[code]
OTScanIt logfile created on: 12/10/2008 7:15:56 AM - Run 5
OTScanIt2 by OldTimer - Version 1.0.0.9b     Folder = C:\Documents and Settings\Compaq_Administrator\Desktop\OTScanIt2
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
 
1022.48 Mb Total Physical Memory | 676.07 Mb Available Physical Memory | 66.12% Memory free
2.40 Gb Paging File | 2.16 Gb Available in Paging File | 90.08% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 177.74 Gb Total Space | 150.84 Gb Free Space | 84.87% Space Free | Partition Type: NTFS
Drive D: | 8.56 Gb Total Space | 0.58 Gb Free Space | 6.80% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: COURTNEY
Current User Name: Compaq_Administrator
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
 
[Processes - Safe List]
vsmon.exe -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> [2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC)
arservice.exe -> %SystemRoot%\arservice.exe -> [2005/08/03 02:19:16 | 00,058,880 | ---- | M] (Microsoft)
ehrecvr.exe -> %SystemRoot%\ehome\ehrecvr.exe -> [2006/10/09 17:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation)
ehsched.exe -> %SystemRoot%\ehome\ehSched.exe -> [2005/08/05 23:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation)
lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> [2006/06/21 07:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company)
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> [2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation)
pnkbstra.exe -> %SystemRoot%\system32\PnkBstrA.exe -> [2007/09/01 04:20:08 | 00,066,872 | ---- | M] ()
mcrdsvc.exe -> %SystemRoot%\ehome\mcrdsvc.exe -> [2005/08/05 23:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation)
ehtray.exe -> %SystemRoot%\ehome\ehtray.exe -> [2005/08/05 23:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation)
ehmsas.exe -> %SystemRoot%\ehome\ehmsas.exe -> [2005/08/05 23:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation)
rthdcpl.exe -> %SystemRoot%\RTHDCPL.EXE -> [2006/06/13 23:05:26 | 16,239,616 | ---- | M] (Realtek Semiconductor Corp.)
arpwrmsg.exe -> %SystemRoot%\arpwrmsg.exe -> [2005/08/03 02:19:16 | 00,077,312 | ---- | M] (Microsoft)
rundll32.exe -> %SystemRoot%\system32\rundll32.exe -> [2008/04/13 20:12:33 | 00,033,280 | ---- | M] (Microsoft Corporation)
usnsvc.exe -> %ProgramFiles%\MSN Messenger\usnsvc.exe -> [2007/01/19 13:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2008/10/11 11:48:18 | 00,416,256 | ---- | M] (OldTimer Tools)
 
[Win32 Services - Safe List]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2007/10/31 15:09:16 | 00,110,592 | ---- | M] (Apple, Inc.)
(ARSVC) ARSVC [Win32_Own | Auto | Running] -> %SystemRoot%\arservice.exe -> [2005/08/03 02:19:16 | 00,058,880 | ---- | M] (Microsoft)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> File not found
(avast! Antivirus) avast! Antivirus [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> File not found
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> File not found
(avast! Web Scanner) avast! Web Scanner [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> File not found
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)
(ehrecvr) Media Center Receiver Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\ehrecvr.exe -> [2006/10/09 17:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation)
(ehsched) Media Center Scheduler Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\ehSched.exe -> [2005/08/05 23:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation)
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/07/11 16:00:15 | 00,138,168 | ---- | M] (Google)
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> [2004/10/22 13:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation)
(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> [2006/06/21 07:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company)
(McrdSvc) Media Center Extender Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\mcrdsvc.exe -> [2005/08/05 23:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation)
(nTuneService) nTune Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\NVIDIA Corporation\nTune\nTuneService.exe -> [2007/09/04 19:25:44 | 00,131,072 | ---- | M] (NVIDIA)
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> [2008/05/16 14:01:00 | 00,159,812 | ---- | M] (NVIDIA Corporation)
(PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrA.exe -> [2007/09/01 04:20:08 | 00,066,872 | ---- | M] ()
(usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\MSN Messenger\usnsvc.exe -> [2007/01/19 13:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation)
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> [2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC)
(wmpnetworksvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
(wwSecSvc) Washer AutoComplete [Win32_Own | Disabled | Stopped] -> %SystemRoot%\system32\wwSecure.exe -> [2005/04/20 11:34:12 | 00,487,936 | ---- | M] (Webroot Software, Inc.)
 
[Driver Services - Safe List]
(AmdK8) AMD Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AmdK8.sys -> [2005/03/09 17:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices)
(catchme) catchme [Kernel | On_Demand | Stopped] -> %SystemDrive%\ComboFix\catchme.sys -> File not found
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hdaudbus.sys -> [2008/04/13 12:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZid412.sys -> [2006/12/06 02:02:28 | 00,049,920 | R--- | M] (HP)
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZipr12.sys -> [2006/12/06 02:02:28 | 00,016,496 | R--- | M] (HP)
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZius12.sys -> [2006/12/06 02:02:29 | 00,021,568 | R--- | M] (HP)
(HSXHWBS2) HSXHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSXHWBS2.sys -> [2005/12/06 14:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.)
(HSX_DP) HSX_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSX_DP.sys -> [2005/12/06 14:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> [2006/06/14 14:04:12 | 04,299,264 | ---- | M] (Realtek Semiconductor Corp.)
