[code] OTScanIt logfile created on: 7/17/2008 5:38:20 PM OTScanIt by OldTimer - Version 1.0.16.2 Folder = C:\Documents and Settings\TheShape\Desktop\OTScanIt Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 82.52% Memory free 3.85 Gb Paging File | 3.61 Gb Available in Paging File | 93.71% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111.75 Gb Total Space | 88.42 Gb Free Space | 79.12% Space Free | Partition Type: NTFS Drive D: | 645.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: GOD Current User Name: TheShape Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] avgwdsvc.exe -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 231192 bytes | Modified Date = 7/15/2008 8:49:40 PM | Attr = ] ctsvccda.exe -> %SystemRoot%\system32\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/13/1999 1:01:00 AM | Attr = ] ntuneservice.exe -> %ProgramFiles%\NVIDIA Corporation\nTune\nTuneService.exe -> NVIDIA [Ver = 5.05.54 | Size = 131072 bytes | Modified Date = 9/4/2007 7:25:44 PM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6906 | Size = 155716 bytes | Modified Date = 11/7/2007 8:00:00 AM | Attr = ] pnkbstra.exe -> %SystemRoot%\system32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 7/2/2008 1:13:29 AM | Attr = ] avgam.exe -> %ProgramFiles%\AVG\AVG8\avgam.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 639256 bytes | Modified Date = 7/15/2008 8:49:38 PM | Attr = ] avgrsx.exe -> %ProgramFiles%\AVG\AVG8\avgrsx.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 287000 bytes | Modified Date = 7/15/2008 8:49:37 PM | Attr = ] avgnsx.exe -> %ProgramFiles%\AVG\AVG8\avgnsx.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 422680 bytes | Modified Date = 7/15/2008 8:49:42 PM | Attr = ] avgemc.exe -> %ProgramFiles%\AVG\AVG8\avgemc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 873752 bytes | Modified Date = 7/15/2008 8:49:38 PM | Attr = ] ctnotify.exe -> %ProgramFiles%\Creative\ShareDLL\CTNOTIFY.EXE -> Creative Technology Ltd. [Ver = 2.00.05.0 | Size = 191488 bytes | Modified Date = 12/25/2001 2:00:00 PM | Attr = ] mediadet.exe -> %ProgramFiles%\Creative\ShareDLL\MEDIADET.EXE -> Creative Technology Ltd. [Ver = 2.00.07.0 | Size = 167424 bytes | Modified Date = 4/29/2002 2:00:00 PM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 144784 bytes | Modified Date = 6/10/2008 4:27:04 AM | Attr = ] ctltray.exe -> %ProgramFiles%\Creative\SBAudigy\TaskBar\CTLTray.exe -> Creative Technology Ltd. [Ver = 1.00.00.24 | Size = 163840 bytes | Modified Date = 6/29/2001 1:00:00 AM | Attr = ] ctltask.exe -> %ProgramFiles%\Creative\SBAudigy\TaskBar\CTLTask.exe -> Creative Technology Ltd [Ver = 1.00.00.33 | Size = 122880 bytes | Modified Date = 5/8/2002 1:00:00 AM | Attr = ] wmp11cfg.exe -> %ProgramFiles%\Linksys\WMP11 Config Utility\WMP11CFG.exe -> The Linksys Group, Inc. [Ver = 1.0.5.95 | Size = 4513280 bytes | Modified Date = 11/13/2002 11:27:06 AM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 7/12/2008 9:29:54 AM | Attr = ] [Win32 Services - Non-Microsoft Only] (avg8emc) AVG8 E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgemc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 873752 bytes | Modified Date = 7/15/2008 8:49:38 PM | Attr = ] (avg8wd) AVG8 WatchDog [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 231192 bytes | Modified Date = 7/15/2008 8:49:40 PM | Attr = ] (Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %SystemRoot%\system32\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/13/1999 1:01:00 AM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.5512.503.0 | Size = 224768 bytes | Modified Date = 4/13/2008 8:12:17 PM | Attr = ] (nTuneService) nTune Service [Win32_Own | Auto | Running] -> %ProgramFiles%\NVIDIA Corporation\nTune\nTuneService.exe -> NVIDIA [Ver = 5.05.54 | Size = 131072 bytes | Modified Date = 9/4/2007 7:25:44 PM | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6906 | Size = 155716 bytes | Modified Date = 11/7/2007 8:00:00 AM | Attr = ] (PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 7/2/2008 1:13:29 AM | Attr = ] [Driver Services - Non-Microsoft Only] (AvgLdx86) AVG AVI Loader Driver x86 [Kernel | System | Running] -> %SystemRoot%\system32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 96520 bytes | Modified Date = 7/15/2008 8:45:57 PM | Attr = ] (AvgMfx86) AVG On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> %SystemRoot%\system32\drivers\avgmfx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.132 | Size = 26824 bytes | Modified Date = 7/15/2008 8:49:37 PM | Attr = ] (AvgRkx86) avgrkx86.sys [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\avgrkx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.104 | Size = 12936 bytes | Modified Date = 7/15/2008 8:46:06 PM | Attr = ] (AvgTdiX) AVG8 Network Redirector [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\avgtdix.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 76040 bytes | Modified Date = 7/15/2008 8:45:57 PM | Attr = ] (ctac32k) Creative AC3 Software Decoder [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctac32k.sys -> Creative Technology Ltd [Ver = 5.12.01.0245-1.31.0050 | Size = 127948 bytes | Modified Date = 7/18/2002 10:46:28 PM | Attr = ] (ctaud2k) Creative Audio Driver (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctaud2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0252-1.31.0120 | Size = 837548 bytes | Modified Date = 7/18/2002 10:47:52 PM | Attr = ] (ctprxy2k) Creative Proxy Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctprxy2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 11068 bytes | Modified Date = 7/18/2002 10:48:08 PM | Attr = ] (ctsfm2k) Creative SoundFont Management Device Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctsfm2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0140-0.75.1490 (beta-release) | Size = 213860 bytes | Modified Date = 7/18/2002 10:48:22 PM | Attr = ] (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.5512.503.0 | Size = 799744 bytes | Modified Date = 4/13/2008 2:44:48 PM | Attr = ] (dmio) dmio [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.5512.503.0 | Size = 153344 bytes | Modified Date = 4/13/2008 2:44:46 PM | Attr = ] (dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ] (EagleNT) EagleNT [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\EagleNt.sys -> AhnLab, Inc. [Ver = 0,0,1,27 | Size = 427648 bytes | Modified Date = 7/17/2008 12:33:16 AM | Attr = ] (emupia) E-mu Plug-in Architecture Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\emupia2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 156604 bytes | Modified Date = 7/18/2002 10:48:32 PM | Attr = ] (ha10kx2k) Creative Hardware Abstract Layer Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ha10kx2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0250-1.31.0090 | Size = 998004 bytes | Modified Date = 7/24/2002 1:52:26 AM | Attr = ] (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hdaudbus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 144384 bytes | Modified Date = 4/13/2008 12:36:05 PM | Attr = ] (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6906 | Size = 7429088 bytes | Modified Date = 11/7/2007 8:00:00 AM | Attr = ] (NVR0Dev) NVR0Dev [Kernel | On_Demand | Running] -> %SystemRoot%\nvoclock.sys -> NVidia Corp. [Ver = 5.05.54 | Size = 29696 bytes | Modified Date = 9/4/2007 7:26:32 PM | Attr = ] (ossrv) Creative OS Services Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctoss2k.sys -> Creative Technology Ltd. [Ver = 5.12.01.0245-1.31.0050 | Size = 195432 bytes | Modified Date = 7/18/2002 10:48:04 PM | Attr = ] (PCANDIS5) PCANDIS5 Protocol Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\PCANDIS5.SYS -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.00.13.49 | Size = 16068 bytes | Modified Date = 10/15/2000 5:38:54 PM | Attr = ] (PfModNT) PfModNT [Kernel | Auto | Running] -> %SystemRoot%\system32\PFMODNT.SYS -> Creative Technology Ltd. [Ver = 2.0.0.0 | Size = 6752 bytes | Modified Date = 12/17/1999 1:00:00 AM | Attr = ] (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/4/2004 8:00:00 AM | Attr = ] (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 11/13/2007 6:25:53 AM | Attr = ] (WMP11V27) Instant Wireless PCI Card V2.7 Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\WMP11V27.sys -> The Linksys Group, Inc [Ver = 3.8.28.0 | Size = 171776 bytes | Modified Date = 7/30/2002 5:22:36 PM | Attr = R ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AVG8_TRAY -> %ProgramFiles%\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 1232152 bytes | Modified Date = 7/15/2008 8:49:44 PM | Attr = ] CTStartup -> %ProgramFiles%\Creative\Splash Screen\CTEaxSpl.exe [C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run] -> Creative Technology Ltd. [Ver = 1, 1, 0, 1 | Size = 28672 bytes | Modified Date = 12/20/2001 1:00:00 AM | Attr = ] Disc Detector -> %ProgramFiles%\Creative\ShareDLL\CTNOTIFY.EXE [C:\Program Files\Creative\ShareDLL\CtNotify.exe] -> Creative Technology Ltd. [Ver = 2.00.05.0 | Size = 191488 bytes | Modified Date = 12/25/2001 2:00:00 PM | Attr = ] Jet Detection -> %ProgramFiles%\Creative\SBAudigy\Program\ADGJDet.exe ["C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"] -> [Ver = 1, 0, 2, 0 | Size = 28672 bytes | Modified Date = 11/29/2001 1:00:00 AM | Attr = ] NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.11.6906 | Size = 81920 bytes | Modified Date = 11/7/2007 8:00:00 AM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 144784 bytes | Modified Date = 6/10/2008 4:27:04 AM | Attr = ] UpdReg -> %SystemRoot%\Updreg.EXE [C:\WINDOWS\UpdReg.EXE] -> Creative Technology Ltd. [Ver = 1.0.2 | Size = 90112 bytes | Modified Date = 5/11/2000 1:00:00 AM | Attr = ] WINDVDPatch -> %SystemRoot%\system32\CTHELPER.EXE [CTHELPER.EXE] -> Creative Technology Ltd [Ver = 1, 0, 0, 2 | Size = 24576 bytes | Modified Date = 7/2/2002 5:56:00 AM | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> NVIDIA nTune -> %ProgramFiles%\NVIDIA Corporation\nTune\nTuneCmd.exe ["C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear] -> NVIDIA [Ver = 5.05.54 | Size = 81920 bytes | Modified Date = 9/4/2007 7:25:38 PM | Attr = ] RemoteCenter -> %ProgramFiles%\Creative\SBAudigy\RemoteCenter\Rc\RcMan.exe [C:\Program Files\Creative\SBAudigy\RemoteCenter\Rc\Rcman.exe] -> Creative Technology Ltd. [Ver = 1.40.14 | Size = 122880 bytes | Modified Date = 4/3/2002 1:40:00 AM | Attr = ] TaskBar -> %ProgramFiles%\Creative\SBAudigy\TaskBar\CTLTask.exe ["C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe"] -> Creative Technology Ltd [Ver = 1.00.00.33 | Size = 122880 bytes | Modified Date = 5/8/2002 1:00:00 AM | Attr = ] TaskTray -> %ProgramFiles%\Creative\SBAudigy\TaskBar\CTLTray.exe ["C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"] -> Creative Technology Ltd. [Ver = 1.00.00.24 | Size = 163840 bytes | Modified Date = 6/29/2001 1:00:00 AM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Wireless PCI Card Configuration Utility.lnk -> %ProgramFiles%\Linksys\WMP11 Config Utility\WMP11CFG.exe -> The Linksys Group, Inc. [Ver = 1.0.5.95 | Size = 4513280 bytes | Modified Date = 11/13/2002 11:27:06 AM | Attr = ] < TheShape Startup Folder > -> C:\Documents and Settings\TheShape\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\Xfire.lnk -> %ProgramFiles%\Xfire\xfire.exe -> Xfire Inc. [Ver = 13133 | Size = 3031376 bytes | Modified Date = 6/26/2008 4:09:36 PM | Attr = ] < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> avgrsstx.dll -> %SystemRoot%\system32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Modified Date = 7/15/2008 8:49:37 PM | Attr = ] *MultiFile Done* -> -> < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 1033728 bytes | Modified Date = 4/13/2008 8:12:19 PM | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 26112 bytes | Modified Date = 4/13/2008 8:12:38 PM | Attr = ] *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 514560 bytes | Modified Date = 4/13/2008 8:12:24 PM | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 8:12:05 PM | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2105) | Size = 300544 bytes | Modified Date = 4/13/2008 8:12:41 PM | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> _ [binary data] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> _ [binary data] -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> SCSI miniport -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2108) | Size = 62976 bytes | Modified Date = 4/13/2008 2:40:46 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found TORiSAN CD-ROM CDR_C36 -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomPIONEER_DVD-RW__DVR-105_________________1.00____\4220444b304c303132365733204c202020202020 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 1 -> < Drives - Autoruns > -> -> AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 0 bytes | Modified Date = 7/1/2008 11:30:00 PM | Attr = ] AUTORUN.INF [[autorun] | open = ctrun\start.exe | icon = ctrun\ctrun.ico | ] -> D:\AUTORUN.INF [ CDFS ] -> [Ver = | Size = 57 bytes | Modified Date = 3/5/2002 1:00:00 PM | Attr = R ] < HOSTS File > (914 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> free_aol.com [http] -> Trusted sites -> 2 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 12:02:04 PM | Attr = ] {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgssie.dll [AVG Safe Search] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.136 | Size = 455960 bytes | Modified Date = 7/15/2008 8:49:42 PM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {20FBDCDE-3C0F-4DD8-8CF0-55F92F23ABE0} -> (1394 Net Adapter) -> {5BE6F294-A30D-4EDB-9E50-2AED050DC6FF} -> (1394 Net Adapter) -> {69B5AEC4-D1A8-48F8-A7A4-612B3AC3ECAF} -> (Instant Wireless PCI Card V2.7) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgpp.dll[XPLPPFilter Class] -> AVG Technologies CZ, s.r.o. [Ver = | Size = 79128 bytes | Modified Date = 7/15/2008 8:49:42 PM | Attr = ] msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A}[HKEY_LOCAL_MACHINE] -> http://www.acclaim.com/cabs/acclaim_v5.cab[GameLauncher Control] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> vzTCPConfig[HKEY_LOCAL_MACHINE] -> http://www2.verizon.net/help/fios_settings_POTT20009/include/vzTCPConfig.CAB[Reg Error: Key does not exist or could not be opened.] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/GameLauncher.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/GameLauncher.ocx\\.Owner -> {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/GameLauncher.ocx\\{69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/vzTCPConfig.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/vzTCPConfig.dll\\.Owner -> vzTCPConfig -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/vzTCPConfig.dll\\vzTCPConfig -> -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 132608 bytes | Modified Date = 4/13/2008 8:12:00 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> 0 [binary data] -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 299520 bytes | Modified Date = 4/13/2008 8:11:56 PM | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 132608 bytes | Modified Date = 4/13/2008 8:12:00 PM | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 144384 bytes | Modified Date = 4/13/2008 8:12:05 PM | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 49152 bytes | Modified Date = 4/13/2008 8:12:08 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 744 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 181248 bytes | Modified Date = 4/13/2008 8:12:05 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> %SystemRoot%\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 118784 bytes | Modified Date = 4/13/2008 8:12:02 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> 86 07 5C DC 4C C1 92 32 78 65 49 0D 0B 9D 8B 59 63 64 35 37 63 35 36 35 00 FD 07 00 EC 4B 00 00 34 FA 07 00 56 82 7C 75 20 FA 07 00 40 FD 07 00 4C FD 07 00 B3 10 1C 6A 8A 7C 57 58 40 B4 B3 CD [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> 15 78 BB 9A 07 72 61 12 9E [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> F9 08 E9 0E D5 D0 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> 1A D2 66 7F 8A 33 6B 31 CE F1 63 E2 09 7C 91 7F [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> 40 06 AE A8 92 DD C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> 00 54 CF 23 C4 9D C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> 00 DB 62 27 C4 9D C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> 00 08 94 28 C4 9D C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 14336 bytes | Modified Date = 4/13/2008 8:12:36 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 524 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-0852) | Size = 331264 bytes | Modified Date = 4/13/2008 8:11:55 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 141312 bytes | Modified Date = 4/13/2008 8:12:34 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-0852) | Size = 558080 bytes | Modified Date = 4/13/2008 2:53:32 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\CombatArms.exe -> %SystemDrive%\Nexon\Combat Arms\CombatArms.exe [C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe] -> Nexon [Ver = 0, 0, 0, 0 | Size = 1093632 bytes | Modified Date = 7/9/2008 6:57:44 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\Engine.exe -> %SystemDrive%\Nexon\Combat Arms\Engine.exe [C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe] -> Nexon [Ver = 0, 0, 0, 0 | Size = 1052672 bytes | Modified