = H ] AdvancedInstallers -> %SystemRoot%\System32\AdvancedInstallers -> [Folder | Modified Date = 23-04-2008 11:05:08 | Attr = ] AGEIA -> %SystemRoot%\System32\AGEIA -> [Folder | Modified Date = 18-05-2008 19:36:41 | Attr = ] ar-SA -> %SystemRoot%\System32\ar-SA -> [Folder | Modified Date = 23-04-2008 11:05:04 | Attr = ] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 1152888 bytes | Modified Date = 16-05-2008 01:24:43 | Attr = ] AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1201, 0 | Size = 95608 bytes | Modified Date = 16-05-2008 01:12:36 | Attr = ] axaltocm.dll -> %SystemRoot%\System32\axaltocm.dll -> Gemalto, Inc. [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 82432 bytes | Modified Date = 23-04-2008 10:47:37 | Attr = ] Boot -> %SystemRoot%\System32\Boot -> [Folder | Modified Date = 23-04-2008 11:04:37 | Attr = ] catroot -> %SystemRoot%\System32\catroot -> [Folder | Modified Date = 22-05-2008 20:45:06 | Attr = ] catroot2 -> %SystemRoot%\System32\catroot2 -> [Folder | Modified Date = 22-05-2008 10:17:40 | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,223,0 | Size = 107888 bytes | Modified Date = 22-05-2008 20:27:54 | Attr = ] CnxtAp32.dll -> %SystemRoot%\System32\CnxtAp32.dll -> Conexant Systems Inc. [Ver = 4.36.7.0 | Size = 2125312 bytes | Modified Date = 04-03-2008 02:34:00 | Attr = ] com -> %SystemRoot%\System32\com -> [Folder | Modified Date = 23-04-2008 11:05:14 | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 22-05-2008 18:38:50 | Attr = ] config.nt -> %SystemRoot%\System32\config.nt -> [Ver = | Size = 2577 bytes | Modified Date = 22-05-2008 13:22:25 | Attr = ] cs-CZ -> %SystemRoot%\System32\cs-CZ -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] da -> %SystemRoot%\System32\da -> [Folder | Modified Date = 23-04-2008 11:05:04 | Attr = ] da-DK -> %SystemRoot%\System32\da-DK -> [Folder | Modified Date = 23-04-2008 11:05:14 | Attr = ] de -> %SystemRoot%\System32\de -> [Folder | Modified Date = 26-02-2008 12:37:50 | Attr = ] de-DE -> %SystemRoot%\System32\de-DE -> [Folder | Modified Date = 23-04-2008 11:05:09 | Attr = ] directx -> %SystemRoot%\System32\directx -> [Folder | Modified Date = 05-05-2008 21:28:50 | Attr = ] DivXCodecVersionChecker.exe -> %SystemRoot%\System32\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 0,0,0,0 | Size = 161096 bytes | Modified Date = 31-03-2008 23:25:52 | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 22-05-2008 21:45:04 | Attr = ] el-GR -> %SystemRoot%\System32\el-GR -> [Folder | Modified Date = 23-04-2008 11:05:09 | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 22-05-2008 21:47:36 | Attr = ] es -> %SystemRoot%\System32\es -> [Folder | Modified Date = 26-02-2008 12:37:50 | Attr = ] es-ES -> %SystemRoot%\System32\es-ES -> [Folder | Modified Date = 23-04-2008 11:05:06 | Attr = ] ff_vfw.dll -> %SystemRoot%\System32\ff_vfw.dll -> [Ver = | Size = 7680 bytes | Modified Date = 29-03-2008 01:41:32 | Attr = ] fi-FI -> %SystemRoot%\System32\fi-FI -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 381320 bytes | Modified Date = 16-05-2008 19:10:02 | Attr = ] fr -> %SystemRoot%\System32\fr -> [Folder | Modified Date = 26-02-2008 12:37:50 | Attr = ] fr-FR -> %SystemRoot%\System32\fr-FR -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] Hauppauge -> %SystemRoot%\System32\Hauppauge -> [Folder | Modified Date = 26-02-2008 12:27:03 | Attr = ] he-IL -> %SystemRoot%\System32\he-IL -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] hu-HU -> %SystemRoot%\System32\hu-HU -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] ias -> %SystemRoot%\System32\ias -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] ifxcardm.dll -> %SystemRoot%\System32\ifxcardm.dll -> Infineon Technologies AG [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 