[code]
OTScanIt logfile created on: 05/10/2008 2:31:43 AM - Run 2
OTScanIt2 by OldTimer - Version 1.0.0.1b     Folder = C:\Documents and Settings\Compaq_Administrator\Desktop\OTScanIt2
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
 
1022.48 Mb Total Physical Memory | 690.60 Mb Available Physical Memory | 67.54% Memory free
2.40 Gb Paging File | 2.11 Gb Available in Paging File | 88.05% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 177.74 Gb Total Space | 152.54 Gb Free Space | 85.82% Space Free | Partition Type: NTFS
Drive D: | 8.56 Gb Total Space | 0.58 Gb Free Space | 6.81% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: COURTNEY
Current User Name: Compaq_Administrator
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
 
[Processes - Safe List]
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [2008/07/19 10:25:06 | 00,016,056 | ---- | M] (ALWIL Software)
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [2008/07/19 10:38:28 | 00,147,640 | ---- | M] (ALWIL Software)
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2007/10/31 15:09:16 | 00,110,592 | ---- | M] (Apple, Inc.)
arservice.exe -> %SystemRoot%\arservice.exe -> [2005/08/03 02:19:16 | 00,058,880 | ---- | M] (Microsoft)
ehrecvr.exe -> %SystemRoot%\ehome\ehrecvr.exe -> [2006/10/09 17:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation)
ehsched.exe -> %SystemRoot%\ehome\ehSched.exe -> [2005/08/05 23:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation)
lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> [2006/06/21 07:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company)
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> [2008/09/17 09:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation)
pnkbstra.exe -> %SystemRoot%\system32\PnkBstrA.exe -> [2007/09/01 04:20:08 | 00,066,872 | ---- | M] ()
wwsecure.exe -> %SystemRoot%\system32\wwSecure.exe -> [2005/04/20 11:34:12 | 00,487,936 | ---- | M] (Webroot Software, Inc.)
mcrdsvc.exe -> %SystemRoot%\ehome\mcrdsvc.exe -> [2005/08/05 23:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation)
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> [2008/07/19 10:38:04 | 00,250,040 | ---- | M] (ALWIL Software)
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> [2008/07/23 10:25:45 | 00,348,344 | ---- | M] (ALWIL Software)
ehtray.exe -> %SystemRoot%\ehome\ehtray.exe -> [2005/08/05 23:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation)
ehmsas.exe -> %SystemRoot%\ehome\ehmsas.exe -> [2005/08/05 23:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation)
rthdcpl.exe -> %SystemRoot%\RTHDCPL.EXE -> [2006/06/13 23:05:26 | 16,239,616 | ---- | M] (Realtek Semiconductor Corp.)
arpwrmsg.exe -> %SystemRoot%\arpwrmsg.exe -> [2005/08/03 02:19:16 | 00,077,312 | ---- | M] (Microsoft)
rundll32.exe -> %SystemRoot%\system32\rundll32.exe -> [2008/04/13 20:12:33 | 00,033,280 | ---- | M] (Microsoft Corporation)
wuauclt.exe -> %SystemRoot%\system32\wuauclt.exe -> [2008/07/18 22:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation)
wscntfy.exe -> %SystemRoot%\system32\wscntfy.exe -> [2008/04/13 20:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2008/10/04 19:54:08 | 00,415,744 | ---- | M] (OldTimer Tools)
 
[Win32 Services - Safe List]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2007/10/31 15:09:16 | 00,110,592 | ---- | M] (Apple, Inc.)
(ARSVC) ARSVC [Win32_Own | Auto | Running] -> %SystemRoot%\arservice.exe -> [2005/08/03 02:19:16 | 00,058,880 | ---- | M] (Microsoft)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/04/13 03:20:52 | 00,033,632 | ---- | M] (Microsoft Corporation)
(aswupdsv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [2008/07/19 10:25:06 | 00,016,056 | ---- | M] (ALWIL Software)
(avast! antivirus) avast! antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [2008/07/19 10:38:28 | 00,147,640 | ---- | M] (ALWIL Software)
(avast! mail scanner) avast! mail scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> [2008/07/19 10:38:04 | 00,250,040 | ---- | M] (ALWIL Software)
(avast! web scanner) avast! web scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> [2008/07/23 10:25:45 | 00,348,344 | ---- | M] (ALWIL Software)
(CiSvc) Indexing Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\cisvc.exe -> [2008/04/13 20:12:14 | 00,005,632 | ---- | M] (Microsoft Corporation)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/04/13 03:21:18 | 00,068,952 | ---- | M] (Microsoft Corporation)
(ehrecvr) Media Center Receiver Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\ehrecvr.exe -> [2006/10/09 17:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation)
(ehsched) Media Center Scheduler Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\ehSched.exe -> [2005/08/05 23:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation)
(Fax) Fax [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\fxssvc.exe -> [2008/04/13 20:12:21 | 00,267,776 | ---- | M] (Microsoft Corporation)
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/07/11 16:00:15 | 00,138,168 | ---- | M] (Google)
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> [2004/10/22 13:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation)
(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> [2006/06/21 07:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company)
(McrdSvc) Media Center Extender Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\mcrdsvc.exe -> [2005/08/05 23:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation)
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> [2008/09/17 09:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation)
(PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrA.exe -> [2007/09/01 04:20:08 | 00,066,872 | ---- | M] ()
(TlntSvr) Telnet [Win32_Own | Disabled | Stopped] -> %SystemRoot%\system32\tlntsvr.exe -> [2008/04/13 20:12:38 | 00,073,216 | ---- | M] (Microsoft Corporation)
(usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\MSN Messenger\usnsvc.exe -> [2007/01/19 13:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation)
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> [2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC)
(wmpnetworksvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
(wwSecSvc) Washer AutoComplete [Win32_Own | Auto | Running] -> %SystemRoot%\system32\wwSecure.exe -> [2005/04/20 11:34:12 | 00,487,936 | ---- | M] (Webroot Software, Inc.)