Date = 7/9/2008 6:05:08 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 141312 bytes | Modified Date = 4/13/2008 8:12:34 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Xfire\xfire.exe -> %ProgramFiles%\Xfire\xfire.exe [C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire] -> Xfire Inc. [Ver = 13133 | Size = 3031376 bytes | Modified Date = 6/26/2008 4:09:36 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\PnkBstrA.exe -> %SystemRoot%\system32\PnkBstrA.exe [C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA] -> [Ver = | Size = 66872 bytes | Modified Date = 7/2/2008 1:13:29 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\PnkBstrB.exe -> %SystemRoot%\system32\PnkBstrB.exe [C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB] -> [Ver = | Size = 111928 bytes | Modified Date = 7/17/2008 4:37:36 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe -> %ProgramFiles%\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe [C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) ] -> [Ver = | Size = 3330048 bytes | Modified Date = 6/20/2008 3:43:00 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-0852) | Size = 558080 bytes | Modified Date = 4/13/2008 2:53:32 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\mIRC\mirc.exe -> %ProgramFiles%\mIRC\mirc.exe [C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC] -> mIRC Co. Ltd. [Ver = 6.32 | Size = 2797568 bytes | Modified Date = 5/21/2008 2:23:52 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Acclaim\2moons\crashreporter.exe -> %ProgramFiles%\Acclaim\2moons\crashreporter.exe [C:\Program Files\Acclaim\2moons\crashreporter.exe:*:Enabled:crashreporter] -> [Ver = | Size = 188416 bytes | Modified Date = 1/24/2008 4:15:22 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe -> %AllUsersProfile%\Application Data\NexonUS\NGM\NGM.exe [C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager] -> Nexon [Ver = 1, 0, 5, 6333 | Size = 159744 bytes | Modified Date = 7/11/2008 5:17:06 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\CombatArms.exe -> %SystemDrive%\Nexon\Combat Arms\CombatArms.exe [C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe] -> Nexon [Ver = 0, 0, 0, 0 | Size = 1093632 bytes | Modified Date = 7/9/2008 6:57:44 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\Engine.exe -> %SystemDrive%\Nexon\Combat Arms\Engine.exe [C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe] -> Nexon [Ver = 0, 0, 0, 0 | Size = 1052672 bytes | Modified Date = 7/9/2008 6:05:08 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Nexon\Combat Arms\NMService.exe -> %SystemDrive%\Nexon\Combat Arms\NMService.exe [C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core] -> Nexon Corp. [Ver = 2, 5, 33, 0 | Size = 1716960 bytes | Modified Date = 7/9/2008 11:01:28 AM | Attr = R ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe -> %ProgramFiles%\Activision\Call of Duty 2\CoD2MP_s.exe [C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s] -> [Ver = | Size = 1974272 bytes | Modified Date = 5/1/2006 5:09:50 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgemc.exe -> %ProgramFiles%\AVG\AVG8\avgemc.exe [C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 873752 bytes | Modified Date = 7/15/2008 8:49:38 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgupd.exe -> %ProgramFiles%\AVG\AVG8\avgupd.exe [C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 640280 bytes | Modified Date = 7/15/2008 8:48:54 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgnsx.exe -> %ProgramFiles%\AVG\AVG8\avgnsx.exe [C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 422680 bytes | Modified Date = 7/15/2008 8:49:42 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %SystemRoot%\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 14336 bytes | Modified Date = 4/13/2008 8:12:36 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> %SystemRoot%\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.5512 (xpsp.080413-0852) | Size = 6656 bytes | Modified Date = 4/13/2008 8:12:11 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> [Files/Folders - Created Within 30 days] AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Created Date = 7/1/2008 11:30:00 PM | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Created Date = 7/1/2008 7:09:09 PM | Attr = HS] CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Created Date = 7/1/2008 11:30:00 PM | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 7/15/2008 9:06:04 PM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Created Date = 7/1/2008 7:17:03 PM | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Created Date = 7/1/2008 11:30:00 PM | Attr = RHS] Media -> %SystemDrive%\Media -> [Folder | Created Date = 7/15/2008 4:29:47 PM | Attr = ] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Created Date = 7/1/2008 11:30:00 PM | Attr = RHS] Nexon -> %SystemDrive%\Nexon -> [Folder | Created Date = 7/11/2008 5:17:07 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Created Date = 7/1/2008 7:18:27 PM | Attr = R ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 7/1/2008 11:53:18 PM | Attr = HS] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 7/1/2008 7:17:03 PM | Attr = HS] WINDOWS -> %SystemRoot% -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] a3d.dll -> %SystemRoot%\System32\dllcache\a3d.dll -> [Ver = 80.0.0.3 | Size = 65536 bytes | Created Date = 7/15/2008 4:32:33 PM | Attr = ] big5.nls -> %SystemRoot%\System32\dllcache\big5.nls -> [Ver = | Size = 66728 bytes | Created Date = 7/1/2008 11:30:27 PM | Attr = ] bktrh.gif -> %SystemRoot%\System32\dllcache\bktrh.gif -> [Ver = | Size = 999 bytes | Created Date = 7/4/2008 12:43:49 AM | Attr = ] bopomofo.nls -> %SystemRoot%\System32\dllcache\bopomofo.nls -> [Ver = | Size = 82172 bytes | Created Date = 7/1/2008 11:30:28 PM | Attr = ] cap7146.sys -> %SystemRoot%\System32\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 7/1/2008 11:30:35 PM | Attr = ] chtskf.dll -> %SystemRoot%\System32\dllcache\chtskf.dll -> [Ver = | Size = 173568 bytes | Created Date = 7/1/2008 11:30:38 PM | Attr = ] cloapp.gif -> %SystemRoot%\System32\dllcache\cloapp.gif -> [Ver = | Size = 717 bytes | Created Date = 7/4/2008 12:43:50 AM | Attr = ] cloapph.gif -> %SystemRoot%\System32\dllcache\cloapph.gif -> [Ver = | Size = 760 bytes | Created Date = 7/4/2008 12:43:50 AM | Attr = ] cnt.gif -> %SystemRoot%\System32\dllcache\cnt.gif -> [Ver = | Size = 773 bytes | Created Date = 7/4/2008 12:43:50 AM | Attr = ] cntd.gif -> %SystemRoot%\System32\dllcache\cntd.gif -> [Ver = | Size = 772 bytes | Created Date = 7/4/2008 12:43:50 AM | Attr = ] cnth.gif -> %SystemRoot%\System32\dllcache\cnth.gif -> [Ver = | Size = 773 bytes | Created Date = 7/4/2008 12:43:50 AM | Attr = ] compact.wmz -> %SystemRoot%\System32\dllcache\compact.wmz -> [Ver = | Size = 184959 bytes | Created Date = 7/4/2008 12:43:50 AM | Attr = ] contents.htm -> %SystemRoot%\System32\dllcache\contents.htm -> [Ver = | Size = 8298 bytes | Created Date = 7/4/2008 12:43:52 AM | Attr = ] controls.css -> %SystemRoot%\System32\dllcache\controls.css -> [Ver = | Size = 9585 bytes | Created Date = 7/4/2008 12:43:52 AM | Attr = ] controls.js -> %SystemRoot%\System32\dllcache\controls.js -> [Ver = | Size = 6878 bytes | Created Date = 7/4/2008 12:43:52 AM | Attr = ] copycd.wmv -> %SystemRoot%\System32\dllcache\copycd.wmv -> [Ver = | Size = 381425 bytes | Created Date = 7/4/2008 12:43:52 AM | Attr = ] c_10001.nls -> %SystemRoot%\System32\dllcache\c_10001.nls -> [Ver = | Size = 162850 bytes | Created Date = 7/1/2008 11:30:28 PM | Attr = ] c_10002.nls -> %SystemRoot%\System32\dllcache\c_10002.nls -> [Ver = | Size = 195618 bytes | Created Date = 7/1/2008 11:30:28 PM | Attr = ] c_10003.nls -> %SystemRoot%\System32\dllcache\c_10003.nls -> [Ver = | Size = 177698 bytes | Created Date = 7/1/2008 11:30:28 PM | Attr = ] c_10004.nls -> %SystemRoot%\System32\dllcache\c_10004.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:28 PM | Attr = ] c_10005.nls -> %SystemRoot%\System32\dllcache\c_10005.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:28 PM | Attr = ] c_10006.nls -> %SystemRoot%\System32\dllcache\c_10006.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] c_10007.nls -> %SystemRoot%\System32\dllcache\c_10007.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:20 PM | Attr = ] c_10008.nls -> %SystemRoot%\System32\dllcache\c_10008.nls -> [Ver = | Size = 173602 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_10010.nls -> %SystemRoot%\System32\dllcache\c_10010.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:11 PM | Attr = ] c_10017.nls -> %SystemRoot%\System32\dllcache\c_10017.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:20 PM | Attr = ] c_10021.nls -> %SystemRoot%\System32\dllcache\c_10021.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_10029.nls -> %SystemRoot%\System32\dllcache\c_10029.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:11 PM | Attr = ] c_10081.nls -> %SystemRoot%\System32\dllcache\c_10081.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:23 PM | Attr = ] c_10082.nls -> %SystemRoot%\System32\dllcache\c_10082.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:12 PM | Attr = ] c_1047.nls -> %SystemRoot%\System32\dllcache\c_1047.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_1140.nls -> %SystemRoot%\System32\dllcache\c_1140.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_1141.nls -> %SystemRoot%\System32\dllcache\c_1141.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_1142.nls -> %SystemRoot%\System32\dllcache\c_1142.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_1143.nls -> %SystemRoot%\System32\dllcache\c_1143.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_1144.nls -> %SystemRoot%\System32\dllcache\c_1144.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_1145.nls -> %SystemRoot%\System32\dllcache\c_1145.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_1146.nls -> %SystemRoot%\System32\dllcache\c_1146.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:29 PM | Attr = ] c_1147.nls -> %SystemRoot%\System32\dllcache\c_1147.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:30 PM | Attr = ] c_1148.nls -> %SystemRoot%\System32\dllcache\c_1148.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:30 PM | Attr = ] c_1149.nls -> %SystemRoot%\System32\dllcache\c_1149.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:30 PM | Attr = ] c_1361.nls -> %SystemRoot%\System32\dllcache\c_1361.nls -> [Ver = | Size = 189986 bytes | Created Date = 7/1/2008 11:30:30 PM | Attr = ] c_20000.nls -> %SystemRoot%\System32\dllcache\c_20000.nls -> [Ver = | Size = 180258 bytes | Created Date = 7/1/2008 11:30:30 PM | Attr = ] c_20001.nls -> %SystemRoot%\System32\dllcache\c_20001.nls -> [Ver = | Size = 186402 bytes | Created Date = 7/1/2008 11:30:30 PM | Attr = ] c_20002.nls -> %SystemRoot%\System32\dllcache\c_20002.nls -> [Ver = | Size = 173602 bytes | Created Date = 7/1/2008 11:30:30 PM | Attr = ] c_20003.nls -> %SystemRoot%\System32\dllcache\c_20003.nls -> [Ver = | Size = 185378 bytes | Created Date = 7/1/2008 11:30:30 PM | Attr = ] c_20004.nls -> %SystemRoot%\System32\dllcache\c_20004.nls -> [Ver = | Size = 180258 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20005.nls -> %SystemRoot%\System32\dllcache\c_20005.nls -> [Ver = | Size = 187938 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20105.nls -> %SystemRoot%\System32\dllcache\c_20105.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20106.nls -> %SystemRoot%\System32\dllcache\c_20106.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20107.nls -> %SystemRoot%\System32\dllcache\c_20107.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20108.nls -> %SystemRoot%\System32\dllcache\c_20108.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20127.nls -> %SystemRoot%\System32\dllcache\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:10 PM | Attr = ] c_20269.nls -> %SystemRoot%\System32\dllcache\c_20269.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20273.nls -> %SystemRoot%\System32\dllcache\c_20273.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20277.nls -> %SystemRoot%\System32\dllcache\c_20277.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20278.nls -> %SystemRoot%\System32\dllcache\c_20278.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:31 PM | Attr = ] c_20280.nls -> %SystemRoot%\System32\dllcache\c_20280.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20284.nls -> %SystemRoot%\System32\dllcache\c_20284.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20285.nls -> %SystemRoot%\System32\dllcache\c_20285.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20290.nls -> %SystemRoot%\System32\dllcache\c_20290.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20297.nls -> %SystemRoot%\System32\dllcache\c_20297.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20420.nls -> %SystemRoot%\System32\dllcache\c_20420.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20423.nls -> %SystemRoot%\System32\dllcache\c_20423.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20424.nls -> %SystemRoot%\System32\dllcache\c_20424.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20833.nls -> %SystemRoot%\System32\dllcache\c_20833.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20838.nls -> %SystemRoot%\System32\dllcache\c_20838.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20871.nls -> %SystemRoot%\System32\dllcache\c_20871.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:32 PM | Attr = ] c_20880.nls -> %SystemRoot%\System32\dllcache\c_20880.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:33 PM | Attr = ] c_20924.nls -> %SystemRoot%\System32\dllcache\c_20924.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:33 PM | Attr = ] c_20932.nls -> %SystemRoot%\System32\dllcache\c_20932.nls -> [Ver = | Size = 180770 bytes | Created Date = 7/1/2008 11:30:33 PM | Attr = ] c_20936.nls -> %SystemRoot%\System32\dllcache\c_20936.nls -> [Ver = | Size = 173602 bytes | Created Date = 7/1/2008 11:30:33 PM | Attr = ] c_20949.nls -> %SystemRoot%\System32\dllcache\c_20949.nls -> [Ver = | Size = 177698 bytes | Created Date = 7/1/2008 11:30:33 PM | Attr = ] c_21025.nls -> %SystemRoot%\System32\dllcache\c_21025.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:33 PM | Attr = ] c_21027.nls -> %SystemRoot%\System32\dllcache\c_21027.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:33 PM | Attr = ] c_28594.nls -> %SystemRoot%\System32\dllcache\c_28594.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:15 PM | Attr = ] c_28595.nls -> %SystemRoot%\System32\dllcache\c_28595.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:20 PM | Attr = ] c_28596.nls -> %SystemRoot%\System32\dllcache\c_28596.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:33 PM | Attr = ] c_28597.nls -> %SystemRoot%\System32\dllcache\c_28597.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] c_28599.nls -> %SystemRoot%\System32\dllcache\c_28599.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:24 PM | Attr = ] c_28603.nls -> %SystemRoot%\System32\dllcache\c_28603.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:26 PM | Attr = ] c_708.nls -> %SystemRoot%\System32\dllcache\c_708.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:34 PM | Attr = ] c_720.nls -> %SystemRoot%\System32\dllcache\c_720.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 11:30:34 PM | Attr = ] c_737.nls -> %SystemRoot%\System32\dllcache\c_737.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] c_852.nls -> %SystemRoot%\System32\dllcache\c_852.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:11 PM | Attr = ] c_855.nls -> %SystemRoot%\System32\dllcache\c_855.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:15 PM | Attr = ] c_857.nls -> %SystemRoot%\System32\dllcache\c_857.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:23 PM | Attr = ] c_858.nls -> %SystemRoot%\System32\dllcache\c_858.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 11:30:34 PM | Attr = ] c_862.nls -> %SystemRoot%\System32\dllcache\c_862.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 11:30:34 PM | Attr = ] c_864.nls -> %SystemRoot%\System32\dllcache\c_864.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 11:30:34 PM | Attr = ] c_866.nls -> %SystemRoot%\System32\dllcache\c_866.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:15 PM | Attr = ] c_869.nls -> %SystemRoot%\System32\dllcache\c_869.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] c_870.nls -> %SystemRoot%\System32\dllcache\c_870.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 11:30:34 PM | Attr = ] c_875.nls -> %SystemRoot%\System32\dllcache\c_875.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] dgrpsetu.dll -> %SystemRoot%\System32\dllcache\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 7/1/2008 7:18:09 PM | Attr = ] dgsetup.dll -> %SystemRoot%\System32\dllcache\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 7/1/2008 7:18:09 PM | Attr = ] eqnclass.dll -> %SystemRoot%\System32\dllcache\eqnclass.dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 7/1/2008 7:18:08 PM | Attr = ] esucmd.dll -> %SystemRoot%\System32\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 7/1/2008 11:30:46 PM | Attr = ] esuimgd.dll -> %SystemRoot%\System32\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 7/1/2008 11:30:46 PM | Attr = ] esunid.dll -> %SystemRoot%\System32\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 7/1/2008 11:30:46 PM | Attr = ] events.js -> %SystemRoot%\System32\dllcache\events.js -> [Ver = | Size = 5971 bytes | Created Date = 7/4/2008 12:43:54 AM | Attr = ] hanja.lex -> %SystemRoot%\System32\dllcache\hanja.lex -> [Ver = | Size = 108827 bytes | Created Date = 7/1/2008 11:30:52 PM | Attr = ] HPCRDP.CAT -> %SystemRoot%\System32\dllcache\HPCRDP.CAT -> [Ver = | Size = 13472 bytes | Created Date = 7/1/2008 7:17:55 PM | Attr = ] htrn_jis.dll -> %SystemRoot%\System32\dllcache\htrn_jis.