101888 bytes | Modified Date = 23-04-2008 10:47:38 | Attr = ] it -> %SystemRoot%\System32\it -> [Folder | Modified Date = 26-02-2008 12:37:50 | Attr = ] it-IT -> %SystemRoot%\System32\it-IT -> [Folder | Modified Date = 23-04-2008 11:05:09 | Attr = ] ja -> %SystemRoot%\System32\ja -> [Folder | Modified Date = 26-02-2008 12:37:51 | Attr = ] ja-JP -> %SystemRoot%\System32\ja-JP -> [Folder | Modified Date = 23-04-2008 11:05:06 | Attr = ] ko -> %SystemRoot%\System32\ko -> [Folder | Modified Date = 26-02-2008 12:37:51 | Attr = ] ko-KR -> %SystemRoot%\System32\ko-KR -> [Folder | Modified Date = 23-04-2008 11:05:12 | Attr = ] LOG -> %SystemRoot%\System32\LOG -> [Ver = | Size = 81 bytes | Modified Date = 06-04-2008 16:36:23 | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 16-05-2008 21:13:39 | Attr = ] manifeststore -> %SystemRoot%\System32\manifeststore -> [Folder | Modified Date = 23-04-2008 11:05:06 | Attr = ] migration -> %SystemRoot%\System32\migration -> [Folder | Modified Date = 23-04-2008 11:05:09 | Attr = ] migwiz -> %SystemRoot%\System32\migwiz -> [Folder | Modified Date = 23-04-2008 11:05:04 | Attr = ] nb-NO -> %SystemRoot%\System32\nb-NO -> [Folder | Modified Date = 23-04-2008 11:05:04 | Attr = ] NDF -> %SystemRoot%\System32\NDF -> [Folder | Modified Date = 06-04-2008 19:34:43 | Attr = ] nl-NL -> %SystemRoot%\System32\nl-NL -> [Folder | Modified Date = 23-04-2008 11:05:04 | Attr = ] nvuninst.exe -> %SystemRoot%\System32\nvuninst.exe -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Modified Date = 30-04-2008 17:27:42 | Attr = ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Modified Date = 23-04-2008 11:05:09 | Attr = ] perfc006.dat -> %SystemRoot%\System32\perfc006.dat -> [Ver = | Size = 77202 bytes | Modified Date = 16-05-2008 13:37:17 | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 101250 bytes | Modified Date = 16-05-2008 13:37:17 | Attr = ] perfh006.dat -> %SystemRoot%\System32\perfh006.dat -> [Ver = | Size = 463268 bytes | Modified Date = 16-05-2008 13:37:17 | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 587178 bytes | Modified Date = 16-05-2008 13:37:17 | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 1218596 bytes | Modified Date = 16-05-2008 13:37:17 | Attr = ] PhysX.cpl -> %SystemRoot%\System32\PhysX.cpl -> NVIDIA Corporation [Ver = 08, 04, 30, 0 | Size = 390432 bytes | Modified Date = 06-05-2008 16:54:56 | Attr = ] PhysXLoader.dll -> %SystemRoot%\System32\PhysXLoader.dll -> AGEIA Technologies, Inc. [Ver = 2, 8, 1, 4 | Size = 70944 bytes | Modified Date = 30-04-2008 13:55:16 | Attr = ] pl-PL -> %SystemRoot%\System32\pl-PL -> [Folder | Modified Date = 23-04-2008 11:05:06 | Attr = ] pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Modified Date = 30-03-2008 13:42:39 | Attr = ] pndx5016.dll -> %SystemRoot%\System32\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Modified Date = 30-03-2008 13:42:40 | Attr = ] pndx5032.dll -> %SystemRoot%\System32\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Modified Date = 30-03-2008 13:42:40 | Attr = ] PnkBstrA.exe -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 18-05-2008 15:06:43 | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 103736 bytes | Modified Date = 18-05-2008 15:08:03 | Attr = ] pt-BR -> %SystemRoot%\System32\pt-BR -> [Folder | Modified Date = 23-04-2008 11:05:04 | Attr = ] pt-PT -> %SystemRoot%\System32\pt-PT -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] restore -> %SystemRoot%\System32\restore -> [Folder | Modified Date = 06-04-2008 16:26:34 | Attr = ] rmoc3260.dll -> %SystemRoot%\System32\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.10.50 | Size = 185944 bytes | Modified Date = 30-03-2008 13:42:45 | Attr = ] ro-RO -> %SystemRoot%\System32\ro-RO -> [Folder | Modified Date = 23-04-2008 11:05:06 | Attr = ] ru -> %SystemRoot%\System32\ru -> [Folder | Modified Date = 26-02-2008 12:37:51 | Attr = ] ru-RU -> %SystemRoot%\System32\ru-RU -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] setup -> %SystemRoot%\System32\setup -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] SLUI -> %SystemRoot%\System32\SLUI -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] sv-SE -> %SystemRoot%\System32\sv-SE -> [Folder | Modified Date = 23-04-2008 11:05:07 | Attr = ] sysprep -> %SystemRoot%\System32\sysprep -> [Folder | Modified Date = 23-04-2008 11:05:09 | Attr = ] Tasks -> %SystemRoot%\System32\Tasks -> [Folder | Modified Date = 27-04-2008 20:53:45 | Attr = ] tr -> %SystemRoot%\System32\tr -> [Folder | Modified Date = 26-02-2008 12:37:51 | Attr = ] tr-TR -> %SystemRoot%\System32\tr-TR -> [Folder | Modified Date = 23-04-2008 11:05:05 | Attr = ] VSFilter.dll -> %SystemRoot%\System32\VSFilter.dll -> Gabest [Ver = 1, 0, 1, 4 | Size = 966656 bytes | Modified Date = 07-03-2008 00:29:44 | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 23-04-2008 11:05:05 | Attr = ] WDI -> %SystemRoot%\System32\WDI -> [Folder | Modified Date = 16-04-2008 21:49:26 | Attr = ] XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Modified Date = 23-04-2008 11:05:14 | Attr = ] yaywvTnM.dll -> %SystemRoot%\System32\yaywvTnM.dll -> [Ver = | Size = 58368 bytes | Modified Date = 16-05-2008 12:48:49 | Attr = ] zh-CN -> %SystemRoot%\System32\zh-CN -> [Folder | Modified Date = 23-04-2008 11:05:06 | Attr = ] zh-TW -> %SystemRoot%\System32\zh-TW -> [Folder | Modified Date = 23-04-2008 11:05:06 | Attr = ] hpsysdrv.dat -> %SystemRoot%\System\hpsysdrv.dat -> [Ver = | Size = 44 bytes | Modified Date = 06-04-2008 16:36:21 | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 23-04-2008 11:04:44 | Attr = ] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 22-05-2008 18:35:35 | Attr = R S] Boot -> %SystemRoot%\Boot -> [Folder | Modified Date = 23-04-2008 11:04:38 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 67584 bytes | Modified Date = 23-05-2008 08:52:31 | Attr = S] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 06-04-2008 18:23:42 | Attr = ] DigitalLocker -> %SystemRoot%\DigitalLocker -> [Folder | Modified Date = 23-04-2008 11:05:14 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 27-04-2008 14:33:13 | Attr = S] DPDrv -> %SystemRoot%\DPDrv -> [Folder | Modified Date = 26-02-2008 12:37:50 | Attr = ] ehome -> %SystemRoot%\ehome -> [Folder | Modified Date = 23-04-2008 11:05:18 | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 22-05-2008 11:28:57 | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 06-04-2008 17:13:47 | Attr = R S] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 26-02-2008 12:21:44 | Attr = ] IME -> %SystemRoot%\IME -> [Folder | Modified Date = 23-04-2008 11:05:14 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 22-05-2008 20:45:05 | Attr = ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 22-05-2008 20:45:41 | Attr = HS] L2Schemas -> %SystemRoot%\L2Schemas -> [Folder | Modified Date = 23-04-2008 11:05:14 | Attr = ] Logs -> %SystemRoot%\Logs -> [Folder | Modified Date = 24-04-2008 20:15:31 | Attr = ] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = | Size = 282171548 bytes | Modified Date = 22-05-2008 21:41:26 | Attr = ] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 22-05-2008 18:44:30 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 22-05-2008 21:41:33 | Attr = ] MSAgent -> %SystemRoot%\MSAgent -> [Folder | Modified Date = 23-04-2008 11:05:15 | Attr = ] msdownld.tmp -> %SystemRoot%\msdownld.tmp -> [Folder | Modified Date = 05-05-2008 21:28:35 | Attr = H ] Options -> %SystemRoot%\Options -> [Folder | Modified Date = 26-02-2008 12:26:41 | Attr = ] panther -> %SystemRoot%\panther -> [Folder | Modified Date = 07-04-2008 00:15:47 | Attr = ] patchw32.dll -> %SystemRoot%\patchw32.dll -> [Ver = | Size = 215144 bytes | Modified Date = 22-05-2008 20:12:17 | Attr = ] PCHEALTH -> %SystemRoot%\PCHEALTH -> [Folder | Modified Date = 06-04-2008 16:28:47 | Attr = ] PolicyDefinitions -> %SystemRoot%\PolicyDefinitions -> [Folder | Modified Date = 23-04-2008 11:05:14 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 22-05-2008 23:01:16 | Attr = ] rescache -> %SystemRoot%\rescache -> [Folder | Modified Date = 26-04-2008 21:22:33 | Attr = ] servicing -> %SystemRoot%\servicing -> [Folder | Modified Date = 23-04-2008 11:05:18 | Attr = ] ShellNew -> %SystemRoot%\ShellNew -> [Folder | Modified Date = 06-04-2008 17:14:06 | Attr = ] SMINST -> %SystemRoot%\SMINST -> [Folder | Modified Date = 06-04-2008 16:36:28 | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 06-04-2008 18:14:35 | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 22-04-2008 10:14:32 | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 06-04-2008 16:36:21 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 215 bytes | Modified Date = 22-05-2008 21:47:36 | Attr = ] System32 -> %SystemRoot%\System32 -> [Folder | Modified Date = 23-05-2008 08:59:47 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 27-04-2008 20:53:45 | Attr = ] TEMP -> %SystemRoot%\TEMP -> [Folder | Modified Date = 23-05-2008 08:57:59 | Attr = ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 23-04-2008 11:13:25 | Attr = RH ] winsxs -> %SystemRoot%\winsxs -> [Folder | Modified Date = 13-05-2008 20:58:10 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 23-05-2008 08:52:38 | Attr = H ] Uniblue SpeedUpMyPC Nag.job -> %SystemRoot%\tasks\Uniblue SpeedUpMyPC Nag.job -> [Ver = | Size = 268 bytes | Modified Date = 17-05-2008 20:59:00 | Attr = ] Uniblue SpeedUpMyPC.job -> %SystemRoot%\tasks\Uniblue SpeedUpMyPC.job -> [Ver = | Size = 390 bytes | Modified Date = 27-04-2008 20:53:45 | Attr = ] User_Feed_Synchronization-{B414613E-EE91-4E26-84CD-7395231C5DBE}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{B414613E-EE91-4E26-84CD-7395231C5DBE}.job -> [Ver = | Size = 420 bytes | Modified Date = 23-05-2008 08:56:07 | Attr = H ] C:\ProgramData\Microsoft\Network\Downloader\ -> C:\ProgramData\Microsoft\Network\Downloader -> [Folder | Modified Date = 02-11-2006 15:04:06 | Attr = ] qmgr0.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4194304 bytes | Modified Date = 20-05-2008 22:06:34 | Attr = ] qmgr1.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4194304 bytes | Modified Date = 20-05-2008 22:06:34 | Attr = ] C:\ProgramData\Microsoft\OFFICE\DATA\ -> C:\ProgramData\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 08-04-2008 12:23:29 | Attr = ] opa12.dat -> C:\ProgramData\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8206 bytes | Modified Date = 08-04-2008 12:23:29 | Attr = ] C:\ProgramData\Microsoft\RAC\PublishedData\ -> C:\ProgramData\Microsoft\RAC\PublishedData -> [Folder | Modified Date = 07-04-2008 17:04:07 | Attr = ] PublishedRacMonAFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonAFLTable.DAT -> [Ver = | Size = 7452 bytes | Modified Date = 22-05-2008 09:48:16 | Attr = ] PublishedRacMonCLKTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonCLKTable.DAT -> [Ver = | Size = 0 bytes | Modified Date = 22-05-2008 09:48:16 | Attr = ] PublishedRacMonHFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonHFLTable.DAT -> [Ver = | Size = 0 bytes | Modified Date = 22-05-2008 09:48:16 | Attr = ] PublishedRacMonIndex.