(klif) klif [File_System | System | Running] -> %SystemRoot%\system32\drivers\klif.sys -> [2007/07/19 15:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab)
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> [2005/10/05 18:57:08 | 00,012,544 | ---- | M] (Conexant)
(NTProcDrv) Process creation detector for NT. [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Silkroad\Bot\NTProcDrv.sys -> [2005/02/23 15:08:16 | 00,003,584 | ---- | M] ()
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> [2008/05/16 14:01:00 | 06,557,408 | ---- | M] (NVIDIA Corporation)
(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NVENETFD.sys -> [2006/03/03 18:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation)
(nvndis) NVIDIA NDIS IO Control Driver [Kernel | Auto | Stopped] -> %SystemRoot%\system32\Drivers\NvNdis.sys -> File not found
(nvnetbus) NVIDIA Network Bus Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nvnetbus.sys -> [2006/03/03 18:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation)
(NVR0Dev) NVR0Dev [Kernel | On_Demand | Running] -> %SystemRoot%\nvoclock.sys -> [2007/09/04 19:26:32 | 00,029,696 | ---- | M] (NVidia Corp.)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> [2004/10/11 11:28:18 | 00,009,856 | ---- | M] (Padus, Inc.)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/10 00:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2006/03/09 14:00:00 | 00,046,080 | ---- | M] (Sonic Solutions)
(RivaTuner32) RivaTuner32 [Kernel | On_Demand | Stopped] -> %ProgramFiles%\RivaTuner v2.11\RivaTuner32.sys -> File not found
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\RTL8139.sys -> [2004/08/03 17:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation)
(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [2008/08/16 16:26:36 | 00,717,296 | ---- | M] ()
(SQTECH905C) DualCamera [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Capt905c.sys -> [2005/07/13 11:08:20 | 00,033,890 | ---- | M] (Service & Quality Technology.)
(srescan) srescan [Kernel | Boot | Running] -> %SystemRoot%\system32\ZoneLabs\srescan.sys -> [2008/02/27 03:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC)
(tsp) tsp [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\klif.sys -> [2007/07/19 15:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab)
(USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaapl.sys -> [2007/10/31 15:09:14 | 00,030,464 | ---- | M] (Apple, Inc.)
(vsdatant) vsdatant [Kernel | System | Running] -> %SystemRoot%\system32\vsdatant.sys -> [2008/07/09 09:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC)
(winachsx) winachsx [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSX_CNXT.sys -> [2005/12/06 14:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.google.com/ie -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Secondary_Page_URL ->  -> 
HKEY_LOCAL_MACHINE\: Main\\Extensions Off Page -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.google.com -> 
HKEY_LOCAL_MACHINE\: Main\\Security Risk Page -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.google.com -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\CustomSearch -> http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Default ->  -> 
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com -> 
HKEY_CURRENT_USER\: Main\\SearchMigratedDefaultName -> Yahoo! Search -> 
HKEY_CURRENT_USER\: Main\\SearchMigratedDefaultURL -> http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 -> 
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.com -> 
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
< HOSTS File > (27 bytes and 1 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{939C24AA-FE14-4729-A095-D4BE6A53853E} [HKLM] -> %SystemRoot%\system32\vtUnmNEt.dll [Reg Error: Value  does not exist or could not be read.] -> [2008/10/11 10:36:39 | 00,041,984 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> [2008/07/11 16:00:15 | 02,403,392 | R--- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> [2008/07/11 16:00:15 | 02,403,392 | R--- | M] (Google Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"AlwaysReady Power Message APP" -> %SystemRoot%\arpwrmsg.exe [ARPWRMSG.EXE] -> [2005/08/03 02:19:16 | 00,077,312 | ---- | M] (Microsoft)
"ehTray" -> %SystemRoot%\ehome\ehtray.exe [C:\WINDOWS\ehome\ehtray.exe] -> [2005/08/05 23:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation)
"NvCplDaemon" -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2008/05/16 14:01:00 | 13,529,088 | ---- | M] (NVIDIA Corporation)
"NvMediaCenter" -> %SystemRoot%\system32\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> [2008/05/16 14:01:00 | 00,086,016 | ---- | M] (NVIDIA Corporation)
"nwiz" -> %SystemRoot%\system32\nwiz.exe [nwiz.exe /install] -> [2008/05/16 14:01:00 | 01,630,208 | ---- | M] ()
"RTHDCPL" -> %SystemRoot%\RTHDCPL.EXE [RTHDCPL.EXE] -> [2006/06/13 23:05:26 | 16,239,616 | ---- | M] (Realtek Semiconductor Corp.)
"ZoneAlarm Client" -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe ["C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"] -> [2008/07/09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