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 13312 bytes | Created Date = 7/1/2008 11:25:27 PM | Attr = ] hwxjpn.dll -> %SystemRoot%\System32\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Created Date = 7/1/2008 11:30:59 PM | Attr = ] IASNT4.CAT -> %SystemRoot%\System32\dllcache\IASNT4.CAT -> [Ver = | Size = 8574 bytes | Created Date = 7/1/2008 7:17:55 PM | Attr = ] imekr.lex -> %SystemRoot%\System32\dllcache\imekr.lex -> [Ver = | Size = 134339 bytes | Created Date = 7/1/2008 11:31:12 PM | Attr = ] imjpinst.exe -> %SystemRoot%\System32\dllcache\imjpinst.exe -> [Ver = | Size = 196665 bytes | Created Date = 7/1/2008 11:31:14 PM | Attr = ] imscinst.exe -> %SystemRoot%\System32\dllcache\imscinst.exe -> [Ver = | Size = 59392 bytes | Created Date = 7/1/2008 11:31:16 PM | Attr = ] korwbrkr.lex -> %SystemRoot%\System32\dllcache\korwbrkr.lex -> [Ver = | Size = 1158818 bytes | Created Date = 7/1/2008 11:31:22 PM | Attr = ] ksc.nls -> %SystemRoot%\System32\dllcache\ksc.nls -> [Ver = | Size = 47066 bytes | Created Date = 7/1/2008 11:31:23 PM | Attr = ] l3codeca.acm -> %SystemRoot%\System32\dllcache\l3codeca.acm -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 9, 0, 0305 | Size = 290816 bytes | Created Date = 7/4/2008 12:43:58 AM | Attr = ] ltts1033.lxa -> %SystemRoot%\System32\dllcache\ltts1033.lxa -> [Ver = | Size = 643717 bytes | Created Date = 7/1/2008 7:18:28 PM | Attr = ] MAPIMIG.CAT -> %SystemRoot%\System32\dllcache\MAPIMIG.CAT -> [Ver = | Size = 399645 bytes | Created Date = 7/1/2008 7:17:55 PM | Attr = ] mdlib.wmv -> %SystemRoot%\System32\dllcache\mdlib.wmv -> [Ver = | Size = 457607 bytes | Created Date = 7/4/2008 12:44:03 AM | Attr = ] mplayer2.cnt -> %SystemRoot%\System32\dllcache\mplayer2.cnt -> [Ver = | Size = 1885 bytes | Created Date = 7/4/2008 12:44:04 AM | Attr = ] mplayer2.hlp -> %SystemRoot%\System32\dllcache\mplayer2.hlp -> [Ver = | Size = 97117 bytes | Created Date = 7/4/2008 12:44:04 AM | Attr = ] mplayer2.inf -> %SystemRoot%\System32\dllcache\mplayer2.inf -> [Ver = | Size = 18286 bytes | Created Date = 7/4/2008 12:44:04 AM | Attr = ] mplogo.gif -> %SystemRoot%\System32\dllcache\mplogo.gif -> [Ver = | Size = 2545 bytes | Created Date = 7/4/2008 12:44:04 AM | Attr = ] mplogoh.gif -> %SystemRoot%\System32\dllcache\mplogoh.gif -> [Ver = | Size = 2778 bytes | Created Date = 7/4/2008 12:44:04 AM | Attr = ] MW770.CAT -> %SystemRoot%\System32\dllcache\MW770.CAT -> [Ver = | Size = 37484 bytes | Created Date = 7/1/2008 7:17:55 PM | Attr = ] nls302en.lex -> %SystemRoot%\System32\dllcache\nls302en.lex -> [Ver = | Size = 4399505 bytes | Created Date = 7/1/2008 11:28:35 PM | Attr = ] npdrmv2.zip -> %SystemRoot%\System32\dllcache\npdrmv2.zip -> [Ver = | Size = 403 bytes | Created Date = 7/4/2008 12:44:10 AM | Attr = ] npds.zip -> %SystemRoot%\System32\dllcache\npds.zip -> [Ver = | Size = 22060 bytes | Created Date = 7/4/2008 12:44:10 AM | Attr = ] NT5IIS.CAT -> %SystemRoot%\System32\dllcache\NT5IIS.CAT -> [Ver = | Size = 797189 bytes | Created Date = 7/1/2008 7:17:54 PM | Attr = ] nuskin.wmv -> %SystemRoot%\System32\dllcache\nuskin.wmv -> [Ver = | Size = 375519 bytes | Created Date = 7/4/2008 12:44:11 AM | Attr = ] OEMBIOS.CAT -> %SystemRoot%\System32\dllcache\OEMBIOS.CAT -> [Ver = | Size = 7382 bytes | Created Date = 7/1/2008 7:17:55 PM | Attr = ] pintlcsa.dll -> %SystemRoot%\System32\dllcache\pintlcsa.dll -> [Ver = | Size = 175104 bytes | Created Date = 7/1/2008 11:31:35 PM | Attr = ] plylst1.wpl -> %SystemRoot%\System32\dllcache\plylst1.wpl -> [Ver = | Size = 1250 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst10.wpl -> %SystemRoot%\System32\dllcache\plylst10.wpl -> [Ver = | Size = 787 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst11.wpl -> %SystemRoot%\System32\dllcache\plylst11.wpl -> [Ver = | Size = 789 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst12.wpl -> %SystemRoot%\System32\dllcache\plylst12.wpl -> [Ver = | Size = 1451 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst13.wpl -> %SystemRoot%\System32\dllcache\plylst13.wpl -> [Ver = | Size = 783 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst14.wpl -> %SystemRoot%\System32\dllcache\plylst14.wpl -> [Ver = | Size = 775 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst15.wpl -> %SystemRoot%\System32\dllcache\plylst15.wpl -> [Ver = | Size = 733 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst2.wpl -> %SystemRoot%\System32\dllcache\plylst2.wpl -> [Ver = | Size = 1049 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst3.wpl -> %SystemRoot%\System32\dllcache\plylst3.wpl -> [Ver = | Size = 1474 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst4.wpl -> %SystemRoot%\System32\dllcache\plylst4.wpl -> [Ver = | Size = 1448 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst5.wpl -> %SystemRoot%\System32\dllcache\plylst5.wpl -> [Ver = | Size = 1477 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst6.wpl -> %SystemRoot%\System32\dllcache\plylst6.wpl -> [Ver = | Size = 1477 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst7.wpl -> %SystemRoot%\System32\dllcache\plylst7.wpl -> [Ver = | Size = 1046 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst8.wpl -> %SystemRoot%\System32\dllcache\plylst8.wpl -> [Ver = | Size = 1036 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plylst9.wpl -> %SystemRoot%\System32\dllcache\plylst9.wpl -> [Ver = | Size = 784 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] plyr_err.chm -> %SystemRoot%\System32\dllcache\plyr_err.chm -> [Ver = | Size = 77307 bytes | Created Date = 7/4/2008 12:44:14 AM | Attr = ] prc.nls -> %SystemRoot%\System32\dllcache\prc.nls -> [Ver = | Size = 83748 bytes | Created Date = 7/1/2008 11:31:37 PM | Attr = ] prcp.nls -> %SystemRoot%\System32\dllcache\prcp.nls -> [Ver = | Size = 83748 bytes | Created Date = 7/1/2008 11:31:37 PM | Attr = ] r1033tts.lxa -> %SystemRoot%\System32\dllcache\r1033tts.lxa -> [Ver = | Size = 605050 bytes | Created Date = 7/1/2008 7:18:29 PM | Attr = ] revert.wmz -> %SystemRoot%\System32\dllcache\revert.wmz -> [Ver = | Size = 66725 bytes | Created Date = 7/4/2008 12:44:15 AM | Attr = ] rtuner.wmv -> %SystemRoot%\System32\dllcache\rtuner.wmv -> [Ver = | Size = 572557 bytes | Created Date = 7/4/2008 12:44:15 AM | Attr = ] rwia001.dll -> %SystemRoot%\System32\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 7/1/2008 11:31:41 PM | Attr = ] rwia330.dll -> %SystemRoot%\System32\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 7/1/2008 11:31:41 PM | Attr = ] sam.sdf -> %SystemRoot%\System32\dllcache\sam.sdf -> [Ver = | Size = 888 bytes | Created Date = 7/1/2008 7:18:30 PM | Attr = ] sam.spd -> %SystemRoot%\System32\dllcache\sam.spd -> [Ver = | Size = 1685606 bytes | Created Date = 7/1/2008 7:18:30 PM | Attr = ] skins.inf -> %SystemRoot%\System32\dllcache\skins.inf -> [Ver = | Size = 908 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] sl_anet.acm -> %SystemRoot%\System32\dllcache\sl_anet.acm -> Sipro Lab Telecom Inc. [Ver = 3.02 | Size = 86016 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] snd.htm -> %SystemRoot%\System32\dllcache\snd.htm -> [Ver = | Size = 1148 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] SP2.CAT -> %SystemRoot%\System32\dllcache\SP2.CAT -> [Ver = | Size = 1042903 bytes | Created Date = 7/1/2008 7:17:54 PM | Attr = ] spxcoins.dll -> %SystemRoot%\System32\dllcache\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 7/1/2008 7:18:08 PM | Attr = ] srframe.mmf -> %SystemRoot%\System32\dllcache\srframe.mmf -> [Ver = | Size = 984 bytes | Created Date = 7/1/2008 11:27:40 PM | Attr = ] taoff.gif -> %SystemRoot%\System32\dllcache\taoff.gif -> [Ver = | Size = 1380 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] taoffh.gif -> %SystemRoot%\System32\dllcache\taoffh.gif -> [Ver = | Size = 1367 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] taon.gif -> %SystemRoot%\System32\dllcache\taon.gif -> [Ver = | Size = 1398 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] taonh.gif -> %SystemRoot%\System32\dllcache\taonh.gif -> [Ver = | Size = 1380 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] tour.js -> %SystemRoot%\System32\dllcache\tour.js -> [Ver = | Size = 3187 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] tourbg.gif -> %SystemRoot%\System32\dllcache\tourbg.gif -> [Ver = | Size = 23829 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] tpause.gif -> %SystemRoot%\System32\dllcache\tpause.gif -> [Ver = | Size = 2450 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] tpauseh.gif -> %SystemRoot%\System32\dllcache\tpauseh.gif -> [Ver = | Size = 2371 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] tplay.gif -> %SystemRoot%\System32\dllcache\tplay.gif -> [Ver = | Size = 2469 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] tplayh.gif -> %SystemRoot%\System32\dllcache\tplayh.gif -> [Ver = | Size = 2375 bytes | Created Date = 7/4/2008 12:44:21 AM | Attr = ] videobg.gif -> %SystemRoot%\System32\dllcache\videobg.gif -> [Ver = | Size = 17489 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] vidsamp.gif -> %SystemRoot%\System32\dllcache\vidsamp.gif -> [Ver = | Size = 5290 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] viz.wmv -> %SystemRoot%\System32\dllcache\viz.wmv -> [Ver = | Size = 300969 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] wm1.gif -> %SystemRoot%\System32\dllcache\wm1.gif -> [Ver = | Size = 5789 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wm2.gif -> %SystemRoot%\System32\dllcache\wm2.gif -> [Ver = | Size = 7636 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wm3.gif -> %SystemRoot%\System32\dllcache\wm3.gif -> [Ver = | Size = 6241 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wm4.gif -> %SystemRoot%\System32\dllcache\wm4.gif -> [Ver = | Size = 7369 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wm5.gif -> %SystemRoot%\System32\dllcache\wm5.gif -> [Ver = | Size = 2477 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wm6.gif -> %SystemRoot%\System32\dllcache\wm6.gif -> [Ver = | Size = 6060 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wm7.gif -> %SystemRoot%\System32\dllcache\wm7.gif -> [Ver = | Size = 8677 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wm8.gif -> %SystemRoot%\System32\dllcache\wm8.gif -> [Ver = | Size = 4193 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wm9.gif -> %SystemRoot%\System32\dllcache\wm9.gif -> [Ver = | Size = 7892 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wmdm.inf -> %SystemRoot%\System32\dllcache\wmdm.inf -> [Ver = | Size = 17272 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wmerrenu.cat -> %SystemRoot%\System32\dllcache\wmerrenu.cat -> [Ver = | Size = 7334 bytes | Created Date = 7/1/2008 7:17:55 PM | Attr = ] wmfsdk.inf -> %SystemRoot%\System32\dllcache\wmfsdk.inf -> [Ver = | Size = 6769 bytes | Created Date = 7/4/2008 12:44:25 AM | Attr = ] wmp.inf -> %SystemRoot%\System32\dllcache\wmp.inf -> [Ver = | Size = 29070 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmpaud1.wav -> %SystemRoot%\System32\dllcache\wmpaud1.wav -> [Ver = | Size = 354468 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmpaud2.wav -> %SystemRoot%\System32\dllcache\wmpaud2.wav -> [Ver = | Size = 86180 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmpaud3.wav -> %SystemRoot%\System32\dllcache\wmpaud3.wav -> [Ver = | Size = 172196 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmpaud4.wav -> %SystemRoot%\System32\dllcache\wmpaud4.wav -> [Ver = | Size = 86180 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmpaud5.wav -> %SystemRoot%\System32\dllcache\wmpaud5.wav -> [Ver = | Size = 86196 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmpaud6.wav -> %SystemRoot%\System32\dllcache\wmpaud6.wav -> [Ver = | Size = 343204 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmpaud7.wav -> %SystemRoot%\System32\dllcache\wmpaud7.wav -> [Ver = | Size = 343204 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmpaud8.wav -> %SystemRoot%\System32\dllcache\wmpaud8.wav -> [Ver = | Size = 172196 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmpaud9.wav -> %SystemRoot%\System32\dllcache\wmpaud9.wav -> [Ver = | Size = 172196 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmplay.chm -> %SystemRoot%\System32\dllcache\wmplay.chm -> [Ver = | Size = 23195 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmplayer.adm -> %SystemRoot%\System32\dllcache\wmplayer.adm -> [Ver = | Size = 67374 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmplayer.chm -> %SystemRoot%\System32\dllcache\wmplayer.chm -> [Ver = | Size = 613334 bytes | Created Date = 7/4/2008 12:44:26 AM | Attr = ] wmploc.js -> %SystemRoot%\System32\dllcache\wmploc.js -> [Ver = | Size = 420 bytes | Created Date = 7/4/2008 12:44:27 AM | Attr = ] wmpocm.inf -> %SystemRoot%\System32\dllcache\wmpocm.inf -> [Ver = | Size = 855 bytes | Created Date = 7/4/2008 12:44:27 AM | Attr = ] wmptour.css -> %SystemRoot%\System32\dllcache\wmptour.css -> [Ver = | Size = 1771 bytes | Created Date = 7/4/2008 12:44:27 AM | Attr = ] wmptour.hta -> %SystemRoot%\System32\dllcache\wmptour.hta -> [Ver = | Size = 10457 bytes | Created Date = 7/4/2008 12:44:27 AM | Attr = ] xjis.nls -> %SystemRoot%\System32\dllcache\xjis.nls -> [Ver = | Size = 28288 bytes | Created Date = 7/1/2008 11:32:03 PM | Attr = ] adv01nt5.dll -> %SystemRoot%\System32\drivers\adv01nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 4255 bytes | Created Date = 7/4/2008 12:43:47 AM | Attr = ] adv02nt5.dll -> %SystemRoot%\System32\drivers\adv02nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3967 bytes | Created Date = 7/4/2008 12:43:47 AM | Attr = ] adv05nt5.dll -> %SystemRoot%\System32\drivers\adv05nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3615 bytes | Created Date = 7/4/2008 12:43:47 AM | Attr = ] adv07nt5.dll -> %SystemRoot%\System32\drivers\adv07nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3647 bytes | Created Date = 7/4/2008 12:43:47 AM | Attr = ] adv08nt5.dll -> %SystemRoot%\System32\drivers\adv08nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3135 bytes | Created Date = 7/4/2008 12:43:47 AM | Attr = ] adv09nt5.dll -> %SystemRoot%\System32\drivers\adv09nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3711 bytes | Created Date = 7/4/2008 12:43:47 AM | Attr = ] adv11nt5.dll -> %SystemRoot%\System32\drivers\adv11nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3775 bytes | Created Date = 7/4/2008 12:43:47 AM | Attr = ] amdagp.sys -> %SystemRoot%\System32\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp.080413-2111) | Size = 43008 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1btxx.sys -> %SystemRoot%\System32\drivers\ati1btxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 56623 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1mdxx.sys -> %SystemRoot%\System32\drivers\ati1mdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 11615 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1pdxx.sys -> %SystemRoot%\System32\drivers\ati1pdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 12047 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1raxx.sys -> %SystemRoot%\System32\drivers\ati1raxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 30671 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1rvxx.sys -> %SystemRoot%\System32\drivers\ati1rvxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 63663 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1snxx.sys -> %SystemRoot%\System32\drivers\ati1snxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 26367 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1ttxx.sys -> %SystemRoot%\System32\drivers\ati1ttxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 21343 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1tuxx.sys -> %SystemRoot%\System32\drivers\ati1tuxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 36463 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1xbxx.sys -> %SystemRoot%\System32\drivers\ati1xbxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 29455 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati1xsxx.sys -> %SystemRoot%\System32\drivers\ati1xsxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 34735 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati2mtaa.sys -> %SystemRoot%\System32\drivers\ati2mtaa.sys -> ATI Technologies Inc. [Ver = 6.13.10.5019 | Size = 327040 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati2mtag.sys -> %SystemRoot%\System32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6462 | Size = 701440 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atinbtxx.sys -> %SystemRoot%\System32\drivers\atinbtxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 57856 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atinmdxx.sys -> %SystemRoot%\System32\drivers\atinmdxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 13824 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atinpdxx.sys -> %SystemRoot%\System32\drivers\atinpdxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 14336 