[code]
OTScanIt2 logfile created on: 11/8/2008 10:31:12 PM - Run 1
OTScanIt2 by OldTimer - Version 1.0.0.31b     Folder = C:\Documents and Settings\Administrator\Desktop\OTScanIt2
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1023.36 Mb Total Physical Memory | 658.37 Mb Available Physical Memory | 64.33% Memory free
2.41 Gb Paging File | 2.15 Gb Available in Paging File | 89.52% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 43.67 Gb Free Space | 78.15% Space Free | Partition Type: NTFS
Drive D: | 841.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NC6000
Current User Name: Administrator
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
 
[Processes - Safe List]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2004/05/15 18:27:50 | 00,397,312 | ---- | M] ()
cpqdfwag.exe -> %SystemRoot%\cpqdiag\CPQDFWAG.EXE -> [2003/03/13 16:14:02 | 00,212,992 | ---- | M] (Hewlett-Packard)
smagent.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> [2002/09/20 16:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.)
wmpnetwk.exe -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2004/05/15 18:27:50 | 00,397,312 | ---- | M] ()
agrsmmsg.exe -> %SystemRoot%\AGRSMMSG.exe -> [2005/03/04 15:01:56 | 00,088,209 | ---- | M] (Agere Systems)
syntplpr.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> [2004/11/04 18:40:08 | 00,098,394 | ---- | M] (Synaptics, Inc.)
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> [2004/11/04 18:38:54 | 00,688,218 | ---- | M] (Synaptics, Inc.)
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> [2003/07/24 15:45:00 | 00,335,872 | ---- | M] (ATI Technologies, Inc.)
bttray.exe -> %ProgramFiles%\WIDCOMM\Bluetooth Software\BTTray.exe -> [2003/09/12 11:42:00 | 00,503,869 | ---- | M] (WIDCOMM, Inc.)
ccsvchst.exe -> %ProgramFiles%\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe -> [2008/11/08 14:22:09 | 00,115,560 | R--- | M] (Symantec Corporation)
ccsvchst.exe -> %ProgramFiles%\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe -> [2008/11/08 14:22:09 | 00,115,560 | R--- | M] (Symantec Corporation)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2008/11/08 22:58:42 | 00,464,896 | ---- | M] (OldTimer Tools)
 
[Win32 Services - Safe List]
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> [2004/05/15 18:27:50 | 00,397,312 | ---- | M] ()
(btwdins) Bluetooth Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WIDCOMM\Bluetooth Software\bin\btwdins.exe -> [2003/09/12 11:32:46 | 00,135,168 | ---- | M] (WIDCOMM, Inc.)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)
(DfwWebAgent) Remote Diagnostics Enabling Agent [Win32_Own | Auto | Running] -> %SystemRoot%\cpqdiag\CPQDFWAG.EXE -> [2003/03/13 16:14:02 | 00,212,992 | ---- | M] (Hewlett-Packard)
(HPOvTrcSvc) HP OpenView Shared Trace Service [Win32_Own | Auto | Stopped] ->  -> File not found
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation)
(magaService) Lan Discover Agent [Win32_Own | On_Demand | Stopped] ->  -> File not found
(Norton AntiVirus) Norton AntiVirus [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe -> [2008/11/08 14:22:09 | 00,115,560 | R--- | M] (Symantec Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> [2005/08/02 15:18:49 | 00,086,016 | ---- | M] (CACE Technologies)
(SoundMAX Agent Service (default)) SoundMAX Agent Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> [2002/09/20 16:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
 
[Driver Services - Safe List]
(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\AGRSM.sys -> [2005/03/04 15:02:20 | 01,066,278 | ---- | M] (Agere Systems)
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> [2004/05/15 18:29:12 | 00,701,952 | ---- | M] (ATI Technologies Inc.)
(b57w2k) Broadcom NetXtreme Gigabit Ethernet [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\b57xp32.sys -> [2003/07/03 11:07:58 | 00,170,880 | R--- | M] (Broadcom Corporation)
(BHDrvx86) Symantec Heuristics Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\BHDrvx86.sys -> [2008/11/08 14:22:09 | 00,254,512 | ---- | M] (Symantec Corporation)
(BTKRNL) Bluetooth Protocol Stack [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\btkrnl.sys -> [2003/09/12 11:08:40 | 01,258,138 | ---- | M] (WIDCOMM, Inc.)
