[code] OTScanIt logfile created on: 7/9/2008 4:30:17 PM OTScanIt by OldTimer - Version 1.0.16.1 Folder = H:\Documents and Settings\Stearns\Desktop\OTScanIt Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 70.58% Memory free 3.85 Gb Paging File | 3.44 Gb Available in Paging File | 89.36% Paging File free Paging file location(s): H:\pagefile.sys 2046 4092; %SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files Drive C: | 256.31 Gb Total Space | 169.08 Gb Free Space | 65.97% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 31.73 Gb Total Space | 21.18 Gb Free Space | 66.75% Space Free | Partition Type: NTFS Drive I: | 600.95 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: STEPHEN Current User Name: Stearns Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> Lavasoft [Ver = 7,1,0,12 | Size = 611664 bytes | Modified Date = 6/4/2008 5:49:09 PM | Attr = ] avgwdsvc.exe -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 231192 bytes | Modified Date = 6/4/2008 5:50:19 PM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 163908 bytes | Modified Date = 6/1/2007 5:19:00 PM | Attr = ] pnkbstra.exe -> %SystemRoot%\system32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 5/26/2008 7:53:56 PM | Attr = ] wlservice.exe -> %ProgramFiles%\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -> GEMTEKS [Ver = 1, 0, 0, 4 | Size = 41025 bytes | Modified Date = 2/6/2004 10:56:14 PM | Attr = ] wmp54gv4.exe -> %ProgramFiles%\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe -> Linksys [Ver = 1.0.1.8 | Size = 5238272 bytes | Modified Date = 11/16/2005 7:49:44 PM | Attr = ] avgrsx.exe -> %ProgramFiles%\AVG\AVG8\avgrsx.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 287000 bytes | Modified Date = 6/4/2008 5:50:17 PM | Attr = ] avgemc.exe -> %ProgramFiles%\AVG\AVG8\avgemc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 873752 bytes | Modified Date = 6/4/2008 5:50:20 PM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_06\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 144784 bytes | Modified Date = 3/25/2008 4:28:02 AM | Attr = ] ctsvolfe.exe -> %ProgramFiles%\Creative\Mixer\CTSVolFE.exe -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 57344 bytes | Modified Date = 2/23/2005 3:57:24 PM | Attr = ] stsystra.exe -> %SystemRoot%\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4991.0 nd444 cp1 | Size = 282624 bytes | Modified Date = 3/20/2006 4:00:04 PM | Attr = ] avgtray.exe -> %ProgramFiles%\AVG\AVG8\avgtray.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 1232152 bytes | Modified Date = 6/4/2008 5:50:23 PM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.1 | Size = 396800 bytes | Modified Date = 7/5/2008 11:19:06 AM | Attr = ] [Win32 Services - Non-Microsoft Only] (aawservice) Lavasoft Ad-Aware Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> Lavasoft [Ver = 7,1,0,12 | Size = 611664 bytes | Modified Date = 6/4/2008 5:49:09 PM | Attr = ] (avg8emc) AVG8 E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgemc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 873752 bytes | Modified Date = 6/4/2008 5:50:20 PM | Attr = ] (avg8wd) AVG8 WatchDog [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 231192 bytes | Modified Date = 6/4/2008 5:50:19 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 3:56:48 AM | Attr = ] (LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_2.EXE -> Symantec Corporation [Ver = 3.2.0.26 | Size = 2541248 bytes | Modified Date = 10/31/2006 10:32:09 AM | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 163908 bytes | Modified Date = 6/1/2007 5:19:00 PM | Attr = ] (PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 5/26/2008 7:53:56 PM | Attr = ] (WMP54Gv4SVC) WMP54Gv4SVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -> GEMTEKS [Ver = 1, 0, 0, 4 | Size = 41025 bytes | Modified Date = 2/6/2004 10:56:14 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 1/11/2008 10:16:38 PM | Attr = ] AVG8_TRAY -> %ProgramFiles%\AVG\AVG8\avgtray.exe [H:\PROGRA~1\AVG\AVG8\avgtray.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 1232152 bytes | Modified Date = 6/4/2008 5:50:23 PM | Attr = ] CTSVolFE.exe -> %ProgramFiles%\Creative\Mixer\CTSVolFE.exe ["H:\Program Files\Creative\Mixer\CTSVolFE.exe" /r] -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 57344 bytes | Modified Date = 2/23/2005 3:57:24 PM | Attr = ] NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE H:\WINDOWS\System32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 8429568 bytes | Modified Date = 6/1/2007 5:19:00 PM | Attr = ] NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll [RUNDLL32.EXE H:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 81920 bytes | Modified Date = 6/1/2007 5:19:00 PM | Attr = ] nwiz -> %SystemRoot%\system32\nwiz.exe [nwiz.exe /install] -> [Ver = | Size = 1630208 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] SigmatelSysTrayApp -> %SystemRoot%\stsystra.exe [stsystra.exe] -> SigmaTel, Inc. [Ver = 1.0.4991.0 nd444 cp1 | Size = 282624 bytes | Modified Date = 3/20/2006 4:00:04 PM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_06\bin\jusched.exe ["H:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 144784 bytes | Modified Date = 3/25/2008 4:28:02 AM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < All Users Startup Folder > -> H:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Default User Startup Folder > -> H:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Stearns Startup Folder > -> H:\Documents and Settings\Stearns\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> %ProgramFiles%\ERUNT\AUTOBACK.EXE -> [Ver = | Size = 38912 bytes | Modified Date = 10/20/2005 12:04:08 PM | Attr = ] < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> avgrsstx.dll -> %SystemRoot%\system32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Modified Date = 6/4/2008 5:50:17 PM | Attr = ] *MultiFile Done* -> -> < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Size = 1033216 bytes | Modified Date = 6/13/2007 6:23:07 AM | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> H:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 8/4/2004 3:56:57 AM | Attr = ] *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 514560 bytes | Modified Date = 8/4/2004 3:56:50 AM | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 10/25/2007 11:34:01 PM | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Modified Date = 8/4/2004 3:56:57 AM | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004] > -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004] > -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> SCSI miniport -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [System32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 8/4/2004 1:59:52 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found TORiSAN CD-ROM CDR_C36 -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomPBDS_DVD+-RW_DH-16W1S___________________2D14____\5&2498bea5&0&0.0.0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 1 -> < Drives - Autoruns > -> -> autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [Ver = | Size = 24 bytes | Modified Date = 9/18/2006 5:43:36 PM | Attr = ] Autorun.exe [MZ | ] -> I:\Autorun.exe [ CDFS ] -> [Ver = 1, 0, 0, 1 | Size = 893007 bytes | Modified Date = 3/14/2003 11:27:46 AM | Attr = R ] Autorun.inf [[autorun] | open=AUTORUN.EXE | Icon=bf1942.ico | Name=Battlefield 1942 CD 1 | Label=Battlefield 1942 CD 1 | | ] -> I:\Autorun.inf [ CDFS ] -> [Ver = | Size = 105 bytes | Modified Date = 7/21/2002 4:12:28 PM | Attr = R ] < HOSTS File > (243411 bytes) -> H:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> H:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://gotfrag.com/ -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\] > -> -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\: Main\\Local Page -> H:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\: Main\\Start Page -> http://gotfrag.com/ -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4497 domain(s) found. -> 36 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4496 domain(s) found. -> 35 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4496 domain(s) found. -> 35 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4496 domain(s) found. -> 35 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4496 domain(s) found. -> 35 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4496 domain(s) found. -> 35 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\] > -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4496 domain(s) found. -> 35 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\] > -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 11:08:42 PM | Attr = ] {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgssie.dll [AVG Safe Search] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.136 | Size = 455960 bytes | Modified Date = 6/4/2008 5:50:20 PM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] {A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> AVG, Technologies CZ, s.r.o [Ver = 5.0.2.400 | Size = 2055960 bytes | Modified Date = 6/4/2008 5:50:22 PM | Attr = ] < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\] > -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> AVG, Technologies CZ, s.r.o [Ver = 5.0.2.400 | Size = 2055960 bytes | Modified Date = 6/4/2008 5:50:22 PM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> AVG, Technologies CZ, s.r.o [Ver = 5.0.2.400 | Size = 2055960 bytes | Modified Date = 6/4/2008 5:50:22 PM | Attr = ] < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\] > -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> AVG, Technologies CZ, s.r.o [Ver = 5.0.2.400 | Size = 2055960 bytes | Modified Date = 6/4/2008 5:50:22 PM | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\npjpi160_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 132496 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\npjpi160_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 132496 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\npjpi160_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 132496 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\npjpi160_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 132496 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\] > -> HKEY_USERS\S-1-5-21-725345543-1715567821-839522115-1004\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\npjpi160_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 132496 bytes | Modified Date = 3/25/2008 4:28:01 AM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {18FA6CDD-C3EE-482C-831F-FB6122E85D65} -> (Intel(R) 82566DC Gigabit Network Connection) -> {190028A5-668B-4EDF-9F8C-561B1E9F1F47} -> (Linksys Wireless-G PCI Adapter) -> < Default Protocols [HKEY_USERS\.DEFAULT\] - Select to Repair > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-18\] - Select to Repair > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgpp.dll[XPLPPFilter Class] -> AVG Technologies CZ, s.r.o. [Ver = | Size = 79128 bytes | Modified Date = 6/4/2008 5:50:20 PM | Attr = ] msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}[HKEY_LOCAL_MACHINE] -> http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab[ActiveScan 2.0 Installer Class] -> {6414512B-B978-451D-A0D8-FCFDF33E833C}[HKEY_LOCAL_MACHINE] -> http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211744901000[WUWebControl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/Downloaded Program Files/as2stubie.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/Downloaded Program Files/as2stubie.dll\\.Owner -> {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/Downloaded Program Files/as2stubie.dll\\{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/atl.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/atl.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/atl.dll\\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/danim.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/danim.dll\\.Owner -> DirectXMediaWebInstall -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/danim.dll\\DirectXMediaWebInstall -> DirectXMediaWebInstall -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/ddrawex.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/ddrawex.dll\\.Owner -> DirectXMediaWebInstall -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/ddrawex.dll\\DirectXMediaWebInstall -> DirectXMediaWebInstall -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/quartz.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/quartz.dll\\.Owner -> DirectXMediaWebInstall -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/system32/quartz.dll\\DirectXMediaWebInstall -> DirectXMediaWebInstall -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/System32/wuweb.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/System32/wuweb.dll\\.Owner -> {6414512B-B978-451D-A0D8-FCFDF33E833C} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/System32/wuweb.dll\\{6414512B-B978-451D-A0D8-FCFDF33E833C} -> -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 3:56:43 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> 0 [binary data] -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 6/15/2005 1:49:30 PM | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 3:56:43 AM | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 10:21:15 AM | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 3/24/2006 12:37:50 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 796 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/4/2004 3:56:44 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> %SystemRoot%\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/4/2004 3:56:44 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> 9F 2C BC 6A 2C 7B C4 31 05 8C 15 3C 36 97 E1 8E 63 63 33 33 64 39 36 61 00 68 07 00 01 00 00 00 D8 00 00 00 E0 00 00 00 48 FA 06 00 D6 48 5A 74 04 00 00 00 A0 FD 06 00 B8 FD 06 00 5F FC A6 84 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> DE AA A2 69 BB 48 70 B3 CE [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> F5 38 56 97 4B F0 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> 53 0E FF 6F 76 2E 24 81 76 2B 70 1A D6 20 35 4E [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> 34 41 39 A0 9A C9 C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> 00 D9 4A 94 F8 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> 00 D9 4A 94 F8 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> 80 6F E3 94 F8 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe [%SystemRoot%\System32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 3:56:57 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 638 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/4/2004 3:56:42 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 3:56:56 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 8:44:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 3:56:56 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 8:44:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\H:\Program Files\AVG\AVG8\avgupd.exe -> %ProgramFiles%\AVG\AVG8\avgupd.exe [H:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 640280 bytes | Modified Date = 6/4/2008 9:14:32 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\H:\Program Files\AVG\AVG8\avgemc.exe -> %ProgramFiles%\AVG\AVG8\avgemc.exe [H:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 873752 bytes | Modified Date = 6/4/2008 5:50:20 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Steam\steamapps\kung48fu\counter-strike\hl.exe -> C:\Program Files\Steam\steamapps\kung48fu\counter-strike\hl.exe [C:\Program Files\Steam\steamapps\kung48fu\counter-strike\hl.exe:*:Disabled:Half-Life Launcher] -> Valve [Ver = 1, 1, 1, 1 | Size = 81920 bytes | Modified Date = 7/9/2008 3:45:32 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\mIRC\mirc.exe -> C:\Program Files\mIRC\mirc.exe [C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC] -> mIRC Co. Ltd. [Ver = 6.31 | Size = 2756096 bytes | Modified Date = 11/1/2007 3:57:24 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Xfire\xfire.exe -> C:\Program Files\Xfire\xfire.exe [C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire] -> Xfire