 
[Driver Services - Safe List]
(aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2008/07/19 10:32:15 | 00,026,944 | ---- | M] (ALWIL Software)
(AmdK8) AMD Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AmdK8.sys -> [2005/03/09 17:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices)
(aracpi) aracpi [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aracpi.sys -> [2005/08/03 02:19:14 | 00,022,784 | ---- | M] (Microsoft Corporation)
(arhidfltr) MS Ar HID Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\arhidfltr.sys -> [2005/08/03 02:19:14 | 00,019,200 | ---- | M] (Microsoft Corporation)
(arkbcfltr) Microsoft PS2 Keyboard Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\arkbcfltr.sys -> [2005/08/03 02:19:16 | 00,005,376 | ---- | M] (Microsoft Corporation)
(armoucfltr) Microsoft PS2 Mouse Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\armoucfltr.sys -> [2005/08/03 02:19:16 | 00,004,992 | ---- | M] (Microsoft Corporation)
(ARPolicy) ARPolicy [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\arpolicy.sys -> [2005/08/03 02:19:14 | 00,010,112 | ---- | M] (Microsoft Corporation)
(aswfsblk) aswfsblk [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswFsBlk.sys -> [2008/07/19 10:37:42 | 00,020,560 | ---- | M] (ALWIL Software)
(aswmon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2008/07/19 10:37:21 | 00,094,416 | ---- | M] (ALWIL Software)
(aswrdr) aswrdr [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2008/07/19 10:33:42 | 00,023,152 | ---- | M] (ALWIL Software)
(aswsp) avast! Self Protection [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswSP.sys -> [2008/07/19 10:35:18 | 00,078,416 | ---- | M] (ALWIL Software)
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2008/07/19 10:32:36 | 00,042,912 | ---- | M] (ALWIL Software)
(catchme) catchme [Kernel | On_Demand | Stopped] -> %SystemDrive%\ComboFix\catchme.sys -> File not found
(CCDECODE) Closed Caption Decoder [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ccdecode.sys -> [2008/04/13 14:46:23 | 00,017,024 | ---- | M] (Microsoft Corporation)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hdaudbus.sys -> [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZid412.sys -> [2006/12/06 02:02:28 | 00,049,920 | R--- | M] (HP)
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZipr12.sys -> [2006/12/06 02:02:28 | 00,016,496 | R--- | M] (HP)
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZius12.sys -> [2006/12/06 02:02:29 | 00,021,568 | R--- | M] (HP)
(HSXHWBS2) HSXHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSXHWBS2.sys -> [2005/12/06 14:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.)
(HSX_DP) HSX_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSX_DP.sys -> [2005/12/06 14:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> [2006/06/14 14:04:12 | 04,299,264 | ---- | M] (Realtek Semiconductor Corp.)
(intelppm) Intel Processor Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\intelppm.sys -> [2008/04/13 14:31:32 | 00,036,352 | ---- | M] (Microsoft Corporation)
(KLIF) KLIF [File_System | System | Running] -> %SystemRoot%\system32\drivers\klif.sys -> [2007/07/19 15:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab)
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> [2005/10/05 18:57:08 | 00,012,544 | ---- | M] (Conexant)
(MHNDRV) MHN driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mhndrv.sys -> [2004/08/10 05:45:04 | 00,011,008 | ---- | M] (Microsoft Corporation)
(MSTEE) Microsoft Streaming Tee/Sink-to-Sink Converter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mstee.sys -> [2008/04/13 14:39:50 | 00,005,504 | ---- | M] (Microsoft Corporation)
(NABTSFEC) NABTS/FEC VBI Codec [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nabtsfec.sys -> [2008/04/13 14:46:25 | 00,085,248 | ---- | M] (Microsoft Corporation)
(NdisIP) Microsoft TV/Video Connection [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ndisip.sys -> [2008/04/13 14:46:22 | 00,010,880 | ---- | M] (Microsoft Corporation)
(NTProcDrv) Process creation detector for NT. [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Silkroad\Bot\NTProcDrv.sys -> [2005/02/23 15:08:16 | 00,003,584 | ---- | M] ()
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> [2008/09/17 09:55:00 | 06,132,576 | ---- | M] (NVIDIA Corporation)
(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NVENETFD.sys -> [2006/03/03 18:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation)
(nvndis) NVIDIA NDIS IO Control Driver [Kernel | Auto | Stopped] -> %SystemRoot%\system32\Drivers\NvNdis.sys -> File not found
(nvnetbus) NVIDIA Network Bus Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nvnetbus.sys -> [2006/03/03 18:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation)
(PCIIde) PCIIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pciide.sys -> [2001/08/17 23:51:52 | 00,003,328 | ---- | M] (Microsoft Corporation)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> [2004/10/11 11:28:18 | 00,009,856 | ---- | M] (Padus, Inc.)
(Processor) Processor Driver [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\processr.sys -> [2008/04/13 14:31:30 | 00,035,840 | ---- | M] (Microsoft Corporation)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/10 00:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2006/03/09 14:00:00 | 00,046,080 | ---- | M] (Sonic Solutions)
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\RTL8139.sys -> [2004/08/03 17:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation)
(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(SLIP) BDA Slip De-Framer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\slip.sys -> [2008/04/13 14:46:23 | 00,011,136 | ---- | M] (Microsoft Corporation)
(sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [2008/08/16 16:26:36 | 00,717,296 | ---- | M] ()
(SQTECH905C) DualCamera [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Capt905c.sys -> [2005/07/13 11:08:20 | 00,033,890 | ---- | M] (Service & Quality Technology.)
(streamip) BDA IPSink [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\streamip.sys -> [2008/04/13 14:46:21 | 00,015,232 | ---- | M] (Microsoft Corporation)
(tsp) tsp [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\klif.sys -> [2007/07/19 15:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab)
(USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaapl.sys -> [2007/10/31 15:09:14 | 00,030,464 | ---- | M] (Apple, Inc.)
(usbehci) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbehci.sys -> [2008/04/13 14:45:35 | 00,030,208 | ---- | M] (Microsoft Corporation)
(usbohci) Microsoft USB Open Host Controller Miniport Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbohci.sys -> [2008/04/13 14:45:35 | 00,017,152 | ---- | M] (Microsoft Corporation)
(ViaIde) ViaIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\viaide.sys -> [2008/04/13 14:40:31 | 00,005,376 | ---- | M] (Microsoft Corporation)
(vsdatant) vsdatant [Kernel | Auto | Running] -> %SystemRoot%\system32\vsdatant.sys -> [2008/07/09 09:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC)
(winachsx) winachsx [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSX_CNXT.sys -> [2005/12/06 14:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.)