(BTSERIAL) Bluetooth Serial Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\btserial.sys -> [2003/09/12 11:12:46 | 00,022,183 | ---- | M] ()
(BTSLBCSP) Bluetooth Port Client Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\btslbcsp.sys -> [2003/09/12 11:12:14 | 00,222,876 | ---- | M] (WIDCOMM, Inc.)
(ccHP) Symantec Hash Provider [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\ccHPx86.sys -> [2008/11/08 14:22:09 | 00,362,544 | ---- | M] (Symantec Corporation)
(ClntMgmt) HP Client Management Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\Clntmgmt.sys -> [2003/03/06 09:50:16 | 00,055,336 | ---- | M] (Hewlett-Packard)
(CONAN) CONAN [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\o2mmb.sys -> [2003/07/28 18:49:00 | 00,182,101 | R--- | M] (O2 Micro )
(cpqdfw) Diagnostics Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\Cpqdfw.sys -> [2002/08/19 14:35:44 | 00,019,845 | ---- | M] ()
(cqcpu) Diagnostics CPU Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\Cqcpu.sys -> [1998/09/30 07:36:06 | 00,154,436 | ---- | M] (Microsoft Corporation)
(cq_mem) Diagnostics Memory Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\CQ_MEM.SYS -> [1999/05/19 14:00:50 | 00,018,208 | ---- | M] (Microsoft Corporation)
(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\eeCtrl.sys -> [2008/11/08 14:22:09 | 00,371,248 | ---- | M] (Symantec Corporation)
(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2008/11/08 14:22:09 | 00,099,376 | ---- | M] (Symantec Corporation)
(IDSxpx86) IDSxpx86 [Kernel | System | Stopped] -> %AllUsersProfile%\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20081108.003\IDSxpx86.sys -> [2008/11/08 14:22:09 | 00,274,808 | ---- | M] (Symantec Corporation)
(kbdhid) Keyboard HID Driver [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\kbdhid.sys -> [2008/04/13 12:39:48 | 00,014,592 | ---- | M] (Microsoft Corporation)
(kzaehguz) kzaehguz [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\kzaehguz.sys -> [2003/03/31 06:00:00 | 00,023,424 | ---- | M] (Microsoft Corporation)
(MbxStby) MbxStby [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MbxStby.sys -> [2003/07/24 08:50:00 | 00,005,689 | R--- | M] (O2 Micro)
(mf) mf [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mf.sys -> [2008/04/13 12:36:41 | 00,063,744 | ---- | M] (Microsoft Corporation)
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> %AllUsersProfile%\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081108.004\NAVENG.SYS -> [2008/11/08 14:22:09 | 00,089,104 | ---- | M] (Symantec Corporation)
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> %AllUsersProfile%\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081108.004\NAVEX15.SYS -> [2008/11/08 14:22:10 | 00,873,552 | ---- | M] (Symantec Corporation)
(nm) Network Monitor Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nmnt.sys -> [2008/04/13 12:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation)
(Novatel) Novatel Wireless Network Adapter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nwc201.sys -> [2004/04/21 10:26:14 | 00,040,064 | ---- | M] (Novatel Wireless, Inc.)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2003/03/31 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(slabbus) CP210x USB Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\slabbus.sys -> [2006/03/07 16:32:20 | 00,066,672 | ---- | M] (MCCI)
(slabser) CP210x USB to UART Bridge Controller Drivers [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\slabser.sys -> [2006/03/07 16:32:22 | 00,100,400 | ---- | M] (MCCI)
(SMCIRDA) SMC IrCC Miniport Device Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\smcirda.sys -> [2001/08/17 06:10:28 | 00,035,913 | ---- | M] (SMC)
(smwdm) smwdm [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\smwdm.sys -> [2003/10/30 09:48:46 | 00,593,408 | ---- | M] (Analog Devices, Inc.)