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atinraxx.sys -> %SystemRoot%\System32\drivers\atinraxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 52224 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atinrvxx.sys -> %SystemRoot%\System32\drivers\atinrvxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 104960 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atinsnxx.sys -> %SystemRoot%\System32\drivers\atinsnxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 28672 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atinttxx.sys -> %SystemRoot%\System32\drivers\atinttxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 13824 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atintuxx.sys -> %SystemRoot%\System32\drivers\atintuxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 73216 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atinxbxx.sys -> %SystemRoot%\System32\drivers\atinxbxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 31744 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atinxsxx.sys -> %SystemRoot%\System32\drivers\atinxsxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 63488 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ativmc20.cod -> %SystemRoot%\System32\drivers\ativmc20.cod -> [Ver = | Size = 64352 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] atv01nt5.dll -> %SystemRoot%\System32\drivers\atv01nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 21183 bytes | Created Date = 7/4/2008 12:43:49 AM | Attr = ] atv02nt5.dll -> %SystemRoot%\System32\drivers\atv02nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11359 bytes | Created Date = 7/4/2008 12:43:49 AM | Attr = ] atv04nt5.dll -> %SystemRoot%\System32\drivers\atv04nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 7/4/2008 12:43:49 AM | Attr = ] atv06nt5.dll -> %SystemRoot%\System32\drivers\atv06nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 14143 bytes | Created Date = 7/4/2008 12:43:49 AM | Attr = ] atv10nt5.dll -> %SystemRoot%\System32\drivers\atv10nt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 17279 bytes | Created Date = 7/4/2008 12:43:49 AM | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Created Date = 7/15/2008 8:46:02 PM | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 6061540 bytes | Created Date = 7/15/2008 8:46:02 PM | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 25543660 bytes | Created Date = 7/15/2008 8:46:02 PM | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 31434 bytes | Created Date = 7/15/2008 8:47:27 PM | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 162021 bytes | Created Date = 7/15/2008 8:46:02 PM | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 96520 bytes | Created Date = 7/15/2008 8:45:57 PM | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.132 | Size = 26824 bytes | Created Date = 7/15/2008 8:46:06 PM | Attr = ] avgrkx86.sys -> %SystemRoot%\System32\drivers\avgrkx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.104 | Size = 12936 bytes | Created Date = 7/15/2008 8:46:06 PM | Attr = ] avgtdix.sys -> %SystemRoot%\System32\drivers\avgtdix.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 76040 bytes | Created Date = 7/15/2008 8:45:57 PM | Attr = ] ch7xxnt5.dll -> %SystemRoot%\System32\drivers\ch7xxnt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 15423 bytes | Created Date = 7/4/2008 12:43:49 AM | Attr = ] ctac32k.sys -> %SystemRoot%\System32\drivers\ctac32k.sys -> Creative Technology Ltd [Ver = 5.12.01.0245-1.31.0050 | Size = 127948 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] ctaud2k.sys -> %SystemRoot%\System32\drivers\ctaud2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0252-1.31.0120 | Size = 837548 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] ctoss2k.sys -> %SystemRoot%\System32\drivers\ctoss2k.sys -> Creative Technology Ltd. [Ver = 5.12.01.0245-1.31.0050 | Size = 195432 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] ctprxy2k.sys -> %SystemRoot%\System32\drivers\ctprxy2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 11068 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] ctsfm2k.sys -> %SystemRoot%\System32\drivers\ctsfm2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0140-0.75.1490 (beta-release) | Size = 213860 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] cxthsfs2.cty -> %SystemRoot%\System32\drivers\cxthsfs2.cty -> [Ver = | Size = 129045 bytes | Created Date = 7/4/2008 12:43:52 AM | Attr = ] disdn -> %SystemRoot%\System32\drivers\disdn -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] EagleNt.sys -> %SystemRoot%\System32\drivers\EagleNt.sys -> AhnLab, Inc. [Ver = 0,0,1,27 | Size = 427648 bytes | Created Date = 7/17/2008 12:33:16 AM | Attr = ] emupia2k.sys -> %SystemRoot%\System32\drivers\emupia2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 156604 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] ha10kx2k.sys -> %SystemRoot%\System32\drivers\ha10kx2k.sys -> Creative Technology Ltd [Ver = 5.12.01.0250-1.31.0090 | Size = 998004 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] hdaudbus.sys -> %SystemRoot%\System32\drivers\hdaudbus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 144384 bytes | Created Date = 7/4/2008 12:43:56 AM | Attr = ] hsfbs2s2.sys -> %SystemRoot%\System32\drivers\hsfbs2s2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 7/4/2008 12:43:56 AM | Attr = ] hsfcxts2.sys -> %SystemRoot%\System32\drivers\hsfcxts2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 7/4/2008 12:43:56 AM | Attr = ] hsfdpsp2.sys -> %SystemRoot%\System32\drivers\hsfdpsp2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 7/4/2008 12:43:56 AM | Attr = ] mdmxsdk.sys -> %SystemRoot%\System32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Created Date = 7/4/2008 12:44:03 AM | Attr = ] mtlmnt5.sys -> %SystemRoot%\System32\drivers\mtlmnt5.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 126686 bytes | Created Date = 7/4/2008 12:44:09 AM | Attr = ] mtlstrm.sys -> %SystemRoot%\System32\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Created Date = 7/4/2008 12:44:09 AM | Attr = ] mtxparhm.sys -> %SystemRoot%\System32\drivers\mtxparhm.sys -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 452736 bytes | Created Date = 7/4/2008 12:44:09 AM | Attr = ] netwlan5.img -> %SystemRoot%\System32\drivers\netwlan5.img -> [Ver = | Size = 67866 bytes | Created Date = 7/4/2008 12:44:10 AM | Attr = ] ntmtlfax.sys -> %SystemRoot%\System32\drivers\ntmtlfax.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 180360 bytes | Created Date = 7/4/2008 12:44:11 AM | Attr = ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 136888 bytes | Created Date = 7/2/2008 1:00:19 AM | Attr = ] recagent.sys -> %SystemRoot%\System32\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Created Date = 7/4/2008 12:44:15 AM | Attr = ] s3gnbm.sys -> %SystemRoot%\System32\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Created Date = 7/4/2008 12:44:16 AM | Attr = ] siint5.dll -> %SystemRoot%\System32\drivers\siint5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 3901 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] sisagp.sys -> %SystemRoot%\System32\drivers\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp.080413-2111) | Size = 40960 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] slnt7554.sys -> %SystemRoot%\System32\drivers\slnt7554.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 129535 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] slntamr.sys -> %SystemRoot%\System32\drivers\slntamr.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 404990 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] slnthal.sys -> %SystemRoot%\System32\drivers\slnthal.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 95424 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] slwdmsup.sys -> %SystemRoot%\System32\drivers\slwdmsup.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13240 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] vchnt5.dll -> %SystemRoot%\System32\drivers\vchnt5.dll -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11325 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] wadv07nt.sys -> %SystemRoot%\System32\drivers\wadv07nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11807 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] wadv08nt.sys -> %SystemRoot%\System32\drivers\wadv08nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11295 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] wadv09nt.sys -> %SystemRoot%\System32\drivers\wadv09nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11871 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] wadv11nt.sys -> %SystemRoot%\System32\drivers\wadv11nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 11935 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] watv06nt.sys -> %SystemRoot%\System32\drivers\watv06nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 22271 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] watv10nt.sys -> %SystemRoot%\System32\drivers\watv10nt.sys -> Intel(R) Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 7/4/2008 12:44:23 AM | Attr = ] WMP11V27.sys -> %SystemRoot%\System32\drivers\WMP11V27.sys -> The Linksys Group, Inc [Ver = 3.8.28.0 | Size = 171776 bytes | Created Date = 7/2/2008 12:12:57 AM | Attr = R ] $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 261 bytes | Created Date = 7/1/2008 7:09:06 PM | Attr = ] 1025 -> %SystemRoot%\System32\1025 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1028 -> %SystemRoot%\System32\1028 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 1031 -> %SystemRoot%\System32\1031 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 1033 -> %SystemRoot%\System32\1033 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 1037 -> %SystemRoot%\System32\1037 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 1041 -> %SystemRoot%\System32\1041 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 1042 -> %SystemRoot%\System32\1042 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 1054 -> %SystemRoot%\System32\1054 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 2052 -> %SystemRoot%\System32\2052 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 3076 -> %SystemRoot%\System32\3076 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] a3d.dll -> %SystemRoot%\System32\a3d.dll -> [Ver = 80.0.0.3 | Size = 65536 bytes | Created Date = 7/15/2008 4:32:33 PM | Attr = ] AC3API.DLL -> %SystemRoot%\System32\AC3API.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 53248 bytes | Created Date = 7/15/2008 4:32:33 PM | Attr = ] Adobe -> %SystemRoot%\System32\Adobe -> [Folder | Created Date = 7/1/2008 11:53:03 PM | Attr = ] AHQCpURes.dll -> %SystemRoot%\System32\AHQCpURes.dll -> Creative Technology Ltd. [Ver = 1.0.0 | Size = 12288 bytes | Created Date = 7/15/2008 3:55:52 PM | Attr = ] amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Created Date = 7/1/2008 11:29:56 PM | Attr = ] ati2cqag.dll -> %SystemRoot%\System32\ati2cqag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0233 | Size = 229376 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati2dvaa.dll -> %SystemRoot%\System32\ati2dvaa.dll -> ATI Technologies Inc. [Ver = 6.13.10.5019 | Size = 377984 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati2dvag.dll -> %SystemRoot%\System32\ati2dvag.dll -> ATI Technologies Inc. [Ver = 6.14.10.6462 | Size = 201728 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati3d1ag.dll -> %SystemRoot%\System32\ati3d1ag.dll -> ATI Technologies Inc. [Ver = 6.14.10.4071 | Size = 870784 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ati3duag.dll -> %SystemRoot%\System32\ati3duag.dll -> ATI Technologies Inc. [Ver = 6.14.10.0231 | Size = 1888992 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ativdaxx.ax -> %SystemRoot%\System32\ativdaxx.ax -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 9728 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ativmvxx.ax -> %SystemRoot%\System32\ativmvxx.ax -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 23040 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ativtmxx.dll -> %SystemRoot%\System32\ativtmxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 32768 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] ativvaxx.dll -> %SystemRoot%\System32\ativvaxx.dll -> ATI Technologies Inc. [Ver = 6.14.01.0009 | Size = 516768 bytes | Created Date = 7/4/2008 12:43:48 AM | Attr = ] Audigy.bmp -> %SystemRoot%\System32\Audigy.bmp -> [Ver = | Size = 1912 bytes | Created Date = 7/15/2008 3:52:22 PM | Attr = ] AudioHQU.cpl -> %SystemRoot%\System32\AudioHQU.cpl -> Creative Technology Ltd. [Ver = 1.0.0 | Size = 32768 bytes | Created Date = 7/15/2008 3:55:51 PM | Attr = ] AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [Ver = | Size = 1688 bytes | Created Date = 7/1/2008 7:18:05 PM | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Created Date = 7/15/2008 8:46:07 PM | Attr = ] bits -> %SystemRoot%\System32\bits -> [Folder | Created Date = 7/4/2008 12:52:56 AM | Attr = ] BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> %SystemRoot%\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> [Ver = | Size = 23472 bytes | Created Date = 7/15/2008 4:33:05 PM | Attr = ] BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> %SystemRoot%\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> [Ver = | Size = 23472 bytes | Created Date = 7/15/2008 4:33:05 PM | Attr = ] BMXState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> %SystemRoot%\System32\BMXState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> [Ver = | Size = 19104 bytes | Created Date = 7/15/2008 9:11:57 PM | Attr = ] BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> %SystemRoot%\System32\BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> [Ver = | Size = 19104 bytes | Created Date = 7/15/2008 9:11:57 PM | Attr = ] bopomofo.uce -> %SystemRoot%\System32\bopomofo.uce -> [Ver = | Size = 22984 bytes | Created Date = 7/1/2008 11:25:16 PM | Attr = ] borlndmm.dll -> %SystemRoot%\System32\borlndmm.dll -> Inprise Corporation [Ver = 5.0.12.34 | Size = 25600 bytes | Created Date = 7/1/2008 11:56:07 PM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Created Date = 7/1/2008 7:17:41 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Created Date = 7/1/2008 7:17:41 PM | Attr = ] cc3250mt.dll -> %SystemRoot%\System32\cc3250mt.dll -> Inprise Corporation [Ver = 5.0.0.55 | Size = 1496064 bytes | Created Date = 7/1/2008 11:56:07 PM | Attr = ] cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Created Date = 7/1/2008 11:28:55 PM | Attr = RH ] Com -> %SystemRoot%\System32\Com -> [Folder | Created Date = 7/1/2008 11:24:28 PM | Attr = ] COMMONFX.DLL -> %SystemRoot%\System32\COMMONFX.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 110592 bytes | Created Date = 7/15/2008 4:32:33 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2577 bytes | Created Date = 7/1/2008 11:30:00 PM | Attr = ] CT1MGM.ROM -> %SystemRoot%\System32\CT1MGM.ROM -> [Ver = | Size = 1048576 bytes | Created Date = 7/15/2008 4:32:33 PM | Attr = ] CT2MGM.SF2 -> %SystemRoot%\System32\CT2MGM.SF2 -> [Ver = | Size = 2167684 bytes | Created Date = 7/15/2008 4:32:34 PM | Attr = ] CT4MGM.SF2 -> %SystemRoot%\System32\CT4MGM.SF2 -> [Ver = | Size = 4174814 bytes | Created Date = 7/15/2008 4:32:14 PM | Attr = ] CTAGENT.DLL -> %SystemRoot%\System32\CTAGENT.DLL -> Creative Technology Ltd [Ver = 1, 0, 0, 3 | Size = 57344 bytes | Created Date = 7/15/2008 4:32:34 PM | Attr = ] CTASIO.DLL -> %SystemRoot%\System32\CTASIO.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 106496 bytes | Created Date = 7/15/2008 4:32:34 PM | Attr = ] ctbas2w.dat -> %SystemRoot%\System32\ctbas2w.dat -> [Ver = | Size = 113273 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] CTBASICW.DAT -> %SystemRoot%\System32\CTBASICW.DAT -> [Ver = | Size = 113373 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] ctdaught.dat -> %SystemRoot%\System32\ctdaught.dat -> [Ver = | Size = 44055 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] CTDetect.cnt -> %SystemRoot%\System32\CTDetect.cnt -> [Ver = | Size = 641 bytes | Created Date = 7/15/2008 3:56:20 PM | Attr = ] CTDetect.cpl -> %SystemRoot%\System32\CTDetect.cpl -> Creative Technology Ltd. [Ver = 2.0.0.0 | Size = 230912 bytes | Created Date = 7/15/2008 3:56:14 PM | Attr = ] CTDetect.ftg -> %SystemRoot%\System32\CTDetect.ftg -> [Ver = | Size = 0 bytes | Created Date = 7/15/2008 3:57:07 PM | Attr = ] CTDetect.fts -> %SystemRoot%\System32\CTDetect.fts -> [Ver = | Size = 0 bytes | Created Date = 7/15/2008 3:57:07 PM | Attr = ] CTDetect.gid -> %SystemRoot%\System32\CTDetect.gid -> [Ver = | Size = 0 bytes | Created Date = 7/15/2008 3:57:07 PM | Attr = ] CTDetect.hlp -> %SystemRoot%\System32\CTDetect.hlp -> [Ver = | Size = 17350 bytes | Created Date = 7/15/2008 3:56:20 PM | Attr = ] CTDetres.dll -> %SystemRoot%\System32\CTDetres.dll -> Creative Technology Ltd. [Ver = 2.0.0.0 | Size = 62976 bytes | Created Date = 7/15/2008 3:56:20 PM | Attr = ] CTDEVCON.DLL -> %SystemRoot%\System32\CTDEVCON.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 319488 bytes | Created Date = 7/15/2008 4:32:34 PM | Attr = ] ctdlang.dat -> %SystemRoot%\System32\ctdlang.dat -> [Ver = | Size = 164044 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] CTDPROXY.DLL -> %SystemRoot%\System32\CTDPROXY.