(WpdUsb) WpdUsb [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wpdusb.sys -> [2006/10/18 20:00:00 | 00,038,528 | ---- | M] (Microsoft Corporation)
(WSTCODEC) World Standard Teletext Codec [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wstcodec.sys -> [2008/04/13 14:46:24 | 00,019,200 | ---- | M] (Microsoft Corporation)
(WudfPf) Windows Driver Foundation - User-mode Driver Framework Platform Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\WudfPf.sys -> [2006/09/28 19:55:50 | 00,077,568 | ---- | M] (Microsoft Corporation)
(WudfRd) Windows Driver Foundation - User-mode Driver Framework Reflector [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\WudfRd.sys -> [2006/09/28 20:00:34 | 00,082,944 | ---- | M] (Microsoft Corporation)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Secondary_Page_URL ->  -> 
HKEY_LOCAL_MACHINE\: Main\\Extensions Off Page -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Security Risk Page -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\CustomSearch -> http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\SearchMigratedDefaultName -> Yahoo! Search -> 
HKEY_CURRENT_USER\: Main\\SearchMigratedDefaultURL -> http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 -> 
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.plentyoffish.com/ -> 
HKEY_CURRENT_USER\: URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} [HKLM] -> %SystemRoot%\system32\ieframe.dll [Microsoft Url Search Hook] -> [2008/06/23 12:57:33 | 06,066,176 | ---- | M] (Microsoft Corporation)
HKEY_CURRENT_USER\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
< HOSTS File > (27 bytes and 1 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> [2005/09/24 06:12:08 | 00,063,136 | ---- | M] (Adobe Systems Incorporated)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 04:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\GoogleToolbar1.dll [Google Toolbar Helper] -> [2008/07/11 16:00:15 | 02,403,392 | R--- | M] (Google Inc.)
{bdb8325a-1b1b-422c-bce8-085654f17b32} [HKLM] -> %SystemRoot%\system32\nxdsht.dll [Reg Error: Value  does not exist or could not be read.] -> [2008/10/03 18:19:14 | 00,123,904 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> [2008/07/11 16:00:15 | 02,403,392 | R--- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> [2008/07/11 16:00:15 | 02,403,392 | R--- | M] (Google Inc.)
WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found
WebBrowser\\{F2CF5485-4E02-4F68-819C-B92DE9277049} [HKLM] -> %SystemRoot%\system32\ieframe.dll [&Links] -> [2008/06/23 12:57:33 | 06,066,176 | ---- | M] (Microsoft Corporation)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"AlwaysReady Power Message APP" -> %SystemRoot%\arpwrmsg.exe [ARPWRMSG.EXE] -> [2005/08/03 02:19:16 | 00,077,312 | ---- | M] (Microsoft)
"ehTray" -> %SystemRoot%\ehome\ehtray.exe [C:\WINDOWS\ehome\ehtray.exe] -> [2005/08/05 23:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation)
"NvCplDaemon" -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2008/09/17 09:55:00 | 13,574,144 | ---- | M] (NVIDIA Corporation)
"NvMediaCenter" -> %SystemRoot%\system32\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> [2008/09/17 09:55:00 | 00,086,016 | ---- | M] (NVIDIA Corporation)
"nwiz" -> %SystemRoot%\system32\nwiz.exe [nwiz.exe /install] -> [2008/09/17 09:55:00 | 01,657,376 | ---- | M] ()
"PCDrProfiler" ->  [] -> File not found
"RTHDCPL" -> %SystemRoot%\RTHDCPL.EXE [RTHDCPL.EXE] -> [2006/06/13 23:05:26 | 16,239,616 | ---- | M] (Realtek Semiconductor Corp.)
"ZoneAlarm Client" -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe ["C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"] -> [2008/07/09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
< Compaq_Administrator Startup Folder > -> C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup -> 
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [227] -> File not found
\\"NoDrives" ->  [0] -> File not found
\\"NoDriveAutoRun" ->  [67108863] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
\\"InstallVisualStyle" -> %SystemRoot%\Resources\Themes\Royale\Royale.mss [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> File not found
\\"InstallTheme" -> %SystemRoot%\Resources\Themes\Royale.the [C:\WINDOWS\Resources\Themes\Royale.theme] -> File not found
\\"DisableRegistryTools" ->  [0] -> File not found
\\"HideLegacyLogonScripts" ->  [0] -> File not found
\\"HideLogoffScripts" ->  [0] -> File not found
\\"RunLogonScriptSync" ->  [1] -> File not found
\\"RunStartupScriptSync" ->  [0] -> File not found
\\"HideStartupScripts" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"HideLegacyLogonScripts" ->  [0] -> File not found
\\"HideLogoffScripts" ->  [0] -> File not found
\\"HideStartupScripts" ->  [0] -> File not found
\\"RunLogonScriptSync" ->  [1] -> File not found
\\"RunStartupScriptSync" ->  [0] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{E2D4D26B-0180-43a4-B05F-462D6D54C789}:C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [HKLM] -> %SystemRoot%\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [Button: Internet Connection Help] -> [2008/09/24 14:49:29 | 00,000,706 | ---- | M] ()
{E2D4D26B-0180-43a4-B05F-462D6D54C789}:C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [HKLM] -> %SystemRoot%\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [Menu: Internet Connection Help] -> [2008/09/24 14:49:29 | 00,000,706 | ---- | M] ()