(SocketQuadSerial) Novatel Wireless CDMA 1.9GHz Modem driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nvtlg2k.sys -> [2004/03/23 11:26:00 | 00,048,556 | ---- | M] (Socket Communications, Inc. )
(SRTSP) SRTSP [File_System | On_Demand | Running] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\srtsp.sys -> [2008/11/08 14:22:10 | 00,305,712 | ---- | M] (Symantec Corporation)
(SRTSPX) SRTSPX [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\srtspx.sys -> [2008/11/08 14:22:10 | 00,043,696 | ---- | M] (Symantec Corporation)
(Step) Cisco Systems VPN Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\step.sys -> [2002/01/25 09:48:48 | 00,075,696 | ---- | M] (Compatible Systems Corporation)
(SYMDNS) SYMDNS [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\symdns.sys -> [2008/11/08 14:22:10 | 00,012,976 | ---- | M] (Symantec Corporation)
(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\SymEFA.sys -> [2008/11/08 14:22:10 | 00,309,296 | ---- | M] (Symantec Corporation)
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SYMEVENT.SYS -> [2008/11/08 14:22:16 | 00,124,464 | ---- | M] (Symantec Corporation)
(SYMFW) SYMFW [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\symfw.sys -> [2008/11/08 14:22:10 | 00,089,904 | ---- | M] (Symantec Corporation)
(SYMIDS) SYMIDS [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\symids.sys -> [2008/11/08 14:22:10 | 00,034,608 | ---- | M] (Symantec Corporation)
(SymIM) Symantec Network Security Intermediate Filter Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SymIM.sys -> [2008/11/08 14:22:10 | 00,035,888 | R--- | M] (Symantec Corporation)
(SymIMMP) SymIMMP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SymIM.sys -> [2008/11/08 14:22:10 | 00,035,888 | R--- | M] (Symantec Corporation)
(SYMNDIS) SYMNDIS [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\symndis.sys -> [2008/11/08 14:22:10 | 00,037,424 | ---- | M] (Symantec Corporation)
(SYMREDRV) SYMREDRV [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NAV\1000000.07D\symredrv.sys -> [2008/11/08 14:22:10 | 00,024,752 | ---- | M] (Symantec Corporation)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SynTP.sys -> [2004/11/04 18:26:42 | 00,186,016 | ---- | M] (Synaptics, Inc.)
(usbser) Motorola USB Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbser.sys -> [2008/04/13 12:45:36 | 00,026,112 | ---- | M] (Microsoft Corporation)
(usbsermpt) Motorola USB Modem Driver for MPT [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbsermpt.sys -> [2006/03/13 09:33:27 | 00,022,768 | ---- | M] (Microsoft Corporation)
(WLAN_400_500_SERVICE) HP WLAN W400/W500 Wireless Network Adapter Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ar5211.sys -> [2003/07/17 17:06:00 | 00,322,560 | ---- | M] (Atheros Communications, Inc.)
(WmiAcpi) Microsoft Windows Management Interface for ACPI [Kernel | System | Running] -> %SystemRoot%\system32\drivers\wmiacpi.sys -> [2008/04/13 12:36:38 | 00,008,832 | ---- | M] (Microsoft Corporation)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  -> 
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> 
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/ie -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Page_Transitions" ->  -> 
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.google.com -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.google.com/ -> 
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie -> 
HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/search?q=%s -> 
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
< HOSTS File > (732 bytes and 18 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{01DECB20-12B6-42C5-8792-75F8433DA325} [HKLM] -> %SystemRoot%\system32\btosifn.dll [Reg Error: Value  does not exist or could not be read.] -> [2003/09/12 11:20:04 | 00,097,280 | ---- | M] (Alcohol Soft Development Team)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 03:16:42 | 00,059,032 | ---- | M] (Adobe Systems Incorporated)
{3C7195F6-D788-4D50-BA72-2EE212EDAC78} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> %ProgramFiles%\Norton AntiVirus\Engine\16.0.0.125\IPSBHO.dll [Symantec Intrusion Prevention] -> [2008/11/08 14:22:04 | 00,107,896 | R--- | M] (Symantec Corporation)
{99FA8DA1-7667-479E-B2B1-9ECD5E76031D} [HKLM] -> %SystemRoot%\system32\yrnhwdi.dll [] -> [2003/03/31 06:00:00 | 00,104,960 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{2C0A5F28-48D8-408B-9172-9C6121025BCE}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"AGRSMMSG" -> %SystemRoot%\AGRSMMSG.exe [AGRSMMSG.exe] -> [2005/03/04 15:01:56 | 00,088,209 | ---- | M] (Agere Systems)
"ATIPTA" -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe [C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] -> [2003/07/24 15:45:00 | 00,335,872 | ---- | M] (ATI Technologies, Inc.)