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 106496 bytes | Created Date = 7/15/2008 4:32:35 PM | Attr = ] CTDrmRes.dll -> %SystemRoot%\System32\CTDrmRes.dll -> Creative Technology Ltd. [Ver = 1.12.0.0 | Size = 73728 bytes | Created Date = 7/15/2008 3:56:20 PM | Attr = ] CTDRMUI.dll -> %SystemRoot%\System32\CTDRMUI.dll -> Creative Technology Ltd. [Ver = 1.12.0.0 | Size = 163840 bytes | Created Date = 7/15/2008 3:56:14 PM | Attr = ] CTEMUPIA.DLL -> %SystemRoot%\System32\CTEMUPIA.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 36864 bytes | Created Date = 7/15/2008 4:32:38 PM | Attr = ] CTHELPER.EXE -> %SystemRoot%\System32\CTHELPER.EXE -> Creative Technology Ltd [Ver = 1, 0, 0, 2 | Size = 24576 bytes | Created Date = 7/15/2008 4:32:38 PM | Attr = ] CTIntRes.dll -> %SystemRoot%\System32\CTIntRes.dll -> Creative Technology Ltd. [Ver = 1.10.0.0 | Size = 28672 bytes | Created Date = 7/15/2008 3:56:20 PM | Attr = ] CTMedEng.DLL -> %SystemRoot%\System32\CTMedEng.DLL -> Creative Technology Ltd. [Ver = 3.0.16.0 | Size = 331776 bytes | Created Date = 7/15/2008 3:56:14 PM | Attr = ] CTMERes.DLL -> %SystemRoot%\System32\CTMERes.DLL -> Creative Technology Ltd. [Ver = 1.0.0.0 | Size = 24576 bytes | Created Date = 7/15/2008 3:56:20 PM | Attr = ] ctmp3.acm -> %SystemRoot%\System32\ctmp3.acm -> Creative Technology Ltd. [Ver = 5.01.01 | Size = 364544 bytes | Created Date = 7/15/2008 3:56:14 PM | Attr = ] CTMp3.crl -> %SystemRoot%\System32\CTMp3.crl -> Creative Technology Ltd. [Ver = 2.0.4.0 | Size = 55808 bytes | Created Date = 7/1/2008 11:44:21 PM | Attr = ] CTOSUSER.DLL -> %SystemRoot%\System32\CTOSUSER.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 155648 bytes | Created Date = 7/15/2008 4:32:38 PM | Attr = ] CTPlay.CRL -> %SystemRoot%\System32\CTPlay.CRL -> Creative Technology Ltd. [Ver = 1.54.4.0 | Size = 217088 bytes | Created Date = 7/15/2008 4:31:38 PM | Attr = ] CTSBLFX.DLL -> %SystemRoot%\System32\CTSBLFX.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 643072 bytes | Created Date = 7/15/2008 4:32:38 PM | Attr = ] CTSPKHLP.DLL -> %SystemRoot%\System32\CTSPKHLP.DLL -> Creative Technology Ltd [Ver = 1, 0, 0, 2 | Size = 28672 bytes | Created Date = 7/15/2008 4:32:38 PM | Attr = ] ctstatic.dat -> %SystemRoot%\System32\ctstatic.dat -> [Ver = | Size = 179669 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] CTSVCCDA.EXE -> %SystemRoot%\System32\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Created Date = 7/15/2008 3:56:21 PM | Attr = ] CTSVCCTL.EXE -> %SystemRoot%\System32\CTSVCCTL.EXE -> Creative Technology Ltd [Ver = 1.0.0.0 | Size = 25088 bytes | Created Date = 7/15/2008 3:56:21 PM | Attr = ] CTWFLT32.DLL -> %SystemRoot%\System32\CTWFLT32.DLL -> Creative Technology Ltd. [Ver = 2.02 | Size = 82432 bytes | Created Date = 7/15/2008 4:33:42 PM | Attr = ] ctzapxx.ini -> %SystemRoot%\System32\ctzapxx.ini -> [Ver = | Size = 29 bytes | Created Date = 7/15/2008 4:32:52 PM | Attr = ] c_10006.nls -> %SystemRoot%\System32\c_10006.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] c_10007.nls -> %SystemRoot%\System32\c_10007.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:20 PM | Attr = ] c_10010.nls -> %SystemRoot%\System32\c_10010.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:11 PM | Attr = ] c_10017.nls -> %SystemRoot%\System32\c_10017.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:20 PM | Attr = ] c_10029.nls -> %SystemRoot%\System32\c_10029.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:11 PM | Attr = ] c_10081.nls -> %SystemRoot%\System32\c_10081.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:23 PM | Attr = ] c_10082.nls -> %SystemRoot%\System32\c_10082.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:12 PM | Attr = ] c_20127.nls -> %SystemRoot%\System32\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:10 PM | Attr = ] C_28594.NLS -> %SystemRoot%\System32\C_28594.NLS -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:15 PM | Attr = ] C_28595.NLS -> %SystemRoot%\System32\C_28595.NLS -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:20 PM | Attr = ] C_28597.NLS -> %SystemRoot%\System32\C_28597.NLS -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] c_28599.nls -> %SystemRoot%\System32\c_28599.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:24 PM | Attr = ] c_28603.nls -> %SystemRoot%\System32\c_28603.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:26 PM | Attr = ] c_737.nls -> %SystemRoot%\System32\c_737.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] c_852.nls -> %SystemRoot%\System32\c_852.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:11 PM | Attr = ] c_855.nls -> %SystemRoot%\System32\c_855.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:15 PM | Attr = ] c_857.nls -> %SystemRoot%\System32\c_857.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:23 PM | Attr = ] c_866.nls -> %SystemRoot%\System32\c_866.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:15 PM | Attr = ] c_869.nls -> %SystemRoot%\System32\c_869.nls -> [Ver = | Size = 66594 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] c_875.nls -> %SystemRoot%\System32\c_875.nls -> [Ver = | Size = 66082 bytes | Created Date = 7/1/2008 7:18:17 PM | Attr = ] d3d8caps.dat -> %SystemRoot%\System32\d3d8caps.dat -> [Ver = | Size = 552 bytes | Created Date = 7/4/2008 12:24:05 AM | Attr = ] d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [Ver = | Size = 664 bytes | Created Date = 7/4/2008 12:24:06 AM | Attr = ] Data -> %SystemRoot%\System32\Data -> [Folder | Created Date = 7/1/2008 11:50:51 PM | Attr = ] default.ecw -> %SystemRoot%\System32\default.ecw -> [Ver = | Size = 2259067 bytes | Created Date = 7/15/2008 4:32:46 PM | Attr = ] DEFAULT.SFM -> %SystemRoot%\System32\DEFAULT.SFM -> [Ver = | Size = 59 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] DEFAULT4.SFM -> %SystemRoot%\System32\DEFAULT4.SFM -> [Ver = | Size = 59 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] DEFAULT8.SFM -> %SystemRoot%\System32\DEFAULT8.SFM -> [Ver = | Size = 59 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] Defaults -> %SystemRoot%\System32\Defaults -> [Folder | Created Date = 7/15/2008 4:33:39 PM | Attr = ] desktop.ini -> %SystemRoot%\System32\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 7/1/2008 11:27:49 PM | Attr = ] dgrpsetu.dll -> %SystemRoot%\System32\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 7/1/2008 7:18:09 PM | Attr = ] dgsetup.dll -> %SystemRoot%\System32\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 7/1/2008 7:18:09 PM | Attr = ] dhcp -> %SystemRoot%\System32\dhcp -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Created Date = 7/1/2008 11:28:24 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] DVCState-{00000002-00000000-00000009-00001102-00000004-00531102}.dat -> %SystemRoot%\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-00531102}.dat -> [Ver = | Size = 24 bytes | Created Date = 7/15/2008 9:11:57 PM | Attr = ] DVCStateBkp-{00000002-00000000-00000009-00001102-00000004-00531102}.dat -> %SystemRoot%\System32\DVCStateBkp-{00000002-00000000-00000009-00001102-00000004-00531102}.dat -> [Ver = | Size = 24 bytes | Created Date = 7/15/2008 9:11:57 PM | Attr = ] EAXAC3.DLL -> %SystemRoot%\System32\EAXAC3.DLL -> Creative Labs [Ver = 1.12 | Size = 77824 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Created Date = 7/1/2008 11:26:33 PM | Attr = ] Emu10kx.ini -> %SystemRoot%\System32\Emu10kx.ini -> [Ver = | Size = 37727 bytes | Created Date = 7/15/2008 4:32:52 PM | Attr = ] en -> %SystemRoot%\System32\en -> [Folder | Created Date = 7/4/2008 12:52:56 AM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Created Date = 7/2/2008 2:44:51 PM | Attr = ] EqnClass.Dll -> %SystemRoot%\System32\EqnClass.Dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 7/1/2008 7:18:08 PM | Attr = ] export -> %SystemRoot%\System32\export -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 91888 bytes | Created Date = 7/1/2008 7:17:02 PM | Attr = ] gb2312.uce -> %SystemRoot%\System32\gb2312.uce -> [Ver = | Size = 24006 bytes | Created Date = 7/1/2008 11:25:16 PM | Attr = ] hsfcisp2.dll -> %SystemRoot%\System32\hsfcisp2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Created Date = 7/4/2008 12:43:56 AM | Attr = ] hticons.dll -> %SystemRoot%\System32\hticons.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Created Date = 7/1/2008 11:25:27 PM | Attr = ] hypertrm.dll -> %SystemRoot%\System32\hypertrm.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.5512 | Size = 347136 bytes | Created Date = 7/1/2008 11:24:37 PM | Attr = ] ias -> %SystemRoot%\System32\ias -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] icsxml -> %SystemRoot%\System32\icsxml -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] ideograf.uce -> %SystemRoot%\System32\ideograf.uce -> [Ver = | Size = 60458 bytes | Created Date = 7/1/2008 11:25:17 PM | Attr = ] IME -> %SystemRoot%\System32\IME -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] inetsrv -> %SystemRoot%\System32\inetsrv -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] Inetwh32.dll -> %SystemRoot%\System32\Inetwh32.dll -> Blue Sky Software Corporation. [Ver = 7.00.131 | Size = 54784 bytes | Created Date = 7/15/2008 3:56:15 PM | Attr = ] isrdbg32.dll -> %SystemRoot%\System32\isrdbg32.dll -> Intel Corporation [Ver = 0.0 | Size = 32768 bytes | Created Date = 7/1/2008 11:26:57 PM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Created Date = 7/16/2008 6:44:56 PM | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 73728 bytes | Created Date = 7/16/2008 6:44:56 PM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Created Date = 7/16/2008 6:44:56 PM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 139264 bytes | Created Date = 7/16/2008 6:44:56 PM | Attr = ] kanji_1.uce -> %SystemRoot%\System32\kanji_1.uce -> [Ver = | Size = 6948 bytes | Created Date = 7/1/2008 11:25:17 PM | Attr = ] kanji_2.uce -> %SystemRoot%\System32\kanji_2.uce -> [Ver = | Size = 8484 bytes | Created Date = 7/1/2008 11:25:17 PM | Attr = ] KILL.INI -> %SystemRoot%\System32\KILL.INI -> [Ver = | Size = 180 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] KILLAPPS.EXE -> %SystemRoot%\System32\KILLAPPS.EXE -> [Ver = | Size = 49152 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] korean.uce -> %SystemRoot%\System32\korean.uce -> [Ver = | Size = 12876 bytes | Created Date = 7/1/2008 11:25:17 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Created Date = 7/2/2008 12:59:41 AM | Attr = ] logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Created Date = 7/1/2008 11:29:01 PM | Attr = RH ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Created Date = 7/1/2008 11:27:24 PM | Attr = ] mdmxsdk.dll -> %SystemRoot%\System32\mdmxsdk.dll -> Conexant [Ver = 1.0.2.006 | Size = 86016 bytes | Created Date = 7/4/2008 12:44:03 AM | Attr = ] Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Created Date = 7/1/2008 11:33:00 PM | Attr = S] MsDtc -> %SystemRoot%\System32\MsDtc -> [Folder | Created Date = 7/1/2008 11:24:31 PM | Attr = ] msdtcprf.h -> %SystemRoot%\System32\msdtcprf.h -> [Ver = | Size = 768 bytes | Created Date = 7/1/2008 11:25:12 PM | Attr = ] msdtcprf.ini -> %SystemRoot%\System32\msdtcprf.ini -> [Ver = | Size = 1931 bytes | Created Date = 7/1/2008 11:25:12 PM | Attr = ] mtxparhd.dll -> %SystemRoot%\System32\mtxparhd.dll -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 1737856 bytes | Created Date = 7/4/2008 12:44:09 AM | Attr = ] mui -> %SystemRoot%\System32\mui -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 7/1/2008 11:28:55 PM | Attr = RH ] newlogobmp.bmp -> %SystemRoot%\System32\newlogobmp.bmp -> [Ver = | Size = 47894 bytes | Created Date = 7/2/2008 12:18:29 AM | Attr = ] npp -> %SystemRoot%\System32\npp -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] nppt9x.vxd -> %SystemRoot%\System32\nppt9x.vxd -> [Ver = | Size = 5174 bytes | Created Date = 7/5/2008 10:28:41 PM | Attr = ] npptNT2.sys -> %SystemRoot%\System32\npptNT2.sys -> INCA Internet Co., Ltd. [Ver = 2005, 1, 5, 1 | Size = 4682 bytes | Created Date = 7/5/2008 10:28:41 PM | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Created Date = 7/1/2008 11:29:56 PM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 162159 bytes | Created Date = 7/1/2008 11:37:09 PM | Attr = ] nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [Ver = | Size = 17737 bytes | Created Date = 7/1/2008 11:36:42 PM | Attr = ] nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 56 | Size = 356352 bytes | Created Date = 7/1/2008 11:36:42 PM | Attr = ] NVUNINST.EXE -> %SystemRoot%\System32\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 56 | Size = 356352 bytes | Created Date = 7/1/2008 11:36:22 PM | Attr = ] nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 7/1/2008 11:28:55 PM | Attr = RH ] OEMINFO.INI -> %SystemRoot%\System32\OEMINFO.INI -> [Ver = | Size = 725 bytes | Created Date = 7/2/2008 12:18:29 AM | Attr = ] OEMLOGO.BMP -> %SystemRoot%\System32\OEMLOGO.BMP -> [Ver = | Size = 15478 bytes | Created Date = 7/2/2008 12:18:29 AM | Attr = ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] OPENAL32.DLL -> %SystemRoot%\System32\OPENAL32.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 135168 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] PCANDIS5.SYS -> %SystemRoot%\System32\PCANDIS5.SYS -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.00.13.49 | Size = 16068 bytes | Created Date = 7/1/2008 11:56:07 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 356120 bytes | Created Date = 7/1/2008 7:18:34 PM | Attr = ] PFMODNT.SYS -> %SystemRoot%\System32\PFMODNT.SYS -> Creative Technology Ltd. [Ver = 2.0.0.0 | Size = 6752 bytes | Created Date = 7/15/2008 3:53:57 PM | Attr = ] PIAPROXY.DLL -> %SystemRoot%\System32\PIAPROXY.DLL -> Creative Technology Ltd [Ver = 5.12.01.0244-1.31.0040 | Size = 110592 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] pid.inf -> %SystemRoot%\System32\pid.inf -> [Ver = | Size = 1261 bytes | Created Date = 7/4/2008 12:43:57 AM | Attr = ] PixWorldEdit.dll -> %SystemRoot%\System32\PixWorldEdit.dll -> PixAround.com [Ver = 1, 0, 1, 35 | Size = 466944 bytes | Created Date = 7/15/2008 4:31:13 PM | Attr = ] PixWorldViewer.ocx -> %SystemRoot%\System32\PixWorldViewer.ocx -> PixAround.com Pte Ltd [Ver = 1.03 | Size = 40960 bytes | Created Date = 7/15/2008 4:31:14 PM | Attr = ] PnkBstrA.exe -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Created Date = 7/2/2008 12:59:41 AM | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 111928 bytes | Created Date = 7/2/2008 12:59:42 AM | Attr = ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Created Date = 7/2/2008 12:44:28 AM | Attr = ] ras -> %SystemRoot%\System32\ras -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] RcMan.cpl -> %SystemRoot%\System32\RcMan.cpl -> Creative Technology Ltd. [Ver = 1.00.01 | Size = 24576 bytes | Created Date = 7/15/2008 3:57:13 PM | Attr = ] REGPLIB.EXE -> %SystemRoot%\System32\REGPLIB.EXE -> [Ver = | Size = 36864 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Created Date = 7/4/2008 12:48:53 AM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Created Date = 7/1/2008 11:26:59 PM | Attr = ] s3gnb.dll -> %SystemRoot%\System32\s3gnb.dll -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 397056 bytes | Created Date = 7/4/2008 12:44:16 AM | Attr = ] sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 7/1/2008 11:28:55 PM | Attr = RH ] SBAudigy.ico -> %SystemRoot%\System32\SBAudigy.ico -> [Ver = | Size = 7406 bytes | Created Date = 7/15/2008 3:52:22 PM | Attr = ] scripting -> %SystemRoot%\System32\scripting -> [Folder | Created Date = 7/4/2008 12:52:57 AM | Attr = ] settings.sfm -> %SystemRoot%\System32\settings.sfm -> [Ver = | Size = 2064 bytes | Created Date = 7/1/2008 11:57:05 PM | Attr = ] settingsbkup.sfm -> %SystemRoot%\System32\settingsbkup.sfm -> [Ver = | Size = 2064 bytes | Created Date = 7/1/2008 11:57:05 PM | Attr = ] Setup -> %SystemRoot%\System32\Setup -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] SFCVRT32.DLL -> %SystemRoot%\System32\SFCVRT32.DLL -> Creative Technology Ltd. [Ver = 4. 05.1002 | Size = 84992 bytes | Created Date = 7/15/2008 4:33:42 PM | Attr = ] SFMAN.DAT -> %SystemRoot%\System32\SFMAN.DAT -> [Ver = | Size = 1048576 bytes | Created Date = 7/15/2008 4:33:41 PM | Attr = ] sfman32.dll -> %SystemRoot%\System32\sfman32.dll -> Creative Technology Ltd [Ver = 5.12.01.0130-1.00.0000 | Size = 36864 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] SFMS32.DLL -> %SystemRoot%\System32\SFMS32.DLL -> Creative Technology Ltd [Ver = 5.12.01.0140-0.75.1490 (beta-release) | Size = 270336 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] ShellExt -> %SystemRoot%\System32\ShellExt -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] shiftjis.uce -> %SystemRoot%\System32\shiftjis.uce -> [Ver = | Size = 16740 bytes | Created Date = 7/1/2008 11:25:17 PM | Attr = ] slcoinst.dll -> %SystemRoot%\System32\slcoinst.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 73832 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] slextspk.dll -> %SystemRoot%\System32\slextspk.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 286792 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] slgen.dll -> %SystemRoot%\System32\slgen.