{fb5f1910-f110-11d2-bb9e-00c04f795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{fb5f1910-f110-11d2-bb9e-00c04f795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{E2D4D26B-0180-43a4-B05F-462D6D54C789} [HKLM] ->  [Internet Connection Help] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> 
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab[Windows Genuine Advantage Validation Tool] -> 
{20A60F0D-9AFA-4515-A0FD-83BD84642501} [HKLM] -> http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[Checkers Class] -> 
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> 
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> http://download.divx.com/player/DivXBrowserPlugin.cab[DivXBrowserPlugin Object] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?AuthParam=1216700393_42e961975d53e50d0437a73c55ee9081&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&File=jinstall-6u7-windows-i586-jc.cab[Java Plug-in 1.6.0_07] -> 
{B8BE5E93-A60C-4D26-A2DC-220313175592} [HKLM] -> http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab[MSN Games - Installer] -> 
{BD393C14-72AD-4790-A095-76522973D6B8} [HKLM] -> http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab[CBreakshotControl Class] -> 
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[MessengerStatsClient Class] -> 
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
{E6187999-9FEC-46A1-A20F-F4CA977D5643} [HKLM] -> http://messenger.zone.msn.com/binary/Chess.cab57176.cab[ZoneChess Object] -> 
{F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} [HKLM] -> https://secure.gopetslive.com/dev/GoPetsWeb.cab[GoPetsWeb Control] -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{5459ECE3-DE17-424A-81ED-010F81C934A8} ->    (NVIDIA nForce Networking Controller) -> 
{5DF7AE14-91FB-46C7-A971-83A58B97C9B8} ->    () -> 
{892900FC-9814-4488-99C0-81491C1EE93D} ->    (HP EN1207D-TX PCI 10/100 Fast Ethernet Adapter) -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
nxdsht.dll -> %SystemRoot%\system32\nxdsht.dll -> [2008/10/03 18:19:14 | 00,123,904 | ---- | M] ()
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
WgaLogon -> %SystemRoot%\system32\WgaLogon.dll -> [2007/03/15 18:16:42 | 00,236,928 | ---- | M] (Microsoft Corporation)
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> 
"{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKLM] -> %SystemRoot%\system32\WPDShServiceObj.dll [WPDShServiceObj] -> [2006/10/18 21:47:22 | 00,133,632 | ---- | M] (Microsoft Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 20:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" -> C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections] -> [2006/08/08 08:54:08 | 00,036,903 | ---- | M] (Hewlett-Packard)
"C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> [2007/01/04 17:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> [2007/01/19 13:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 20:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Azureus\Azureus.exe" -> C:\Program Files\Azureus\Azureus.exe [C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus] -> [2008/04/06 00:39:21 | 00,254,976 | ---- | M] (Azureus Inc)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" -> C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections] -> [2006/08/08 08:54:08 | 00,036,903 | ---- | M] (Hewlett-Packard)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008/06/18 14:58:16 | 00,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> [2007/01/04 17:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> [2007/01/19 13:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
"C:\Program Files\NovaLogic\Delta Force Xtreme\dfx.exe" -> C:\Program Files\NovaLogic\Delta Force Xtreme\dfx.exe [C:\Program Files\NovaLogic\Delta Force Xtreme\dfx.exe:*:Enabled:dfx] -> [2005/11/08 15:19:42 | 04,497,408 | ---- | M] ()
"C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\Jointops.exe" -> C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\Jointops.exe [C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\Jointops.exe:*:Enabled:Jointops] -> [2005/10/13 19:53:34 | 04,517,888 | ---- | M] ()
"C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\UPDATE.EXE" -> C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\update.exe [C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\UPDATE.EXE:*:Enabled:UPDATE] -> [2005/09/26 14:31:48 | 00,266,240 | ---- | M] (NovaLogic)
"C:\Program Files\Silkroad\Bot\srobot.exe" -> C:\Program Files\Silkroad\Bot\srobot.exe [C:\Program Files\Silkroad\Bot\srobot.exe:*:Enabled:HookSrv] -> [2008/09/23 14:55:34 | 00,065,536 | ---- | M] ()
"C:\Program Files\Silkroad\SilkErrSender.exe" -> C:\Program Files\Silkroad\SilkErrSender.exe [C:\Program Files\Silkroad\SilkErrSender.exe:*:Enabled:FTPSender MFC ?? ????] -> [2005/01/31 17:39:32 | 00,139,264 | ---- | M] ()
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 14:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > ->  -> 
AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2005/08/31 00:02:02 | 00,000,000 | ---- | M] ()
AUTOEXEC.BAT [] -> D:\AUTOEXEC.BAT [ FAT32 ] -> [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
 
 
[Files/Folders - Created Within 30 Days]
70 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2008/10/05 02:23:44 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/10/05 02:23:23 | 00,586,451 | ---- | C] ()