< Compaq_Administrator Startup Folder > -> C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup -> 
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [227] -> File not found
\\"NoDrives" ->  [0] -> File not found
\\"NoDriveAutoRun" ->  [67108863] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
\\"InstallVisualStyle" -> %SystemRoot%\Resources\Themes\Royale\Royale.mss [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> File not found
\\"InstallTheme" -> %SystemRoot%\Resources\Themes\Royale.the [C:\WINDOWS\Resources\Themes\Royale.theme] -> File not found
\\"DisableRegistryTools" ->  [0] -> File not found
\\"HideLegacyLogonScripts" ->  [0] -> File not found
\\"HideLogoffScripts" ->  [0] -> File not found
\\"RunLogonScriptSync" ->  [1] -> File not found
\\"RunStartupScriptSync" ->  [0] -> File not found
\\"HideStartupScripts" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"HideLegacyLogonScripts" ->  [0] -> File not found
\\"HideLogoffScripts" ->  [0] -> File not found
\\"HideStartupScripts" ->  [0] -> File not found
\\"RunLogonScriptSync" ->  [1] -> File not found
\\"RunStartupScriptSync" ->  [0] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{E2D4D26B-0180-43a4-B05F-462D6D54C789}:C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [HKLM] -> %SystemRoot%\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [Button: Internet Connection Help] -> [2008/09/24 14:49:29 | 00,000,706 | ---- | M] ()
{E2D4D26B-0180-43a4-B05F-462D6D54C789}:C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [HKLM] -> %SystemRoot%\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm [Menu: Internet Connection Help] -> [2008/09/24 14:49:29 | 00,000,706 | ---- | M] ()
{fb5f1910-f110-11d2-bb9e-00c04f795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{fb5f1910-f110-11d2-bb9e-00c04f795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{E2D4D26B-0180-43a4-B05F-462D6D54C789} [HKLM] ->  [Internet Connection Help] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> 
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab[Windows Genuine Advantage Validation Tool] -> 
{1E54D648-B804-468d-BC78-4AFFED8E262E} [HKLM] -> http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab[System Requirements Lab Class] -> 
{20A60F0D-9AFA-4515-A0FD-83BD84642501} [HKLM] -> http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[Checkers Class] -> 
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> 
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> http://download.divx.com/player/DivXBrowserPlugin.cab[DivXBrowserPlugin Object] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?AuthParam=1216700393_42e961975d53e50d0437a73c55ee9081&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&File=jinstall-6u7-windows-i586-jc.cab[Java Plug-in 1.6.0_07] -> 
{B8BE5E93-A60C-4D26-A2DC-220313175592} [HKLM] -> http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab[MSN Games - Installer] -> 
{BD393C14-72AD-4790-A095-76522973D6B8} [HKLM] -> http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab[CBreakshotControl Class] -> 
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} [HKLM] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.3] -> 
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[MessengerStatsClient Class] -> 
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
{E6187999-9FEC-46A1-A20F-F4CA977D5643} [HKLM] -> http://messenger.zone.msn.com/binary/Chess.cab57176.cab[ZoneChess Object] -> 
{F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} [HKLM] -> https://secure.gopetslive.com/dev/GoPetsWeb.cab[GoPetsWeb Control] -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{5459ECE3-DE17-424A-81ED-010F81C934A8} ->    (NVIDIA nForce Networking Controller) -> 
{5DF7AE14-91FB-46C7-A971-83A58B97C9B8} ->    () -> 
{892900FC-9814-4488-99C0-81491C1EE93D} ->    (HP EN1207D-TX PCI 10/100 Fast Ethernet Adapter) -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
tjjrzs.dll ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
vtUnmNEt -> %SystemRoot%\system32\vtUnmNEt.dll -> [2008/10/11 10:36:39 | 00,041,984 | ---- | M] ()
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{939C24AA-FE14-4729-A095-D4BE6A53853E}" [HKLM] -> %SystemRoot%\system32\vtUnmNEt.dll [] -> [2008/10/11 10:36:39 | 00,041,984 | ---- | M] ()
< LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
C:\WINDOWS\system32\efcbxUKe ->  -> File not found
*MultiFile Done* -> -> 
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 20:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" -> C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections] -> [2006/08/08 08:54:08 | 00,036,903 | ---- | M] (Hewlett-Packard)
"C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> [2007/01/04 17:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> [2007/01/19 13:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 20:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Azureus\Azureus.exe" -> C:\Program Files\Azureus\Azureus.exe [C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus] -> [2008/04/06 00:39:21 | 00,254,976 | ---- | M] (Azureus Inc)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" -> C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections] -> [2006/08/08 08:54:08 | 00,036,903 | ---- | M] (Hewlett-Packard)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008/06/18 14:58:16 | 00,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> [2007/01/04 17:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> [2007/01/19 13:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