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 188508 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] slrundll.exe -> %SystemRoot%\System32\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] slserv.exe -> %SystemRoot%\System32\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Created Date = 7/2/2008 12:36:36 AM | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] spxcoins.dll -> %SystemRoot%\System32\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 7/1/2008 7:18:08 PM | Attr = ] subrange.uce -> %SystemRoot%\System32\subrange.uce -> [Ver = | Size = 93702 bytes | Created Date = 7/1/2008 11:25:17 PM | Attr = ] tslabels.h -> %SystemRoot%\System32\tslabels.h -> [Ver = | Size = 3286 bytes | Created Date = 7/1/2008 11:25:13 PM | Attr = ] tslabels.ini -> %SystemRoot%\System32\tslabels.ini -> [Ver = | Size = 13223 bytes | Created Date = 7/1/2008 11:25:13 PM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] usrlogon.cmd -> %SystemRoot%\System32\usrlogon.cmd -> [Ver = | Size = 1161 bytes | Created Date = 7/1/2008 11:25:14 PM | Attr = ] VERSION.LIB -> %SystemRoot%\System32\VERSION.LIB -> [Ver = | Size = 4716 bytes | Created Date = 7/1/2008 11:56:07 PM | Attr = ] Video.skn -> %SystemRoot%\System32\Video.skn -> Creative Technology Ltd. [Ver = 3.0.1.0 | Size = 139264 bytes | Created Date = 7/15/2008 3:56:20 PM | Attr = ] W32N50.dll -> %SystemRoot%\System32\W32N50.dll -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.00.13.49 | Size = 61440 bytes | Created Date = 7/1/2008 11:56:07 PM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Created Date = 7/1/2008 11:29:01 PM | Attr = RH ] wins -> %SystemRoot%\System32\wins -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] wmimgmt.msc -> %SystemRoot%\System32\wmimgmt.msc -> [Ver = | Size = 63488 bytes | Created Date = 7/1/2008 11:25:03 PM | Attr = ] wpa.bak -> %SystemRoot%\System32\wpa.bak -> [Ver = | Size = 13646 bytes | Created Date = 7/4/2008 12:34:13 AM | Attr = ] wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 7/1/2008 11:28:55 PM | Attr = RH ] xfcodec.dll -> %SystemRoot%\System32\xfcodec.dll -> [Ver = 32716 | Size = 42320 bytes | Created Date = 6/26/2008 4:09:38 PM | Attr = ] xircom -> %SystemRoot%\System32\xircom -> [Folder | Created Date = 7/1/2008 11:30:12 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Created Date = 7/2/2008 12:44:26 AM | Attr = H ] 4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Created Date = 7/2/2008 12:44:47 AM | Attr = H ] $NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Created Date = 7/4/2008 12:47:04 AM | Attr = H ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 7/2/2008 2:43:46 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 7/2/2008 2:43:31 PM | Attr = H ] AC3API.INI -> %SystemRoot%\AC3API.INI -> [Ver = | Size = 231 bytes | Created Date = 7/15/2008 4:33:42 PM | Attr = ] addins -> %SystemRoot%\addins -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] Blue Lace 16.bmp -> %SystemRoot%\Blue Lace 16.bmp -> [Ver = | Size = 1272 bytes | Created Date = 7/1/2008 11:25:18 PM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Created Date = 7/1/2008 11:32:08 PM | Attr = S] Coffee Bean.bmp -> %SystemRoot%\Coffee Bean.bmp -> [Ver = | Size = 17062 bytes | Created Date = 7/1/2008 11:25:18 PM | Attr = ] Config -> %SystemRoot%\Config -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Created Date = 7/1/2008 11:30:00 PM | Attr = ] CTCCW.DLL -> %SystemRoot%\CTCCW.DLL -> Creative® Technology Ltd. [Ver = 3.11 | Size = 53552 bytes | Created Date = 7/15/2008 4:33:42 PM | Attr = ] CTDCRES.DLL -> %SystemRoot%\CTDCRES.DLL -> Creative Technology Ltd [Ver = 1, 0, 0, 1 | Size = 49152 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] CTDV10K1.CDF -> %SystemRoot%\CTDV10K1.CDF -> [Ver = | Size = 3373917 bytes | Created Date = 7/15/2008 4:32:35 PM | Attr = ] CTDV10K2.CDF -> %SystemRoot%\CTDV10K2.CDF -> [Ver = | Size = 3735544 bytes | Created Date = 7/15/2008 4:32:36 PM | Attr = ] CTDVAUDY.CDF -> %SystemRoot%\CTDVAUDY.CDF -> [Ver = | Size = 3206822 bytes | Created Date = 7/15/2008 4:32:37 PM | Attr = ] CTRegRun.exe -> %SystemRoot%\CTRegRun.exe -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 41984 bytes | Created Date = 7/1/2008 11:41:50 PM | Attr = ] CTRES.DLL -> %SystemRoot%\CTRES.DLL -> Creative Technology Ltd. [Ver = 2.24 | Size = 24976 bytes | Created Date = 7/15/2008 4:33:42 PM | Attr = ] Cursors -> %SystemRoot%\Cursors -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 7/1/2008 11:27:49 PM | Attr = ] DEVREG.DLL -> %SystemRoot%\DEVREG.DLL -> Creative Technology Ltd [Ver = 1.00.00.0018-1.00.0180 | Size = 94208 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Created Date = 7/1/2008 11:29:01 PM | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] EHome -> %SystemRoot%\EHome -> [Folder | Created Date = 7/4/2008 12:47:03 AM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 7/15/2008 9:06:17 PM | Attr = ] FeatherTexture.bmp -> %SystemRoot%\FeatherTexture.bmp -> [Ver = | Size = 16730 bytes | Created Date = 7/1/2008 11:25:18 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = R S] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Created Date = 7/2/2008 12:44:46 AM | Attr = HS] game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 287 bytes | Created Date = 7/2/2008 12:59:40 AM | Attr = ] Gone Fishing.bmp -> %SystemRoot%\Gone Fishing.bmp -> [Ver = | Size = 17336 bytes | Created Date = 7/1/2008 11:25:18 PM | Attr = ] Greenstone.bmp -> %SystemRoot%\Greenstone.bmp -> [Ver = | Size = 26582 bytes | Created Date = 7/1/2008 11:25:18 PM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 7/2/2008 2:43:54 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 7/2/2008 2:45:08 PM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Created Date = 7/1/2008 7:18:36 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = H ] INRES.DLL -> %SystemRoot%\INRES.DLL -> Creative Technology Limited [Ver = 1, 0, 2, 0 | Size = 20480 bytes | Created Date = 7/15/2008 4:32:52 PM | Attr = ] Installer -> %SystemRoot%\Installer -> [Folder | Created Date = 7/1/2008 7:18:33 PM | Attr = HS] IsUninst.exe -> %SystemRoot%\IsUninst.exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Created Date = 7/1/2008 11:51:51 PM | Attr = ] java -> %SystemRoot%\java -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] l2schemas -> %SystemRoot%\l2schemas -> [Folder | Created Date = 7/4/2008 12:52:57 AM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] MIDIDEF.EXE -> %SystemRoot%\MIDIDEF.EXE -> Creative Technology Ltd [Ver = 2, 8, 2, 0 | Size = 61440 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 7/2/2008 12:25:14 AM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] mui -> %SystemRoot%\mui -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 7/2/2008 2:42:41 PM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 7/13/2008 9:44:44 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Created Date = 7/1/2008 11:36:42 PM | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Created Date = 7/1/2008 7:18:33 PM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Created Date = 7/1/2008 11:29:01 PM | Attr = R ] pchealth -> %SystemRoot%\pchealth -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] PeerNet -> %SystemRoot%\PeerNet -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] Prairie Wind.bmp -> %SystemRoot%\Prairie Wind.bmp -> [Ver = | Size = 65954 bytes | Created Date = 7/1/2008 11:25:19 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 7/4/2008 12:59:03 AM | Attr = ] Profiles -> %SystemRoot%\Profiles -> [Folder | Created Date = 7/1/2008 11:53:04 PM | Attr = ] Provisioning -> %SystemRoot%\Provisioning -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] PSCONV.EXE -> %SystemRoot%\PSCONV.EXE -> [Ver = | Size = 184320 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] READREG.EXE -> %SystemRoot%\READREG.EXE -> Creative Technology Limited [Ver = 1, 5, 0, 9 | Size = 176128 bytes | Created Date = 7/15/2008 4:32:39 PM | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Created Date = 7/1/2008 11:26:18 PM | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Created Date = 7/1/2008 11:32:49 PM | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] Resources -> %SystemRoot%\Resources -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp -> [Ver = | Size = 17362 bytes | Created Date = 7/1/2008 11:25:19 PM | Attr = ] River Sumida.bmp -> %SystemRoot%\River Sumida.bmp -> [Ver = | Size = 26680 bytes | Created Date = 7/1/2008 11:25:19 PM | Attr = ] Santa Fe Stucco.bmp -> %SystemRoot%\Santa Fe Stucco.bmp -> [Ver = | Size = 65832 bytes | Created Date = 7/1/2008 11:25:19 PM | Attr = ] SBWIN.INI -> %SystemRoot%\SBWIN.INI -> [Ver = | Size = 317 bytes | Created Date = 7/1/2008 11:48:46 PM | Attr = ] security -> %SystemRoot%\security -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [Folder | Created Date = 7/4/2008 12:51:57 AM | Attr = ] slrundll.exe -> %SystemRoot%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 7/4/2008 12:44:18 AM | Attr = ] Soap Bubbles.bmp -> %SystemRoot%\Soap Bubbles.bmp -> [Ver = | Size = 65978 bytes | Created Date = 7/1/2008 11:25:18 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 7/1/2008 11:33:02 PM | Attr = ] srchasst -> %SystemRoot%\srchasst -> [Folder | Created Date = 7/1/2008 11:27:25 PM | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 7/16/2008 6:23:42 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Created Date = 7/1/2008 11:27:33 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] Updreg.EXE -> %SystemRoot%\Updreg.EXE -> Creative Technology Ltd. [Ver = 1.0.2 | Size = 90112 bytes | Created Date = 7/15/2008 4:33:43 PM | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Created Date = 7/1/2008 11:26:22 PM | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Created Date = 7/1/2008 11:26:22 PM | Attr = ] WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 7/2/2008 2:44:52 PM | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = R ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Created Date = 7/1/2008 11:28:55 PM | Attr = RH ] winnt.bmp -> %SystemRoot%\winnt.bmp -> [Ver = | Size = 48680 bytes | Created Date = 7/1/2008 11:27:49 PM | Attr = HS] winnt256.bmp -> %SystemRoot%\winnt256.bmp -> [Ver = | Size = 48680 bytes | Created Date = 7/1/2008 11:27:49 PM | Attr = HS] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Created Date = 7/1/2008 7:03:05 PM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 7/1/2008 11:29:55 PM | Attr = ] Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [Ver = | Size = 9522 bytes | Created Date = 7/1/2008 11:25:19 PM | Attr = ] {00000002-00000000-00000009-00001102-00000004-00531102}.BAK -> %SystemRoot%\{00000002-00000000-00000009-00001102-00000004-00531102}.BAK -> [Ver = | Size = 3207201 bytes | Created Date = 7/15/2008 6:22:52 PM | Attr = ] {00000002-00000000-00000009-00001102-00000004-00531102}.CDF -> %SystemRoot%\{00000002-00000000-00000009-00001102-00000004-00531102}.CDF -> [Ver = | Size = 3207201 bytes | Created Date = 7/15/2008 6:22:52 PM | Attr = ] desktop.ini -> %SystemRoot%\tasks\desktop.ini -> [Ver = | Size = 65 bytes | Created Date = 7/1/2008 11:27:33 PM | Attr = RH ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Created Date = 7/1/2008 11:33:01 PM | Attr = H ] [Files Created - Additional Folder Scans - Non-Microsoft Only] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Created Date = 7/15/2008 8:45:53 PM | Attr = ] Creative -> %AllUsersProfile%\Application Data\Creative -> [Folder | Created Date = 7/1/2008 11:44:23 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 7/1/2008 7:17:56 PM | Attr = HS] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Created Date = 7/1/2008 7:17:36 PM | Attr = S] NexonUS -> %AllUsersProfile%\Application Data\NexonUS -> [Folder | Created Date = 7/11/2008 5:17:06 PM | Attr = ] Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Created Date = 7/4/2008 12:33:29 AM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Created Date = 7/1/2008 11:53:03 PM | Attr = ] Creative -> %AppData%\Creative -> [Folder | Created Date = 7/1/2008 11:54:42 PM | Attr = ] desktop.ini -> %AppData%\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 7/1/2008 11:33:54 PM | Attr = HS] dvdcss -> %AppData%\dvdcss -> [Folder | Created Date = 7/9/2008 11:41:07 PM | Attr = ] Identities -> %AppData%\Identities -> [Folder | Created Date = 7/1/2008 11:34:01 PM | Attr = ] InterTrust -> %AppData%\InterTrust -> [Folder | Created Date = 7/1/2008 11:53:03 PM | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Created Date = 7/2/2008 12:43:16 AM | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Created Date = 7/1/2008 11:33:53 PM | Attr = S] mIRC -> %AppData%\mIRC -> [Folder | Created Date = 7/3/2008 7:30:27 PM | Attr = ] Mozilla -> %AppData%\Mozilla -> [Folder | Created Date = 7/13/2008 9:44:41 PM | Attr = ] PnkBstrK.sys -> %AppData%\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Created Date = 7/2/2008 1:00:19 AM | Attr = ] Sun -> %AppData%\Sun -> [Folder | Created Date = 7/16/2008 6:23:42 PM | Attr = ] Ventrilo -> %AppData%\Ventrilo -> [Folder | Created Date = 7/2/2008 12:40:47 AM | Attr = ] vlc -> %AppData%\vlc -> [Folder | Created Date = 7/2/2008 1:02:12 AM | Attr = ] Xfire -> %AppData%\Xfire -> [Folder | Created Date = 7/2/2008 12:39:34 AM | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 13104 bytes | Created Date = 7/1/2008 11:55:19 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 4296770 bytes | Created Date = 7/1/2008 11:37:30 PM | Attr = H ] Identities -> %UserProfile%\Local Settings\Application Data\Identities -> [Folder | Created Date = 7/5/2008 9:00:55 PM | Attr = ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Created Date = 7/1/2008 11:33:53 PM | Attr = ] Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [Folder | Created Date = 7/13/2008 9:44:41 PM | Attr = ] NVIDIA Corporation -> %UserProfile%\Local Settings\Application Data\NVIDIA Corporation -> [Folder | Created Date = 7/2/2008 1:03:32 AM | Attr = ] desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 7/1/2008 7:17:56 PM | Attr = HS] My Music -> %AllUsersProfile%\Documents\My Music -> [Folder | Created Date = 7/1/2008 11:25:51 PM | Attr = R ] My Pictures -> %AllUsersProfile%\Documents\My Pictures -> [Folder | Created Date = 7/1/2008 11:26:35 PM | Attr = R ] desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [Ver = | Size = 79 bytes | Created Date = 7/1/2008 11:33:57 PM | Attr = HS] My eBooks -> %UserProfile%\My Documents\My eBooks -> [Folder | Created Date = 7/1/2008 11:53:03 PM | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Created Date = 7/1/2008 11:33:57 PM | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Created Date = 7/1/2008 11:33:57 PM | Attr = R ] RCMAN.CFG -> %UserProfile%\My Documents\RCMAN.CFG -> [Ver = | Size = 4702 bytes | Created Date = 7/15/2008 6:23:30 PM | Attr = ] ³Ø½¼ Ç÷¯±× -> %UserProfile%\My Documents\³Ø½¼ Ç÷¯±× -> [Folder | Created Date = 7/11/2008 5:20:47 PM | Attr = ] 2MOONS Bad Moon Rising.lnk -> %AllUsersProfile%\Desktop\2MOONS Bad Moon Rising.lnk -> [Ver = | Size = 870 bytes | Created Date = 7/5/2008 7:51:02 PM | Attr = ] AVG 8.0.lnk -> %AllUsersProfile%\Desktop\AVG 8.0.lnk -> [Ver = | Size = 1507 bytes | Created Date = 7/15/2008 8:46:07 PM | Attr = ] Call of Duty(R) 2 Multiplayer.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 2 Multiplayer.lnk -> [Ver = | Size = 1563 bytes | Created Date = 7/15/2008 2:01:48 AM | Attr = ] Call of Duty(R) 2 Single Player.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 2 Single Player.lnk -> [Ver = | Size = 1563 bytes | Created Date = 7/15/2008 2:01:48 AM | Attr = ] Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk -> [Ver = | Size = 1691 bytes | Created Date = 7/2/2008 1:00:41 AM | Attr = ] Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk -> [Ver = | Size = 1691 bytes | Created Date = 7/2/2008 1:00:41 AM | Attr = ] Combat Arms.lnk -> %AllUsersProfile%\Desktop\Combat Arms.lnk -> [Ver = | Size = 1497 bytes | Created Date = 7/11/2008 5:18:00 PM | Attr = ] mIRC.lnk -> %AllUsersProfile%\Desktop\mIRC.lnk -> [Ver = | Size = 626 bytes | Created Date = 7/3/2008 7:30:27 PM | Attr = ] Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [Ver = | Size = 1602 bytes | Created Date = 7/13/2008 9:44:04 PM | Attr = ] VLC media player.lnk -> %AllUsersProfile%\Desktop\VLC media player.lnk -> [Ver = | Size = 719 bytes | Created Date = 7/2/2008 1:02:00 AM | Attr = ] WinAce Archiver.lnk -> %AllUsersProfile%\Desktop\WinAce Archiver.lnk -> [Ver = | Size = 638 bytes | Created Date = 7/2/2008 1:02:29 AM | Attr = ] Xfire.lnk -> %AllUsersProfile%\Desktop\Xfire.lnk -> [Ver = | Size = 638 bytes | Created Date = 7/2/2008 12:39:33 AM | Attr = ] 2MOONSBMR.zip -> %UserProfile%\Desktop\2MOONSBMR.zip -> [Ver = | Size = 1061638302 bytes | Created Date = 7/5/2008 7:23:55 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\2MOONSBMR.zip:Zone.Identifier 4v5lolbad.wmv -> %UserProfile%\Desktop\4v5lolbad.wmv -> [Ver = | Size = 65181941 bytes | Created Date = 7/16/2008 3:52:27 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\4v5lolbad.wmv:Zone.Identifier ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Created Date = 7/2/2008 2:31:43 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\ATF_Cleaner.exe:Zone.Identifier avg_avwt_stf_en_8_131a1327.exe -> %UserProfile%\Desktop\avg_avwt_stf_en_8_131a1327.exe -> AVG Technologies [Ver = 8, 0, 0, 1 | Size = 49104360 bytes | Created Date = 7/2/2008 2:32:53 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\avg_avwt_stf_en_8_131a1327.exe:Zone.Identifier dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Created Date = 7/15/2008 9:04:17 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\dss.exe:Zone.Identifier HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Created Date = 7/2/2008 2:32:16 PM | Attr = ] Joseph Passarella resume.doc -> %UserProfile%\Desktop\Joseph Passarella resume.doc -> [Ver = | Size = 5766 bytes | Created Date = 7/9/2008 5:56:26 PM | Attr = ] jre-6u7-windows-i586-p.exe -> %UserProfile%\Desktop\jre-6u7-windows-i586-p.exe -> [Ver = | Size = 15984024 bytes | Created Date = 7/16/2008 6:39:41 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\jre-6u7-windows-i586-p.exe:Zone.Identifier OAR-Crazy Game of Poker.mp3 -> %UserProfile%\Desktop\OAR-Crazy Game of Poker.mp3 -> [Ver = | Size = 8364327 bytes | Created Date = 7/16/2008 4:43:46 PM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 7/17/2008 5:33:26 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568477 bytes | Created Date = 7/17/2008 5:28:51 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier Shape -> %UserProfile%\Desktop\Shape -> [Folder | Created Date = 7/3/2008 4:32:17 PM | Attr = ] Shaputer.lnk -> %UserProfile%\Desktop\Shaputer.lnk -> [Ver = | Size = 104 bytes | Created Date = 7/2/2008 1:04:00 AM | Attr = ] stng399.exe -> %UserProfile%\Desktop\stng399.exe -> McAfee Inc. [Ver = 3.9.9 | Size = 1973255 bytes | Created Date = 7/4/2008 12:18:08 AM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\stng399.exe:Zone.Identifier untitled.bmp -> %UserProfile%\Desktop\untitled.bmp -> [Ver = | Size = 2359350 bytes | Created Date = 7/9/2008 8:49:31 PM | Attr = ] usa -> %UserProfile%\Desktop\usa -> [Folder | Created Date = 7/6/2008 3:38:00 AM | Attr = ] usa.no_speed_hack.zip -> %UserProfile%\Desktop\usa.no_speed_hack.zip -> [Ver = | Size = 83866 bytes | Created Date = 7/6/2008 3:03:15 AM | Attr = ] usa.speed_hack.rar -> %UserProfile%\Desktop\usa.speed_hack.rar -> [Ver = | Size = 108201 bytes | Created Date = 7/5/2008 10:43:31 PM | Attr = ] Ventrilo.lnk -> %UserProfile%\Desktop\Ventrilo.lnk -> [Ver = | Size = 636 bytes | Created Date = 7/2/2008 12:40:40 AM | Attr = ] desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Created Date = 7/1/2008 7:17:56 PM | Attr = HS] Wireless PCI Card Configuration Utility.