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [2008/10/04 17:10:04 | 00,172,064 | -HS- | C] ()
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [2008/10/04 17:10:04 | 00,003,020 | -HS- | C] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/10/04 17:10:03 | 10,722,22208 | -HS- | C] ()
d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [2008/10/04 15:24:04 | 00,000,664 | ---- | C] ()
klif.sys -> %SystemRoot%\System32\drivers\klif.sys -> [2008/10/04 00:45:13 | 00,127,768 | ---- | C] (Kaspersky Lab)
RECYCLER -> %SystemDrive%\RECYCLER -> [2008/10/03 20:36:56 | 00,000,000 | -HSD | C]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/10/03 20:13:00 | 00,002,148 | ---- | C] ()
erdnt -> %SystemRoot%\erdnt -> [2008/10/03 20:10:00 | 00,000,000 | ---D | C]
swxcacls.exe -> %SystemRoot%\swxcacls.exe -> [2008/10/03 20:05:54 | 00,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> %SystemRoot%\SWREG.exe -> [2008/10/03 20:05:54 | 00,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> %SystemRoot%\SWSC.exe -> [2008/10/03 20:05:54 | 00,136,704 | ---- | C] (SteelWerX)
sed.exe -> %SystemRoot%\sed.exe -> [2008/10/03 20:05:54 | 00,098,816 | ---- | C] ()
fdsv.exe -> %SystemRoot%\fdsv.exe -> [2008/10/03 20:05:54 | 00,089,504 | ---- | C] (Smallfrogs Studio)
grep.exe -> %SystemRoot%\grep.exe -> [2008/10/03 20:05:54 | 00,080,412 | ---- | C] ()
zip.exe -> %SystemRoot%\zip.exe -> [2008/10/03 20:05:54 | 00,068,096 | ---- | C] ()
VFind.exe -> %SystemRoot%\VFind.exe -> [2008/10/03 20:05:54 | 00,049,152 | ---- | C] ()
Nircmd.exe -> %SystemRoot%\Nircmd.exe -> [2008/10/03 20:05:54 | 00,028,672 | ---- | C] (NirSoft)
ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe -> [2008/10/03 20:01:31 | 02,889,194 | R--- | C] ()
nxdsht.dll -> %SystemRoot%\System32\nxdsht.dll -> [2008/10/03 18:19:14 | 00,123,904 | ---- | C] ()
Windows Live Messenger.lnk -> %AllUsersProfile%\Desktop\Windows Live Messenger.lnk -> [2008/10/03 17:53:36 | 00,001,744 | ---- | C] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2008/10/03 14:22:15 | 00,001,742 | ---- | C] ()
Trend Micro -> %ProgramFiles%\Trend Micro -> [2008/10/03 14:22:15 | 00,000,000 | ---D | C]
ascbalon.dll -> %SystemRoot%\System32\ascbalon.dll -> [2008/10/02 20:51:28 | 00,036,864 | ---- | C] ()
ascbalo3N.dll -> %SystemRoot%\System32\ascbalo3N.dll -> [2008/10/02 20:51:28 | 00,036,864 | ---- | C] ()
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [2008/10/02 18:26:03 | 00,000,000 | ---D | C]
Spybot - Search & Destroy -> %ProgramFiles%\Spybot - Search & Destroy -> [2008/10/02 18:25:31 | 00,000,000 | ---D | C]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/10/02 17:53:56 | 00,173,080 | ---- | C] ()
aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2008/10/02 12:31:37 | 00,042,912 | ---- | C] (ALWIL Software)
aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2008/10/02 12:31:37 | 00,023,152 | ---- | C] (ALWIL Software)
avast! Antivirus.lnk -> %AllUsersProfile%\Desktop\avast! Antivirus.lnk -> [2008/10/02 12:31:37 | 00,001,717 | ---- | C] ()
aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2008/10/02 12:31:36 | 00,026,944 | ---- | C] (ALWIL Software)
aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2008/10/02 12:31:30 | 00,094,416 | ---- | C] (ALWIL Software)
aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> [2008/10/02 12:31:30 | 00,093,264 | ---- | C] (ALWIL Software)
aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> [2008/10/02 12:31:30 | 00,078,416 | ---- | C] (ALWIL Software)
aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> [2008/10/02 12:31:30 | 00,020,560 | ---- | C] (ALWIL Software)
aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> [2008/10/02 12:31:17 | 01,163,960 | ---- | C] (ALWIL Software)
actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [2008/10/02 12:31:17 | 00,380,928 | ---- | C] ()
Gifs -> %UserProfile%\Desktop\Gifs -> [2008/09/29 18:25:02 | 00,000,000 | ---D | C]
Thumbs.db -> %SystemRoot%\Thumbs.db -> [2008/09/28 01:25:58 | 00,007,680 | -HS- | C] ()
JO ICE Mod.lnk -> %UserProfile%\Desktop\JO ICE Mod.lnk -> [2008/09/27 15:33:14 | 00,001,937 | ---- | C] ()
Joint Operations Escalation.lnk -> %AllUsersProfile%\Desktop\Joint Operations Escalation.lnk -> [2008/09/27 14:44:30 | 00,001,949 | ---- | C] ()
Prefetch -> %SystemRoot%\Prefetch -> [2008/09/24 19:32:12 | 00,000,000 | ---D | C]
nvapps.nvb -> %SystemRoot%\System32\nvapps.nvb -> [2008/09/24 19:29:13 | 00,201,050 | ---- | C] ()
scripting -> %SystemRoot%\System32\scripting -> [2008/09/24 14:46:37 | 00,000,000 | ---D | C]
l2schemas -> %SystemRoot%\l2schemas -> [2008/09/24 14:46:37 | 00,000,000 | ---D | C]
en -> %SystemRoot%\System32\en -> [2008/09/24 14:46:37 | 00,000,000 | ---D | C]
bits -> %SystemRoot%\System32\bits -> [2008/09/24 14:46:36 | 00,000,000 | ---D | C]
ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [2008/09/24 14:45:05 | 00,000,000 | ---D | C]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [2008/09/24 14:39:39 | 00,000,000 | -H-D | C]
wmphoto.dll -> %SystemRoot%\System32\wmphoto.dll -> [2008/09/20 11:49:37 | 00,276,992 | ---- | C] (Microsoft Corporation)
wlanapi.dll -> %SystemRoot%\System32\wlanapi.dll -> [2008/09/20 11:49:35 | 00,069,120 | ---- | C] (Microsoft Corporation)
windowscodecs.dll -> %SystemRoot%\System32\windowscodecs.dll -> [2008/09/20 11:49:34 | 00,712,704 | ---- | C] (Microsoft Corporation)