"C:\Program Files\NovaLogic\Delta Force Black Hawk Down\dfbhd.exe" -> C:\Program Files\NovaLogic\Delta Force Black Hawk Down\dfbhd.exe [C:\Program Files\NovaLogic\Delta Force Black Hawk Down\dfbhd.exe:*:Enabled:dfbhd] -> [2004/01/14 16:02:48 | 02,547,712 | ---- | M] ()
"C:\Program Files\NovaLogic\Delta Force Xtreme\dfx.exe" -> C:\Program Files\NovaLogic\Delta Force Xtreme\dfx.exe [C:\Program Files\NovaLogic\Delta Force Xtreme\dfx.exe:*:Enabled:dfx] -> [2005/11/08 15:19:42 | 04,497,408 | ---- | M] ()
"C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\Jointops.exe" -> C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\Jointops.exe [C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\Jointops.exe:*:Enabled:Jointops] -> [2005/10/13 19:53:34 | 04,517,888 | ---- | M] ()
"C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\UPDATE.EXE" -> C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\update.exe [C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\UPDATE.EXE:*:Enabled:UPDATE] -> [2005/09/26 14:31:48 | 00,266,240 | ---- | M] (NovaLogic)
"C:\Program Files\Silkroad\Bot\srobot.exe" -> C:\Program Files\Silkroad\Bot\srobot.exe [C:\Program Files\Silkroad\Bot\srobot.exe:*:Enabled:HookSrv] -> [2008/09/23 14:55:34 | 00,065,536 | ---- | M] ()
"C:\Program Files\Silkroad\SilkErrSender.exe" -> C:\Program Files\Silkroad\SilkErrSender.exe [C:\Program Files\Silkroad\SilkErrSender.exe:*:Enabled:FTPSender MFC ?? ????] -> [2005/01/31 17:39:32 | 00,139,264 | ---- | M] ()
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" -> C:\WINDOWS\system32\ZoneLabs\vsmon.exe [C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service] -> [2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 14:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2005/08/31 00:02:02 | 00,000,000 | ---- | M] ()
D:\AUTOEXEC.BAT [] -> D:\AUTOEXEC.BAT [ FAT32 ] -> [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
 
 
[Files/Folders - Created Within 30 Days]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2008/10/12 07:13:18 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/10/12 07:13:11 | 00,586,521 | ---- | C] ()
TeaTimer (Spybot - Search & Destroy) -> %ProgramFiles%\TeaTimer (Spybot - Search & Destroy) -> [2008/10/12 00:01:07 | 00,000,000 | ---D | C]
SDHelper (Spybot - Search & Destroy) -> %ProgramFiles%\SDHelper (Spybot - Search & Destroy) -> [2008/10/12 00:01:07 | 00,000,000 | ---D | C]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/10/11 23:55:36 | 10,722,22208 | -HS- | C] ()
bayxhtga.ini -> %SystemRoot%\System32\bayxhtga.ini -> [2008/10/11 10:45:41 | 01,079,787 | -HS- | C] ()
eKUxbcfe.ini2 -> %SystemRoot%\System32\eKUxbcfe.ini2 -> [2008/10/11 10:41:47 | 00,622,976 | -HS- | C] ()
eKUxbcfe.ini -> %SystemRoot%\System32\eKUxbcfe.ini -> [2008/10/11 10:41:47 | 00,000,000 | -HS- | C] ()
vtUnmNEt.dll -> %SystemRoot%\System32\vtUnmNEt.dll -> [2008/10/11 10:36:39 | 00,041,984 | ---- | C] ()
DAEMON Tools Lite.lnk -> %AllUsersProfile%\Desktop\DAEMON Tools Lite.lnk -> [2008/10/11 10:11:06 | 00,000,741 | ---- | C] ()
DAEMON Tools Lite -> %ProgramFiles%\DAEMON Tools Lite -> [2008/10/11 10:11:06 | 00,000,000 | ---D | C]
SystemRequirementsLab -> %ProgramFiles%\SystemRequirementsLab -> [2008/10/10 05:12:51 | 00,000,000 | ---D | C]
NVIDIA Monitor.lnk -> %UserProfile%\Desktop\NVIDIA Monitor.lnk -> [2008/10/10 04:35:59 | 00,001,749 | ---- | C] ()
nTune.lnk -> %UserProfile%\Desktop\nTune.lnk -> [2008/10/10 04:35:59 | 00,001,625 | ---- | C] ()
nview -> %SystemRoot%\nview -> [2008/10/10 03:37:31 | 00,000,000 | ---D | C]
nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [2008/10/10 03:37:30 | 00,018,070 | ---- | C] ()
RivaTuner v2.11 -> %ProgramFiles%\RivaTuner v2.11 -> [2008/10/10 02:27:10 | 00,000,000 | ---D | C]
NVIDIA nTune Performance Application -> %ProgramFiles%\NVIDIA nTune Performance Application -> [2008/10/10 02:18:50 | 00,000,000 | ---D | C]
nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [2008/10/10 01:40:51 | 00,157,486 | ---- | C] ()
Auslogics -> %ProgramFiles%\Auslogics -> [2008/10/07 22:11:13 | 00,000,000 | ---D | C]
klif.sys -> %SystemRoot%\System32\drivers\klif.sys -> [2008/10/06 18:53:10 | 00,127,768 | ---- | C] (Kaspersky Lab)
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [2008/10/06 17:58:16 | 00,000,268 | -H-- | C] ()
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [2008/10/06 17:58:16 | 00,000,244 | -H-- | C] ()
zllsputility.exe -> %SystemRoot%\zllsputility.exe -> [2008/10/06 17:30:50 | 00,075,248 | ---- | C] (Zone Labs, LLC)
libeay32_0.9.6l.dll -> %SystemRoot%\System32\libeay32_0.9.6l.dll -> [2008/10/06 17:30:33 | 00,796,048 | ---- | C] ()
vsregexp.dll -> %SystemRoot%\System32\vsregexp.dll -> [2008/10/06 17:30:33 | 00,071,144 | ---- | C] (Zone Labs, LLC)