Inc. [Ver = 13133 | Size = 3007824 bytes | Modified Date = 5/13/2008 9:29:28 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\H:\Program Files\XMPChat\XMPChat Client.exe -> %ProgramFiles%\XMPChat\XMPChat Client.exe [H:\Program Files\XMPChat\XMPChat Client.exe:*:Enabled:XMPChat Client] -> The-Gizmo [Ver = 0.2.7 | Size = 299008 bytes | Modified Date = 6/1/2008 7:50:34 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\H:\Program Files\Internet Explorer\iexplore.exe -> %ProgramFiles%\Internet Explorer\iexplore.exe [H:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer] -> Microsoft Corporation [Ver = 7.00.6000.16640 (vista_gdr.080213-1606) | Size = 625664 bytes | Modified Date = 2/29/2008 4:55:46 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\H:\Program Files\Xpress Mail\Professional Editon\XpressMailDesktopClient.exe -> %ProgramFiles%\Xpress Mail\Professional Editon\XpressMailDesktopClient.exe [H:\Program Files\Xpress Mail\Professional Editon\XpressMailDesktopClient.exe:*:Enabled:XpressMailDesktopClient] -> [Ver = 6, 6, 7, 136 | Size = 3082352 bytes | Modified Date = 5/17/2007 7:10:03 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Ares\Ares.exe -> C:\Program Files\Ares\Ares.exe [C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows] -> Ares Development Group [Ver = 2.0.9.3030 | Size = 961536 bytes | Modified Date = 7/16/2007 5:54:38 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Steam\Steam.exe -> C:\Program Files\Steam\Steam.exe [C:\Program Files\Steam\Steam.exe:*:Enabled:Steam] -> Valve Corporation [Ver = 1.0.0.0 | Size = 1271032 bytes | Modified Date = 3/28/2008 12:33:43 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\H:\Program Files\Messenger\msmsgs.exe -> %ProgramFiles%\Messenger\msmsgs.exe [H:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> Microsoft Corporation [Ver = 4.7.3001 | Size = 1694208 bytes | Modified Date = 10/13/2004 12:24:37 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{18FA6CDD-C3EE-482C-831F-FB6122E85D65} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 4 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %SystemRoot%\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 3:56:57 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> %SystemRoot%\system32\wuauserv.dll [H:\WINDOWS\System32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/4/2004 3:56:46 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> [Files/Folders - Created Within 90 days] $AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ -> [Folder | Created Date = 5/28/2008 12:54:01 PM | Attr = H ] $RECYCLE.BIN -> %SystemDrive%\$RECYCLE.BIN -> [Folder | Created Date = 5/25/2008 10:53:25 PM | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 6/7/2008 7:01:46 PM | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 7/9/2008 3:34:34 PM | Attr = ] DELL -> %SystemDrive%\DELL -> [Folder | Created Date = 5/25/2008 10:37:15 AM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Created Date = 5/25/2008 6:23:22 AM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Created Date = 5/25/2008 6:24:40 AM | Attr = R ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 5/25/2008 3:20:38 PM | Attr = HS] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 5/25/2008 10:50:09 AM | Attr = HS] WINDOWS -> %SystemRoot% -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 7/9/2008 3:33:38 PM | Attr = ] apphelp.sdb -> %SystemRoot%\System32\dllcache\apphelp.sdb -> [Ver = | Size = 217118 bytes | Created Date = 5/26/2008 3:39:22 PM | Attr = ] apph_sp.sdb -> %SystemRoot%\System32\dllcache\apph_sp.sdb -> [Ver = | Size = 764868 bytes | Created Date = 5/26/2008 3:39:22 PM | Attr = ] cap7146.sys -> %SystemRoot%\System32\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 5/25/2008 10:37:26 AM | Attr = ] chtskf.dll -> %SystemRoot%\System32\dllcache\chtskf.dll -> [Ver = | Size = 173568 bytes | Created Date = 5/25/2008 11:19:57 PM | Attr = ] ctlsb16.sys -> %SystemRoot%\System32\dllcache\ctlsb16.sys -> Copyright (C) Creative Technology Ltd. 1994-2001 [Ver = 5.1.2501.0 built by: WinDDK | Size = 96256 bytes | Created Date = 5/26/2008 3:12:04 PM | Attr = ] dgrpsetu.dll -> %SystemRoot%\System32\dllcache\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 5/25/2008 6:24:28 AM | Attr = ] dgsetup.dll -> %SystemRoot%\System32\dllcache\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 5/25/2008 6:24:28 AM | Attr = ] eqnclass.dll -> %SystemRoot%\System32\dllcache\eqnclass.dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 5/25/2008 6:24:28 AM | Attr = ] esucmd.dll -> %SystemRoot%\System32\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 5/25/2008 10:37:31 AM | Attr = ] esuimgd.dll -> %SystemRoot%\System32\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 5/25/2008 10:37:31 AM | Attr = ] esunid.dll -> %SystemRoot%\System32\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 5/25/2008 10:37:31 AM | Attr = ] hanja.lex -> %SystemRoot%\System32\dllcache\hanja.lex -> [Ver = | Size = 108827 bytes | Created Date = 5/25/2008 10:37:34 AM | Attr = ] HPCRDP.CAT -> %SystemRoot%\System32\dllcache\HPCRDP.CAT -> [Ver = | Size = 13472 bytes | Created Date = 5/25/2008 6:23:46 AM | Attr = ] htrn_jis.dll -> %SystemRoot%\System32\dllcache\htrn_jis.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 13312 bytes | Created Date = 5/25/2008 10:33:47 AM | Attr = ] hwxjpn.dll -> %SystemRoot%\System32\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Created Date = 5/25/2008 10:37:36 AM | Attr = ] IASNT4.CAT -> %SystemRoot%\System32\dllcache\IASNT4.CAT -> [Ver = | Size = 8574 bytes | Created Date = 5/25/2008 6:23:46 AM | Attr = ] imekr.lex -> %SystemRoot%\System32\dllcache\imekr.lex -> [Ver = | Size = 134339 bytes | Created Date = 5/25/2008 10:37:41 AM | Attr = ] imscinst.exe -> %SystemRoot%\System32\dllcache\imscinst.exe -> [Ver = | Size = 59392 bytes | Created Date = 5/25/2008 11:19:57 PM | Attr = ] korwbrkr.lex -> %SystemRoot%\System32\dllcache\korwbrkr.lex -> [Ver = | Size = 1158818 bytes | Created Date = 5/25/2008 10:37:47 AM | Attr = ] ltts1033.lxa -> %SystemRoot%\System32\dllcache\ltts1033.lxa -> [Ver = | Size = 643717 bytes | Created Date = 5/25/2008 6:24:42 AM | Attr = ] MAPIMIG.CAT -> %SystemRoot%\System32\dllcache\MAPIMIG.CAT -> [Ver = | Size = 399645 bytes | Created Date = 5/25/2008 6:23:46 AM | Attr = ] msjetol1.dll -> %SystemRoot%\System32\dllcache\msjetol1.dll -> [Ver = | Size = 355112 bytes | Created Date = 5/26/2008 3:34:15 PM | Attr = ] MW770.CAT -> %SystemRoot%\System32\dllcache\MW770.CAT -> [Ver = | Size = 37484 bytes | Created Date = 5/25/2008 6:23:46 AM | Attr = ] nls302en.lex -> %SystemRoot%\System32\dllcache\nls302en.lex -> [Ver = | Size = 4399505 bytes | Created Date = 5/25/2008 10:35:06 AM | Attr = ] NT5IIS.CAT -> %SystemRoot%\System32\dllcache\NT5IIS.CAT -> [Ver = | Size = 797189 bytes | Created Date = 5/25/2008 6:23:46 AM | Attr = ] nv4_disp.dll -> %SystemRoot%\System32\dllcache\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 5434880 bytes | Created Date = 5/25/2008 10:27:59 PM | Attr = ] nv4_mini.sys -> %SystemRoot%\System32\dllcache\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 6738880 bytes | Created Date = 5/25/2008 10:27:59 PM | Attr = ] OEMBIOS.CAT -> %SystemRoot%\System32\dllcache\OEMBIOS.CAT -> [Ver = | Size = 7046 bytes | Created Date = 5/25/2008 6:23:46 AM | Attr = ] pintlcsa.dll -> %SystemRoot%\System32\dllcache\pintlcsa.dll -> [Ver = | Size = 175104 bytes | Created Date = 5/25/2008 11:19:57 PM | Attr = ] quartz.dll -> %SystemRoot%\System32\dllcache\quartz.dll -> [Ver = | Size = 1287680 bytes | Created Date = 5/26/2008 7:23:40 PM | Attr = ] r1033tts.lxa -> %SystemRoot%\System32\dllcache\r1033tts.lxa -> [Ver = | Size = 605050 bytes | Created Date = 5/25/2008 6:24:42 AM | Attr = ] rw330ext.dll -> %SystemRoot%\System32\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 5/25/2008 10:37:57 AM | Attr = ] rwia001.dll -> %SystemRoot%\System32\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 5/25/2008 10:37:57 AM | Attr = ] rwia330.dll -> %SystemRoot%\System32\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 5/25/2008 10:37:57 AM | Attr = ] sam.sdf -> %SystemRoot%\System32\dllcache\sam.sdf -> [Ver = | Size = 888 bytes | Created Date = 5/25/2008 6:24:42 AM | Attr = ] sam.spd -> %SystemRoot%\System32\dllcache\sam.spd -> [Ver = | Size = 1685606 bytes | Created Date = 5/25/2008 6:24:42 AM | Attr = ] spxcoins.dll -> %SystemRoot%\System32\dllcache\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 5/25/2008 6:24:28 AM | Attr = ] srframe.mmf -> %SystemRoot%\System32\dllcache\srframe.mmf -> [Ver = | Size = 984 bytes | Created Date = 5/25/2008 10:34:35 AM | Attr = ] sysmain.sdb -> %SystemRoot%\System32\dllcache\sysmain.sdb -> [Ver = | Size = 1197294 bytes | Created Date = 5/26/2008 3:39:21 PM | Attr = ] adv01nt5.dll -> %SystemRoot%\System32\drivers\adv01nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 4255 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] adv02nt5.dll -> %SystemRoot%\System32\drivers\adv02nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3967 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] adv05nt5.dll -> %SystemRoot%\System32\drivers\adv05nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3615 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] adv07nt5.dll -> %SystemRoot%\System32\drivers\adv07nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3647 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] adv08nt5.dll -> %SystemRoot%\System32\drivers\adv08nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3135 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] adv09nt5.dll -> %SystemRoot%\System32\drivers\adv09nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3711 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] adv11nt5.dll -> %SystemRoot%\System32\drivers\adv11nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3775 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] AegisP.sys -> %SystemRoot%\System32\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.4.3.0 | Size = 20747 bytes | Created Date = 5/25/2008 3:34:41 PM | Attr = ] ati1btxx.sys -> %SystemRoot%\System32\drivers\ati1btxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 56623 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati1mdxx.sys -> %SystemRoot%\System32\drivers\ati1mdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 11615 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati1pdxx.sys -> %SystemRoot%\System32\drivers\ati1pdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 12047 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati1raxx.sys -> %SystemRoot%\System32\drivers\ati1raxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 30671 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati1rvxx.sys -> %SystemRoot%\System32\drivers\ati1rvxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 63663 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati1snxx.sys -> %SystemRoot%\System32\drivers\ati1snxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 26367 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati1ttxx.sys -> %SystemRoot%\System32\drivers\ati1ttxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 21343 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati1tuxx.sys -> %SystemRoot%\System32\drivers\ati1tuxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 36463 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati1xbxx.sys -> %SystemRoot%\System32\drivers\ati1xbxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 29455 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati1xsxx.sys -> %SystemRoot%\System32\drivers\ati1xsxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 34735 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ativmc20.cod -> %SystemRoot%\System32\drivers\ativmc20.cod -> [Ver = | Size = 64352 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] atv01nt5.dll -> %SystemRoot%\System32\drivers\atv01nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 21183 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] atv02nt5.dll -> %SystemRoot%\System32\drivers\atv02nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11359 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] atv04nt5.dll -> %SystemRoot%\System32\drivers\atv04nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] atv06nt5.dll -> %SystemRoot%\System32\drivers\atv06nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 14143 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] atv10nt5.dll -> %SystemRoot%\System32\drivers\atv10nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 17279 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Created Date = 5/26/2008 7:16:33 PM | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 6061540 bytes | Created Date = 5/26/2008 7:16:33 PM | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 25338442 bytes | Created Date = 5/26/2008 7:16:33 PM | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 90632 bytes | Created Date = 5/26/2008 7:16:33 PM | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 116658 bytes | Created Date = 5/26/2008 7:16:33 PM | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 96520 bytes | Created Date = 5/26/2008 7:16:37 PM | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.132 | Size = 26824 bytes | Created Date = 5/26/2008 7:16:35 PM | Attr = ] avgtdix.sys -> %SystemRoot%\System32\drivers\avgtdix.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 76040 bytes | Created Date = 5/26/2008 7:16:40 PM | Attr = ] Awrtpd.sys -> %SystemRoot%\System32\drivers\Awrtpd.sys -> Lavasoft AB [Ver = 1.0.0.134 | Size = 12960 bytes | Created Date = 4/29/2008 11:19:50 AM | Attr = ] Awrtrd.sys -> %SystemRoot%\System32\drivers\Awrtrd.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 15648 bytes | Created Date = 4/29/2008 11:19:54 AM | Attr = ] bcm42rly.sys -> %SystemRoot%\System32\drivers\bcm42rly.sys -> Broadcom Corporation [Ver = 3.90.30.0 (BROADCOM INTERNAL DRIVER) | Size = 17992 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] ch7xxnt5.dll -> %SystemRoot%\System32\drivers\ch7xxnt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 15423 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ctlsb16.sys -> %SystemRoot%\System32\drivers\ctlsb16.sys -> Copyright (C) Creative Technology Ltd. 1994-2001 [Ver = 5.1.2501.0 built by: WinDDK | Size = 96256 bytes | Created Date = 5/26/2008 3:12:04 PM | Attr = ] cxthsfs2.cty -> %SystemRoot%\System32\drivers\cxthsfs2.cty -> [Ver = | Size = 129045 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] disdn -> %SystemRoot%\System32\drivers\disdn -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] e1e5132.sys -> %SystemRoot%\System32\drivers\e1e5132.sys -> Intel Corporation [Ver = 9.10.8.0 built by: WinDDK | Size = 242320 bytes | Created Date = 5/25/2008 3:11:15 PM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] hosts.20080526-194315.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080526-194315.backup -> [Ver = | Size = 734 bytes | Created Date = 5/26/2008 7:43:15 PM | Attr = ] hsfbs2s2.sys -> %SystemRoot%\System32\drivers\hsfbs2s2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 5/25/2008 11:19:57 PM | Attr = ] hsfcxts2.sys -> %SystemRoot%\System32\drivers\hsfcxts2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 5/25/2008 11:19:57 PM | Attr = ] hsfdpsp2.sys -> %SystemRoot%\System32\drivers\hsfdpsp2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 5/25/2008 11:19:57 PM | Attr = ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Created Date = 6/7/2008 5:40:28 PM | Attr = ] mbamcatchme.sys -> %SystemRoot%\System32\drivers\mbamcatchme.sys -> [Ver = | Size = 34296 bytes | Created Date = 6/7/2008 5:40:27 PM | Attr = ] mtlmnt5.sys -> %SystemRoot%\System32\drivers\mtlmnt5.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 126686 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] mtlstrm.sys -> %SystemRoot%\System32\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] mtxparhm.sys -> %SystemRoot%\System32\drivers\mtxparhm.sys -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 452736 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] netwlan5.img -> %SystemRoot%\System32\drivers\netwlan5.img -> [Ver = | Size = 67866 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] NSDriver.sys -> %SystemRoot%\System32\drivers\NSDriver.