windowscodecsext.dll -> %SystemRoot%\System32\windowscodecsext.dll -> [2008/09/20 11:49:34 | 00,346,112 | ---- | C] (Microsoft Corporation)
viaagp.sys -> %SystemRoot%\System32\drivers\viaagp.sys -> [2008/09/20 11:49:32 | 00,042,240 | ---- | C] (Microsoft Corporation)
wacompen.sys -> %SystemRoot%\System32\drivers\wacompen.sys -> [2008/09/20 11:49:32 | 00,014,208 | ---- | C] (Microsoft Corporation)
usbvideo.sys -> %SystemRoot%\System32\drivers\usbvideo.sys -> [2008/09/20 11:49:30 | 00,121,984 | ---- | C] (Microsoft Corporation)
usb8023x.sys -> %SystemRoot%\System32\drivers\usb8023x.sys -> [2008/09/20 11:49:30 | 00,012,800 | ---- | C] (Microsoft Corporation)
uagp35.sys -> %SystemRoot%\System32\drivers\uagp35.sys -> [2008/09/20 11:49:28 | 00,044,672 | ---- | C] (Microsoft Corporation)
tsgqec.dll -> %SystemRoot%\System32\tsgqec.dll -> [2008/09/20 11:49:27 | 00,053,248 | ---- | C] (Microsoft Corporation)
tspkg.dll -> %SystemRoot%\System32\tspkg.dll -> [2008/09/20 11:49:27 | 00,050,688 | ---- | C] (Microsoft Corporation)
spupdwxp.exe -> %SystemRoot%\System32\spupdwxp.exe -> [2008/09/20 11:49:21 | 00,020,992 | ---- | C] (Microsoft Corporation)
spdwnwxp.exe -> %SystemRoot%\System32\spdwnwxp.exe -> [2008/09/20 11:49:19 | 00,007,680 | ---- | C] (Microsoft Corporation)
smbali.sys -> %SystemRoot%\System32\drivers\smbali.sys -> [2008/09/20 11:49:18 | 00,005,888 | ---- | C] (Microsoft Corporation)
sffp_mmc.sys -> %SystemRoot%\System32\drivers\sffp_mmc.sys -> [2008/09/20 11:49:16 | 00,010,240 | ---- | C] (Microsoft Corporation)
setupn.exe -> %SystemRoot%\System32\setupn.exe -> [2008/09/20 11:49:15 | 00,032,768 | ---- | C] (Microsoft Corporation)
rhttpaa.dll -> %SystemRoot%\System32\rhttpaa.dll -> [2008/09/20 11:49:12 | 00,290,304 | ---- | C] (Microsoft Corporation)
rfcomm.sys -> %SystemRoot%\System32\drivers\rfcomm.sys -> [2008/09/20 11:49:12 | 00,059,136 | ---- | C] (Microsoft Corporation)
rndismpx.sys -> %SystemRoot%\System32\drivers\rndismpx.sys -> [2008/09/20 11:49:12 | 00,030,592 | ---- | C] (Microsoft Corporation)
rasqec.dll -> %SystemRoot%\System32\rasqec.dll -> [2008/09/20 11:49:11 | 00,061,952 | ---- | C] (Microsoft Corporation)
qutil.dll -> %SystemRoot%\System32\qutil.dll -> [2008/09/20 11:49:10 | 00,076,800 | ---- | C] (Microsoft Corporation)
qagentrt.dll -> %SystemRoot%\System32\qagentrt.dll -> [2008/09/20 11:49:09 | 00,291,328 | ---- | C] (Microsoft Corporation)
qagent.dll -> %SystemRoot%\System32\qagent.dll -> [2008/09/20 11:49:09 | 00,150,528 | ---- | C] (Microsoft Corporation)
qcliprov.dll -> %SystemRoot%\System32\qcliprov.dll -> [2008/09/20 11:49:09 | 00,062,464 | ---- | C] (Microsoft Corporation)
photometadatahandler.dll -> %SystemRoot%\System32\photometadatahandler.dll -> [2008/09/20 11:49:07 | 00,412,160 | ---- | C] (Microsoft Corporation)
onex.dll -> %SystemRoot%\System32\onex.dll -> [2008/09/20 11:49:05 | 00,144,384 | ---- | C] (Microsoft Corporation)
netwlan5.img -> %SystemRoot%\System32\drivers\netwlan5.img -> [2008/09/20 11:48:59 | 00,067,866 | ---- | C] ()
napmontr.dll -> %SystemRoot%\System32\napmontr.dll -> [2008/09/20 11:48:57 | 00,193,024 | ---- | C] (Microsoft Corporation)
napstat.exe -> %SystemRoot%\System32\napstat.exe -> [2008/09/20 11:48:57 | 00,176,640 | ---- | C] (Microsoft Corporation)
napipsec.dll -> %SystemRoot%\System32\napipsec.dll -> [2008/09/20 11:48:57 | 00,030,208 | ---- | C] (Microsoft Corporation)
mutohpen.sys -> %SystemRoot%\System32\drivers\mutohpen.sys -> [2008/09/20 11:48:57 | 00,012,672 | ---- | C] (Microsoft Corporation)
msxml6.dll -> %SystemRoot%\System32\msxml6.dll -> [2008/09/20 11:48:56 | 01,306,624 | ---- | C] (Microsoft Corporation)
msxml6.dll -> %SystemRoot%\System32\dllcache\msxml6.dll -> [2008/09/20 11:48:56 | 01,306,624 | ---- | C] (Microsoft Corporation)
msxml6r.dll -> %SystemRoot%\System32\msxml6r.dll -> [2008/09/20 11:48:56 | 00,079,872 | ---- | C] (Microsoft Corporation)
msxml6r.dll -> %SystemRoot%\System32\dllcache\msxml6r.dll -> [2008/09/20 11:48:56 | 00,079,872 | ---- | C] (Microsoft Corporation)
mssha.dll -> %SystemRoot%\System32\mssha.dll -> [2008/09/20 11:48:54 | 00,155,136 | ---- | C] (Microsoft Corporation)
msshavmsg.dll -> %SystemRoot%\System32\msshavmsg.dll -> [2008/09/20 11:48:54 | 00,076,800 | ---- | C] (Microsoft Corporation)
mmcex.dll -> %SystemRoot%\System32\mmcex.dll -> [2008/09/20 11:48:40 | 00,397,312 | ---- | C] (Microsoft Corporation)
microsoft.managementconsole.dll -> %SystemRoot%\System32\microsoft.managementconsole.dll -> [2008/09/20 11:48:40 | 00,184,320 | ---- | C] (Microsoft Corporation)
mmcfxcommon.dll -> %SystemRoot%\System32\mmcfxcommon.dll -> [2008/09/20 11:48:40 | 00,106,496 | ---- | C] (Microsoft Corporation)
mmcperf.exe -> %SystemRoot%\System32\mmcperf.exe -> [2008/09/20 11:48:40 | 00,033,792 | ---- | C] (Microsoft Corporation)
kmsvc.dll -> %SystemRoot%\System32\kmsvc.dll -> [2008/09/20 11:48:26 | 00,061,440 | ---- | C] (Microsoft Corporation)
l2gpstore.dll -> %SystemRoot%\System32\l2gpstore.dll -> [2008/09/20 11:48:26 | 00,037,376 | ---- | C] (Microsoft Corporation)
kbdpash.dll -> %SystemRoot%\System32\kbdpash.dll -> [2008/09/20 11:48:25 | 00,006,144 | ---- | C] (Microsoft Corporation)
kbdnepr.dll -> %SystemRoot%\System32\kbdnepr.dll -> [2008/09/20 11:48:25 | 00,006,144 | ---- | C] (Microsoft Corporation)
kbdiultn.dll -> %SystemRoot%\System32\kbdiultn.dll -> [2008/09/20 11:48:25 | 00,006,144 | ---- | C] (Microsoft Corporation)