zlcomm.dll -> %SystemRoot%\System32\zlcomm.dll -> [2008/10/06 17:30:32 | 00,083,432 | ---- | C] (Zone Labs, LLC)
zlcommdb.dll -> %SystemRoot%\System32\zlcommdb.dll -> [2008/10/06 17:30:32 | 00,071,144 | ---- | C] (Zone Labs, LLC)
vswmi.dll -> %SystemRoot%\System32\vswmi.dll -> [2008/10/06 17:30:28 | 00,046,568 | ---- | C] (Zone Labs, LLC)
zpeng24.dll -> %SystemRoot%\System32\zpeng24.dll -> [2008/10/06 17:30:27 | 01,086,952 | ---- | C] (Python Software Foundation)
vsxml.dll -> %SystemRoot%\System32\vsxml.dll -> [2008/10/06 17:30:27 | 00,099,816 | ---- | C] (Zone Labs, LLC)
vspubapi.dll -> %SystemRoot%\System32\vspubapi.dll -> [2008/10/06 17:30:26 | 00,275,944 | ---- | C] (Zone Labs, LLC)
vsmonapi.dll -> %SystemRoot%\System32\vsmonapi.dll -> [2008/10/06 17:30:26 | 00,103,912 | ---- | C] (Zone Labs, LLC)
vsdatant.sys -> %SystemRoot%\System32\vsdatant.sys -> [2008/10/06 17:30:25 | 00,394,952 | ---- | C] (Zone Labs, LLC)
vsutil.dll -> %SystemRoot%\System32\vsutil.dll -> [2008/10/06 17:29:37 | 00,472,552 | ---- | C] (Zone Labs, LLC)
vsinit.dll -> %SystemRoot%\System32\vsinit.dll -> [2008/10/06 17:29:37 | 00,157,160 | ---- | C] (Zone Labs, LLC)
vsdata.dll -> %SystemRoot%\System32\vsdata.dll -> [2008/10/06 17:29:37 | 00,083,432 | ---- | C] (Zone Labs, LLC)
fsaua.data -> %SystemDrive%\fsaua.data -> [2008/10/06 15:09:34 | 00,000,000 | ---D | C]
config.nt -> %SystemRoot%\System32\config.nt -> [2008/10/06 15:06:46 | 00,000,002 | ---- | C] ()
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [2008/10/04 17:10:04 | 09,189,408 | -HS- | C] ()
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [2008/10/04 17:10:04 | 00,124,052 | -HS- | C] ()
d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [2008/10/04 15:24:04 | 00,000,664 | ---- | C] ()
RECYCLER -> %SystemDrive%\RECYCLER -> [2008/10/03 20:36:56 | 00,000,000 | -HSD | C]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/10/03 20:13:00 | 00,002,148 | ---- | C] ()
erdnt -> %SystemRoot%\erdnt -> [2008/10/03 20:10:00 | 00,000,000 | ---D | C]
swxcacls.exe -> %SystemRoot%\swxcacls.exe -> [2008/10/03 20:05:54 | 00,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> %SystemRoot%\SWREG.exe -> [2008/10/03 20:05:54 | 00,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> %SystemRoot%\SWSC.exe -> [2008/10/03 20:05:54 | 00,136,704 | ---- | C] (SteelWerX)
sed.exe -> %SystemRoot%\sed.exe -> [2008/10/03 20:05:54 | 00,098,816 | ---- | C] ()
fdsv.exe -> %SystemRoot%\fdsv.exe -> [2008/10/03 20:05:54 | 00,089,504 | ---- | C] (Smallfrogs Studio)
grep.exe -> %SystemRoot%\grep.exe -> [2008/10/03 20:05:54 | 00,080,412 | ---- | C] ()
zip.exe -> %SystemRoot%\zip.exe -> [2008/10/03 20:05:54 | 00,068,096 | ---- | C] ()
VFind.exe -> %SystemRoot%\VFind.exe -> [2008/10/03 20:05:54 | 00,049,152 | ---- | C] ()
Nircmd.exe -> %SystemRoot%\Nircmd.exe -> [2008/10/03 20:05:54 | 00,028,672 | ---- | C] (NirSoft)
Windows Live Messenger.lnk -> %AllUsersProfile%\Desktop\Windows Live Messenger.lnk -> [2008/10/03 17:53:36 | 00,001,744 | ---- | C] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2008/10/03 14:22:15 | 00,001,742 | ---- | C] ()
Trend Micro -> %ProgramFiles%\Trend Micro -> [2008/10/03 14:22:15 | 00,000,000 | ---D | C]
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [2008/10/02 18:26:03 | 00,000,000 | ---D | C]
Spybot - Search & Destroy -> %ProgramFiles%\Spybot - Search & Destroy -> [2008/10/02 18:25:31 | 00,000,000 | ---D | C]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/10/02 17:53:56 | 00,173,872 | ---- | C] ()
Gifs -> %UserProfile%\Desktop\Gifs -> [2008/09/29 18:25:02 | 00,000,000 | ---D | C]
Thumbs.db -> %SystemRoot%\Thumbs.db -> [2008/09/28 01:25:58 | 00,007,680 | -HS- | C] ()
JO ICE Mod.lnk -> %UserProfile%\Desktop\JO ICE Mod.lnk -> [2008/09/27 15:33:14 | 00,001,937 | ---- | C] ()
Joint Operations Escalation.lnk -> %AllUsersProfile%\Desktop\Joint Operations Escalation.lnk -> [2008/09/27 14:44:30 | 00,001,949 | ---- | C] ()
Prefetch -> %SystemRoot%\Prefetch -> [2008/09/24 19:32:12 | 00,000,000 | ---D | C]
scripting -> %SystemRoot%\System32\scripting -> [2008/09/24 14:46:37 | 00,000,000 | ---D | C]
l2schemas -> %SystemRoot%\l2schemas -> [2008/09/24 14:46:37 | 00,000,000 | ---D | C]
en -> %SystemRoot%\System32\en -> [2008/09/24 14:46:37 | 00,000,000 | ---D | C]
bits -> %SystemRoot%\System32\bits -> [2008/09/24 14:46:36 | 00,000,000 | ---D | C]
ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [2008/09/24 14:45:05 | 00,000,000 | ---D | C]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [2008/09/24 14:39:39 | 00,000,000 | -H-D | C]
wmphoto.dll -> %SystemRoot%\System32\wmphoto.dll -> [2008/09/20 11:49:37 | 00,276,992 | ---- | C] (Microsoft Corporation)
wlanapi.dll -> %SystemRoot%\System32\wlanapi.dll -> [2008/09/20 11:49:35 | 00,069,120 | ---- | C] (Microsoft Corporation)
windowscodecs.dll -> %SystemRoot%\System32\windowscodecs.dll -> [2008/09/20 11:49:34 | 00,712,704 | ---- | C] (Microsoft Corporation)
windowscodecsext.dll -> %SystemRoot%\System32\windowscodecsext.dll -> [2008/09/20 11:49:34 | 00,346,112 | ---- | C] (Microsoft Corporation)
viaagp.sys -> %SystemRoot%\System32\drivers\viaagp.sys -> [2008/09/20 11:49:32 | 00,042,240 | ---- | C] (Microsoft Corporation)