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 15648 bytes | Created Date = 4/29/2008 11:20:00 AM | Attr = ] ntmtlfax.sys -> %SystemRoot%\System32\drivers\ntmtlfax.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 180360 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] nv4_mini.sys -> %SystemRoot%\System32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 6738880 bytes | Created Date = 5/25/2008 10:27:59 PM | Attr = ] omci.sys -> %SystemRoot%\System32\drivers\omci.sys -> Dell Computer Corporation [Ver = 6, 1, 0, 242 | Size = 13632 bytes | Created Date = 5/26/2008 4:02:37 AM | Attr = ] pavboot.sys -> %SystemRoot%\System32\drivers\pavboot.sys -> Panda Security, S.L. [Ver = 1.0.10.0 | Size = 28544 bytes | Created Date = 6/7/2008 6:25:30 PM | Attr = ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Created Date = 5/26/2008 7:54:08 PM | Attr = ] recagent.sys -> %SystemRoot%\System32\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] rt61.sys -> %SystemRoot%\System32\drivers\rt61.sys -> Ralink Technology Inc. [Ver = 1.00.03.0000 | Size = 356096 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] s3gnbm.sys -> %SystemRoot%\System32\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] siint5.dll -> %SystemRoot%\System32\drivers\siint5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3901 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] slnt7554.sys -> %SystemRoot%\System32\drivers\slnt7554.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 129535 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] slntamr.sys -> %SystemRoot%\System32\drivers\slntamr.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 404990 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] slnthal.sys -> %SystemRoot%\System32\drivers\slnthal.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 95424 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] slwdmsup.sys -> %SystemRoot%\System32\drivers\slwdmsup.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13240 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] sthda.sys -> %SystemRoot%\System32\drivers\sthda.sys -> SigmaTel, Inc. [Ver = 5.10.4991.0 nd444 cp1 | Size = 1156648 bytes | Created Date = 5/26/2008 3:47:03 PM | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Created Date = 5/26/2008 3:38:12 PM | Attr = ] MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 5/26/2008 3:38:13 PM | Attr = H ] vchnt5.dll -> %SystemRoot%\System32\drivers\vchnt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11325 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] wadv07nt.sys -> %SystemRoot%\System32\drivers\wadv07nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11807 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] wadv08nt.sys -> %SystemRoot%\System32\drivers\wadv08nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11295 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] wadv09nt.sys -> %SystemRoot%\System32\drivers\wadv09nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11871 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] wadv11nt.sys -> %SystemRoot%\System32\drivers\wadv11nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11935 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] watv06nt.sys -> %SystemRoot%\System32\drivers\watv06nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 22271 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] watv10nt.sys -> %SystemRoot%\System32\drivers\watv10nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 237 bytes | Created Date = 5/25/2008 6:22:24 AM | Attr = ] 1025 -> %SystemRoot%\System32\1025 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 6 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> 1028 -> %SystemRoot%\System32\1028 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 1031 -> %SystemRoot%\System32\1031 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 1033 -> %SystemRoot%\System32\1033 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 1037 -> %SystemRoot%\System32\1037 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 1041 -> %SystemRoot%\System32\1041 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 1042 -> %SystemRoot%\System32\1042 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 1054 -> %SystemRoot%\System32\1054 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 2052 -> %SystemRoot%\System32\2052 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 3076 -> %SystemRoot%\System32\3076 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Created Date = 5/25/2008 10:35:39 AM | Attr = ] ANIWZCSUSERNAME -> %SystemRoot%\System32\ANIWZCSUSERNAME -> [Ver = | Size = 7 bytes | Created Date = 5/25/2008 2:57:49 PM | Attr = ] ati2cqag.dll -> %SystemRoot%\System32\ati2cqag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0233 | Size = 229376 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ati3duag.dll -> %SystemRoot%\System32\ati3duag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0231 | Size = 1888992 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ativtmxx.dll -> %SystemRoot%\System32\ativtmxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 32768 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] ativvaxx.dll -> %SystemRoot%\System32\ativvaxx.dll -> ATI Technologies Inc. [Ver = 6.14.01.0009 | Size = 516768 bytes | Created Date = 5/25/2008 11:19:52 PM | Attr = ] AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [Ver = | Size = 1688 bytes | Created Date = 5/25/2008 6:24:25 AM | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Created Date = 5/26/2008 7:16:40 PM | Attr = ] bcm42rly.sys -> %SystemRoot%\System32\bcm42rly.sys -> Broadcom Corporation [Ver = 3.90.30.0 (BROADCOM INTERNAL DRIVER) | Size = 17992 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] bits -> %SystemRoot%\System32\bits -> [Folder | Created Date = 5/25/2008 3:54:00 PM | Attr = ] bopomofo.uce -> %SystemRoot%\System32\bopomofo.uce -> [Ver = | Size = 22984 bytes | Created Date = 5/25/2008 10:33:41 AM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Created Date = 5/25/2008 6:23:40 AM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Created Date = 5/25/2008 6:23:40 AM | Attr = ] CatRoot_bak -> %SystemRoot%\System32\CatRoot_bak -> [Folder | Created Date = 5/26/2008 2:56:19 PM | Attr = ] cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Created Date = 5/25/2008 10:35:12 AM | Attr = RH ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,0,201,0 | Size = 98304 bytes | Created Date = 6/2/2008 1:19:59 AM | Attr = ] CMMGR32.EXE -> %SystemRoot%\System32\CMMGR32.EXE -> [Ver = | Size = 0 bytes | Created Date = 6/7/2008 5:51:48 PM | Attr = ] Com -> %SystemRoot%\System32\Com -> [Folder | Created Date = 5/25/2008 10:33:26 AM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2577 bytes | Created Date = 5/25/2008 10:35:40 AM | Attr = ] c_10006.nls -> %SystemRoot%\System32\c_10006.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:35 AM | Attr = ] c_10007.nls -> %SystemRoot%\System32\c_10007.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:36 AM | Attr = ] c_10010.nls -> %SystemRoot%\System32\c_10010.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:30 AM | Attr = ] c_10017.nls -> %SystemRoot%\System32\c_10017.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:36 AM | Attr = ] c_10029.nls -> %SystemRoot%\System32\c_10029.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:30 AM | Attr = ] c_10081.nls -> %SystemRoot%\System32\c_10081.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:38 AM | Attr = ] c_10082.nls -> %SystemRoot%\System32\c_10082.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:30 AM | Attr = ] c_20127.nls -> %SystemRoot%\System32\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:29 AM | Attr = ] C_28594.NLS -> %SystemRoot%\System32\C_28594.NLS -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:34 AM | Attr = ] C_28595.NLS -> %SystemRoot%\System32\C_28595.NLS -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:36 AM | Attr = ] C_28597.NLS -> %SystemRoot%\System32\C_28597.NLS -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:35 AM | Attr = ] c_28599.nls -> %SystemRoot%\System32\c_28599.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:38 AM | Attr = ] c_28603.nls -> %SystemRoot%\System32\c_28603.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:40 AM | Attr = ] c_737.nls -> %SystemRoot%\System32\c_737.nls -> [Ver = | Size = 66594 bytes | Created Date = 5/25/2008 6:24:35 AM | Attr = ] c_852.nls -> %SystemRoot%\System32\c_852.nls -> [Ver = | Size = 66594 bytes | Created Date = 5/25/2008 6:24:30 AM | Attr = ] c_855.nls -> %SystemRoot%\System32\c_855.nls -> [Ver = | Size = 66594 bytes | Created Date = 5/25/2008 6:24:34 AM | Attr = ] c_857.nls -> %SystemRoot%\System32\c_857.nls -> [Ver = | Size = 66594 bytes | Created Date = 5/25/2008 6:24:38 AM | Attr = ] c_866.nls -> %SystemRoot%\System32\c_866.nls -> [Ver = | Size = 66594 bytes | Created Date = 5/25/2008 6:24:34 AM | Attr = ] c_869.nls -> %SystemRoot%\System32\c_869.nls -> [Ver = | Size = 66594 bytes | Created Date = 5/25/2008 6:24:35 AM | Attr = ] c_875.nls -> %SystemRoot%\System32\c_875.nls -> [Ver = | Size = 66082 bytes | Created Date = 5/25/2008 6:24:35 AM | Attr = ] desktop.ini -> %SystemRoot%\System32\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 5/25/2008 10:34:39 AM | Attr = ] dgrpsetu.dll -> %SystemRoot%\System32\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 5/25/2008 6:24:28 AM | Attr = ] dgsetup.dll -> %SystemRoot%\System32\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 5/25/2008 6:24:28 AM | Attr = ] dhcp -> %SystemRoot%\System32\dhcp -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Created Date = 5/25/2008 10:35:01 AM | Attr = ] dlci.loc -> %SystemRoot%\System32\dlci.loc -> [Ver = | Size = 1638 bytes | Created Date = 6/5/2008 1:19:36 PM | Attr = R ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = RHS] dqocowwu.ini -> %SystemRoot%\System32\dqocowwu.ini -> [Ver = | Size = 1615251 bytes | Created Date = 6/1/2008 2:54:52 PM | Attr = HS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] e1000msg.dll -> %SystemRoot%\System32\e1000msg.dll -> Intel Corporation [Ver = 9.7.0.0 | Size = 179048 bytes | Created Date = 5/25/2008 3:11:15 PM | Attr = ] e1e5132.din -> %SystemRoot%\System32\e1e5132.din -> [Ver = | Size = 2889 bytes | Created Date = 5/25/2008 3:11:15 PM | Attr = ] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Created Date = 5/25/2008 10:34:12 AM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Created Date = 5/26/2008 3:07:54 PM | Attr = ] EqnClass.Dll -> %SystemRoot%\System32\EqnClass.Dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 5/25/2008 6:24:28 AM | Attr = ] export -> %SystemRoot%\System32\export -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 91888 bytes | Created Date = 5/25/2008 6:23:21 AM | Attr = ] gb2312.uce -> %SystemRoot%\System32\gb2312.uce -> [Ver = | Size = 24006 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] GTNDIS3.VXD -> %SystemRoot%\System32\GTNDIS3.VXD -> [Ver = | Size = 31930 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] GTNDIS5.sys -> %SystemRoot%\System32\GTNDIS5.sys -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.03.16.54 | Size = 15872 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] GTW32N50.dll -> %SystemRoot%\System32\GTW32N50.dll -> [Ver = 1.0.0.1 | Size = 94208 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] hhactivex.dll -> %SystemRoot%\System32\hhactivex.dll -> Blue Sky Software Corporation. [Ver = 8.00.125 | Size = 446464 bytes | Created Date = 5/26/2008 4:02:40 AM | Attr = R ] hsfcisp2.dll -> %SystemRoot%\System32\hsfcisp2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Created Date = 5/25/2008 11:19:57 PM | Attr = ] hticons.dll -> %SystemRoot%\System32\hticons.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Created Date = 5/25/2008 10:33:47 AM | Attr = ] ias -> %SystemRoot%\System32\ias -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] icsxml -> %SystemRoot%\System32\icsxml -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] ideograf.uce -> %SystemRoot%\System32\ideograf.uce -> [Ver = | Size = 60458 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] IM31IMG.DIL -> %SystemRoot%\System32\IM31IMG.DIL -> Data Techniques, Inc. [Ver = 7.20 | Size = 49152 bytes | Created Date = 6/5/2008 1:21:23 PM | Attr = ] IM31XPNG.DEL -> %SystemRoot%\System32\IM31XPNG.DEL -> Data Techniques, Inc. [Ver = 7.20 | Size = 98304 bytes | Created Date = 6/5/2008 1:21:23 PM | Attr = ] IM31XTIF.DEL -> %SystemRoot%\System32\IM31XTIF.DEL -> Data Techniques, Inc. [Ver = 7.20 | Size = 69632 bytes | Created Date = 6/5/2008 1:21:23 PM | Attr = ] IME -> %SystemRoot%\System32\IME -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] inetsrv -> %SystemRoot%\System32\inetsrv -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] isrdbg32.dll -> %SystemRoot%\System32\isrdbg32.dll -> Intel Corporation [Ver = 0.0 | Size = 32768 bytes | Created Date = 5/25/2008 10:34:34 AM | Attr = ] ixduettv.ini -> %SystemRoot%\System32\ixduettv.ini -> [Ver = | Size = 1604057 bytes | Created Date = 6/30/2008 5:43:13 PM | Attr = HS] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 135168 bytes | Created Date = 5/25/2008 11:13:47 PM | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 69632 bytes | Created Date = 5/25/2008 11:13:47 PM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 135168 bytes | Created Date = 5/25/2008 11:13:47 PM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 139264 bytes | Created Date = 5/25/2008 11:13:47 PM | Attr = ] kanji_1.uce -> %SystemRoot%\System32\kanji_1.uce -> [Ver = | Size = 6948 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] kanji_2.uce -> %SystemRoot%\System32\kanji_2.uce -> [Ver = | Size = 8484 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] keystone.exe -> %SystemRoot%\System32\keystone.exe -> [Ver = | Size = 425984 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] kkSuDcdd.ini -> %SystemRoot%\System32\kkSuDcdd.ini -> [Ver = | Size = 229678 bytes | Created Date = 6/30/2008 5:49:51 AM | Attr = HS] korean.uce -> %SystemRoot%\System32\korean.uce -> [Ver = | Size = 12876 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] LexFiles.ulf -> %SystemRoot%\System32\LexFiles.ulf -> [Ver = | Size = 23812 bytes | Created Date = 6/5/2008 1:19:52 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Created Date = 5/26/2008 3:38:12 PM | Attr = ] logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Created Date = 5/25/2008 10:35:15 AM | Attr = RH ] lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Created Date = 5/16/2008 11:58:04 AM | Attr = ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Created Date = 5/25/2008 10:34:24 AM | Attr = ] Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Created Date = 5/25/2008 2:14:09 PM | Attr = S] mlfcache.dat -> %SystemRoot%\System32\mlfcache.dat -> [Ver = | Size = 13132 bytes | Created Date = 6/8/2008 10:31:30 PM | Attr = H ] mpeg2data.ax -> %SystemRoot%\System32\mpeg2data.ax -> [Ver = | Size = 118272 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] MsDtc -> %SystemRoot%\System32\MsDtc -> [Folder | Created Date = 5/25/2008 10:33:26 AM | Attr = ] msdtcprf.h -> %SystemRoot%\System32\msdtcprf.h -> [Ver = | Size = 768 bytes | Created Date = 5/25/2008 10:33:39 AM | Attr = ] msdtcprf.ini -> %SystemRoot%\System32\msdtcprf.ini -> [Ver = | Size = 1931 bytes | Created Date = 5/25/2008 10:33:39 AM | Attr = ] mtxparhd.dll -> %SystemRoot%\System32\mtxparhd.dll -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 1737856 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] mui -> %SystemRoot%\System32\mui -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 5/25/2008 10:35:12 AM | Attr = RH ] NicCo.dll -> %SystemRoot%\System32\NicCo.dll -> Intel Corporation [Ver = 1.1.5.0 built by: WinDDK | Size = 28536 bytes | Created Date = 5/25/2008 3:11:15 PM | Attr = ] NicInstE.dll -> %SystemRoot%\System32\NicInstE.dll -> Intel Corporation [Ver = 9.8.7.0 built by: WinDDK | Size = 64120 bytes | Created Date = 5/25/2008 3:11:15 PM | Attr = ] npp -> %SystemRoot%\System32\npp -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Created Date = 5/25/2008 10:35:39 AM | Attr = ] nv3d.chm -> %SystemRoot%\System32\nv3d.chm -> [Ver = | Size = 116384 bytes | Created Date = 5/25/2008 3:45:40 PM | Attr = ] nv4_disp.dll -> %SystemRoot%\System32\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 5434880 bytes | Created Date = 5/25/2008 10:27:59 PM | Attr = ] nvapi.dll -> %SystemRoot%\System32\nvapi.