kbdbhc.dll -> %SystemRoot%\System32\kbdbhc.dll -> [2008/09/20 11:48:25 | 00,006,144 | ---- | C] (Microsoft Corporation)
smtpapi.dll -> %SystemRoot%\System32\smtpapi.dll -> [2008/09/20 11:48:16 | 00,010,752 | ---- | C] (Microsoft Corporation)
rwnh.dll -> %SystemRoot%\System32\rwnh.dll -> [2008/09/20 11:48:16 | 00,009,728 | ---- | C] (Microsoft Corporation)
pid.inf -> %SystemRoot%\System32\pid.inf -> [2008/09/20 11:48:15 | 00,000,974 | ---- | C] ()
intelppm.sys -> %SystemRoot%\System32\drivers\intelppm.sys -> [2008/09/20 11:48:12 | 00,036,352 | ---- | C] (Microsoft Corporation)
comsdupd.exe -> %SystemRoot%\System32\comsdupd.exe -> [2008/09/20 11:48:12 | 00,009,728 | ---- | C] (Microsoft Corporation)
hidbth.sys -> %SystemRoot%\System32\drivers\hidbth.sys -> [2008/09/20 11:48:08 | 00,025,600 | ---- | C] (Microsoft Corporation)
gagp30kx.sys -> %SystemRoot%\System32\drivers\gagp30kx.sys -> [2008/09/20 11:48:06 | 00,046,464 | ---- | C] (Microsoft Corporation)
faxpatch.exe -> %SystemRoot%\System32\faxpatch.exe -> [2008/09/20 11:48:04 | 00,020,992 | ---- | C] (Microsoft Corporation)
eapsvc.dll -> %SystemRoot%\System32\eapsvc.dll -> [2008/09/20 11:48:03 | 00,033,792 | ---- | C] (Microsoft Corporation)
eapp3hst.dll -> %SystemRoot%\System32\eapp3hst.dll -> [2008/09/20 11:48:02 | 00,184,832 | ---- | C] (Microsoft Corporation)
eapphost.dll -> %SystemRoot%\System32\eapphost.dll -> [2008/09/20 11:48:02 | 00,180,224 | ---- | C] (Microsoft Corporation)
eappcfg.dll -> %SystemRoot%\System32\eappcfg.dll -> [2008/09/20 11:48:02 | 00,126,976 | ---- | C] (Microsoft Corporation)
eappgnui.dll -> %SystemRoot%\System32\eappgnui.dll -> [2008/09/20 11:48:02 | 00,094,208 | ---- | C] (Microsoft Corporation)
eapqec.dll -> %SystemRoot%\System32\eapqec.dll -> [2008/09/20 11:48:02 | 00,059,392 | ---- | C] (Microsoft Corporation)
eappprxy.dll -> %SystemRoot%\System32\eappprxy.dll -> [2008/09/20 11:48:02 | 00,040,960 | ---- | C] (Microsoft Corporation)
eapolqec.dll -> %SystemRoot%\System32\eapolqec.dll -> [2008/09/20 11:48:02 | 00,030,720 | ---- | C] (Microsoft Corporation)
dot3ui.dll -> %SystemRoot%\System32\dot3ui.dll -> [2008/09/20 11:47:59 | 00,650,752 | ---- | C] (Microsoft Corporation)
dot3svc.dll -> %SystemRoot%\System32\dot3svc.dll -> [2008/09/20 11:47:59 | 00,132,096 | ---- | C] (Microsoft Corporation)
dot3cfg.dll -> %SystemRoot%\System32\dot3cfg.dll -> [2008/09/20 11:47:59 | 00,057,856 | ---- | C] (Microsoft Corporation)
dot3msm.dll -> %SystemRoot%\System32\dot3msm.dll -> [2008/09/20 11:47:59 | 00,056,320 | ---- | C] (Microsoft Corporation)
dot3gpclnt.dll -> %SystemRoot%\System32\dot3gpclnt.dll -> [2008/09/20 11:47:59 | 00,039,936 | ---- | C] (Microsoft Corporation)
dot3api.dll -> %SystemRoot%\System32\dot3api.dll -> [2008/09/20 11:47:59 | 00,026,112 | ---- | C] (Microsoft Corporation)
dot3dlg.dll -> %SystemRoot%\System32\dot3dlg.dll -> [2008/09/20 11:47:59 | 00,009,216 | ---- | C] (Microsoft Corporation)
dimsroam.dll -> %SystemRoot%\System32\dimsroam.dll -> [2008/09/20 11:47:58 | 00,039,936 | ---- | C] (Microsoft Corporation)
dimsntfy.dll -> %SystemRoot%\System32\dimsntfy.dll -> [2008/09/20 11:47:58 | 00,019,456 | ---- | C] (Microsoft Corporation)
dhcpqec.dll -> %SystemRoot%\System32\dhcpqec.dll -> [2008/09/20 11:47:57 | 00,048,640 | ---- | C] (Microsoft Corporation)
cxthsfs2.cty -> %SystemRoot%\System32\drivers\cxthsfs2.cty -> [2008/09/20 11:47:56 | 00,129,045 | ---- | C] ()
credssp.dll -> %SystemRoot%\System32\credssp.dll -> [2008/09/20 11:47:55 | 00,012,800 | ---- | C] (Microsoft Corporation)
bthpan.sys -> %SystemRoot%\System32\drivers\bthpan.sys -> [2008/09/20 11:47:48 | 00,101,120 | ---- | C] (Microsoft Corporation)
bthmodem.sys -> %SystemRoot%\System32\drivers\bthmodem.sys -> [2008/09/20 11:47:48 | 00,037,888 | ---- | C] (Microsoft Corporation)
bthprint.sys -> %SystemRoot%\System32\drivers\bthprint.sys -> [2008/09/20 11:47:48 | 00,036,480 | ---- | C] (Microsoft Corporation)
bthusb.sys -> %SystemRoot%\System32\drivers\bthusb.sys -> [2008/09/20 11:47:48 | 00,018,944 | ---- | C] (Microsoft Corporation)
bthenum.sys -> %SystemRoot%\System32\drivers\bthenum.sys -> [2008/09/20 11:47:48 | 00,017,024 | ---- | C] (Microsoft Corporation)
azroles.dll -> %SystemRoot%\System32\azroles.dll -> [2008/09/20 11:47:47 | 00,233,472 | ---- | C] (Microsoft Corporation)
bitsprx4.dll -> %SystemRoot%\System32\bitsprx4.dll -> [2008/09/20 11:47:47 | 00,007,168 | ---- | C] (Microsoft Corporation)
ativmc20.cod -> %SystemRoot%\System32\drivers\ativmc20.cod -> [2008/09/20 11:47:46 | 00,064,352 | ---- | C] ()
alim1541.sys -> %SystemRoot%\System32\drivers\alim1541.sys -> [2008/09/20 11:47:41 | 00,042,752 | ---- | C] (Microsoft Corporation)
agpcpq.sys -> %SystemRoot%\System32\drivers\agpcpq.sys -> [2008/09/20 11:47:40 | 00,044,928 | ---- | C] (Microsoft Corporation)
agp440.sys -> %SystemRoot%\System32\drivers\agp440.sys -> [2008/09/20 11:47:40 | 00,042,368 | ---- | C] (Microsoft Corporation)
aaclient.dll -> %SystemRoot%\System32\aaclient.dll -> [2008/09/20 11:47:39 | 00,136,192 | ---- | C] (Microsoft Corporation)
Vso -> %AppData%\Vso -> [2008/09/19 11:10:57 | 00,000,000 | ---D | C]
VSO Image Resizer.lnk -> %UserProfile%\Desktop\VSO Image Resizer.lnk -> [2008/09/19 10:54:55 | 00,000,711 | ---- | C] ()
VSO -> %ProgramFiles%\VSO -> [2008/09/19 10:54:51 | 00,000,000 | ---D | C]
 
[Files/Folders - Modified Within 30 Days]