wacompen.sys -> %SystemRoot%\System32\drivers\wacompen.sys -> [2008/09/20 11:49:32 | 00,014,208 | ---- | C] (Microsoft Corporation)
usbvideo.sys -> %SystemRoot%\System32\drivers\usbvideo.sys -> [2008/09/20 11:49:30 | 00,121,984 | ---- | C] (Microsoft Corporation)
usb8023x.sys -> %SystemRoot%\System32\drivers\usb8023x.sys -> [2008/09/20 11:49:30 | 00,012,800 | ---- | C] (Microsoft Corporation)
uagp35.sys -> %SystemRoot%\System32\drivers\uagp35.sys -> [2008/09/20 11:49:28 | 00,044,672 | ---- | C] (Microsoft Corporation)
tsgqec.dll -> %SystemRoot%\System32\tsgqec.dll -> [2008/09/20 11:49:27 | 00,053,248 | ---- | C] (Microsoft Corporation)
tspkg.dll -> %SystemRoot%\System32\tspkg.dll -> [2008/09/20 11:49:27 | 00,050,688 | ---- | C] (Microsoft Corporation)
spupdwxp.exe -> %SystemRoot%\System32\spupdwxp.exe -> [2008/09/20 11:49:21 | 00,020,992 | ---- | C] (Microsoft Corporation)
spdwnwxp.exe -> %SystemRoot%\System32\spdwnwxp.exe -> [2008/09/20 11:49:19 | 00,007,680 | ---- | C] (Microsoft Corporation)
smbali.sys -> %SystemRoot%\System32\drivers\smbali.sys -> [2008/09/20 11:49:18 | 00,005,888 | ---- | C] (Microsoft Corporation)
sffp_mmc.sys -> %SystemRoot%\System32\drivers\sffp_mmc.sys -> [2008/09/20 11:49:16 | 00,010,240 | ---- | C] (Microsoft Corporation)
setupn.exe -> %SystemRoot%\System32\setupn.exe -> [2008/09/20 11:49:15 | 00,032,768 | ---- | C] (Microsoft Corporation)
rhttpaa.dll -> %SystemRoot%\System32\rhttpaa.dll -> [2008/09/20 11:49:12 | 00,290,304 | ---- | C] (Microsoft Corporation)
rfcomm.sys -> %SystemRoot%\System32\drivers\rfcomm.sys -> [2008/09/20 11:49:12 | 00,059,136 | ---- | C] (Microsoft Corporation)
rndismpx.sys -> %SystemRoot%\System32\drivers\rndismpx.sys -> [2008/09/20 11:49:12 | 00,030,592 | ---- | C] (Microsoft Corporation)
rasqec.dll -> %SystemRoot%\System32\rasqec.dll -> [2008/09/20 11:49:11 | 00,061,952 | ---- | C] (Microsoft Corporation)
qutil.dll -> %SystemRoot%\System32\qutil.dll -> [2008/09/20 11:49:10 | 00,076,800 | ---- | C] (Microsoft Corporation)
qagentrt.dll -> %SystemRoot%\System32\qagentrt.dll -> [2008/09/20 11:49:09 | 00,291,328 | ---- | C] (Microsoft Corporation)
qagent.dll -> %SystemRoot%\System32\qagent.dll -> [2008/09/20 11:49:09 | 00,150,528 | ---- | C] (Microsoft Corporation)
qcliprov.dll -> %SystemRoot%\System32\qcliprov.dll -> [2008/09/20 11:49:09 | 00,062,464 | ---- | C] (Microsoft Corporation)
photometadatahandler.dll -> %SystemRoot%\System32\photometadatahandler.dll -> [2008/09/20 11:49:07 | 00,412,160 | ---- | C] (Microsoft Corporation)
onex.dll -> %SystemRoot%\System32\onex.dll -> [2008/09/20 11:49:05 | 00,144,384 | ---- | C] (Microsoft Corporation)
netwlan5.img -> %SystemRoot%\System32\drivers\netwlan5.img -> [2008/09/20 11:48:59 | 00,067,866 | ---- | C] ()
napmontr.dll -> %SystemRoot%\System32\napmontr.dll -> [2008/09/20 11:48:57 | 00,193,024 | ---- | C] (Microsoft Corporation)
napstat.exe -> %SystemRoot%\System32\napstat.exe -> [2008/09/20 11:48:57 | 00,176,640 | ---- | C] (Microsoft Corporation)
napipsec.dll -> %SystemRoot%\System32\napipsec.dll -> [2008/09/20 11:48:57 | 00,030,208 | ---- | C] (Microsoft Corporation)
mutohpen.sys -> %SystemRoot%\System32\drivers\mutohpen.sys -> [2008/09/20 11:48:57 | 00,012,672 | ---- | C] (Microsoft Corporation)
msxml6.dll -> %SystemRoot%\System32\msxml6.dll -> [2008/09/20 11:48:56 | 01,306,624 | ---- | C] (Microsoft Corporation)
msxml6.dll -> %SystemRoot%\System32\dllcache\msxml6.dll -> [2008/09/20 11:48:56 | 01,306,624 | ---- | C] (Microsoft Corporation)
msxml6r.dll -> %SystemRoot%\System32\msxml6r.dll -> [2008/09/20 11:48:56 | 00,079,872 | ---- | C] (Microsoft Corporation)
msxml6r.dll -> %SystemRoot%\System32\dllcache\msxml6r.dll -> [2008/09/20 11:48:56 | 00,079,872 | ---- | C] (Microsoft Corporation)
mssha.dll -> %SystemRoot%\System32\mssha.dll -> [2008/09/20 11:48:54 | 00,155,136 | ---- | C] (Microsoft Corporation)
msshavmsg.dll -> %SystemRoot%\System32\msshavmsg.dll -> [2008/09/20 11:48:54 | 00,076,800 | ---- | C] (Microsoft Corporation)
mmcex.dll -> %SystemRoot%\System32\mmcex.dll -> [2008/09/20 11:48:40 | 00,397,312 | ---- | C] (Microsoft Corporation)
microsoft.managementconsole.dll -> %SystemRoot%\System32\microsoft.managementconsole.dll -> [2008/09/20 11:48:40 | 00,184,320 | ---- | C] (Microsoft Corporation)
mmcfxcommon.dll -> %SystemRoot%\System32\mmcfxcommon.dll -> [2008/09/20 11:48:40 | 00,106,496 | ---- | C] (Microsoft Corporation)
mmcperf.exe -> %SystemRoot%\System32\mmcperf.exe -> [2008/09/20 11:48:40 | 00,033,792 | ---- | C] (Microsoft Corporation)
kmsvc.dll -> %SystemRoot%\System32\kmsvc.dll -> [2008/09/20 11:48:26 | 00,061,440 | ---- | C] (Microsoft Corporation)
l2gpstore.dll -> %SystemRoot%\System32\l2gpstore.dll -> [2008/09/20 11:48:26 | 00,037,376 | ---- | C] (Microsoft Corporation)
kbdpash.dll -> %SystemRoot%\System32\kbdpash.dll -> [2008/09/20 11:48:25 | 00,006,144 | ---- | C] (Microsoft Corporation)
kbdnepr.dll -> %SystemRoot%\System32\kbdnepr.dll -> [2008/09/20 11:48:25 | 00,006,144 | ---- | C] (Microsoft Corporation)
kbdiultn.dll -> %SystemRoot%\System32\kbdiultn.dll -> [2008/09/20 11:48:25 | 00,006,144 | ---- | C] (Microsoft Corporation)