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 344064 bytes | Created Date = 5/25/2008 10:27:59 PM | Attr = ] nvappbar.exe -> %SystemRoot%\System32\nvappbar.exe -> [Ver = | Size = 442368 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 121979 bytes | Created Date = 5/25/2008 3:45:40 PM | Attr = ] nvcod.dll -> %SystemRoot%\System32\nvcod.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35 | Size = 37888 bytes | Created Date = 5/25/2008 10:27:59 PM | Attr = ] nvcodins.dll -> %SystemRoot%\System32\nvcodins.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35 | Size = 37888 bytes | Created Date = 5/25/2008 10:27:59 PM | Attr = ] nvcolor.exe -> %SystemRoot%\System32\nvcolor.exe -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 147456 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpl.chm -> %SystemRoot%\System32\nvcpl.chm -> [Ver = | Size = 121529 bytes | Created Date = 5/25/2008 3:45:40 PM | Attr = ] nvcpl.cpl -> %SystemRoot%\System32\nvcpl.cpl -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 420384 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpl.dll -> %SystemRoot%\System32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 8429568 bytes | Created Date = 5/25/2008 10:28:00 PM | Attr = ] nvcplui.exe -> %SystemRoot%\System32\nvcplui.exe -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 768544 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpluir.dll -> %SystemRoot%\System32\nvcpluir.dll -> NVIDIA Corporation [Ver = 1.4.12.01 | Size = 1073152 bytes | Created Date = 5/25/2008 10:28:00 PM | Attr = ] nvcuda.dll -> %SystemRoot%\System32\nvcuda.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 1241088 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [Ver = | Size = 17177 bytes | Created Date = 5/25/2008 3:45:40 PM | Attr = ] nvdisps.dll -> %SystemRoot%\System32\nvdisps.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 6217728 bytes | Created Date = 5/25/2008 10:28:00 PM | Attr = ] nvdispsr.dll -> %SystemRoot%\System32\nvdispsr.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 5439488 bytes | Created Date = 5/25/2008 10:28:01 PM | Attr = ] nvdsp.chm -> %SystemRoot%\System32\nvdsp.chm -> [Ver = | Size = 181895 bytes | Created Date = 5/25/2008 3:45:40 PM | Attr = ] nvdspsch.exe -> %SystemRoot%\System32\nvdspsch.exe -> [Ver = | Size = 1339392 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvexpbar.dll -> %SystemRoot%\System32\nvexpbar.dll -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 313888 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvgames.dll -> %SystemRoot%\System32\nvgames.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 3289088 bytes | Created Date = 5/25/2008 10:28:01 PM | Attr = ] nvgamesr.dll -> %SystemRoot%\System32\nvgamesr.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 3235840 bytes | Created Date = 5/25/2008 10:28:02 PM | Attr = ] nview.dll -> %SystemRoot%\System32\nview.dll -> [Ver = | Size = 1486848 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvmccs.dll -> %SystemRoot%\System32\nvmccs.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 229376 bytes | Created Date = 5/25/2008 10:28:02 PM | Attr = ] nvmccsrs.dll -> %SystemRoot%\System32\nvmccsrs.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 45056 bytes | Created Date = 5/25/2008 10:28:02 PM | Attr = ] nvmccss.dll -> %SystemRoot%\System32\nvmccss.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 188416 bytes | Created Date = 5/25/2008 10:28:02 PM | Attr = ] nvmccssr.dll -> %SystemRoot%\System32\nvmccssr.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 458752 bytes | Created Date = 5/25/2008 10:28:02 PM | Attr = ] nvmctray.dll -> %SystemRoot%\System32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 81920 bytes | Created Date = 5/25/2008 10:28:02 PM | Attr = ] nvmob.chm -> %SystemRoot%\System32\nvmob.chm -> [Ver = | Size = 54988 bytes | Created Date = 5/25/2008 3:45:40 PM | Attr = ] nvmobls.dll -> %SystemRoot%\System32\nvmobls.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 1101824 bytes | Created Date = 5/25/2008 10:28:02 PM | Attr = ] nvmoblsr.dll -> %SystemRoot%\System32\nvmoblsr.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 2854912 bytes | Created Date = 5/25/2008 10:28:02 PM | Attr = ] nvnt4cpl.dll -> %SystemRoot%\System32\nvnt4cpl.dll -> [Ver = | Size = 286720 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvoglnt.dll -> %SystemRoot%\System32\nvoglnt.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 6668288 bytes | Created Date = 5/25/2008 10:28:02 PM | Attr = ] nvrsar.dll -> %SystemRoot%\System32\nvrsar.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 327680 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrscs.dll -> %SystemRoot%\System32\nvrscs.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 245760 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsda.dll -> %SystemRoot%\System32\nvrsda.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 253952 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsde.dll -> %SystemRoot%\System32\nvrsde.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 274432 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsel.dll -> %SystemRoot%\System32\nvrsel.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 282624 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrseng.dll -> %SystemRoot%\System32\nvrseng.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 245760 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrses.dll -> %SystemRoot%\System32\nvrses.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 282624 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsesm.dll -> %SystemRoot%\System32\nvrsesm.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 274432 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsfi.dll -> %SystemRoot%\System32\nvrsfi.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 245760 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsfr.dll -> %SystemRoot%\System32\nvrsfr.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 282624 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrshe.dll -> %SystemRoot%\System32\nvrshe.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 327680 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrshu.dll -> %SystemRoot%\System32\nvrshu.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 258048 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsit.dll -> %SystemRoot%\System32\nvrsit.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 278528 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsja.dll -> %SystemRoot%\System32\nvrsja.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 266240 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsko.dll -> %SystemRoot%\System32\nvrsko.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 258048 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsnl.dll -> %SystemRoot%\System32\nvrsnl.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 274432 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsno.dll -> %SystemRoot%\System32\nvrsno.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 253952 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrspl.dll -> %SystemRoot%\System32\nvrspl.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 253952 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrspt.dll -> %SystemRoot%\System32\nvrspt.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 270336 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsptb.dll -> %SystemRoot%\System32\nvrsptb.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 266240 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrsru.dll -> %SystemRoot%\System32\nvrsru.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 266240 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrssk.dll -> %SystemRoot%\System32\nvrssk.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 258048 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrssl.dll -> %SystemRoot%\System32\nvrssl.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 253952 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrssv.dll -> %SystemRoot%\System32\nvrssv.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 253952 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrstr.dll -> %SystemRoot%\System32\nvrstr.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 253952 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrszhc.dll -> %SystemRoot%\System32\nvrszhc.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 225280 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvrszht.dll -> %SystemRoot%\System32\nvrszht.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 122880 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvshell.dll -> %SystemRoot%\System32\nvshell.dll -> [Ver = | Size = 466944 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvsvc32.exe -> %SystemRoot%\System32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 163908 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvtuicpl.cpl -> %SystemRoot%\System32\nvtuicpl.cpl -> [Ver = | Size = 73728 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Created Date = 5/25/2008 3:45:40 PM | Attr = ] NVUNINST.EXE -> %SystemRoot%\System32\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Created Date = 5/25/2008 3:45:32 PM | Attr = ] nvvitvs.dll -> %SystemRoot%\System32\nvvitvs.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 3538944 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvvitvsr.dll -> %SystemRoot%\System32\nvvitvsr.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 3645440 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwddi.dll -> %SystemRoot%\System32\nvwddi.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 81920 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwdmcpl.dll -> %SystemRoot%\System32\nvwdmcpl.dll -> [Ver = | Size = 1703936 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvwimg.dll -> %SystemRoot%\System32\nvwimg.dll -> [Ver = | Size = 1019904 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvwrsar.dll -> %SystemRoot%\System32\nvwrsar.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 282624 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrscs.dll -> %SystemRoot%\System32\nvwrscs.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 286720 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsda.dll -> %SystemRoot%\System32\nvwrsda.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 294912 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsde.dll -> %SystemRoot%\System32\nvwrsde.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 311296 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsel.dll -> %SystemRoot%\System32\nvwrsel.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 335872 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrseng.dll -> %SystemRoot%\System32\nvwrseng.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 286720 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrses.dll -> %SystemRoot%\System32\nvwrses.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 335872 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsesm.dll -> %SystemRoot%\System32\nvwrsesm.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 327680 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsfi.dll -> %SystemRoot%\System32\nvwrsfi.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 303104 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsfr.dll -> %SystemRoot%\System32\nvwrsfr.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 327680 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrshe.dll -> %SystemRoot%\System32\nvwrshe.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 278528 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrshu.dll -> %SystemRoot%\System32\nvwrshu.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 315392 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsit.dll -> %SystemRoot%\System32\nvwrsit.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 323584 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsja.dll -> %SystemRoot%\System32\nvwrsja.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 212992 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsko.dll -> %SystemRoot%\System32\nvwrsko.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 196608 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsnl.dll -> %SystemRoot%\System32\nvwrsnl.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 319488 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsno.dll -> %SystemRoot%\System32\nvwrsno.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 299008 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrspl.dll -> %SystemRoot%\System32\nvwrspl.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 294912 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrspt.dll -> %SystemRoot%\System32\nvwrspt.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 323584 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsptb.dll -> %SystemRoot%\System32\nvwrsptb.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 319488 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrsru.dll -> %SystemRoot%\System32\nvwrsru.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 315392 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrssk.dll -> %SystemRoot%\System32\nvwrssk.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 299008 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrssl.dll -> %SystemRoot%\System32\nvwrssl.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 303104 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrssv.dll -> %SystemRoot%\System32\nvwrssv.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 294912 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrstr.dll -> %SystemRoot%\System32\nvwrstr.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 303104 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrszhc.dll -> %SystemRoot%\System32\nvwrszhc.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 163840 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwrszht.dll -> %SystemRoot%\System32\nvwrszht.dll -> NVIDIA Corporation [Ver = 6.14.10.11096 | Size = 167936 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwss.dll -> %SystemRoot%\System32\nvwss.