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Wireless PCI Card Configuration Utility.lnk -> [Ver = | Size = 878 bytes | Created Date = 7/1/2008 11:56:06 PM | Attr = ] desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Created Date = 7/1/2008 11:33:53 PM | Attr = HS] Xfire.lnk -> %UserProfile%\Start Menu\Programs\Startup\Xfire.lnk -> [Ver = | Size = 650 bytes | Created Date = 7/2/2008 12:39:33 AM | Attr = ] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Created Date = 7/1/2008 11:53:03 PM | Attr = ] INCA Shared -> %CommonProgramFiles%\INCA Shared -> [Folder | Created Date = 7/5/2008 10:29:33 PM | Attr = ] InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Created Date = 7/1/2008 11:36:12 PM | Attr = ] Java -> %CommonProgramFiles%\Java -> [Folder | Created Date = 7/16/2008 6:44:14 PM | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Created Date = 7/1/2008 7:18:27 PM | Attr = ] MSSoap -> %CommonProgramFiles%\MSSoap -> [Folder | Created Date = 7/1/2008 11:27:32 PM | Attr = ] ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Created Date = 7/1/2008 7:18:33 PM | Attr = ] Services -> %CommonProgramFiles%\Services -> [Folder | Created Date = 7/1/2008 11:27:37 PM | Attr = ] SpeechEngines -> %CommonProgramFiles%\SpeechEngines -> [Folder | Created Date = 7/1/2008 7:18:28 PM | Attr = ] System -> %CommonProgramFiles%\System -> [Folder | Created Date = 7/1/2008 11:26:37 PM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 7/2/2008 12:40:23 AM | Attr = ] Acclaim -> %ProgramFiles%\Acclaim -> [Folder | Created Date = 7/5/2008 7:48:41 PM | Attr = ] Activision -> %ProgramFiles%\Activision -> [Folder | Created Date = 7/2/2008 12:46:11 AM | Attr = ] Adobe -> %ProgramFiles%\Adobe -> [Folder | Created Date = 7/1/2008 11:53:03 PM | Attr = ] AVG -> %ProgramFiles%\AVG -> [Folder | Created Date = 7/15/2008 8:45:54 PM | Attr = ] Common Files -> %CommonProgramFiles% -> [Folder | Created Date = 7/1/2008 7:18:27 PM | Attr = ] ComPlus Applications -> %ProgramFiles%\ComPlus Applications -> [Folder | Created Date = 7/1/2008 11:26:24 PM | Attr = ] Creative -> %ProgramFiles%\Creative -> [Folder | Created Date = 7/1/2008 11:41:37 PM | Attr = ] InstallShield Installation Information -> %ProgramFiles%\InstallShield Installation Information -> [Folder | Created Date = 7/1/2008 11:43:20 PM | Attr = H ] Internet Explorer -> %ProgramFiles%\Internet Explorer -> [Folder | Created Date = 7/1/2008 11:26:36 PM | Attr = ] Java -> %ProgramFiles%\Java -> [Folder | Created Date = 7/16/2008 6:44:19 PM | Attr = ] Linksys -> %ProgramFiles%\Linksys -> [Folder | Created Date = 7/1/2008 11:56:06 PM | Attr = ] Messenger -> %ProgramFiles%\Messenger -> [Folder | Created Date = 7/1/2008 11:25:46 PM | Attr = ] microsoft frontpage -> %ProgramFiles%\microsoft frontpage -> [Folder | Created Date = 7/1/2008 11:30:12 PM | Attr = ] mIRC -> %ProgramFiles%\mIRC -> [Folder | Created Date = 7/3/2008 7:30:27 PM | Attr = ] Movie Maker -> %ProgramFiles%\Movie Maker -> [Folder | Created Date = 7/1/2008 11:27:11 PM | Attr = ] Mozilla Firefox -> %ProgramFiles%\Mozilla Firefox -> [Folder | Created Date = 7/13/2008 9:44:02 PM | Attr = ] MSN -> %ProgramFiles%\MSN -> [Folder | Created Date = 7/1/2008 11:24:39 PM | Attr = ] MSN Gaming Zone -> %ProgramFiles%\MSN Gaming Zone -> [Folder | Created Date = 7/1/2008 11:25:40 PM | Attr = ] NetMeeting -> %ProgramFiles%\NetMeeting -> [Folder | Created Date = 7/1/2008 11:26:52 PM | Attr = ] NVIDIA Corporation -> %ProgramFiles%\NVIDIA Corporation -> [Folder | Created Date = 7/2/2008 1:03:27 AM | Attr = ] NVIDIA nTune Performance Application -> %ProgramFiles%\NVIDIA nTune Performance Application -> [Folder | Created Date = 7/2/2008 1:02:57 AM | Attr = ] Online Services -> %ProgramFiles%\Online Services -> [Folder | Created Date = 7/1/2008 11:25:51 PM | Attr = ] Outlook Express -> %ProgramFiles%\Outlook Express -> [Folder | Created Date = 7/1/2008 11:26:47 PM | Attr = ] Trend Micro -> %ProgramFiles%\Trend Micro -> [Folder | Created Date = 7/2/2008 2:32:16 PM | Attr = ] Uninstall Information -> %ProgramFiles%\Uninstall Information -> [Folder | Created Date = 7/1/2008 11:33:59 PM | Attr = H ] Ventrilo -> %ProgramFiles%\Ventrilo -> [Folder | Created Date = 7/2/2008 12:40:39 AM | Attr = ] VideoLAN -> %ProgramFiles%\VideoLAN -> [Folder | Created Date = 7/2/2008 1:01:50 AM | Attr = ] WinAce -> %ProgramFiles%\WinAce -> [Folder | Created Date = 7/2/2008 1:02:20 AM | Attr = ] Windows Media Player -> %ProgramFiles%\Windows Media Player -> [Folder | Created Date = 7/1/2008 11:25:51 PM | Attr = ] Windows NT -> %ProgramFiles%\Windows NT -> [Folder | Created Date = 7/1/2008 11:24:36 PM | Attr = ] WindowsUpdate -> %ProgramFiles%\WindowsUpdate -> [Folder | Created Date = 7/1/2008 11:28:51 PM | Attr = H ] xerox -> %ProgramFiles%\xerox -> [Folder | Created Date = 7/1/2008 11:30:12 PM | Attr = ] Xfire -> %ProgramFiles%\Xfire -> [Folder | Created Date = 7/2/2008 12:39:31 AM | Attr = ] [Files/Folders - Modified Within 30 days] AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Modified Date = 7/1/2008 11:30:00 PM | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 7/1/2008 11:23:11 PM | Attr = HS] CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Modified Date = 7/1/2008 11:30:00 PM | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 7/15/2008 9:06:04 PM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 7/15/2008 3:44:42 PM | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 7/1/2008 11:30:00 PM | Attr = RHS] Media -> %SystemDrive%\Media -> [Folder | Modified Date = 7/15/2008 4:29:47 PM | Attr = ] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 7/1/2008 11:30:00 PM | Attr = RHS] Nexon -> %SystemDrive%\Nexon -> [Folder | Modified Date = 7/11/2008 5:17:07 PM | Attr = ] ntldr -> %SystemDrive%\ntldr -> [Ver = | Size = 250048 bytes | Modified Date = 7/4/2008 12:50:07 AM | Attr = RHS] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 7/16/2008 6:44:19 PM | Attr = R ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 7/1/2008 11:53:18 PM | Attr = HS] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 7/1/2008 11:33:02 PM | Attr = HS] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 7/16/2008 6:23:42 PM | Attr = ] Avg -> %SystemRoot%\System32\drivers\Avg -> [Folder | Modified Date = 7/17/2008 5:22:20 PM | Attr = ] avi7.avg -> %SystemRoot%\System32\drivers\Avg\avi7.avg -> [Ver = | Size = 6061540 bytes | Modified Date = 7/15/2008 8:46:02 PM | Attr = ] incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [Ver = | Size = 25543660 bytes | Modified Date = 7/17/2008 5:22:19 PM | Attr = ] microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [Ver = | Size = 31434 bytes | Modified Date = 7/17/2008 5:22:07 PM | Attr = ] miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [Ver = | Size = 162021 bytes | Modified Date = 7/16/2008 3:08:25 PM | Attr = ] avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 96520 bytes | Modified Date = 7/15/2008 8:45:57 PM | Attr = ] avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.132 | Size = 26824 bytes | Modified Date = 7/15/2008 8:49:37 PM | Attr = ] avgrkx86.sys -> %SystemRoot%\System32\drivers\avgrkx86.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.104 | Size = 12936 bytes | Modified Date = 7/15/2008 8:46:06 PM | Attr = ] avgtdix.sys -> %SystemRoot%\System32\drivers\avgtdix.sys -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.116 | Size = 76040 bytes | Modified Date = 7/15/2008 8:45:57 PM | Attr = ] disdn -> %SystemRoot%\System32\drivers\disdn -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] EagleNt.sys -> %SystemRoot%\System32\drivers\EagleNt.sys -> AhnLab, Inc. [Ver = 0,0,1,27 | Size = 427648 bytes | Modified Date = 7/17/2008 12:33:16 AM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 7/5/2008 10:44:28 PM | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 914 bytes | Modified Date = 7/5/2008 10:43:44 PM | Attr = ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 136888 bytes | Modified Date = 7/17/2008 4:38:03 AM | Attr = ] $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 261 bytes | Modified Date = 7/1/2008 11:32:08 PM | Attr = ] 1025 -> %SystemRoot%\System32\1025 -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1028 -> %SystemRoot%\System32\1028 -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] 1031 -> %SystemRoot%\System32\1031 -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] 1033 -> %SystemRoot%\System32\1033 -> [Folder | Modified Date = 7/1/2008 7:04:11 PM | Attr = ] 1037 -> %SystemRoot%\System32\1037 -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] 1041 -> %SystemRoot%\System32\1041 -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] 1042 -> %SystemRoot%\System32\1042 -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] 1054 -> %SystemRoot%\System32\1054 -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] 2052 -> %SystemRoot%\System32\2052 -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] 3076 -> %SystemRoot%\System32\3076 -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] Adobe -> %SystemRoot%\System32\Adobe -> [Folder | Modified Date = 7/1/2008 11:53:03 PM | Attr = ] amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 7/1/2008 11:29:56 PM | Attr = ] avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Modified Date = 7/15/2008 8:49:37 PM | Attr = ] bits -> %SystemRoot%\System32\bits -> [Folder | Modified Date = 7/4/2008 12:52:56 AM | Attr = ] BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> %SystemRoot%\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> [Ver = | Size = 23472 bytes | Modified Date = 7/17/2008 5:16:35 AM | Attr = ] BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> %SystemRoot%\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> [Ver = | Size = 23472 bytes | Modified Date = 7/17/2008 5:16:35 AM | Attr = ] BMXState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> %SystemRoot%\System32\BMXState-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> [Ver = | Size = 19104 bytes | Modified Date = 7/17/2008 5:16:35 AM | Attr = ] BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> %SystemRoot%\System32\BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-00531102}.rfx -> [Ver = | Size = 19104 bytes | Modified Date = 7/17/2008 5:16:35 AM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 7/15/2008 4:30:13 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 7/16/2008 4:52:56 PM | Attr = ] cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Modified Date = 7/1/2008 11:28:55 PM | Attr = RH ] Com -> %SystemRoot%\System32\Com -> [Folder | Modified Date = 7/4/2008 12:51:50 AM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 7/2/2008 2:44:56 PM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2577 bytes | Modified Date = 7/1/2008 11:30:00 PM | Attr = ] d3d8caps.dat -> %SystemRoot%\System32\d3d8caps.dat -> [Ver = | Size = 552 bytes | Modified Date = 7/4/2008 12:24:05 AM | Attr = ] d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [Ver = | Size = 664 bytes | Modified Date = 7/4/2008 12:24:06 AM | Attr = ] Data -> %SystemRoot%\System32\Data -> [Folder | Modified Date = 7/15/2008 4:32:52 PM | Attr = ] Defaults -> %SystemRoot%\System32\Defaults -> [Folder | Modified Date = 7/15/2008 4:33:39 PM | Attr = ] dhcp -> %SystemRoot%\System32\dhcp -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 7/2/2008 1:00:49 AM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 7/15/2008 4:33:40 PM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 7/17/2008 12:33:16 AM | Attr = ] DVCState-{00000002-00000000-00000009-00001102-00000004-00531102}.dat -> %SystemRoot%\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-00531102}.dat -> [Ver = | Size = 24 bytes | Modified Date = 7/17/2008 5:16:35 AM | Attr = ] DVCStateBkp-{00000002-00000000-00000009-00001102-00000004-00531102}.dat -> %SystemRoot%\System32\DVCStateBkp-{00000002-00000000-00000009-00001102-00000004-00531102}.dat -> [Ver = | Size = 24 bytes | Modified Date = 7/17/2008 5:16:35 AM | Attr = ] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Modified Date = 7/1/2008 11:26:33 PM | Attr = ] en -> %SystemRoot%\System32\en -> [Folder | Modified Date = 7/4/2008 12:52:56 AM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 7/4/2008 12:52:57 AM | Attr = ] export -> %SystemRoot%\System32\export -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 91888 bytes | Modified Date = 7/4/2008 12:58:47 AM | Attr = ] ias -> %SystemRoot%\System32\ias -> [Folder | Modified Date = 7/1/2008 7:04:17 PM | Attr = ] icsxml -> %SystemRoot%\System32\icsxml -> [Folder | Modified Date = 7/1/2008 7:04:44 PM | Attr = ] IME -> %SystemRoot%\System32\IME -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] inetsrv -> %SystemRoot%\System32\inetsrv -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 7/2/2008 12:59:41 AM | Attr = ] logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Modified Date = 7/1/2008 11:29:01 PM | Attr = RH ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Modified Date = 7/2/2008 1:05:22 AM | Attr = ] Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Modified Date = 7/1/2008 11:33:00 PM | Attr = S] MsDtc -> %SystemRoot%\System32\MsDtc -> [Folder | Modified Date = 7/1/2008 11:26:16 PM | Attr = ] mui -> %SystemRoot%\System32\mui -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 7/1/2008 11:28:55 PM | Attr = RH ] npp -> %SystemRoot%\System32\npp -> [Folder | Modified Date = 7/4/2008 12:51:53 AM | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 7/1/2008 11:29:56 PM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 162159 bytes | Modified Date = 7/1/2008 11:38:11 PM | Attr = ] nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 7/1/2008 11:28:55 PM | Attr = RH ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Modified Date = 7/4/2008 12:51:29 AM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 39992 bytes | Modified Date = 7/4/2008 1:00:28 AM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 311604 bytes | Modified Date = 7/4/2008 1:00:28 AM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 356120 bytes | Modified Date = 7/4/2008 1:00:28 AM | Attr = ] PnkBstrA.exe -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 7/2/2008 1:13:29 AM | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 111928 bytes | Modified Date = 7/17/2008 4:37:36 AM | Attr = ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Modified Date = 7/2/2008 12:44:28 AM | Attr = ] ras -> %SystemRoot%\System32\ras -> [Folder | Modified Date = 7/1/2008 7:05:07 PM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 7/4/2008 12:48:53 AM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 7/4/2008 12:51:53 AM | Attr = ] sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 7/1/2008 11:28:55 PM | Attr = RH ] scripting -> %SystemRoot%\System32\scripting -> [Folder | Modified Date = 7/4/2008 12:52:57 AM | Attr = ] settings.sfm -> %SystemRoot%\System32\settings.sfm -> [Ver = | Size = 2064 bytes | Modified Date = 7/17/2008 5:16:35 AM | Attr = ] settingsbkup.sfm -> %SystemRoot%\System32\settingsbkup.sfm -> [Ver = | Size = 2064 bytes | Modified Date = 7/17/2008 5:16:35 AM | Attr = ] Setup -> %SystemRoot%\System32\Setup -> [Folder | Modified Date = 7/4/2008 12:58:45 AM | Attr = ] ShellExt -> %SystemRoot%\System32\ShellExt -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Modified