"ccApp" ->  [-] -> File not found
"Cpqset" -> %ProgramFiles%\HPQ\Default Settings\cpqset.exe [C:\Program Files\HPQ\Default Settings\cpqset.exe] -> File not found
"QuickTime Task" -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2006/04/20 07:07:57 | 00,155,648 | ---- | M] (Apple Computer, Inc.)
"SprintPort" -> %ProgramFiles%\Novatel Wireless\SprintPort\SprintPortA.exe ["C:\Program Files\Novatel Wireless\SprintPort\SprintPortA.exe"] -> File not found
"Synchronization Manager" -> %SystemRoot%\system32\mobsync.exe [%SystemRoot%\system32\mobsync.exe /logon] -> [2008/04/13 18:12:26 | 00,143,360 | ---- | M] (Microsoft Corporation)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2004/11/04 18:38:54 | 00,688,218 | ---- | M] (Synaptics, Inc.)
"SynTPLpr" -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe [C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] -> [2004/11/04 18:40:08 | 00,098,394 | ---- | M] (Synaptics, Inc.)
"Wise-FTP Scheduler" ->  [] -> File not found
< RunServices [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices -> 
"CPQDFWAG" -> %SystemRoot%\cpqdiag\CPQDFWAG.EXE [C:\WINDOWS\Cpqdiag\CpqDfwAg.exe] -> [2003/03/13 16:14:02 | 00,212,992 | ---- | M] (Hewlett-Packard)
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> 
%UserProfile%\Start Menu\Programs\Startup\Wireless Connection Manager Update.lnk -> %ProgramFiles%\Novatel Wireless\WirelessConnectionManager\WiseUpdt.exe -> File not found
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2005/09/23 21:05:26 | 00,029,696 | ---- | M] (Adobe Systems Incorporated)
%AllUsersProfile%\Start Menu\Programs\Startup\BTTray.lnk -> %ProgramFiles%\WIDCOMM\Bluetooth Software\BTTray.exe -> [2003/09/12 11:42:00 | 00,503,869 | ---- | M] (WIDCOMM, Inc.)
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel
\Control Panel\\"GeneralTab" ->  [0] -> File not found
\Control Panel\\"SecurityTab" ->  [0] -> File not found
\Control Panel\\"ConnectionsTab" ->  [0] -> File not found
\Control Panel\\"ProgramsTab" ->  [0] -> File not found
\Control Panel\\"PrivacyTab" ->  [0] -> File not found
\Control Panel\\"AdvancedTab" ->  [0] -> File not found
\Control Panel\\"ResetWebSettings" ->  [0] -> File not found
\Control Panel\\"Settings" ->  [0] -> File not found
\Control Panel\\"CertifPers" ->  [0] -> File not found
\Control Panel\\"CertifSite" ->  [0] -> File not found
\Control Panel\\"CertifPub" ->  [0] -> File not found
\Control Panel\\"Profiles" ->  [0] -> File not found
\Control Panel\\"FormSuggest" ->  [0] -> File not found
\Control Panel\\"Ratings" ->  [0] -> File not found
\Control Panel\\"ContentTab" ->  [0] -> File not found
\Control Panel\\"ConnWiz Admin Lock" ->  [0] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions
\Restrictions\\"NoBrowserOptions" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [Hewlett-Packard Internal Use Only] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"DisableRegistryTools" ->  [0] -> File not found
\\"DisableTaskMgr" ->  [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)
Send To &Bluetooth -> %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2003/05/29 13:53:12 | 00,001,320 | ---- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | -HS- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5 domain(s) found. -> 
compaq.com .[*] -> Trusted sites -> 
cpqcei.net .[*] -> Trusted sites -> 
*.americas_cpqcorp.net [*] -> Trusted sites -> 
hp.com .[*] -> Trusted sites -> 
*.rooms_hp.com [*] -> Trusted sites -> 
digitalbadge.external_hp.com [https] -> Trusted sites -> 
kppkis01.can_hp.com [https] -> Trusted sites -> 
*.americas_hpqcorp.net [*] -> Trusted sites -> 
2 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{00000006-9593-4264-8B29-930B3E4EDCCD} [HKLM] -> https://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall6.cab[HPVirtualRooms6 Class] -> 
{00000008-9593-4264-8B29-930B3E4EDCCD} [HKLM] -> https://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall8.cab[HPVirtualRooms8 Class] -> 
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> http://www.apple.com/qtactivex/qtplugin.cab[QuickTime Object] -> 
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> 
{1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} [HKLM] -> http://www3.authentium.com/cssrelease/bin/wizard.exe[CNavigationManager Object] -> 