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 2273280 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nvwssr.dll -> %SystemRoot%\System32\nvwssr.dll -> NVIDIA Corporation [Ver = 6.14.11.5851 | Size = 2387968 bytes | Created Date = 5/25/2008 10:28:03 PM | Attr = ] nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 5/25/2008 10:35:12 AM | Attr = RH ] nwiz.exe -> %SystemRoot%\System32\nwiz.exe -> [Ver = | Size = 1630208 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] Odbcjet.cnt -> %SystemRoot%\System32\Odbcjet.cnt -> [Ver = | Size = 7348 bytes | Created Date = 5/26/2008 4:02:39 AM | Attr = ] Odbcjet.hlp -> %SystemRoot%\System32\Odbcjet.hlp -> [Ver = | Size = 171967 bytes | Created Date = 5/26/2008 4:02:39 AM | Attr = ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 464860 bytes | Created Date = 5/25/2008 6:24:44 AM | Attr = ] PnkBstrA.exe -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Created Date = 5/26/2008 7:53:56 PM | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 103736 bytes | Created Date = 5/26/2008 7:54:02 PM | Attr = ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Created Date = 5/27/2008 8:23:29 PM | Attr = ] Prounstl.exe -> %SystemRoot%\System32\Prounstl.exe -> Intel Corporation [Ver = 9.1.1.0 | Size = 154496 bytes | Created Date = 5/25/2008 3:11:15 PM | Attr = ] qknjdpqy.ini -> %SystemRoot%\System32\qknjdpqy.ini -> [Ver = | Size = 1603783 bytes | Created Date = 6/30/2008 5:51:00 AM | Attr = HS] quartz.dll -> %SystemRoot%\System32\quartz.dll -> [Ver = | Size = 1287680 bytes | Created Date = 5/25/2008 10:26:05 PM | Attr = ] ras -> %SystemRoot%\System32\ras -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] RcdScan.dll -> %SystemRoot%\System32\RcdScan.dll -> Dell Computer Corporation [Ver = 1.20.00.00 | Size = 176128 bytes | Created Date = 5/26/2008 4:02:40 AM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Created Date = 5/25/2008 10:28:14 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Created Date = 5/25/2008 10:34:20 AM | Attr = ] RT2500.CAT -> %SystemRoot%\System32\RT2500.CAT -> [Ver = | Size = 7878 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] rt2500.sys -> %SystemRoot%\System32\rt2500.sys -> Ralink Technology Inc. [Ver = 3.01.00.0000 | Size = 243328 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] rt61.cat -> %SystemRoot%\System32\rt61.cat -> [Ver = | Size = 7870 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] rt61.sys -> %SystemRoot%\System32\rt61.sys -> Ralink Technology Inc. [Ver = 1.00.03.0000 | Size = 356096 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] s3gnb.dll -> %SystemRoot%\System32\s3gnb.dll -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 397056 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 5/25/2008 10:35:12 AM | Attr = RH ] secupd.dat -> %SystemRoot%\System32\secupd.dat -> [Ver = | Size = 4569 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] secupd.sig -> %SystemRoot%\System32\secupd.sig -> [Ver = | Size = 7208 bytes | Created Date = 5/25/2008 11:19:58 PM | Attr = ] Setup -> %SystemRoot%\System32\Setup -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] SetupBD.din -> %SystemRoot%\System32\SetupBD.din -> [Ver = | Size = 1904 bytes | Created Date = 5/25/2008 3:11:19 PM | Attr = ] ShellExt -> %SystemRoot%\System32\ShellExt -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] shiftjis.uce -> %SystemRoot%\System32\shiftjis.uce -> [Ver = | Size = 16740 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] slcoinst.dll -> %SystemRoot%\System32\slcoinst.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 73832 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] slextspk.dll -> %SystemRoot%\System32\slextspk.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 286792 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] slgen.dll -> %SystemRoot%\System32\slgen.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 188508 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] slrundll.exe -> %SystemRoot%\System32\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] slserv.exe -> %SystemRoot%\System32\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] spxcoins.dll -> %SystemRoot%\System32\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 5/25/2008 6:24:28 AM | Attr = ] ssa3d30.ocx -> %SystemRoot%\System32\ssa3d30.ocx -> Sheridan Software Systems, Inc. [Ver = 3.00.0034 | Size = 328480 bytes | Created Date = 5/26/2008 4:02:40 AM | Attr = ] stacapi.dll -> %SystemRoot%\System32\stacapi.dll -> SigmaTel, Inc. [Ver = 1.0.4991.0 nd444 cp1 | Size = 208896 bytes | Created Date = 5/26/2008 3:47:03 PM | Attr = ] staco.dll -> %SystemRoot%\System32\staco.dll -> SigmaTel, Inc. [Ver = 1.0.4991.0 nd444 cp1 built by: WinDDK | Size = 112128 bytes | Created Date = 5/26/2008 3:47:04 PM | Attr = ] stlang.dll -> %SystemRoot%\System32\stlang.dll -> SigmaTel, Inc. [Ver = 1.6.4947.0 nd229 cp1 | Size = 1052672 bytes | Created Date = 5/26/2008 3:47:09 PM | Attr = ] subrange.uce -> %SystemRoot%\System32\subrange.uce -> [Ver = | Size = 93702 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] tslabels.h -> %SystemRoot%\System32\tslabels.h -> [Ver = | Size = 3286 bytes | Created Date = 5/25/2008 10:33:40 AM | Attr = ] tslabels.ini -> %SystemRoot%\System32\tslabels.ini -> [Ver = | Size = 13223 bytes | Created Date = 5/25/2008 10:33:40 AM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] usrlogon.cmd -> %SystemRoot%\System32\usrlogon.cmd -> [Ver = | Size = 1161 bytes | Created Date = 5/25/2008 10:33:40 AM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Created Date = 5/25/2008 10:35:15 AM | Attr = RH ] wins -> %SystemRoot%\System32\wins -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] WLAN.INI -> %SystemRoot%\System32\WLAN.INI -> [Ver = | Size = 890 bytes | Created Date = 5/25/2008 3:34:37 PM | Attr = ] wmimgmt.msc -> %SystemRoot%\System32\wmimgmt.msc -> [Ver = | Size = 63488 bytes | Created Date = 5/25/2008 10:33:33 AM | Attr = ] wmpscheme.xml -> %SystemRoot%\System32\wmpscheme.xml -> [Ver = | Size = 25065 bytes | Created Date = 5/25/2008 10:35:39 AM | Attr = ] wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 5/25/2008 10:35:12 AM | Attr = RH ] WZDPlay.dll -> %SystemRoot%\System32\WZDPlay.dll -> [Ver = 1.0.41.97 | Size = 499200 bytes | Created Date = 6/1/2008 7:52:53 PM | Attr = ] xfcodec.dll -> %SystemRoot%\System32\xfcodec.dll -> [Ver = 31956 | Size = 41296 bytes | Created Date = 5/13/2008 9:29:30 PM | Attr = ] xircom -> %SystemRoot%\System32\xircom -> [Folder | Created Date = 5/25/2008 10:37:17 AM | Attr = ] xyeeowrd.ini -> %SystemRoot%\System32\xyeeowrd.ini -> [Ver = | Size = 1603997 bytes | Created Date = 6/30/2008 4:44:20 PM | Attr = HS] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Created Date = 5/25/2008 10:16:42 PM | Attr = H ] $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Created Date = 5/25/2008 3:54:07 PM | Attr = H ] $NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Created Date = 5/26/2008 4:00:26 AM | Attr = H ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 5/26/2008 3:07:06 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 5/26/2008 3:06:57 PM | Attr = H ] addins -> %SystemRoot%\addins -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Created Date = 5/25/2008 10:46:39 PM | Attr = R S] bcm42rly.sys -> %SystemRoot%\bcm42rly.sys -> Broadcom Corporation [Ver = 3.90.30.0 (BROADCOM INTERNAL DRIVER) | Size = 17992 bytes | Created Date = 5/25/2008 3:34:40 PM | Attr = ] Blue Lace 16.bmp -> %SystemRoot%\Blue Lace 16.bmp -> [Ver = | Size = 1272 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Created Date = 5/25/2008 10:38:09 AM | Attr = S] Coffee Bean.bmp -> %SystemRoot%\Coffee Bean.bmp -> [Ver = | Size = 17062 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] Config -> %SystemRoot%\Config -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Created Date = 5/25/2008 10:35:40 AM | Attr = ] Cursors -> %SystemRoot%\Cursors -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 5/25/2008 10:34:39 AM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Created Date = 5/25/2008 10:35:15 AM | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] EHome -> %SystemRoot%\EHome -> [Folder | Created Date = 5/26/2008 4:00:23 AM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 7/9/2008 3:34:53 PM | Attr = ] eReg.dat -> %SystemRoot%\eReg.dat -> [Ver = | Size = 528 bytes | Created Date = 5/26/2008 7:28:10 PM | Attr = ] FeatherTexture.bmp -> %SystemRoot%\FeatherTexture.bmp -> [Ver = | Size = 16730 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = R S] Gone Fishing.bmp -> %SystemRoot%\Gone Fishing.bmp -> [Ver = | Size = 17336 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] Greenstone.bmp -> %SystemRoot%\Greenstone.bmp -> [Ver = | Size = 26582 bytes | Created Date = 5/25/2008 10:33:43 AM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 5/26/2008 3:07:13 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 5/26/2008 3:08:12 PM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Created Date = 5/25/2008 2:00:13 PM | Attr = HS] IsUninst.exe -> %SystemRoot%\IsUninst.exe -> InstallShield Software Corporation [Ver = 5.00.221.0 | Size = 315904 bytes | Created Date = 6/1/2008 7:56:53 PM | Attr = ] iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.3 | Size = 729088 bytes | Created Date = 5/26/2008 7:34:04 PM | Attr = ] java -> %SystemRoot%\java -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Created Date = 5/25/2008 10:46:27 PM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] mui -> %SystemRoot%\mui -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 5/26/2008 3:06:14 PM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 5/28/2008 1:38:41 PM | Attr = ] nvidia icons -> %SystemRoot%\nvidia icons -> [Folder | Created Date = 5/25/2008 3:45:48 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Created Date = 5/25/2008 3:45:40 PM | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Created Date = 5/25/2008 6:24:44 AM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Created Date = 5/25/2008 10:35:15 AM | Attr = R ] PCHealth -> %SystemRoot%\PCHealth -> [Folder | Created Date = 5/25/2008 10:34:20 AM | Attr = ] peernet -> %SystemRoot%\peernet -> [Folder | Created Date = 5/26/2008 4:03:13 AM | Attr = ] Prairie Wind.bmp -> %SystemRoot%\Prairie Wind.bmp -> [Ver = | Size = 65954 bytes | Created Date = 5/25/2008 10:33:43 AM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 5/26/2008 2:31:01 PM | Attr = ] provisioning -> %SystemRoot%\provisioning -> [Folder | Created Date = 5/26/2008 4:03:13 AM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Created Date = 6/7/2008 5:38:24 PM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 6/4/2008 8:11:21 PM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 6/4/2008 8:11:21 PM | Attr = H ] Registration -> %SystemRoot%\Registration -> [Folder | Created Date = 5/25/2008 10:34:09 AM | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Created Date = 5/25/2008 10:49:58 AM | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] Resources -> %SystemRoot%\Resources -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp -> [Ver = | Size = 17362 bytes | Created Date = 5/25/2008 10:33:43 AM | Attr = ] River Sumida.bmp -> %SystemRoot%\River Sumida.bmp -> [Ver = | Size = 26680 bytes | Created Date = 5/25/2008 10:33:43 AM | Attr = ] Santa Fe Stucco.bmp -> %SystemRoot%\Santa Fe Stucco.bmp -> [Ver = | Size = 65832 bytes | Created Date = 5/25/2008 10:33:43 AM | Attr = ] security -> %SystemRoot%\security -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [Folder | Created Date = 5/26/2008 4:02:23 AM | Attr = ] slrundll.exe -> %SystemRoot%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 5/25/2008 11:19:59 PM | Attr = ] Soap Bubbles.bmp -> %SystemRoot%\Soap Bubbles.bmp -> [Ver = | Size = 65978 bytes | Created Date = 5/25/2008 10:33:42 AM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 5/25/2008 3:48:26 PM | Attr = ] srchasst -> %SystemRoot%\srchasst -> [Folder | Created Date = 5/25/2008 10:34:24 AM | Attr = ] stsystra.exe -> %SystemRoot%\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4991.0 nd444 cp1 | Size = 282624 bytes | Created Date = 5/26/2008 3:47:09 PM | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 7/9/2008 3:28:50 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Created Date = 5/25/2008 10:34:29 AM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Created Date = 5/25/2008 10:34:10 AM | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Created Date = 5/25/2008 10:34:10 AM | Attr = ] WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 5/26/2008 3:07:55 PM | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = R ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Created Date = 5/25/2008 10:35:12 AM | Attr = RH ] winnt.bmp -> %SystemRoot%\winnt.bmp -> [Ver = | Size = 48680 bytes | Created Date = 5/25/2008 10:34:39 AM | Attr = HS] winnt256.bmp -> %SystemRoot%\winnt256.bmp -> [Ver = | Size = 48680 bytes | Created Date = 5/25/2008 10:34:40 AM | Attr = HS] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Created Date = 5/25/2008 6:19:46 AM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 5/26/2008 4:03:36 AM | Attr = ] WMSysPrx.prx -> %SystemRoot%\WMSysPrx.prx -> [Ver = | Size = 299552 bytes | Created Date = 5/25/2008 10:35:39 AM | Attr = ] YOURAPP.EXE -> %SystemRoot%\YOURAPP.EXE -> [Ver = | Size = 0 bytes | Created Date = 6/7/2008 5:51:50 PM | Attr = ] Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [Ver = | Size = 9522 bytes | Created Date = 5/25/2008 10:33:43 AM | Attr = ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Created Date = 6/4/2008 8:09:55 PM | Attr = ] desktop.ini -> %SystemRoot%\tasks\desktop.ini -> [Ver = | Size = 65 bytes | Created Date = 5/25/2008 10:34:29 AM | Attr = RH ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Created Date = 5/25/2008 10:35:36 AM | Attr = H ] [Files Created - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Application Data\Adobe -> [Folder | Created Date = 5/26/2008 2:43:46 PM | Attr = ] Apple Computer -> %AllUsersProfile%\Application Data\Apple Computer -> [Folder | Created Date = 6/4/2008 8:10:03 PM | Attr = ] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Created Date = 5/26/2008 7:16:25 PM | Attr = ] Creative Labs -> %AllUsersProfile%\Application Data\Creative Labs -> [Folder | Created Date = 5/27/2008 8:59:50 PM | Attr = ] DellFaxCtr -> %AllUsersProfile%\Application Data\DellFaxCtr -> [Folder | Created Date = 6/5/2008 1:21:21 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 5/25/2008 6:24:23 AM | Attr = HS] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Created Date = 5/26/2008 7:44:32 PM | Attr = ] LUInstall.LiveUpdate -> %AllUsersProfile%\Application Data\LUInstall.LiveUpdate -> [Ver = | Size = 79668 bytes | Created Date = 5/26/2008 4:12:24 AM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Created Date = 6/7/2008 5:40:27 PM | Attr = ] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Created Date = 5/25/2008 6:23:34 AM | Attr = S] Prism -> %AllUsersProfile%\Application Data\Prism -> [Folder | Created Date = 5/25/2008 2:28:47 PM | Attr = ] Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [Folder | Created Date = 5/26/2008 7:40:30 PM | Attr = ] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Created Date = 6/7/2008 5:44:14 PM | Attr = ] Symantec -> %AllUsersProfile%\Application Data\Symantec -> [Folder | Created Date = 5/26/2008 4:12:25 AM | Attr = ] Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Created Date = 5/26/2008 4:00:27 AM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Created Date = 5/25/2008 11:11:32 PM | Attr = ] Apple Computer -> %AppData%\Apple Computer -> [Folder | Created Date = 6/4/2008 8:10:57 PM | Attr = ] AVGTOOLBAR -> %AppData%\AVGTOOLBAR -> [Folder | Created Date = 5/26/2008 7:16:33 PM | Attr = ] DellFaxCtr -> %AppData%\DellFaxCtr -> [Folder | Created Date = 6/5/2008 4:09:29 PM | Attr = ] desktop.ini -> %AppData%\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 5/25/2008 2:00:00 PM | Attr = HS] Identities -> %AppData%\Identities -> [Folder | Created Date = 5/25/2008 2:00:11 PM | Attr = ] LimeWire -> %AppData%\LimeWire -> [Folder | Created Date = 6/28/2008 7:24:02 PM | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Created Date = 5/25/2008 11:11:32 PM | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Created Date = 6/7/2008 5:40:29 PM | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Created Date = 5/25/2008 2:00:00 PM | Attr = S] mIRC -> %AppData%\mIRC -> [Folder | Created Date = 5/27/2008 6:33:41 AM | Attr = ] Mozilla -> %AppData%\Mozilla -> [Folder | Created Date = 5/28/2008 1:38:37 PM | Attr = ] Ruckus Network -> %AppData%\Ruckus Network -> [Folder | Created Date = 6/4/2008 7:49:24 PM | Attr = ] Sun -> %AppData%\Sun -> [Folder | Created Date = 7/9/2008 3:28:50 PM | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 6/7/2008 5:44:10 PM | Attr = ] teamspeak2 -> %AppData%\teamspeak2 -> [Folder | Created Date = 6/7/2008 1:30:22 PM | Attr = ] Uniblue -> %AppData%\Uniblue -> [Folder | Created Date = 5/27/2008 9:02:35 PM | Attr = ] Ventrilo -> %AppData%\Ventrilo -> [Folder | Created Date = 5/25/2008 11:16:44 PM | Attr = ] WarZone -> %AppData%\WarZone -> [Folder | Created Date = 6/1/2008 7:52:21 PM | Attr = ] Xfire -> %AppData%\Xfire -> [Folder | Created Date = 6/1/2008 4:44:00 PM | Attr = ] Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [Folder | Created Date = 6/8/2008 10:02:40 PM | Attr = ] Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer -> [Folder | Created Date = 6/4/2008 8:09:10 