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonIndex.DAT -> [Ver = | Size = 1104 bytes | Modified Date = 22-05-2008 09:48:15 | Attr = ] PublishedRacMonOSFTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonOSFTable.DAT -> [Ver = | Size = 1104 bytes | Modified Date = 22-05-2008 09:48:16 | Attr = ] PublishedRacMonSWITable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonSWITable.DAT -> [Ver = | Size = 138308 bytes | Modified Date = 22-05-2008 09:48:15 | Attr = ] C:\ProgramData\Microsoft\User Account Pictures\ -> C:\ProgramData\Microsoft\User Account Pictures -> [Folder | Modified Date = 16-04-2008 20:28:46 | Attr = ] Bent.dat -> C:\ProgramData\Microsoft\User Account Pictures\Bent.dat -> [Ver = | Size = 0 bytes | Modified Date = 06-04-2008 16:25:21 | Attr = ] Maria.dat -> C:\ProgramData\Microsoft\User Account Pictures\Maria.dat -> [Ver = | Size = 0 bytes | Modified Date = 16-04-2008 20:28:46 | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Adobe -> [Folder | Modified Date = 07-04-2008 19:57:08 | Attr = ] Atheros -> %AllUsersProfile%\Atheros -> [Folder | Modified Date = 26-02-2008 12:26:36 | Attr = ] Azureus -> %AllUsersProfile%\Azureus -> [Folder | Modified Date = 06-04-2008 17:48:50 | Attr = ] BM38bbed8b.xml -> %AllUsersProfile%\BM38bbed8b.xml -> [Ver = | Size = 109807 bytes | Modified Date = 19-05-2008 20:44:02 | Attr = ] CyberLink -> %AllUsersProfile%\CyberLink -> [Folder | Modified Date = 25-04-2008 20:22:59 | Attr = ] DAEMON Tools Pro -> %AllUsersProfile%\DAEMON Tools Pro -> [Folder | Modified Date = 06-04-2008 17:59:23 | Attr = ] ezsid.dat -> %AllUsersProfile%\ezsid.dat -> [Ver = | Size = 32 bytes | Modified Date = 17-04-2008 19:37:58 | Attr = ] Hewlett-Packard -> %AllUsersProfile%\Hewlett-Packard -> [Folder | Modified Date = 26-02-2008 12:30:10 | Attr = ] HP -> %AllUsersProfile%\HP -> [Folder | Modified Date = 08-04-2008 12:21:20 | Attr = ] Macrovision -> %AllUsersProfile%\Macrovision -> [Folder | Modified Date = 26-02-2008 12:37:47 | Attr = ] Microsoft -> %AllUsersProfile%\Microsoft -> [Folder | Modified Date = 09-04-2008 17:12:51 | Attr = S] Microsoft Help -> %AllUsersProfile%\Microsoft Help -> [Folder | Modified Date = 22-05-2008 18:35:35 | Attr = ] NVIDIA -> %AllUsersProfile%\NVIDIA -> [Folder | Modified Date = 23-04-2008 11:25:00 | Attr = ] pskt.ini -> %AllUsersProfile%\pskt.ini -> [Ver = | Size = 22 bytes | Modified Date = 19-05-2008 21:06:06 | Attr = ] Skype -> %AllUsersProfile%\Skype -> [Folder | Modified Date = 17-04-2008 19:34:50 | Attr = ] Symantec -> %AllUsersProfile%\Symantec -> [Folder | Modified Date = 08-04-2008 23:12:00 | Attr = ] THQ -> %AllUsersProfile%\THQ -> [Folder | Modified Date = 18-05-2008 19:35:12 | Attr = ] Ubisoft -> %AllUsersProfile%\Ubisoft -> [Folder | Modified Date = 09-04-2008 09:28:00 | Attr = ] WLInstaller -> %AllUsersProfile%\WLInstaller -> [Folder | Modified Date = 07-04-2008 19:44:32 | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 20-04-2008 13:14:25 | Attr = ] Azureus -> %AppData%\Azureus -> [Folder | Modified Date = 22-05-2008 14:09:48 | Attr = ] CyberLink -> %AppData%\CyberLink -> [Folder | Modified Date = 08-04-2008 12:56:50 | Attr = ] DAEMON Tools Pro -> %AppData%\DAEMON Tools Pro -> [Folder | Modified Date = 06-04-2008 17:59:09 | Attr = ] DigitalPersona -> %AppData%\DigitalPersona -> [Folder | Modified Date = 06-04-2008 16:36:51 | Attr = ] DivX -> %AppData%\DivX -> [Folder | Modified Date = 06-04-2008 22:17:57 | Attr = ] dvdcss -> %AppData%\dvdcss -> [Folder | Modified Date = 25-04-2008 20:25:33 | Attr = ] Google -> %AppData%\Google -> [Folder | Modified Date = 17-04-2008 19:55:49 | Attr = ] Hewlett-Packard -> %AppData%\Hewlett-Packard -> [Folder | Modified Date = 06-04-2008 16:33:48 | Attr = ] HP -> %AppData%\HP -> [Folder | Modified Date = 08-04-2008 12:21:20 | Attr = ] Identities -> %AppData%\Identities -> [Folder | Modified Date = 06-04-2008 16:36:35 | Attr = ] InstallShield -> %AppData%\InstallShield -> [Folder | Modified Date = 09-04-2008 09:10:29 | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Modified