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> 
{2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} [HKLM] -> http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.5.0.cab[DownloadManager Control] -> 
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [HKLM] -> http://office.microsoft.com/officeupdate/content/opuc3.cab[Office Update Installation Engine] -> 
{4D069C94-DC1A-4A92-A339-CA5614D9B6D5} [HKLM] -> https://16.80.150.18/ResourceManager/NGShell.cab[NGShell Control] -> 
{6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189298020317[WUWebControl Class] -> 
{6A344D34-5231-452A-8A57-D064AC9B7862} [HKLM] -> https://webdl.symantec.com/activex/symdlmgr.cab[Symantec Download Manager] -> 
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195001000515[MUWebControl Class] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> 
{A1BFBE93-8D91-427C-965B-72088CFAADF4} [HKLM] -> https://digitalbadge.external.hp.com/vpn/vscertdel.cab[CCertificateDelete Object] -> 
{A996E48C-D3DC-4244-89F7-AFA33EC60679} [HKLM] -> https://digitalbadge.external.hp.com/vpn/capicom.cab[Settings Class] -> 
{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[Shockwave Flash Object] -> 
{D4B05742-9387-4B10-8909-FAC88D61A002} [HKLM] -> https://digitalbadge.external.hp.com/vpn/ngPKIsigned.dll[ngPKI Class] -> 
Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{19663CB6-C60D-4F73-8D17-CA1F246CB19C} ->    (Broadcom NetXtreme Gigabit Ethernet) -> 
{6EAE2FE4-0375-4620-8A1A-0F9E1FCDCAEF} ->    (Novatel Wireless Network Adapter) -> 
{D6FA6AA7-8E25-44F0-B6C2-D6F449E6400B} ->    (HP WLAN 802.11b/g W400) -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> [2004/05/15 18:27:54 | 00,086,016 | ---- | M] ()
ddd -> %SystemRoot%\system32\yrnhwdi.dll -> [2003/03/31 06:00:00 | 00,104,960 | ---- | M] ()
NavLogon ->  -> File not found
qwqxxpnz -> %SystemRoot%\system32\yrnhwdi.dll -> [2003/03/31 06:00:00 | 00,104,960 | ---- | M] ()
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 18:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 18:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Documents and Settings\Administrator\Application Data\U3\000018519474473A\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe" -> C:\Documents and Settings\Administrator\Application Data\U3\000018519474473A\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe [C:\Documents and Settings\Administrator\Application Data\U3\000018519474473A\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:*:Enabled:Skype] -> File not found
"C:\Program Files\AceBIT\WISE-FTP\wise_ftp.exe" -> C:\Program Files\AceBIT\WISE-FTP\wise_ftp.exe [C:\Program Files\AceBIT\WISE-FTP\wise_ftp.exe:*:Enabled:WISE-FTP application executable] -> [2003/08/29 15:31:00 | 04,100,608 | ---- | M] (AceBIT GmbH)
"C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe" -> C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe [C:\Program Files\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe:*:Enabled:Symantec Service Framework] -> [2008/11/08 14:22:09 | 00,115,560 | R--- | M] (Symantec Corporation)
"C:\Program Files\SolarWinds\Engineers Edition\TFTP-Server.exe" -> C:\Program Files\SolarWinds\Engineers Edition\TFTP-Server.exe [C:\Program Files\SolarWinds\Engineers Edition\TFTP-Server.exe:*:Enabled:SolarWinds.Net TFTP Server] -> [2005/06/14 16:11:30 | 00,374,440 | ---- | M] (SolarWinds.Net)
"C:\WINDOWS\system32\wah8mp3d.exe" -> C:\WINDOWS\system32\wah8mp3d.exe [C:\WINDOWS\system32\wah8mp3d.exe:*:Disabled:wah8mp3d] -> File not found
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 12:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2005/12/22 08:50:03 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\E
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell
\E\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun
\E\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
 
 
[Files/Folders - Created Within 30 Days]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2008/11/08 22:29:45 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/11/08 22:29:24 | 00,635,463 | ---- | C] ()
HiJackThis.exe -> %UserProfile%\Desktop\HiJackThis.exe -> [2008/11/08 21:32:02 | 00,401,720 | ---- | C] (Trend Micro Inc.)