PM | Attr = ] Ares -> %UserProfile%\Local Settings\Application Data\Ares -> [Folder | Created Date = 6/10/2008 2:12:46 PM | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 9728 bytes | Created Date = 5/27/2008 3:13:29 AM | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 13104 bytes | Created Date = 5/25/2008 10:48:03 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 6934930 bytes | Created Date = 5/25/2008 2:14:08 PM | Attr = H ] Identities -> %UserProfile%\Local Settings\Application Data\Identities -> [Folder | Created Date = 6/8/2008 10:13:16 PM | Attr = ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Created Date = 5/25/2008 2:00:00 PM | Attr = ] Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [Folder | Created Date = 5/28/2008 1:38:37 PM | Attr = ] Steam -> %UserProfile%\Local Settings\Application Data\Steam -> [Folder | Created Date = 5/25/2008 2:03:02 PM | Attr = ] WMTools Downloaded Files -> %UserProfile%\Local Settings\Application Data\WMTools Downloaded Files -> [Folder | Created Date = 5/26/2008 3:10:14 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 5/25/2008 6:24:23 AM | Attr = HS] My Music -> %AllUsersProfile%\Documents\My Music -> [Folder | Created Date = 5/25/2008 10:34:13 AM | Attr = R ] My Pictures -> %AllUsersProfile%\Documents\My Pictures -> [Folder | Created Date = 5/25/2008 10:34:13 AM | Attr = R ] My Videos -> %AllUsersProfile%\Documents\My Videos -> [Folder | Created Date = 5/26/2008 3:10:13 PM | Attr = R ] Default.rdp -> %UserProfile%\My Documents\Default.rdp -> [Ver = | Size = 0 bytes | Created Date = 6/3/2008 4:53:51 PM | Attr = H ] desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [Ver = | Size = 78 bytes | Created Date = 5/25/2008 2:00:07 PM | Attr = HS] Hitman Blood Money -> %UserProfile%\My Documents\Hitman Blood Money -> [Folder | Created Date = 6/4/2008 5:32:39 AM | Attr = ] Hitman Blood Money Demo -> %UserProfile%\My Documents\Hitman Blood Money Demo -> [Folder | Created Date = 6/2/2008 1:20:10 AM | Attr = ] LimeWire -> %UserProfile%\My Documents\LimeWire -> [Folder | Created Date = 6/28/2008 7:24:44 PM | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Created Date = 5/25/2008 2:00:07 PM | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Created Date = 5/25/2008 2:00:07 PM | Attr = R ] My Received Files -> %UserProfile%\My Documents\My Received Files -> [Folder | Created Date = 5/26/2008 6:37:20 PM | Attr = ] My Videos -> %UserProfile%\My Documents\My Videos -> [Folder | Created Date = 5/26/2008 3:10:13 PM | Attr = R ] Adobe Reader 8.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 8.lnk -> [Ver = | Size = 1731 bytes | Created Date = 6/8/2008 10:02:23 PM | Attr = ] Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 698 bytes | Created Date = 6/7/2008 5:40:28 PM | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 782 bytes | Created Date = 6/7/2008 5:44:10 PM | Attr = ] VistaBootPRO 3.3.lnk -> %AllUsersProfile%\Desktop\VistaBootPRO 3.3.lnk -> [Ver = | Size = 1876 bytes | Created Date = 5/25/2008 10:47:59 PM | Attr = ] WarZone.lnk -> %AllUsersProfile%\Desktop\WarZone.lnk -> [Ver = | Size = 680 bytes | Created Date = 6/1/2008 7:52:53 PM | Attr = ] ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Created Date = 6/7/2008 5:27:44 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\ATF_Cleaner.exe:Zone.Identifier cluedome.lnk -> %UserProfile%\Desktop\cluedome.lnk -> [Ver = | Size = 601 bytes | Created Date = 5/26/2008 7:46:43 PM | Attr = ] cstrike.lnk -> %UserProfile%\Desktop\cstrike.lnk -> [Ver = | Size = 755 bytes | Created Date = 6/1/2008 10:12:00 AM | Attr = ] DesertCombat.lnk -> %UserProfile%\Desktop\DesertCombat.lnk -> [Ver = | Size = 1791 bytes | Created Date = 5/26/2008 7:35:46 PM | Attr = ] dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Created Date = 7/9/2008 3:34:21 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\dss.exe:Zone.Identifier ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [Ver = | Size = 594 bytes | Created Date = 7/9/2008 4:23:29 PM | Attr = ] Firefox.lnk -> %UserProfile%\Desktop\Firefox.lnk -> [Ver = | Size = 631 bytes | Created Date = 5/26/2008 7:47:12 PM | Attr = ] fix.reg -> %UserProfile%\Desktop\fix.reg -> [Ver = | Size = 127 bytes | Created Date = 7/9/2008 4:26:08 PM | Attr = ] hijackthis uninstall list -> %UserProfile%\Desktop\hijackthis uninstall list -> [Ver = | Size = 5557 bytes | Created Date = 6/8/2008 3:21:00 PM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1736 bytes | Created Date = 6/8/2008 3:19:00 PM | Attr = ] Incomplete -> %UserProfile%\Desktop\Incomplete -> [Folder | Created Date = 6/28/2008 7:24:44 PM | Attr = ] Internet.lnk -> %UserProfile%\Desktop\Internet.lnk -> [Ver = | Size = 104 bytes | Created Date = 5/25/2008 2:55:27 PM | Attr = ] limewire music -> %UserProfile%\Desktop\limewire music -> [Folder | Created Date = 6/28/2008 7:24:25 PM | Attr = ] LimeWire.lnk -> %UserProfile%\Desktop\LimeWire.lnk -> [Ver = | Size = 601 bytes | Created Date = 5/26/2008 7:49:08 PM | Attr = ] MIRC.lnk -> %UserProfile%\Desktop\MIRC.lnk -> [Ver = | Size = 780 bytes | Created Date = 5/26/2008 6:42:57 PM | Attr = ] movies.lnk -> %UserProfile%\Desktop\movies.lnk -> [Ver = | Size = 867 bytes | Created Date = 6/12/2008 5:39:05 PM | Attr = ] Music.lnk -> %UserProfile%\Desktop\Music.lnk -> [Ver = | Size = 575 bytes | Created Date = 5/27/2008 9:19:16 PM | Attr = ] Notepad.lnk -> %UserProfile%\Desktop\Notepad.lnk -> [Ver = | Size = 1509 bytes | Created Date = 5/31/2008 11:16:16 PM | Attr = ] NTREGOPT.lnk -> %UserProfile%\Desktop\NTREGOPT.lnk -> [Ver = | Size = 613 bytes | Created Date = 7/9/2008 4:23:30 PM | Attr = ] OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.3 | Size = 291840 bytes | Created Date = 7/9/2008 3:33:11 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 7/9/2008 4:28:50 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568114 bytes | Created Date = 7/9/2008 4:28:40 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier PB Updates -> %UserProfile%\Desktop\PB Updates -> [Folder | Created Date = 5/26/2008 7:42:03 PM | Attr = ] Professional Edition.lnk -> %UserProfile%\Desktop\Professional Edition.lnk -> [Ver = | Size = 775 bytes | Created Date = 6/8/2008 8:39:40 PM | Attr = ] Ruckus.lnk -> %UserProfile%\Desktop\Ruckus.lnk -> [Ver = | Size = 618 bytes | Created Date = 5/26/2008 7:48:18 PM | Attr = ] Services.lnk -> %UserProfile%\Desktop\Services.lnk -> [Ver = | Size = 1592 bytes | Created Date = 5/26/2008 6:36:20 PM | Attr = ] Spyware-Virus Cleaning Tools -> %UserProfile%\Desktop\Spyware-Virus Cleaning Tools -> [Folder | Created Date = 5/26/2008 7:44:35 PM | Attr = ] Steam.lnk -> %UserProfile%\Desktop\Steam.lnk -> [Ver = | Size = 569 bytes | Created Date = 5/25/2008 11:01:23 PM | Attr = ] TeamSpeak.lnk -> %UserProfile%\Desktop\TeamSpeak.lnk -> [Ver = | Size = 634 bytes | Created Date = 5/26/2008 7:48:24 PM | Attr = ] Ventrilo.lnk -> %UserProfile%\Desktop\Ventrilo.lnk -> [Ver = | Size = 601 bytes | Created Date = 5/25/2008 11:01:35 PM | Attr = ] VLC.lnk -> %UserProfile%\Desktop\VLC.lnk -> [Ver = | Size = 640 bytes | Created Date = 5/26/2008 7:48:39 PM | Attr = ] Windows Media Player.lnk -> %UserProfile%\Desktop\Windows Media Player.lnk -> [Ver = | Size = 790 bytes | Created Date = 5/26/2008 6:38:11 PM | Attr = ] Xfire.lnk -> %UserProfile%\Desktop\Xfire.lnk -> [Ver = | Size = 569 bytes | Created Date = 5/26/2008 6:40:28 PM | Attr = ] XMPChat.lnk -> %UserProfile%\Desktop\XMPChat.lnk -> [Ver = | Size = 753 bytes | Created Date = 6/1/2008 7:50:25 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Created Date = 5/25/2008 6:24:23 AM | Attr = HS] desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Created Date = 5/25/2008 2:00:00 PM | Attr = HS] ERUNT AutoBackup.lnk -> %UserProfile%\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [Ver = | Size = 769 bytes | Created Date = 7/9/2008 4:24:14 PM | Attr = ] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Created Date = 6/8/2008 10:02:12 PM | Attr = ] Apple -> %CommonProgramFiles%\Apple -> [Folder | Created Date = 6/4/2008 8:09:38 PM | Attr = ] Creative Labs Shared -> %CommonProgramFiles%\Creative Labs Shared -> [Folder | Created Date = 5/27/2008 8:59:47 PM | Attr = ] Download Manager -> %CommonProgramFiles%\Download Manager -> [Folder | Created Date = 6/7/2008 5:40:13 PM | Attr = ] InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Created Date = 5/25/2008 2:28:35 PM | Attr = ] Java -> %CommonProgramFiles%\Java -> [Folder | Created Date = 5/25/2008 11:13:07 PM | Attr = ] Logitech -> %CommonProgramFiles%\Logitech -> [Folder | Created Date = 6/1/2008 4:46:48 PM | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Created Date = 5/25/2008 6:24:40 AM | Attr = ] MSSoap -> %CommonProgramFiles%\MSSoap -> [Folder | Created Date = 5/25/2008 10:34:27 AM | Attr = ] ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Created Date = 5/25/2008 6:24:44 AM | Attr = ] Services -> %CommonProgramFiles%\Services -> [Folder | Created Date = 5/25/2008 10:34:32 AM | Attr = ] SpeechEngines -> %CommonProgramFiles%\SpeechEngines -> [Folder | Created Date = 5/25/2008 6:24:42 AM | Attr = ] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Created Date = 5/26/2008 4:12:25 AM | Attr = ] System -> %CommonProgramFiles%\System -> [Folder | Created Date = 5/25/2008 10:34:14 AM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 5/26/2008 7:44:18 PM | Attr = ] Abbyy FineReader 6.0 Sprint -> %ProgramFiles%\Abbyy FineReader 6.0 Sprint -> [Folder | Created Date = 6/5/2008 1:20:52 PM | Attr = ] Adobe -> %ProgramFiles%\Adobe -> [Folder | Created Date = 6/8/2008 10:02:12 PM | Attr = ] Apple Software Update -> %ProgramFiles%\Apple Software Update -> [Folder | Created Date = 6/4/2008 8:09:53 PM | Attr = ] AVG -> %ProgramFiles%\AVG -> [Folder | Created Date = 5/26/2008 7:16:25 PM | Attr = ] Bonjour -> %ProgramFiles%\Bonjour -> [Folder | Created Date = 6/4/2008 8:10:29 PM | Attr = ] Common Files -> %CommonProgramFiles% -> [Folder | Created Date = 5/25/2008 6:24:40 AM | Attr = ] ComPlus Applications -> %ProgramFiles%\ComPlus Applications -> [Folder | Created Date = 5/25/2008 10:34:11 AM | Attr = ] CONEXANT -> %ProgramFiles%\CONEXANT -> [Folder | Created Date = 5/25/2008 11:16:19 PM | Attr = ] Creative -> %ProgramFiles%\Creative -> [Folder | Created Date = 5/25/2008 10:43:01 PM | Attr = ] Dell -> %ProgramFiles%\Dell -> [Folder | Created Date = 5/25/2008 10:31:49 PM | Attr = ] Dell AIO Printer 946 -> %ProgramFiles%\Dell AIO Printer 946 -> [Folder | Created Date = 6/5/2008 1:19:54 PM | Attr = ] Dell Fax Solutions -> %ProgramFiles%\Dell Fax Solutions -> [Folder | Created Date = 6/5/2008 1:20:28 PM | Attr = ] directx -> %ProgramFiles%\directx -> [Folder | Created Date = 5/25/2008 11:20:07 PM | Attr = ] Dl_cats -> %ProgramFiles%\Dl_cats -> [Folder | Created Date = 6/5/2008 1:19:53 PM | Attr = ] EA GAMES -> %ProgramFiles%\EA GAMES -> [Folder | Created Date = 5/26/2008 7:23:39 PM | Attr = ] ERUNT -> %ProgramFiles%\ERUNT -> [Folder | Created Date = 7/9/2008 4:23:27 PM | Attr = ] Hasbro Interactive -> %ProgramFiles%\Hasbro Interactive -> [Folder | Created Date = 6/1/2008 7:57:48 PM | Attr = ] Hewlett-Packard -> %ProgramFiles%\Hewlett-Packard -> [Folder | Created Date = 5/26/2008 3:40:35 PM | Attr = ] InstallShield Installation Information -> %ProgramFiles%\InstallShield Installation Information -> [Folder | Created Date = 5/25/2008 2:28:45 PM | Attr = H ] Intel -> %ProgramFiles%\Intel -> [Folder | Created Date = 5/25/2008 10:33:59 PM | Attr = ] Internet Explorer -> %ProgramFiles%\Internet Explorer -> [Folder | Created Date = 5/25/2008 10:34:13 AM | Attr = ] iPod -> %ProgramFiles%\iPod -> [Folder | Created Date = 6/4/2008 8:10:45 PM | Attr = ] iTunes -> %ProgramFiles%\iTunes -> [Folder | Created Date = 6/4/2008 8:10:39 PM | Attr = ] Jasc Software Inc -> %ProgramFiles%\Jasc Software Inc -> [Folder | Created Date = 6/5/2008 1:22:42 PM | Attr = ] Java -> %ProgramFiles%\Java -> [Folder | Created Date = 5/25/2008 11:13:32 PM | Attr = ] Lavasoft -> %ProgramFiles%\Lavasoft -> [Folder | Created Date = 5/26/2008 7:44:32 PM | Attr = ] Linksys Wireless-G PCI Wireless Network Monitor -> %ProgramFiles%\Linksys Wireless-G PCI Wireless Network Monitor -> [Folder | Created Date = 5/25/2008 3:34:39 PM | Attr = ] Logitech -> %ProgramFiles%\Logitech -> [Folder | Created Date = 6/1/2008 4:48:14 PM | Attr = ] Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [Folder | Created Date = 6/7/2008 5:40:26 PM | Attr = ] Messenger -> %ProgramFiles%\Messenger -> [Folder | Created Date = 5/25/2008 10:33:58 AM | Attr = ] microsoft frontpage -> %ProgramFiles%\microsoft frontpage -> [Folder | Created Date = 5/25/2008 10:37:17 AM | Attr = ] Movie Maker -> %ProgramFiles%\Movie Maker -> [Folder | Created Date = 5/25/2008 10:34:22 AM | Attr = ] MSN -> %ProgramFiles%\MSN -> [Folder | Created Date = 5/25/2008 10:33:29 AM | Attr = ] MSN Gaming Zone -> %ProgramFiles%\MSN Gaming Zone -> [Folder | Created Date = 5/25/2008 10:33:54 AM | Attr = ] NetMeeting -> %ProgramFiles%\NetMeeting -> [Folder | Created Date = 5/25/2008 10:34:17 AM | Attr = ] Online Services -> %ProgramFiles%\Online Services -> [Folder | Created Date = 5/25/2008 10:34:00 AM | Attr = ] Outlook Express -> %ProgramFiles%\Outlook Express -> [Folder | Created Date = 5/25/2008 10:34:16 AM | Attr = ] Panda Security -> %ProgramFiles%\Panda Security -> [Folder | Created Date = 6/7/2008 6:25:20 PM | Attr = ] PROnetworks -> %ProgramFiles%\PROnetworks -> [Folder | Created Date = 5/25/2008 10:47:59 PM | Attr = ] QuickTime -> %ProgramFiles%\QuickTime -> [Folder | Created Date = 6/4/2008 8:10:05 PM | Attr = ] SigmaTel -> %ProgramFiles%\SigmaTel -> [Folder | Created Date = 5/26/2008 3:47:03 PM | Attr = ] SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware -> [Folder | Created Date = 6/7/2008 5:44:10 PM | Attr = ] Symantec -> %ProgramFiles%\Symantec -> [Folder | Created Date = 5/26/2008 4:12:25 AM | Attr = ] Trend Micro -> %ProgramFiles%\Trend Micro -> [Folder | Created Date = 6/8/2008 3:18:59 PM | Attr = ] Uninstall Information -> %ProgramFiles%\Uninstall Information -> [Folder | Created Date = 5/25/2008 2:00:08 PM | Attr = H ] WarZone -> %ProgramFiles%\WarZone -> [Folder | Created Date = 6/1/2008 7:52:53 PM | Attr = ] Windows Media Connect 2 -> %ProgramFiles%\Windows Media Connect 2 -> [Folder | Created Date = 5/26/2008 3:38:54 PM | Attr = ] Windows Media Player -> %ProgramFiles%\Windows Media Player -> [Folder | Created Date = 5/25/2008 10:34:00 AM | Attr = ] Windows NT -> %ProgramFiles%\Windows NT -> [Folder | Created Date = 5/25/2008 10:33:29 AM | Attr = ] WindowsUpdate -> %ProgramFiles%\WindowsUpdate -> [Folder | Created Date = 5/25/2008 10:34:00 AM | Attr = H ] xerox -> %ProgramFiles%\xerox -> [Folder | Created Date = 5/25/2008 10:37:17 AM | Attr = ] XMPChat -> %ProgramFiles%\XMPChat -> [Folder | Created Date = 6/1/2008 7:50:25 PM | Attr = ] Xpress Mail -> %ProgramFiles%\Xpress Mail -> [Folder | Created Date = 6/8/2008 8:39:40 PM | Attr = ] [Files/Folders - Modified Within 90 days] $AVG8.VAULT$ -> %SystemDrive%\$AVG8.VAULT$ -> [Folder | Modified Date = 6/5/2008 9:15:19 AM | Attr = H ] $RECYCLE.BIN -> %SystemDrive%\$RECYCLE.BIN -> [Folder | Modified Date = 5/25/2008 10:53:25 PM | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 6/7/2008 5:44:12 PM | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 7/9/2008 3:34:34 PM | Attr = ] DELL -> %SystemDrive%\DELL -> [Folder | Modified Date = 5/25/2008 3:22:10 PM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 5/25/2008 1:59:59 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 7/9/2008 4:23:27 PM | Attr = R ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 5/25/2008 3:20:38 PM | Attr = HS] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 5/25/2008 10:53:03 PM | Attr = HS] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 7/9/2008 3:34:53 PM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 7/9/2008 3:33:38 PM | Attr = ] AegisP.sys -> %SystemRoot%\System32\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.4.3.0 | Size = 20747 bytes | Modified Date = 5/25/2008 3:34:41 PM | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Modified Date = 6/9/2008 8:20:20 AM | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 6061540 bytes | Modified Date = 6/8/2008 12:26:21 AM | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 25338442 bytes | Modified Date = 6/9/2008 8:20:18 AM | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 90632 bytes | Modified Date = 6/9/2008 12:37:12 AM | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 116658 bytes | Modified Date = 6/18/2008 12:16:12 AM | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 96520 bytes | Modified Date = 6/4/2008 5:50:17 PM | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.132 | Size = 26824 bytes | Modified Date = 6/4/2008 5:50:17 PM | Attr = ] avgtdix.sys -> %SystemRoot%\System32\drivers\avgtdix.