Date = 7/2/2008 12:36:36 AM | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Modified Date = 7/1/2008 11:23:36 PM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Modified Date = 7/4/2008 12:52:57 AM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 7/4/2008 12:58:44 AM | Attr = ] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Modified Date = 7/1/2008 11:29:01 PM | Attr = RH ] wins -> %SystemRoot%\System32\wins -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] wpa.bak -> %SystemRoot%\System32\wpa.bak -> [Ver = | Size = 13646 bytes | Modified Date = 7/4/2008 12:34:12 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 13646 bytes | Modified Date = 7/13/2008 9:54:02 PM | Attr = ] wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 7/1/2008 11:28:55 PM | Attr = RH ] xfcodec.dll -> %SystemRoot%\System32\xfcodec.dll -> [Ver = 32716 | Size = 42320 bytes | Modified Date = 6/26/2008 4:09:38 PM | Attr = ] xircom -> %SystemRoot%\System32\xircom -> [Folder | Modified Date = 7/1/2008 11:30:12 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 7/9/2008 3:53:43 PM | Attr = H ] 4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Modified Date = 7/2/2008 12:44:55 AM | Attr = H ] $NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 7/4/2008 12:48:42 AM | Attr = H ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 7/2/2008 2:43:46 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 7/2/2008 2:43:31 PM | Attr = H ] addins -> %SystemRoot%\addins -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 7/4/2008 12:58:45 AM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 7/17/2008 5:20:46 PM | Attr = S] Config -> %SystemRoot%\Config -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Modified Date = 7/1/2008 11:30:00 PM | Attr = ] Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 7/1/2008 11:25:35 PM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 7/4/2008 12:34:52 AM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 7/16/2008 6:23:40 PM | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] EHome -> %SystemRoot%\EHome -> [Folder | Modified Date = 7/4/2008 12:47:03 AM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 7/15/2008 9:06:17 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 7/4/2008 12:58:43 AM | Attr = R S] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Modified Date = 7/2/2008 12:44:46 AM | Attr = HS] game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 287 bytes | Modified Date = 7/15/2008 2:01:47 AM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 7/4/2008 12:53:10 AM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 7/2/2008 2:44:39 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 7/2/2008 2:45:08 PM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Modified Date = 7/4/2008 12:53:04 AM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Modified Date = 7/8/2008 8:28:26 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 7/15/2008 4:30:14 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 7/16/2008 6:44:58 PM | Attr = HS] java -> %SystemRoot%\java -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] l2schemas -> %SystemRoot%\l2schemas -> [Folder | Modified Date = 7/4/2008 12:52:57 AM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 7/15/2008 4:29:27 PM | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 7/2/2008 12:25:14 AM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 7/4/2008 12:51:52 AM | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] mui -> %SystemRoot%\mui -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 7/4/2008 12:53:04 AM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 7/13/2008 9:44:44 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Modified Date = 7/1/2008 11:36:42 PM | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Modified Date = 7/1/2008 11:29:46 PM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Modified Date = 7/1/2008 11:29:01 PM | Attr = R ] pchealth -> %SystemRoot%\pchealth -> [Folder | Modified Date = 7/1/2008 11:27:06 PM | Attr = ] PeerNet -> %SystemRoot%\PeerNet -> [Folder | Modified Date = 7/4/2008 12:52:56 AM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 7/17/2008 5:28:31 PM | Attr = ] Profiles -> %SystemRoot%\Profiles -> [Folder | Modified Date = 7/1/2008 11:53:04 PM | Attr = ] Provisioning -> %SystemRoot%\Provisioning -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 7/1/2008 11:29:43 PM | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Modified Date = 7/1/2008 11:32:50 PM | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] Resources -> %SystemRoot%\Resources -> [Folder | Modified Date = 7/1/2008 7:03:05 PM | Attr = ] SBWIN.INI -> %SystemRoot%\SBWIN.INI -> [Ver = | Size = 317 bytes | Modified Date = 7/15/2008 4:33:57 PM | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 7/4/2008 12:57:56 AM | Attr = ] ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [Folder | Modified Date = 7/4/2008 12:51:57 AM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 7/4/2008 12:17:22 AM | Attr = ] srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 7/4/2008 12:51:51 AM | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 7/16/2008 6:23:42 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 7/4/2008 12:51:28 AM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 231 bytes | Modified Date = 7/1/2008 7:18:27 PM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 7/17/2008 5:20:43 PM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 7/1/2008 11:33:01 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 7/17/2008 5:39:09 PM | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 7/1/2008 7:05:29 PM | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Modified Date = 7/1/2008 11:26:22 PM | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Modified Date = 7/1/2008 11:26:22 PM | Attr = ] WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 7/2/2008 2:44:52 PM | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Modified Date = 7/1/2008 11:29:04 PM | Attr = R ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 477 bytes | Modified Date = 7/1/2008 11:30:00 PM | Attr = ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 7/1/2008 11:28:55 PM | Attr = RH ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 7/15/2008 8:45:49 PM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 7/15/2008 4:30:14 PM | Attr = ] {00000002-00000000-00000009-00001102-00000004-00531102}.BAK -> %SystemRoot%\{00000002-00000000-00000009-00001102-00000004-00531102}.BAK -> [Ver = | Size = 3207201 bytes | Modified Date = 7/17/2008 5:16:22 AM | Attr = ] {00000002-00000000-00000009-00001102-00000004-00531102}.CDF -> %SystemRoot%\{00000002-00000000-00000009-00001102-00000004-00531102}.CDF -> [Ver = | Size = 3207201 bytes | Modified Date = 7/17/2008 5:21:09 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 7/17/2008 5:20:48 PM | Attr = H ] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 7/2/2008 12:39:24 AM | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4646 bytes | Modified Date = 7/9/2008 3:53:51 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 5060 bytes | Modified Date = 7/9/2008 3:53:51 PM | Attr = ] C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 7/17/2008 5:39:12 PM | Attr = ] Perflib_Perfdata_628.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_628.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/17/2008 5:21:03 PM | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] avg8 -> %AllUsersProfile%\Application Data\avg8 -> [Folder | Modified Date = 7/15/2008 8:45:53 PM | Attr = ] Creative -> %AllUsersProfile%\Application Data\Creative -> [Folder | Modified Date = 7/1/2008 11:44:23 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 7/1/2008 7:17:56 PM | Attr = HS] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Modified Date = 7/6/2008 2:12:08 AM | Attr = S] NexonUS -> %AllUsersProfile%\Application Data\NexonUS -> [Folder | Modified Date = 7/11/2008 5:20:46 PM | Attr = ] Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 7/4/2008 12:33:29 AM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 7/2/2008 12:43:16 AM | Attr = ] Creative -> %AppData%\Creative -> [Folder | Modified Date = 7/1/2008 11:54:42 PM | Attr = ] desktop.ini -> %AppData%\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 7/1/2008 7:17:56 PM | Attr = HS] dvdcss -> %AppData%\dvdcss -> [Folder | Modified Date = 7/12/2008 10:34:41 PM | Attr = ] Identities -> %AppData%\Identities -> [Folder | Modified Date = 7/1/2008 11:34:01 PM | Attr = ] InterTrust -> %AppData%\InterTrust -> [Folder | Modified Date = 7/1/2008 11:53:03 PM | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Modified Date = 7/2/2008 12:43:16 AM | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Modified Date = 7/15/2008 8:43:37 PM | Attr = S] mIRC -> %AppData%\mIRC -> [Folder | Modified Date = 7/17/2008 5:12:50 AM | Attr = ] Mozilla -> %AppData%\Mozilla -> [Folder | Modified Date = 7/13/2008 9:44:43 PM | Attr = ] PnkBstrK.sys -> %AppData%\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Modified Date = 7/2/2008 1:00:19 AM | Attr = ] Sun -> %AppData%\Sun -> [Folder | Modified Date = 7/16/2008 6:23:42 PM | Attr = ] Ventrilo -> %AppData%\Ventrilo -> [Folder | Modified Date = 7/2/2008 12:50:51 AM | Attr = ] vlc -> %AppData%\vlc -> [Folder | Modified Date = 7/2/2008 1:02:12 AM | Attr = ] Xfire -> %AppData%\Xfire -> [Folder | Modified Date = 7/17/2008 5:33:21 PM | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 13104 bytes | Modified Date = 7/5/2008 12:50:25 AM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 4296770 bytes | Modified Date = 7/17/2008 5:16:21 AM | Attr = H ] Identities -> %UserProfile%\Local Settings\Application Data\Identities -> [Folder | Modified Date = 7/5/2008 9:00:55 PM | Attr = ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 7/15/2008 8:43:37 PM | Attr = ] Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [Folder | Modified Date = 7/13/2008 9:44:41 PM | Attr = ] NVIDIA Corporation -> %UserProfile%\Local Settings\Application Data\NVIDIA Corporation -> [Folder | Modified Date = 7/2/2008 1:03:32 AM | Attr = ] desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 7/1/2008 7:17:56 PM | Attr = HS] My Music -> %AllUsersProfile%\Documents\My Music -> [Folder | Modified Date = 7/1/2008 11:27:50 PM | Attr = R ] My Pictures -> %AllUsersProfile%\Documents\My Pictures -> [Folder | Modified Date = 7/1/2008 11:27:49 PM | Attr = R ] desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [Ver = | Size = 79 bytes | Modified Date = 7/2/2008 2:49:22 PM | Attr = HS] My eBooks -> %UserProfile%\My Documents\My eBooks -> [Folder | Modified Date = 7/1/2008 11:53:03 PM | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 7/2/2008 2:49:22 PM | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 7/3/2008 4:32:12 PM | Attr = R ] RCMAN.CFG -> %UserProfile%\My Documents\RCMAN.CFG -> [Ver = | Size = 4702 bytes | Modified Date = 7/17/2008 5:22:56 PM | Attr = ] ³Ø½¼ Ç÷¯±× -> %UserProfile%\My Documents\³Ø½¼ Ç÷¯±× -> [Folder | Modified Date = 7/11/2008 5:20:47 PM | Attr = ] 2MOONS Bad Moon Rising.lnk -> %AllUsersProfile%\Desktop\2MOONS Bad Moon Rising.lnk -> [Ver = | Size = 870 bytes | Modified Date = 7/5/2008 9:00:34 PM | Attr = ] AVG 8.0.lnk -> %AllUsersProfile%\Desktop\AVG 8.0.lnk -> [Ver = | Size = 1507 bytes | Modified Date = 7/15/2008 8:46:07 PM | Attr = ] Call of Duty(R) 2 Multiplayer.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 2 Multiplayer.lnk -> [Ver = | Size = 1563 bytes | Modified Date = 7/15/2008 2:01:48 AM | Attr = ] Call of Duty(R) 2 Single Player.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 2 Single Player.lnk -> [Ver = | Size = 1563 bytes | Modified Date = 7/15/2008 2:01:48 AM | Attr = ] Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk -> [Ver = | Size = 1691 bytes | Modified Date = 7/2/2008 1:00:41 AM | Attr = ] Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk -> [Ver = | Size = 1691 bytes | Modified Date = 7/2/2008 1:00:41 AM | Attr = ] Combat Arms.lnk -> %AllUsersProfile%\Desktop\Combat Arms.lnk -> [Ver = | Size = 1497 bytes | Modified Date = 7/11/2008 5:18:00 PM | Attr = ] mIRC.lnk -> %AllUsersProfile%\Desktop\mIRC.lnk -> [Ver = | Size = 626 bytes | Modified Date = 7/3/2008 7:30:27 PM | Attr = ] Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [Ver = | Size = 1602 bytes | Modified Date = 7/13/2008 9:44:04 PM | Attr = ] VLC media player.lnk -> %AllUsersProfile%\Desktop\VLC media player.lnk -> [Ver = | Size = 719 bytes | Modified Date = 7/2/2008 1:02:00 AM | Attr = ] WinAce Archiver.lnk -> %AllUsersProfile%\Desktop\WinAce Archiver.lnk -> [Ver = | Size = 638 bytes | Modified Date = 7/2/2008 1:02:29 AM | Attr = ] Xfire.lnk -> %AllUsersProfile%\Desktop\Xfire.lnk -> [Ver = | Size = 638 bytes | Modified Date = 7/2/2008 12:39:33 AM | Attr = ] 2MOONSBMR.zip -> %UserProfile%\Desktop\2MOONSBMR.zip -> [Ver = | Size = 1061638302 bytes | Modified Date = 7/5/2008 7:24:43 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\2MOONSBMR.zip:Zone.Identifier 4v5lolbad.wmv -> %UserProfile%\Desktop\4v5lolbad.wmv -> [Ver = | Size = 65181941 bytes | Modified Date = 7/16/2008 3:52:30 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\4v5lolbad.wmv:Zone.Identifier ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 7/2/2008 2:31:43 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\ATF_Cleaner.exe:Zone.Identifier avg_avwt_stf_en_8_131a1327.exe -> %UserProfile%\Desktop\avg_avwt_stf_en_8_131a1327.exe -> AVG Technologies [Ver = 8, 0, 0, 1 | Size = 49104360 bytes | Modified Date = 7/2/2008 2:32:54 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\avg_avwt_stf_en_8_131a1327.exe:Zone.Identifier dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Modified Date = 7/15/2008 9:04:24 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\dss.exe:Zone.Identifier HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Modified Date = 7/2/2008 2:32:16 PM | Attr = ] Joseph Passarella resume.doc -> %UserProfile%\Desktop\Joseph Passarella resume.doc -> [Ver = | Size = 5766 bytes | Modified Date = 7/9/2008 6:23:32 PM | Attr = ] jre-6u7-windows-i586-p.exe -> %UserProfile%\Desktop\jre-6u7-windows-i586-p.exe -> [Ver = | Size = 15984024 bytes | Modified Date = 7/16/2008 6:39:41 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\jre-6u7-windows-i586-p.exe:Zone.Identifier OAR-Crazy Game of Poker.mp3 -> %UserProfile%\Desktop\OAR-Crazy Game of Poker.mp3 -> [Ver = | Size = 8364327 bytes | Modified Date = 7/16/2008 4:45:28 PM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 7/17/2008 5:33:26 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568477 bytes | Modified Date = 7/17/2008 5:28:51 PM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\OTScanIt.exe:Zone.Identifier Shape -> %UserProfile%\Desktop\Shape -> [Folder | Modified Date = 7/5/2008 5:47:13 PM | Attr = ] Shaputer.lnk -> %UserProfile%\Desktop\Shaputer.lnk -> [Ver = | Size = 104 bytes | Modified Date = 7/2/2008 1:04:00 AM | Attr = ] stng399.exe -> %UserProfile%\Desktop\stng399.exe -> McAfee Inc. [Ver = 3.9.9 | Size = 1973255 bytes | Modified Date = 7/4/2008 12:18:08 AM | Attr = ] @Alternate Data Stream - 26 bytes -> %UserProfile%\Desktop\stng399.exe:Zone.Identifier untitled.bmp -> %UserProfile%\Desktop\untitled.bmp -> [Ver = | Size = 2359350 bytes | Modified Date = 7/9/2008 8:50:02 PM | Attr = ] usa -> %UserProfile%\Desktop\usa -> [Folder | Modified Date = 7/6/2008 3:38:00 AM | Attr = ] usa.no_speed_hack.zip -> %UserProfile%\Desktop\usa.no_speed_hack.zip -> [Ver = | Size = 83866 bytes | Modified Date = 7/6/2008 3:03:17 AM | Attr = ] usa.speed_hack.rar -> %UserProfile%\Desktop\usa.speed_hack.rar -> [Ver = | Size = 108201 bytes | Modified Date = 7/5/2008 10:43:33 PM | Attr = ] Ventrilo.lnk -> %UserProfile%\Desktop\Ventrilo.lnk -> [Ver = | Size = 636 bytes | Modified Date = 7/7/2008 4:48:13 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 7/1/2008 11:30:07 PM | Attr = HS] Wireless PCI Card Configuration Utility.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Wireless PCI Card Configuration Utility.lnk -> [Ver = | Size = 878 bytes | Modified Date = 7/1/2008 11:56:08 PM | Attr = ] desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 7/1/2008 11:30:07 PM | Attr = HS] Xfire.lnk -> %UserProfile%\Start Menu\Programs\Startup\Xfire.lnk -> [Ver = | Size = 650 bytes | Modified Date = 7/2/2008 12:39:33 AM | Attr = ] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 7/8/2008 12:01:47 AM | Attr = ] INCA Shared -> %CommonProgramFiles%\INCA Shared -> [Folder | Modified Date = 7/5/2008 10:29:33 PM | Attr = ] InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Modified Date = 7/2/2008 1:03:12 AM | Attr = ] Java -> %CommonProgramFiles%\Java -> [Folder | Modified Date = 7/16/2008 6:44:14 PM | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 7/15/2008 8:45:49 PM | Attr = ] MSSoap -> %CommonProgramFiles%\MSSoap -> [Folder | Modified Date = 7/1/2008 11:27:32 PM | Attr = ] ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Modified Date = 7/1/2008 7:18:33 PM | Attr = ] Services -> %CommonProgramFiles%\Services -> [Folder | Modified Date = 7/1/2008 11:27:38 PM | Attr = ] SpeechEngines -> %CommonProgramFiles%\SpeechEngines -> [Folder | Modified Date = 7/1/2008 7:18:28 PM | Attr = ] System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 7/4/2008 12:51:45 AM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 7/2/2008 12:40:23 AM | Attr = ] < End of report > [/code]