kbdbhc.dll -> %SystemRoot%\System32\kbdbhc.dll -> [2008/09/20 11:48:25 | 00,006,144 | ---- | C] (Microsoft Corporation)
smtpapi.dll -> %SystemRoot%\System32\smtpapi.dll -> [2008/09/20 11:48:16 | 00,010,752 | ---- | C] (Microsoft Corporation)
rwnh.dll -> %SystemRoot%\System32\rwnh.dll -> [2008/09/20 11:48:16 | 00,009,728 | ---- | C] (Microsoft Corporation)
pid.inf -> %SystemRoot%\System32\pid.inf -> [2008/09/20 11:48:15 | 00,000,974 | ---- | C] ()
intelppm.sys -> %SystemRoot%\System32\drivers\intelppm.sys -> [2008/09/20 11:48:12 | 00,036,352 | ---- | C] (Microsoft Corporation)
comsdupd.exe -> %SystemRoot%\System32\comsdupd.exe -> [2008/09/20 11:48:12 | 00,009,728 | ---- | C] (Microsoft Corporation)
hidbth.sys -> %SystemRoot%\System32\drivers\hidbth.sys -> [2008/09/20 11:48:08 | 00,025,600 | ---- | C] (Microsoft Corporation)
gagp30kx.sys -> %SystemRoot%\System32\drivers\gagp30kx.sys -> [2008/09/20 11:48:06 | 00,046,464 | ---- | C] (Microsoft Corporation)
faxpatch.exe -> %SystemRoot%\System32\faxpatch.exe -> [2008/09/20 11:48:04 | 00,020,992 | ---- | C] (Microsoft Corporation)
eapsvc.dll -> %SystemRoot%\System32\eapsvc.dll -> [2008/09/20 11:48:03 | 00,033,792 | ---- | C] (Microsoft Corporation)
eapp3hst.dll -> %SystemRoot%\System32\eapp3hst.dll -> [2008/09/20 11:48:02 | 00,184,832 | ---- | C] (Microsoft Corporation)
eapphost.dll -> %SystemRoot%\System32\eapphost.dll -> [2008/09/20 11:48:02 | 00,180,224 | ---- | C] (Microsoft Corporation)
eappcfg.dll -> %SystemRoot%\System32\eappcfg.dll -> [2008/09/20 11:48:02 | 00,126,976 | ---- | C] (Microsoft Corporation)
eappgnui.dll -> %SystemRoot%\System32\eappgnui.dll -> [2008/09/20 11:48:02 | 00,094,208 | ---- | C] (Microsoft Corporation)
eapqec.dll -> %SystemRoot%\System32\eapqec.dll -> [2008/09/20 11:48:02 | 00,059,392 | ---- | C] (Microsoft Corporation)
eappprxy.dll -> %SystemRoot%\System32\eappprxy.dll -> [2008/09/20 11:48:02 | 00,040,960 | ---- | C] (Microsoft Corporation)
eapolqec.dll -> %SystemRoot%\System32\eapolqec.dll -> [2008/09/20 11:48:02 | 00,030,720 | ---- | C] (Microsoft Corporation)
dot3ui.dll -> %SystemRoot%\System32\dot3ui.dll -> [2008/09/20 11:47:59 | 00,650,752 | ---- | C] (Microsoft Corporation)
dot3svc.dll -> %SystemRoot%\System32\dot3svc.dll -> [2008/09/20 11:47:59 | 00,132,096 | ---- | C] (Microsoft Corporation)
dot3cfg.dll -> %SystemRoot%\System32\dot3cfg.dll -> [2008/09/20 11:47:59 | 00,057,856 | ---- | C] (Microsoft Corporation)
dot3msm.dll -> %SystemRoot%\System32\dot3msm.dll -> [2008/09/20 11:47:59 | 00,056,320 | ---- | C] (Microsoft Corporation)
dot3gpclnt.dll -> %SystemRoot%\System32\dot3gpclnt.dll -> [2008/09/20 11:47:59 | 00,039,936 | ---- | C] (Microsoft Corporation)
dot3api.dll -> %SystemRoot%\System32\dot3api.dll -> [2008/09/20 11:47:59 | 00,026,112 | ---- | C] (Microsoft Corporation)
dot3dlg.dll -> %SystemRoot%\System32\dot3dlg.dll -> [2008/09/20 11:47:59 | 00,009,216 | ---- | C] (Microsoft Corporation)
dimsroam.dll -> %SystemRoot%\System32\dimsroam.dll -> [2008/09/20 11:47:58 | 00,039,936 | ---- | C] (Microsoft Corporation)
dimsntfy.dll -> %SystemRoot%\System32\dimsntfy.dll -> [2008/09/20 11:47:58 | 00,019,456 | ---- | C] (Microsoft Corporation)
dhcpqec.dll -> %SystemRoot%\System32\dhcpqec.dll -> [2008/09/20 11:47:57 | 00,048,640 | ---- | C] (Microsoft Corporation)
cxthsfs2.cty -> %SystemRoot%\System32\drivers\cxthsfs2.cty -> [2008/09/20 11:47:56 | 00,129,045 | ---- | C] ()
credssp.dll -> %SystemRoot%\System32\credssp.dll -> [2008/09/20 11:47:55 | 00,012,800 | ---- | C] (Microsoft Corporation)
bthpan.sys -> %SystemRoot%\System32\drivers\bthpan.sys -> [2008/09/20 11:47:48 | 00,101,120 | ---- | C] (Microsoft Corporation)
bthmodem.sys -> %SystemRoot%\System32\drivers\bthmodem.sys -> [2008/09/20 11:47:48 | 00,037,888 | ---- | C] (Microsoft Corporation)
bthprint.sys -> %SystemRoot%\System32\drivers\bthprint.sys -> [2008/09/20 11:47:48 | 00,036,480 | ---- | C] (Microsoft Corporation)
bthusb.sys -> %SystemRoot%\System32\drivers\bthusb.sys -> [2008/09/20 11:47:48 | 00,018,944 | ---- | C] (Microsoft Corporation)
bthenum.sys -> %SystemRoot%\System32\drivers\bthenum.sys -> [2008/09/20 11:47:48 | 00,017,024 | ---- | C] (Microsoft Corporation)
azroles.dll -> %SystemRoot%\System32\azroles.dll -> [2008/09/20 11:47:47 | 00,233,472 | ---- | C] (Microsoft Corporation)
bitsprx4.dll -> %SystemRoot%\System32\bitsprx4.dll -> [2008/09/20 11:47:47 | 00,007,168 | ---- | C] (Microsoft Corporation)
ativmc20.cod -> %SystemRoot%\System32\drivers\ativmc20.cod -> [2008/09/20 11:47:46 | 00,064,352 | ---- | C] ()
alim1541.sys -> %SystemRoot%\System32\drivers\alim1541.sys -> [2008/09/20 11:47:41 | 00,042,752 | ---- | C] (Microsoft Corporation)
agpcpq.sys -> %SystemRoot%\System32\drivers\agpcpq.sys -> [2008/09/20 11:47:40 | 00,044,928 | ---- | C] (Microsoft Corporation)
agp440.sys -> %SystemRoot%\System32\drivers\agp440.sys -> [2008/09/20 11:47:40 | 00,042,368 | ---- | C] (Microsoft Corporation)
aaclient.dll -> %SystemRoot%\System32\aaclient.dll -> [2008/09/20 11:47:39 | 00,136,192 | ---- | C] (Microsoft Corporation)
Vso -> %AppData%\Vso -> [2008/09/19 11:10:57 | 00,000,000 | ---D | C]