Date = 06-04-2008 16:34:26 | Attr = ] Macrovision -> %AppData%\Macrovision -> [Folder | Modified Date = 06-04-2008 16:26:24 | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Modified Date = 16-05-2008 14:01:38 | Attr = S] nvModes.001 -> %AppData%\nvModes.001 -> [Ver = | Size = 194788 bytes | Modified Date = 23-05-2008 08:54:43 | Attr = ] nvModes.dat -> %AppData%\nvModes.dat -> [Ver = | Size = 194788 bytes | Modified Date = 22-05-2008 21:17:37 | Attr = ] Real -> %AppData%\Real -> [Folder | Modified Date = 27-04-2008 20:30:21 | Attr = ] SeriousBit -> %AppData%\SeriousBit -> [Folder | Modified Date = 27-04-2008 14:39:32 | Attr = ] Skype -> %AppData%\Skype -> [Folder | Modified Date = 22-04-2008 21:58:49 | Attr = ] skypePM -> %AppData%\skypePM -> [Folder | Modified Date = 22-04-2008 21:31:48 | Attr = ] Symantec -> %AppData%\Symantec -> [Folder | Modified Date = 06-04-2008 16:37:18 | Attr = ] Ubisoft -> %AppData%\Ubisoft -> [Folder | Modified Date = 09-04-2008 09:28:00 | Attr = ] Uniblue -> %AppData%\Uniblue -> [Folder | Modified Date = 27-04-2008 21:04:05 | Attr = ] vlc -> %AppData%\vlc -> [Folder | Modified Date = 20-04-2008 13:12:31 | Attr = ] Adobe -> %UserProfile%\AppData\Local\Adobe -> [Folder | Modified Date = 07-04-2008 19:51:02 | Attr = ] Application Data -> %UserProfile%\AppData\Local\Application Data -> [Folder | Modified Date = 06-04-2008 16:25:21 | Attr = HS] Apps -> %UserProfile%\AppData\Local\Apps -> [Folder | Modified Date = 06-04-2008 20:53:26 | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 67072 bytes | Modified Date = 22-05-2008 15:11:24 | Attr = ] DigitalPersona -> %UserProfile%\AppData\Local\DigitalPersona -> [Folder | Modified Date = 06-04-2008 16:36:51 | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\AppData\Local\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 103160 bytes | Modified Date = 16-05-2008 14:00:22 | Attr = ] Google -> %UserProfile%\AppData\Local\Google -> [Folder | Modified Date = 17-04-2008 19:55:49 | Attr = ] IconCache.db -> %UserProfile%\AppData\Local\IconCache.db -> [Ver = | Size = 3457629 bytes | Modified Date = 22-05-2008 23:03:04 | Attr = H ] Microsoft -> %UserProfile%\AppData\Local\Microsoft -> [Folder | Modified Date = 16-05-2008 14:09:39 | Attr = ] Microsoft Games -> %UserProfile%\AppData\Local\Microsoft Games -> [Folder | Modified Date = 27-04-2008 11:07:12 | Attr = ] Microsoft Help -> %UserProfile%\AppData\Local\Microsoft Help -> [Folder | Modified Date = 06-04-2008 17:11:35 | Attr = ] Oversigt -> %UserProfile%\AppData\Local\Oversigt -> [Folder | Modified Date = 06-04-2008 16:25:21 | Attr = HS] PunkBuster -> %UserProfile%\AppData\Local\PunkBuster -> [Folder | Modified Date = 18-05-2008 15:06:36 | Attr = ] QuickPlay -> %UserProfile%\AppData\Local\QuickPlay -> [Folder | Modified Date = 08-04-2008 17:05:12 | Attr = ] Temp -> %UserProfile%\AppData\Local\Temp -> [Folder | Modified Date = 23-05-2008 09:00:09 | Attr = ] Temporary Internet Files -> %UserProfile%\AppData\Local\Temporary Internet Files -> [Folder | Modified Date = 06-04-2008 16:25:21 | Attr = HS] The Witcher -> %UserProfile%\AppData\Local\The Witcher -> [Folder | Modified Date = 16-05-2008 20:31:21 | Attr = ] VirtualStore -> %UserProfile%\AppData\Local\VirtualStore -> [Folder | Modified Date = 13-04-2008 10:55:53 | Attr = ] Zattoo -> %UserProfile%\AppData\Local\Zattoo -> [Folder | Modified Date = 25-04-2008 23:44:43 | Attr = ] ZattooPlayer -> %UserProfile%\AppData\Local\ZattooPlayer -> [Folder | Modified Date = 25-04-2008 23:42:31 | Attr = ] desktop.ini -> %SystemDrive%\Users\Public\Documents\desktop.ini -> [Ver = | Size = 280 bytes | Modified Date = 23-04-2008 11:13:25 | Attr = HS] hpqp.ini -> %SystemDrive%\Users\Public\Documents\hpqp.ini -> [Ver = | Size = 163 bytes | Modified Date = 23-05-2008 08:54:31 | Attr = ] MCE Logs -> %SystemDrive%\Users\Public\Documents\MCE Logs -> [Folder | Modified Date = 06-04-2008 20:37:36 | Attr = HS] 01 Violet Hill.MP3 -> %UserProfile%\Documents\01 Violet Hill.MP3 -> [Ver = | Size = 5675037 bytes | Modified Date = 28-04-2008 12:29:34 | Attr = ] Assistentopgave om Hypovolæmisk shock.docx -> %UserProfile%\Documents\Assistentopgave om Hypovolæmisk shock.docx -> [Ver = | Size = 11618 bytes | Modified Date = 08-04-2008 14:02:09 | Attr = ] Azureus Downloads -> %UserProfile%\Documents\Azureus Downloads -> [Folder | Modified Date = 19-05-2008 20:54:45 | Attr = ] BackupRegistry(20080427).reg -> %UserProfile%\Documents\BackupRegistry(20080427).reg -> [Ver = | Size = 229363620 bytes | Modified Date = 27-04-2008 17:18:02 | Attr = ] BackupRegistry(200804272).reg -> %UserProfile%\Documents\BackupRegistry(200804272).reg -> [Ver = | Size = 208148458 bytes | Modified Date = 27-04-2008 20:04:54 | Attr = ] Billeder -> %UserProfile%\Documents\Billeder -> [Folder | Modified Date = 06-04-2008 16:25:21 | Attr = HS] coldplay_violethill.zip -> %UserProfile%\Documents\coldplay_violethill.zip -> [Ver = | Size = 5652733 bytes | Modified Date = 30-04-2008 08:52:14 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Documents\coldplay_violethill.zip:Zone.Identifier desktop.ini -> %UserProfile%\Documents\desktop.ini -> [Ver = | Size = 402 bytes | Modified Date = 06-04-2008 16:36:44 | Attr = HS] Mine delemapper.lnk -> %UserProfile%\Documents\Mine delemapper.lnk -> [Ver = | Size = 487 bytes | Modified Date = 22-05-2008 22:14:46 | Attr = ] Modtagne filer -> %UserProfile%\Documents\Modtagne filer -> [Folder | Modified Date = 28-04-2008 12:49:06 | Attr = ] Musik -> %UserProfile%\Documents\Musik -> [Folder | Modified Date = 06-04-2008 16:25:21 | Attr = HS] My Games -> %UserProfile%\Documents\My Games -> [Folder | Modified Date = 18-05-2008 20:38:22 | Attr = ] My Web Sites -> %UserProfile%\Documents\My Web Sites -> [Folder | Modified Date = 16-05-2008 14:03:45 | Attr = S] NFS ProStreet -> %UserProfile%\Documents\NFS ProStreet -> [Folder | Modified Date = 18-05-2008 15:14:42 | Attr = ] The Witcher -> %UserProfile%\Documents\The Witcher -> [Folder | Modified Date = 06-04-2008 21:11:37 | Attr = ] Videoer -> %UserProfile%\Documents\Videoer -> [Folder | Modified Date = 06-04-2008 16:25:21 | Attr = HS] DAEMON Tools Pro.lnk -> %SystemDrive%\Users\Public\Desktop\DAEMON Tools Pro.lnk -> [Ver = | Size = 1717 bytes | Modified Date = 06-04-2008 17:56:06 | Attr = ] desktop.ini -> %SystemDrive%\Users\Public\Desktop\desktop.ini -> [Ver = | Size = 174 bytes | Modified Date = 23-04-2008 11:13:25 | Attr = HS] Skype.lnk -> %SystemDrive%\Users\Public\Desktop\Skype.lnk -> [Ver = | Size = 2367 bytes | Modified Date = 22-04-2008 21:56:11 | Attr = ] VLC media player.lnk -> %SystemDrive%\Users\Public\Desktop\VLC media player.lnk -> [Ver = | Size = 859 bytes | Modified Date = 20-04-2008 13:12:15 | Attr = ] 175.16_geforce_winvista_32bit_english_whql.exe -> %UserProfile%\Desktop\175.16_geforce_winvista_32bit_english_whql.exe -> NVIDIA Corporation [Ver = | Size = 38055000 bytes | Modified Date = 22-05-2008 22:21:53 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\175.16_geforce_winvista_32bit_english_whql.exe:Zone.Identifier adecco.pdf -> %UserProfile%\Desktop\adecco.pdf -> [Ver = | Size = 182996 bytes | Modified Date = 15-05-2008 22:01:31 | Attr = ] b-flu102.7z -> %UserProfile%\Desktop\b-flu102.7z -> [Ver = | Size = 8289845 bytes | Modified Date = 22-05-2008 20:31:17 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\b-flu102.7z:Zone.Identifier battery.nfo -> %UserProfile%\Desktop\battery.nfo -> [Ver = | Size = 5428 bytes | Modified Date = 01-04-2008 11:41:35 | Attr = ] ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe -> [Ver = | Size = 1819998 bytes | Modified Date = 22-05-2008 11:18:58 | Attr = ] desktop.ini -> %UserProfile%\Desktop\desktop.ini -> [Ver = | Size = 282 bytes | Modified Date = 06-04-2008 16:36:44 | Attr = HS] EFIS_Patch_All_to_v1.0.2.exe -> %UserProfile%\Desktop\EFIS_Patch_All_to_v1.0.2.exe -> [Ver = | Size = 192363934 bytes | Modified Date = 22-05-2008 20:12:05 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\EFIS_Patch_All_to_v1.0.2.exe:Zone.Identifier FLV Player.lnk -> %UserProfile%\Desktop\FLV Player.lnk -> [Ver = | Size = 823 bytes | Modified Date = 20-04-2008 13:14:20 | Attr = ] Free-SpyHunter-Scanner-ri-Install.exe -> %UserProfile%\Desktop\Free-SpyHunter-Scanner-ri-Install.exe -> [Ver = 3.4 | Size = 7605608 bytes | Modified Date = 21-05-2008 21:07:57 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\Free-SpyHunter-Scanner-ri-Install.exe:Zone.Identifier Guru3D.com -> %UserProfile%\Desktop\Guru3D.com -> [Folder | Modified Date = 22-05-2008 22:33:49 | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1874 bytes | Modified Date = 21-05-2008 21:22:35 | Attr = ] openal32.rar -> %UserProfile%\Desktop\openal32.rar -> [Ver = | Size = 44522 bytes | Modified Date = 22-05-2008 19:57:38 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\openal32.rar:Zone.Identifier OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.2 | Size = 291328 bytes | Modified Date = 22-05-2008 11:15:55 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 23-05-2008 08:58:53 | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 544324 bytes | Modified Date = 23-05-2008 08:57:59 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier RivaTuner209-[Guru3D.com].exe -> %UserProfile%\Desktop\RivaTuner209-[Guru3D.com].exe -> [Ver = | Size = 2393870 bytes | Modified Date = 22-05-2008 22:33:43 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\RivaTuner209-[Guru3D.com].exe:Zone.Identifier VirtumundoBeGone.exe -> %UserProfile%\Desktop\VirtumundoBeGone.exe -> Business Information Solutions [Ver = 1.5 | Size = 96978 bytes | Modified Date = 21-05-2008 22:09:11 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\VirtumundoBeGone.exe:Zone.Identifier Vista Manager.lnk -> %UserProfile%\Desktop\Vista Manager.lnk -> [Ver = | Size = 2561 bytes | Modified Date = 22-05-2008 17:36:10 | Attr = ] VundoFix.exe -> %UserProfile%\Desktop\VundoFix.exe -> Atribune.org [Ver = 7.00.0005 | Size = 214528 bytes | Modified Date = 21-05-2008 21:37:08 | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\VundoFix.exe:Zone.Identifier desktop.ini -> %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 174 bytes | Modified Date = 23-04-2008 11:13:25 | Attr = HS] desktop.ini -> %AppData%\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 174 bytes | Modified Date = 06-04-2008 16:36:44 | Attr = HS] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 07-04-2008 19:57:17 | Attr = ] DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Modified Date = 06-04-2008 17:14:09 | Attr = ] LightScribe -> %CommonProgramFiles%\LightScribe -> [Folder | Modified Date = 06-04-2008 16:28:26 | Attr = ] microsoft shared -> %CommonProgramFiles%\microsoft shared -> [Folder | Modified Date = 08-04-2008 21:11:57 | Attr = ] Real -> %CommonProgramFiles%\Real -> [Folder | Modified Date = 18-04-2008 11:43:01 | Attr = ] Skype -> %CommonProgramFiles%\Skype -> [Folder | Modified Date = 17-04-2008 19:34:47 | Attr = ] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 08-04-2008 23:13:41 | Attr = ] System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 23-04-2008 11:05:18 | Attr = ] WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller -> [Folder | Modified Date = 07-04-2008 19:45:53 | Attr = HS] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 22-05-2008 20:45:38 | Attr = ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]