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 76040 bytes | Modified Date = 6/4/2008 5:50:22 PM | Attr = ] Awrtpd.sys -> %SystemRoot%\System32\drivers\Awrtpd.sys -> Lavasoft AB [Ver = 1.0.0.134 | Size = 12960 bytes | Modified Date = 4/29/2008 11:19:50 AM | Attr = ] Awrtrd.sys -> %SystemRoot%\System32\drivers\Awrtrd.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 15648 bytes | Modified Date = 4/29/2008 11:19:54 AM | Attr = ] disdn -> %SystemRoot%\System32\drivers\disdn -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 5/26/2008 7:43:15 PM | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 243411 bytes | Modified Date = 5/26/2008 7:43:15 PM | Attr = R ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Modified Date = 6/28/2008 2:16:36 PM | Attr = ] mbamcatchme.sys -> %SystemRoot%\System32\drivers\mbamcatchme.sys -> [Ver = | Size = 34296 bytes | Modified Date = 6/28/2008 2:16:40 PM | Attr = ] NSDriver.sys -> %SystemRoot%\System32\drivers\NSDriver.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 15648 bytes | Modified Date = 4/29/2008 11:20:00 AM | Attr = ] pavboot.sys -> %SystemRoot%\System32\drivers\pavboot.sys -> Panda Security, S.L. [Ver = 1.0.10.0 | Size = 28544 bytes | Modified Date = 6/19/2008 5:24:30 PM | Attr = ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Modified Date = 6/30/2008 5:55:40 PM | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Modified Date = 5/26/2008 3:38:31 PM | Attr = ] MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 5/26/2008 3:38:13 PM | Attr = H ] $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 237 bytes | Modified Date = 5/25/2008 10:38:11 AM | Attr = ] 1025 -> %SystemRoot%\System32\1025 -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] 6 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> 1028 -> %SystemRoot%\System32\1028 -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] 1031 -> %SystemRoot%\System32\1031 -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] 1033 -> %SystemRoot%\System32\1033 -> [Folder | Modified Date = 5/25/2008 6:20:56 AM | Attr = ] 1037 -> %SystemRoot%\System32\1037 -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] 1041 -> %SystemRoot%\System32\1041 -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] 1042 -> %SystemRoot%\System32\1042 -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] 1054 -> %SystemRoot%\System32\1054 -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] 2052 -> %SystemRoot%\System32\2052 -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] 3076 -> %SystemRoot%\System32\3076 -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 5/26/2008 3:38:59 PM | Attr = ] ANIWZCSUSERNAME -> %SystemRoot%\System32\ANIWZCSUSERNAME -> [Ver = | Size = 7 bytes | Modified Date = 5/25/2008 2:57:49 PM | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Modified Date = 6/4/2008 5:50:17 PM | Attr = ] bits -> %SystemRoot%\System32\bits -> [Folder | Modified Date = 5/25/2008 3:54:00 PM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 6/7/2008 7:04:47 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 6/8/2008 4:20:37 PM | Attr = ] CatRoot_bak -> %SystemRoot%\System32\CatRoot_bak -> [Folder | Modified Date = 5/26/2008 3:04:38 PM | Attr = ] cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Modified Date = 5/25/2008 10:35:12 AM | Attr = RH ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,0,201,0 | Size = 98304 bytes | Modified Date = 6/2/2008 1:19:59 AM | Attr = ] CMMGR32.EXE -> %SystemRoot%\System32\CMMGR32.EXE -> [Ver = | Size = 0 bytes | Modified Date = 6/7/2008 5:51:48 PM | Attr = ] Com -> %SystemRoot%\System32\Com -> [Folder | Modified Date = 5/26/2008 4:08:52 AM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 6/7/2008 7:02:39 PM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2577 bytes | Modified Date = 5/25/2008 10:35:40 AM | Attr = ] dhcp -> %SystemRoot%\System32\dhcp -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 5/25/2008 10:35:01 AM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 6/23/2008 7:21:02 PM | Attr = RHS] dqocowwu.ini -> %SystemRoot%\System32\dqocowwu.ini -> [Ver = | Size = 1615251 bytes | Modified Date = 6/4/2008 5:48:48 PM | Attr = HS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 6/7/2008 6:28:30 PM | Attr = ] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Modified Date = 5/25/2008 10:34:12 AM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 5/26/2008 3:08:27 PM | Attr = ] export -> %SystemRoot%\System32\export -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 91888 bytes | Modified Date = 5/26/2008 7:58:21 PM | Attr = ] ias -> %SystemRoot%\System32\ias -> [Folder | Modified Date = 5/25/2008 6:20:59 AM | Attr = ] icsxml -> %SystemRoot%\System32\icsxml -> [Folder | Modified Date = 5/25/2008 6:21:14 AM | Attr = ] IME -> %SystemRoot%\System32\IME -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] inetsrv -> %SystemRoot%\System32\inetsrv -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] ixduettv.ini -> %SystemRoot%\System32\ixduettv.ini -> [Ver = | Size = 1604057 bytes | Modified Date = 6/30/2008 8:00:24 PM | Attr = HS] keystone.exe -> %SystemRoot%\System32\keystone.exe -> [Ver = | Size = 425984 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] kkSuDcdd.ini -> %SystemRoot%\System32\kkSuDcdd.ini -> [Ver = | Size = 229678 bytes | Modified Date = 6/1/2008 6:20:36 PM | Attr = HS] LexFiles.ulf -> %SystemRoot%\System32\LexFiles.ulf -> [Ver = | Size = 23812 bytes | Modified Date = 6/5/2008 1:24:08 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 5/26/2008 3:38:12 PM | Attr = ] logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Modified Date = 5/25/2008 10:35:15 AM | Attr = RH ] lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Modified Date = 5/16/2008 11:58:04 AM | Attr = ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Modified Date = 5/26/2008 3:39:21 AM | Attr = ] Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Modified Date = 5/25/2008 2:14:09 PM | Attr = S] mlfcache.dat -> %SystemRoot%\System32\mlfcache.dat -> [Ver = | Size = 13132 bytes | Modified Date = 6/8/2008 10:31:30 PM | Attr = H ] MsDtc -> %SystemRoot%\System32\MsDtc -> [Folder | Modified Date = 5/25/2008 10:34:09 AM | Attr = ] mui -> %SystemRoot%\System32\mui -> [Folder | Modified Date = 5/26/2008 4:03:19 AM | Attr = ] ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 5/25/2008 10:35:12 AM | Attr = RH ] npp -> %SystemRoot%\System32\npp -> [Folder | Modified Date = 5/26/2008 4:02:20 AM | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 5/26/2008 3:38:59 PM | Attr = ] nv3d.chm -> %SystemRoot%\System32\nv3d.chm -> [Ver = | Size = 116384 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvappbar.exe -> %SystemRoot%\System32\nvappbar.exe -> [Ver = | Size = 442368 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 121979 bytes | Modified Date = 5/25/2008 10:38:37 PM | Attr = ] nvcolor.exe -> %SystemRoot%\System32\nvcolor.exe -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 147456 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpl.chm -> %SystemRoot%\System32\nvcpl.chm -> [Ver = | Size = 121529 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpl.cpl -> %SystemRoot%\System32\nvcpl.cpl -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 420384 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcplui.exe -> %SystemRoot%\System32\nvcplui.exe -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 768544 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcuda.dll -> %SystemRoot%\System32\nvcuda.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 1241088 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvdsp.chm -> %SystemRoot%\System32\nvdsp.chm -> [Ver = | Size = 181895 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvdspsch.exe -> %SystemRoot%\System32\nvdspsch.exe -> [Ver = | Size = 1339392 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvexpbar.dll -> %SystemRoot%\System32\nvexpbar.dll -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 313888 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nview.dll -> %SystemRoot%\System32\nview.dll -> [Ver = | Size = 1486848 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvmob.chm -> %SystemRoot%\System32\nvmob.chm -> [Ver = | Size = 54988 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvnt4cpl.dll -> %SystemRoot%\System32\nvnt4cpl.dll -> [Ver = | Size = 286720 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvshell.dll -> %SystemRoot%\System32\nvshell.dll -> [Ver = | Size = 466944 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvtuicpl.cpl -> %SystemRoot%\System32\nvtuicpl.cpl -> [Ver = | Size = 73728 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] NVUNINST.EXE -> %SystemRoot%\System32\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Modified Date = 4/30/2008 5:27:42 PM | Attr = ] nvwdmcpl.dll -> %SystemRoot%\System32\nvwdmcpl.dll -> [Ver = | Size = 1703936 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvwimg.dll -> %SystemRoot%\System32\nvwimg.dll -> [Ver = | Size = 1019904 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 5/25/2008 10:35:12 AM | Attr = RH ] nwiz.exe -> %SystemRoot%\System32\nwiz.exe -> [Ver = | Size = 1630208 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Modified Date = 5/26/2008 4:03:19 AM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 59780 bytes | Modified Date = 5/26/2008 7:25:45 PM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 397560 bytes | Modified Date = 5/26/2008 7:25:45 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 464860 bytes | Modified Date = 5/26/2008 7:25:45 PM | Attr = ] PnkBstrA.exe -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 5/26/2008 7:53:56 PM | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 103736 bytes | Modified Date = 6/30/2008 5:55:32 PM | Attr = ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Modified Date = 5/27/2008 8:23:29 PM | Attr = ] qknjdpqy.ini -> %SystemRoot%\System32\qknjdpqy.ini -> [Ver = | Size = 1603783 bytes | Modified Date = 6/30/2008 4:38:43 PM | Attr = HS] ras -> %SystemRoot%\System32\ras -> [Folder | Modified Date = 5/25/2008 6:21:17 AM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 6/1/2008 4:48:48 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 5/27/2008 9:09:07 PM | Attr = ] sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 5/25/2008 10:35:12 AM | Attr = RH ] Setup -> %SystemRoot%\System32\Setup -> [Folder | Modified Date = 5/26/2008 4:03:19 AM | Attr = ] ShellExt -> %SystemRoot%\System32\ShellExt -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Modified Date = 5/25/2008 10:33:18 AM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Modified Date = 5/26/2008 4:02:10 AM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 6/7/2008 7:02:30 PM | Attr = ] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Modified Date = 5/25/2008 10:35:15 AM | Attr = RH ] wins -> %SystemRoot%\System32\wins -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] WLAN.INI -> %SystemRoot%\System32\WLAN.INI -> [Ver = | Size = 890 bytes | Modified Date = 5/25/2008 3:34:37 PM | Attr = ] wmpscheme.xml -> %SystemRoot%\System32\wmpscheme.xml -> [Ver = | Size = 25065 bytes | Modified Date = 5/25/2008 2:00:12 PM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 6/3/2008 2:08:17 PM | Attr = ] wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 5/25/2008 10:35:12 AM | Attr = RH ] xfcodec.dll -> %SystemRoot%\System32\xfcodec.dll -> [Ver = 31956 | Size = 41296 bytes | Modified Date = 5/13/2008 9:29:30 PM | Attr = ] xircom -> %SystemRoot%\System32\xircom -> [Folder | Modified Date = 5/25/2008 10:37:17 AM | Attr = ] xyeeowrd.ini -> %SystemRoot%\System32\xyeeowrd.ini -> [Ver = | Size = 1603997 bytes | Modified Date = 6/30/2008 5:41:10 PM | Attr = HS] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 6/27/2008 7:16:32 PM | Attr = H ] $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Modified Date = 5/25/2008 3:54:08 PM | Attr = H ] $NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 5/26/2008 4:01:08 AM | Attr = H ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 5/26/2008 3:07:06 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 5/26/2008 3:06:57 PM | Attr = H ] addins -> %SystemRoot%\addins -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 5/26/2008 3:41:51 PM | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 5/26/2008 6:49:53 PM | Attr = R S] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 6/8/2008 4:20:15 PM | Attr = S] Config -> %SystemRoot%\Config -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Modified Date = 5/25/2008 10:35:40 AM | Attr = ] Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 5/25/2008 10:33:52 AM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 5/26/2008 8:00:42 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 7/9/2008 3:35:07 PM | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] EHome -> %SystemRoot%\EHome -> [Folder | Modified Date = 5/26/2008 4:00:23 AM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 7/9/2008 4:25:03 PM | Attr = ] eReg.dat -> %SystemRoot%\eReg.dat -> [Ver = | Size = 528 bytes | Modified Date = 5/26/2008 7:28:10 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 5/26/2008 2:30:42 PM | Attr = R S] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 6/1/2008 7:59:48 PM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 5/26/2008 3:07:41 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 5/26/2008 3:08:12 PM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Modified Date = 5/26/2008 4:03:19 AM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 6/7/2008 6:25:19 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 6/7/2008 5:44:12 PM | Attr = HS] iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.3 | Size = 729088 bytes | Modified Date = 5/26/2008 7:32:27 PM | Attr = ] java -> %SystemRoot%\java -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 5/26/2008 3:07:49 PM | Attr = ] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 5/26/2008 6:49:54 PM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 5/26/2008 7:58:15 PM | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] mui -> %SystemRoot%\mui -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 5/26/2008 3:06:14 PM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 5/28/2008 1:38:41 PM | Attr = ] nvidia icons -> %SystemRoot%\nvidia icons -> [Folder | Modified Date = 5/25/2008 3:45:48 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Modified Date = 5/25/2008 3:45:40 PM | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Modified Date = 5/25/2008 10:35:36 AM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Modified Date = 5/25/2008 10:35:15 AM | Attr = R ] PCHealth -> %SystemRoot%\PCHealth -> [Folder | Modified Date = 5/25/2008 10:34:42 AM | Attr = ] peernet -> %SystemRoot%\peernet -> [Folder | Modified Date = 5/26/2008 4:03:13 AM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 7/9/2008 4:29:27 PM | Attr = ] provisioning -> %SystemRoot%\provisioning -> [Folder | Modified Date = 5/26/2008 4:03:13 AM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 6/7/2008 5:38:24 PM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 6/4/2008 8:11:21 PM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 6/5/2008 4:09:29 PM | Attr = H ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 6/7/2008 7:02:30 PM | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Modified Date = 5/25/2008 10:49:58 AM | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] Resources -> %SystemRoot%\Resources -> [Folder | Modified Date = 5/25/2008 6:19:46 AM | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 5/26/2008 3:13:13 PM | Attr = ] ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [Folder | Modified Date = 5/26/2008 4:02:23 AM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 5/26/2008 2:51:57 PM | Attr = ] srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 5/26/2008 4:02:20 AM | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 7/9/2008 3:28:50 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 5/26/2008 4:02:09 AM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 231 bytes | Modified Date = 5/25/2008 6:24:40 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 7/9/2008 4:26:58 PM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 6/4/2008 8:09:55 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 7/9/2008 4:30:36 PM | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 6/13/2008 4:25:37 AM | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Modified Date = 5/25/2008 10:34:10 AM | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Modified Date = 5/25/2008 10:34:10 AM | Attr = ] WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 5/26/2008 3:07:55 PM | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Modified Date = 5/26/2008 4:01:32 AM | Attr = R ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 517 bytes | Modified Date = 5/26/2008 3:38:57 PM | Attr = ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 5/25/2008 10:35:12 AM | Attr = RH ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 6/8/2008 10:02:21 PM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 5/26/2008 2:31:53 PM | Attr = ] WMSysPrx.prx -> %SystemRoot%\WMSysPrx.prx -> [Ver = | Size = 299552 bytes | Modified Date = 5/25/2008 10:35:39 AM | Attr = ] YOURAPP.EXE -> %SystemRoot%\YOURAPP.EXE -> [Ver = | Size = 0 bytes | Modified Date = 6/7/2008 5:51:50 PM | Attr = ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 6/4/2008 8:26:00 AM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 6/8/2008 4:20:20 PM | Attr = H ] H:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\ -> H:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help -> [Folder | Modified Date = 5/26/2008 2:56:33 PM | Attr = ] hhcolreg.dat -> H:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [Ver = | Size = 9158 bytes | Modified Date = 5/26/2008 3:34:37 PM | Attr = ] H:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> H:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 5/25/2008 3:48:39 PM | Attr = ] qmgr0.dat -> H:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4617 bytes | Modified Date = 6/27/2008 7:18:15 PM | Attr = ] qmgr1.dat -> H:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4232 bytes | Modified Date = 6/27/2008 7:18:15 PM | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Application Data\Adobe -> [Folder | Modified Date = 6/8/2008 10:02:41 PM | Attr = ] Apple Computer -> %AllUsersProfile%\Application Data\Apple Computer -> [Folder | Modified Date = 6/7/2008 7:02:12 PM | Attr = ] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Modified Date = 5/26/2008 7:16:25 PM | Attr = ] Creative Labs -> %AllUsersProfile%\Application Data\Creative Labs -> [Folder | Modified Date = 5/27/2008 8:59:50 PM | Attr = ] DellFaxCtr -> %AllUsersProfile%\Application Data\DellFaxCtr -> [Folder | Modified Date = 6/5/2008 1:21:21 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 5/25/2008 6:24:23 AM | Attr = HS] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Modified Date = 5/26/2008 7:44:32 PM | Attr = ] LUInstall.LiveUpdate -> %AllUsersProfile%\Application Data\LUInstall.LiveUpdate -> [Ver = | Size = 79668 bytes | Modified Date = 5/26/2008 2:29:59 PM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Modified Date = 6/7/2008 5:40:27 PM | Attr = ] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Modified Date = 5/26/2008 2:31:01 PM | Attr = S] Prism -> %AllUsersProfile%\Application Data\Prism -> [Folder | Modified Date = 5/25/2008 3:11:28 PM | Attr = ] Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [Folder | Modified Date = 5/26/2008 7:43:27 PM | Attr = ] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 6/7/2008 5:44:14 PM | Attr = ] Symantec -> %AllUsersProfile%\Application Data\Symantec -> [Folder | Modified Date = 5/26/2008 4:12:25 AM | Attr = ] Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 5/26/2008 4:00:27 AM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 6/8/2008 10:04:57 PM | Attr = ] Apple Computer -> %AppData%\Apple Computer -> [Folder | Modified Date = 6/4/2008 8:10:57 PM | Attr = ] AVGTOOLBAR -> %AppData%\AVGTOOLBAR -> [Folder | Modified Date = 5/26/2008 7:25:24 PM | Attr = ] DellFaxCtr -> %AppData%\DellFaxCtr -> [Folder | Modified Date = 6/5/2008 4:09:33 PM | Attr = ] desktop.ini -> %AppData%\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 5/25/2008 6:24:23 AM | Attr = HS] Identities -> %AppData%\Identities -> [Folder | Modified Date = 5/25/2008 2:00:11 PM | Attr = ] LimeWire -> %AppData%\LimeWire -> [Folder | Modified Date = 6/29/2008 2:28:56 PM | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Modified Date = 5/25/2008 11:11:32 PM | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Modified Date = 6/7/2008 5:40:29 PM | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Modified Date = 6/8/2008 10:13:16 PM | Attr = S] mIRC -> %AppData%\mIRC -> [Folder | Modified Date = 7/9/2008 4:22:43 PM | Attr = ] Mozilla -> %AppData%\Mozilla -> [Folder | Modified Date = 5/28/2008 1:38:37 PM | Attr = ] Ruckus Network -> %AppData%\Ruckus Network -> [Folder | Modified Date = 6/4/2008 7:56:53 PM | Attr = ] Sun -> %AppData%\Sun -> [Folder | Modified Date = 7/9/2008 3:28:50 PM | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 6/7/2008 5:44:10 PM | Attr = ] teamspeak2 -> %AppData%\teamspeak2 -> [Folder | Modified Date = 6/10/2008 11:47:26 AM | Attr = ] Uniblue -> %AppData%\Uniblue -> [Folder | Modified Date = 5/27/2008 9:02:35 PM | Attr = ] Ventrilo -> %AppData%\Ventrilo -> [Folder | Modified Date = 6/30/2008 6:17:28 PM | Attr = ] WarZone -> %AppData%\WarZone -> [Folder | Modified Date = 6/1/2008 7:52:47 PM | Attr = ] Xfire -> %AppData%\Xfire -> [Folder | Modified Date = 6/1/2008 4:46:51 PM | Attr = ] Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [Folder | Modified Date = 6/8/2008 10:05:03 PM | Attr = ] Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer -> [Folder | Modified Date = 6/4/2008 8:10:58 PM | Attr = ] Ares -> %UserProfile%\Local Settings\Application Data\Ares -> [Folder | Modified Date = 6/10/2008 2:12:48 PM | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 9728 bytes | Modified Date = 6/9/2008 5:21:27 AM | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 13104 bytes | Modified Date = 5/26/2008 2:31:38 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 6934930 bytes | Modified Date = 6/8/2008 4:17:20 PM | Attr = H ] Identities -> %UserProfile%\Local Settings\Application Data\Identities -> [Folder | Modified Date = 6/8/2008 10:13:16 PM | Attr = ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 5/27/2008 8:21:13 PM | Attr = ] Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [Folder | Modified Date = 5/28/2008 1:38:37 PM | Attr = ] Steam -> %UserProfile%\Local Settings\Application Data\Steam -> [Folder | Modified Date = 5/25/2008 2:03:02 PM | Attr = ] WMTools Downloaded Files -> %UserProfile%\Local Settings\Application Data\WMTools Downloaded Files -> [Folder | Modified Date = 5/26/2008 3:10:14 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 5/25/2008 6:24:23 AM | Attr = HS] My Music -> %AllUsersProfile%\Documents\My Music -> [Folder | Modified Date = 5/26/2008 3:40:06 PM | Attr = R ] My Pictures -> %AllUsersProfile%\Documents\My Pictures -> [Folder | Modified Date = 5/25/2008 10:34:40 AM | Attr = R ] My Videos -> %AllUsersProfile%\Documents\My Videos -> [Folder | Modified Date = 5/26/2008 3:10:13 PM | Attr = R ] Default.rdp -> %UserProfile%\My Documents\Default.rdp -> [Ver = | Size = 0 bytes | Modified Date = 6/3/2008 4:53:51 PM | Attr = H ] desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [Ver = | Size = 78 bytes | Modified Date = 5/26/2008 3:20:07 PM | Attr = HS] Hitman Blood Money -> %UserProfile%\My Documents\Hitman Blood Money -> [Folder | Modified Date = 6/4/2008 5:32:39 AM | Attr = ] Hitman Blood Money Demo -> %UserProfile%\My Documents\Hitman Blood Money Demo -> [Folder | Modified Date = 6/2/2008 1:20:10 AM | Attr = ] LimeWire -> %UserProfile%\My Documents\LimeWire -> [Folder | Modified Date = 6/28/2008 7:24:44 PM | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 6/6/2008 8:27:52 PM | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 5/26/2008 3:20:07 PM | Attr = R ] My Received Files -> %UserProfile%\My Documents\My Received Files -> [Folder | Modified Date = 5/26/2008 6:37:20 PM | Attr = ] My Videos -> %UserProfile%\My Documents\My Videos -> [Folder | Modified Date = 5/28/2008 1:38:45 PM | Attr = R ] Adobe Reader 8.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 8.lnk -> [Ver = | Size = 1731 bytes | Modified Date = 6/8/2008 10:02:23 PM | Attr = ] Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [Ver = | Size = 698 bytes | Modified Date = 6/7/2008 5:40:28 PM | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 782 bytes | Modified Date = 6/7/2008 5:44:10 PM | Attr = ] VistaBootPRO 3.3.lnk -> %AllUsersProfile%\Desktop\VistaBootPRO 3.3.lnk -> [Ver = | Size = 1876 bytes | Modified Date = 5/25/2008 10:47:59 PM | Attr = ] WarZone.lnk -> %AllUsersProfile%\Desktop\WarZone.lnk -> [Ver = | Size = 680 bytes | Modified Date = 6/1/2008 7:52:53 PM | Attr = ] ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 6/7/2008 5:27:45 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\ATF_Cleaner.exe:Zone.Identifier BF1942CDKEYChanger.exe -> %UserProfile%\Desktop\BF1942CDKEYChanger.exe -> [Ver = 1.00 | Size = 32768 bytes | Modified Date = 6/30/2008 5:53:07 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\BF1942CDKEYChanger.exe:Zone.Identifier cluedome.lnk -> %UserProfile%\Desktop\cluedome.lnk -> [Ver = | Size = 601 bytes | Modified Date = 5/26/2008 7:46:43 PM | Attr = ] cstrike.lnk -> %UserProfile%\Desktop\cstrike.lnk -> [Ver = | Size = 755 bytes | Modified Date = 6/1/2008 10:12:00 AM | Attr = ] DesertCombat.lnk -> %UserProfile%\Desktop\DesertCombat.lnk -> [Ver = | Size = 1791 bytes | Modified Date = 5/26/2008 7:35:46 PM | Attr = ] dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Modified Date = 7/9/2008 3:34:33 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\dss.exe:Zone.Identifier ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [Ver = | Size = 594 bytes | Modified Date = 7/9/2008 4:23:29 PM | Attr = ] Firefox.lnk -> %UserProfile%\Desktop\Firefox.lnk -> [Ver = | Size = 631 bytes | Modified Date = 5/26/2008 7:47:12 PM | Attr = ] fix.reg -> %UserProfile%\Desktop\fix.reg -> [Ver = | Size = 127 bytes | Modified Date = 7/9/2008 4:26:08 PM | Attr = ] hijackthis uninstall list -> %UserProfile%\Desktop\hijackthis uninstall list -> [Ver = | Size = 5557 bytes | Modified Date = 6/8/2008 3:21:00 PM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1736 bytes | Modified Date = 6/8/2008 3:19:00 PM | Attr = ] Incomplete -> %UserProfile%\Desktop\Incomplete -> [Folder | Modified Date = 6/29/2008 2:28:01 PM | Attr = ] Internet.lnk -> %UserProfile%\Desktop\Internet.lnk -> [Ver = | Size = 104 bytes | Modified Date = 5/25/2008 2:55:27 PM | Attr = ] limewire music -> %UserProfile%\Desktop\limewire music -> [Folder | Modified Date = 6/29/2008 2:27:54 PM | Attr = ] LimeWire.lnk -> %UserProfile%\Desktop\LimeWire.lnk -> [Ver = | Size = 601 bytes | Modified Date = 5/26/2008 7:49:08 PM | Attr = ] MIRC.lnk -> %UserProfile%\Desktop\MIRC.lnk -> [Ver = | Size = 780 bytes | Modified Date = 5/26/2008 6:42:57 PM | Attr = ] movies.lnk -> %UserProfile%\Desktop\movies.lnk -> [Ver = | Size = 867 bytes | Modified Date = 6/12/2008 5:39:05 PM | Attr = ] Music.lnk -> %UserProfile%\Desktop\Music.lnk -> [Ver = | Size = 575 bytes | Modified Date = 5/27/2008 9:19:16 PM | Attr = ] Notepad.lnk -> %UserProfile%\Desktop\Notepad.lnk -> [Ver = | Size = 1509 bytes | Modified Date = 5/31/2008 11:16:17 PM | Attr = ] NTREGOPT.lnk -> %UserProfile%\Desktop\NTREGOPT.lnk -> [Ver = | Size = 613 bytes | Modified Date = 7/9/2008 4:23:30 PM | Attr = ] OTMoveIt2.exe -> %UserProfile%\Desktop\OTMoveIt2.exe -> OldTimer Tools [Ver = 1.0.4.3 | Size = 291840 bytes | Modified Date = 7/9/2008 3:33:14 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTMoveIt2.exe:Zone.Identifier OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 7/9/2008 4:28:50 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568114 bytes | Modified Date = 7/9/2008 4:28:46 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier PB Updates -> %UserProfile%\Desktop\PB Updates -> [Folder | Modified Date = 5/26/2008 7:42:11 PM | Attr = ] Professional Edition.lnk -> %UserProfile%\Desktop\Professional Edition.lnk -> [Ver = | Size = 775 bytes | Modified Date = 6/8/2008 8:39:40 PM | Attr = ] Ruckus.lnk -> %UserProfile%\Desktop\Ruckus.lnk -> [Ver = | Size = 618 bytes | Modified Date = 5/26/2008 7:48:18 PM | Attr = ] Services.lnk -> %UserProfile%\Desktop\Services.lnk -> [Ver = | Size = 1592 bytes | Modified Date = 5/26/2008 6:36:23 PM | Attr = ] Spyware-Virus Cleaning Tools -> %UserProfile%\Desktop\Spyware-Virus Cleaning Tools -> [Folder | Modified Date = 5/26/2008 7:46:32 PM | Attr = ] Steam.lnk -> %UserProfile%\Desktop\Steam.lnk -> [Ver = | Size = 569 bytes | Modified Date = 5/25/2008 11:01:23 PM | Attr = ] TeamSpeak.lnk -> %UserProfile%\Desktop\TeamSpeak.lnk -> [Ver = | Size = 634 bytes | Modified Date = 5/26/2008 7:48:24 PM | Attr = ] Ventrilo.lnk -> %UserProfile%\Desktop\Ventrilo.lnk -> [Ver = | Size = 601 bytes | Modified Date = 5/25/2008 11:01:35 PM | Attr = ] VLC.lnk -> %UserProfile%\Desktop\VLC.lnk -> [Ver = | Size = 640 bytes | Modified Date = 5/26/2008 7:48:39 PM | Attr = ] Windows Media Player.lnk -> %UserProfile%\Desktop\Windows Media Player.lnk -> [Ver = | Size = 790 bytes | Modified Date = 5/26/2008 6:38:11 PM | Attr = ] Xfire.lnk -> %UserProfile%\Desktop\Xfire.lnk -> [Ver = | Size = 569 bytes | Modified Date = 5/26/2008 6:40:28 PM | Attr = ] XMPChat.lnk -> %UserProfile%\Desktop\XMPChat.lnk -> [Ver = | Size = 753 bytes | Modified Date = 6/1/2008 7:50:25 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 5/25/2008 10:35:41 AM | Attr = HS] desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 5/25/2008 10:35:41 AM | Attr = HS] ERUNT AutoBackup.lnk -> %UserProfile%\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [Ver = | Size = 769 bytes | Modified Date = 7/9/2008 4:24:14 PM | Attr = ] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 6/8/2008 10:02:23 PM | Attr = ] Apple -> %CommonProgramFiles%\Apple -> [Folder | Modified Date = 6/4/2008 8:09:38 PM | Attr = ] Creative Labs Shared -> %CommonProgramFiles%\Creative Labs Shared -> [Folder | Modified Date = 5/27/2008 8:59:47 PM | Attr = ] Download Manager -> %CommonProgramFiles%\Download Manager -> [Folder | Modified Date = 6/7/2008 5:40:13 PM | Attr = ] InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Modified Date = 6/5/2008 1:22:47 PM | Attr = ] Java -> %CommonProgramFiles%\Java -> [Folder | Modified Date = 5/25/2008 11:13:07 PM | Attr = ] Logitech -> %CommonProgramFiles%\Logitech -> [Folder | Modified Date = 6/1/2008 4:46:49 PM | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 5/26/2008 7:16:20 PM | Attr = ] MSSoap -> %CommonProgramFiles%\MSSoap -> [Folder | Modified Date = 5/25/2008 10:34:27 AM | Attr = ] ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Modified Date = 5/25/2008 6:24:44 AM | Attr = ] Services -> %CommonProgramFiles%\Services -> [Folder | Modified Date = 5/25/2008 10:34:33 AM | Attr = ] SpeechEngines -> %CommonProgramFiles%\SpeechEngines -> [Folder | Modified Date = 5/25/2008 6:24:42 AM | Attr = ] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 5/26/2008 4:12:25 AM | Attr = ] System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 5/26/2008 7:27:12 PM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 6/7/2008 5:43:59 PM | Attr = ] < End of report > [/code]