VSO Image Resizer.lnk -> %UserProfile%\Desktop\VSO Image Resizer.lnk -> [2008/09/19 10:54:55 | 00,000,711 | ---- | C] ()
VSO -> %ProgramFiles%\VSO -> [2008/09/19 10:54:51 | 00,000,000 | ---D | C]
 
[Files/Folders - Modified Within 30 Days]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [2008/10/08 22:46:07 | 00,000,000 | ---D | M]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/10/10 06:20:22 | 00,005,485 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/10/10 06:20:21 | 00,006,756 | ---- | M] ()
C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works -> [2007/11/16 14:08:28 | 00,000,000 | ---D | M]
wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat -> [2006/11/12 14:12:45 | 00,016,384 | ---- | M] ()
wklntsk1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk1.dat -> [2006/11/12 14:57:44 | 00,166,221 | ---- | M] ()
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [2008/10/12 07:13:27 | 09,189,408 | -HS- | M] ()
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/10/12 07:11:54 | 00,586,521 | ---- | M] ()
My Sharing Folders.lnk -> %UserProfile%\My Documents\My Sharing Folders.lnk -> [2008/10/12 07:09:43 | 00,000,600 | ---- | M] ()
rollback.ini -> %SystemDrive%\rollback.ini -> [2008/10/12 07:09:26 | 00,000,959 | ---- | M] ()
nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [2008/10/12 07:08:46 | 00,157,486 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/10/12 05:34:01 | 00,002,148 | ---- | M] ()
vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml -> [2008/10/12 05:33:02 | 00,355,156 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/10/12 05:32:19 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/10/12 05:31:37 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/10/12 05:31:32 | 10,722,22208 | -HS- | M] ()
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [2008/10/12 05:30:28 | 00,124,052 | -HS- | M] ()
win.ini -> %SystemRoot%\win.ini -> [2008/10/12 05:29:19 | 00,000,677 | ---- | M] ()
boot.ini -> %SystemDrive%\boot.ini -> [2008/10/12 05:29:19 | 00,000,279 | RHS- | M] ()
system.ini -> %SystemRoot%\system.ini -> [2008/10/12 05:29:19 | 00,000,227 | ---- | M] ()
eKUxbcfe.ini -> %SystemRoot%\System32\eKUxbcfe.ini -> [2008/10/11 23:48:38 | 00,000,000 | -HS- | M] ()
eKUxbcfe.ini2 -> %SystemRoot%\System32\eKUxbcfe.ini2 -> [2008/10/11 23:47:24 | 00,622,976 | -HS- | M] ()
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2008/10/11 20:03:46 | 04,810,046 | -H-- | M] ()
bayxhtga.ini -> %SystemRoot%\System32\bayxhtga.ini -> [2008/10/11 10:45:54 | 01,079,787 | -HS- | M] ()
vtUnmNEt.dll -> %SystemRoot%\System32\vtUnmNEt.dll -> [2008/10/11 10:36:39 | 00,041,984 | ---- | M] ()
DAEMON Tools Lite.lnk -> %AllUsersProfile%\Desktop\DAEMON Tools Lite.lnk -> [2008/10/11 10:11:06 | 00,000,741 | ---- | M] ()
nTune.lnk -> %UserProfile%\Desktop\nTune.lnk -> [2008/10/10 04:36:00 | 00,001,625 | ---- | M] ()
NVIDIA Monitor.lnk -> %UserProfile%\Desktop\NVIDIA Monitor.lnk -> [2008/10/10 04:35:59 | 00,001,749 | ---- | M] ()
d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [2008/10/10 02:50:58 | 00,000,664 | ---- | M] ()
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [2008/10/09 22:27:04 | 00,000,284 | ---- | M] ()
loader.ini -> %SystemRoot%\loader.ini -> [2008/10/08 06:13:54 | 00,000,253 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/10/07 23:02:15 | 00,173,872 | ---- | M] ()
zllictbl.dat -> %SystemRoot%\System32\zllictbl.dat -> [2008/10/06 19:04:31 | 00,004,212 | -H-- | M] ()
config.nt -> %SystemRoot%\System32\config.nt -> [2008/10/06 18:06:04 | 00,000,002 | ---- | M] ()
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [2008/10/06 17:58:16 | 00,000,268 | -H-- | M] ()
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [2008/10/06 17:58:16 | 00,000,244 | -H-- | M] ()
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2008/10/04 18:09:52 | 00,001,374 | ---- | M] ()
WININIT.INI -> %SystemRoot%\WININIT.INI -> [2008/10/04 18:03:15 | 00,000,720 | ---- | M] ()
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2008/10/03 20:25:45 | 00,000,027 | ---- | M] ()
Windows Live Messenger.lnk -> %AllUsersProfile%\Desktop\Windows Live Messenger.lnk -> [2008/10/03 17:53:36 | 00,001,744 | ---- | M] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2008/10/03 14:22:15 | 00,001,742 | ---- | M] ()
GTA-SA_Trn_Settings.ini -> %SystemRoot%\GTA-SA_Trn_Settings.ini -> [2008/09/28 16:22:01 | 00,000,917 | ---- | M] ()
Thumbs.db -> %SystemRoot%\Thumbs.db -> [2008/09/28 01:25:58 | 00,007,680 | -HS- | M] ()
JO ICE Mod.lnk -> %UserProfile%\Desktop\JO ICE Mod.lnk -> [2008/09/27 15:33:14 | 00,001,937 | ---- | M] ()
Joint Operations Escalation.lnk -> %AllUsersProfile%\Desktop\Joint Operations Escalation.lnk -> [2008/09/27 14:44:30 | 00,001,949 | ---- | M] ()
ntldr -> %SystemDrive%\ntldr -> [2008/09/24 14:42:58 | 00,250,048 | RHS- | M] ()
VSO Image Resizer.lnk -> %UserProfile%\Desktop\VSO Image Resizer.lnk -> [2008/09/19 10:54:55 | 00,000,711 | ---- | M] ()
wklnhst.dat -> %AppData%\wklnhst.dat -> [2008/09/13 08:39:16 | 00,005,988 | ---- | M] ()
Resume.wps -> %UserProfile%\My Documents\Resume.wps -> [2008/09/13 08:33:57 | 00,020,992 | ---- | M] ()
< End of report >
[/code]