70 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [2006/08/08 08:44:56 | 00,000,000 | ---D | M]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/10/04 17:18:43 | 00,004,232 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/10/04 17:18:43 | 00,004,646 | ---- | M] ()
C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works -> [2007/11/16 14:08:28 | 00,000,000 | ---D | M]
wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat -> [2006/11/12 14:12:45 | 00,016,384 | ---- | M] ()
wklntsk1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk1.dat -> [2006/11/12 14:57:44 | 00,166,221 | ---- | M] ()
C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [2008/10/05 02:31:23 | 00,000,000 | ---D | M]
Perflib_Perfdata_7ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7ec.dat -> [2008/10/05 02:28:21 | 00,016,384 | ---- | M] ()
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [2008/10/05 02:30:54 | 00,172,064 | -HS- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/10/05 02:29:04 | 00,002,148 | ---- | M] ()
vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml -> [2008/10/05 02:28:59 | 00,355,089 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/10/05 02:28:20 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/10/05 02:27:36 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/10/05 02:27:30 | 10,722,22208 | -HS- | M] ()
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [2008/10/05 02:26:57 | 00,003,020 | -HS- | M] ()
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/10/05 02:20:40 | 00,586,451 | ---- | M] ()
My Sharing Folders.lnk -> %UserProfile%\My Documents\My Sharing Folders.lnk -> [2008/10/05 02:15:38 | 00,000,600 | ---- | M] ()
zllictbl.dat -> %SystemRoot%\System32\zllictbl.dat -> [2008/10/04 18:07:24 | 00,004,212 | -H-- | M] ()
WININIT.INI -> %SystemRoot%\WININIT.INI -> [2008/10/04 18:03:15 | 00,000,720 | ---- | M] ()
d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [2008/10/04 15:27:25 | 00,000,664 | ---- | M] ()
rollback.ini -> %SystemDrive%\rollback.ini -> [2008/10/03 21:15:47 | 00,047,397 | ---- | M] ()
system.ini -> %SystemRoot%\system.ini -> [2008/10/03 20:25:54 | 00,000,227 | ---- | M] ()
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2008/10/03 20:25:45 | 00,000,027 | ---- | M] ()
ComboFix.exe -> %UserProfile%\Desktop\ComboFix.exe -> [2008/10/03 19:59:53 | 02,889,194 | R--- | M] ()
nxdsht.dll -> %SystemRoot%\System32\nxdsht.dll -> [2008/10/03 18:19:14 | 00,123,904 | ---- | M] ()
Windows Live Messenger.lnk -> %AllUsersProfile%\Desktop\Windows Live Messenger.lnk -> [2008/10/03 17:53:36 | 00,001,744 | ---- | M] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2008/10/03 14:22:15 | 00,001,742 | ---- | M] ()
ascbalon.dll -> %SystemRoot%\System32\ascbalon.dll -> [2008/10/02 20:51:28 | 00,036,864 | ---- | M] ()
ascbalo3N.dll -> %SystemRoot%\System32\ascbalo3N.dll -> [2008/10/02 20:51:28 | 00,036,864 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/10/02 17:55:17 | 00,173,080 | ---- | M] ()
avast! Antivirus.lnk -> %AllUsersProfile%\Desktop\avast! Antivirus.lnk -> [2008/10/02 12:31:37 | 00,001,717 | ---- | M] ()
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2008/10/02 12:06:32 | 07,447,208 | -H-- | M] ()
GTA-SA_Trn_Settings.ini -> %SystemRoot%\GTA-SA_Trn_Settings.ini -> [2008/09/28 16:22:01 | 00,000,917 | ---- | M] ()
Thumbs.db -> %SystemRoot%\Thumbs.db -> [2008/09/28 01:25:58 | 00,007,680 | -HS- | M] ()
JO ICE Mod.lnk -> %UserProfile%\Desktop\JO ICE Mod.lnk -> [2008/09/27 15:33:14 | 00,001,937 | ---- | M] ()
Joint Operations Escalation.lnk -> %AllUsersProfile%\Desktop\Joint Operations Escalation.lnk -> [2008/09/27 14:44:30 | 00,001,949 | ---- | M] ()
loader.ini -> %SystemRoot%\loader.ini -> [2008/09/26 16:00:59 | 00,000,253 | ---- | M] ()
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2008/09/24 16:50:08 | 00,001,374 | ---- | M] ()
ntldr -> %SystemDrive%\ntldr -> [2008/09/24 14:42:58 | 00,250,048 | RHS- | M] ()
VSO Image Resizer.lnk -> %UserProfile%\Desktop\VSO Image Resizer.lnk -> [2008/09/19 10:54:55 | 00,000,711 | ---- | M] ()
nvwdmcpl.dll -> %SystemRoot%\System32\nvwdmcpl.dll -> [2008/09/17 09:55:00 | 01,724,416 | ---- | M] ()
nwiz.exe -> %SystemRoot%\System32\nwiz.exe -> [2008/09/17 09:55:00 | 01,657,376 | ---- | M] ()
nview.dll -> %SystemRoot%\System32\nview.dll -> [2008/09/17 09:55:00 | 01,503,232 | ---- | M] ()
nvdspsch.exe -> %SystemRoot%\System32\nvdspsch.exe -> [2008/09/17 09:55:00 | 01,346,080 | ---- | M] ()
nvwimg.dll -> %SystemRoot%\System32\nvwimg.dll -> [2008/09/17 09:55:00 | 01,101,824 | ---- | M] ()
nvshell.dll -> %SystemRoot%\System32\nvshell.dll -> [2008/09/17 09:55:00 | 00,466,944 | ---- | M] ()
nvappbar.exe -> %SystemRoot%\System32\nvappbar.exe -> [2008/09/17 09:55:00 | 00,449,056 | ---- | M] ()
keystone.exe -> %SystemRoot%\System32\keystone.exe -> [2008/09/17 09:55:00 | 00,436,768 | ---- | M] ()
nvnt4cpl.dll -> %SystemRoot%\System32\nvnt4cpl.dll -> [2008/09/17 09:55:00 | 00,286,720 | ---- | M] ()
nvapps.nvb -> %SystemRoot%\System32\nvapps.nvb -> [2008/09/17 09:55:00 | 00,201,050 | ---- | M] ()
nvtuicpl.cpl -> %SystemRoot%\System32\nvtuicpl.cpl -> [2008/09/17 09:55:00 | 00,073,728 | ---- | M] ()
nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [2008/09/17 09:55:00 | 00,018,394 | ---- | M] ()
wklnhst.dat -> %AppData%\wklnhst.dat -> [2008/09/13 08:39:16 | 00,005,988 | ---- | M] ()
Resume.wps -> %UserProfile%\My Documents\Resume.wps -> [2008/09/13 08:33:57 | 00,020,992 | ---- | M] ()
< End of report >
[/code]