ERDNT -> %SystemRoot%\ERDNT -> [2008/11/08 21:27:27 | 00,000,000 | ---D | C]
ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [2008/11/08 21:26:46 | 00,000,592 | ---- | C] ()
ERUNT -> %ProgramFiles%\ERUNT -> [2008/11/08 21:26:44 | 00,000,000 | ---D | C]
erunt_setup.exe -> %UserProfile%\Desktop\erunt_setup.exe -> [2008/11/08 21:25:52 | 00,791,393 | ---- | C] (Lars Hederer                                                )
SysRestorePoint_v13 -> %UserProfile%\Desktop\SysRestorePoint_v13 -> [2008/11/08 21:24:44 | 00,000,000 | ---D | C]
Compaq -> %SystemDrive%\Compaq -> [2008/11/08 21:10:23 | 00,000,000 | ---D | C]
outlook express -> %ProgramFiles%\outlook express -> [2008/11/08 21:10:13 | 00,000,000 | ---D | C]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/11/08 21:10:06 | 10,731,39712 | -HS- | C] ()
FixVundo.exe -> %UserProfile%\Desktop\FixVundo.exe -> [2008/11/08 19:28:07 | 00,173,456 | ---- | C] (Symantec Corporation)
Malwarebytes -> %AppData%\Malwarebytes -> [2008/11/08 17:19:16 | 00,000,000 | ---D | C]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/11/08 17:19:12 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2008/11/08 17:19:12 | 00,000,696 | ---- | C] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/11/08 17:19:09 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2008/11/08 17:19:07 | 00,000,000 | ---D | C]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2008/11/08 17:19:07 | 00,000,000 | ---D | C]
mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> [2008/11/08 17:17:42 | 02,372,472 | ---- | C] (Malwarebytes Corporation                                    )
nsreg.dat -> %SystemRoot%\nsreg.dat -> [2008/11/08 16:57:29 | 00,000,000 | ---- | C] ()
Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [2008/11/08 16:57:24 | 00,000,000 | ---D | C]
Mozilla Firefox -> %ProgramFiles%\Mozilla Firefox -> [2008/11/08 16:57:06 | 00,000,000 | ---D | C]
Norton Support -> %ProgramFiles%\Norton Support -> [2008/11/08 16:21:27 | 00,000,000 | ---D | C]
Cat.DB -> %SystemRoot%\System32\drivers\NAV\1000000.07D\Cat.DB -> [2008/11/08 14:22:36 | 00,616,328 | ---- | C] ()
SymIM.sys -> %SystemRoot%\System32\drivers\SymIM.sys -> [2008/11/08 14:22:21 | 00,035,888 | R--- | C] (Symantec Corporation)
SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> [2008/11/08 14:22:16 | 00,124,464 | ---- | C] (Symantec Corporation)
S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> [2008/11/08 14:22:16 | 00,060,808 | ---- | C] (Symantec Corporation)
SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [2008/11/08 14:22:16 | 00,010,635 | ---- | C] ()
SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [2008/11/08 14:22:16 | 00,000,806 | ---- | C] ()
Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [2008/11/08 14:22:16 | 00,000,000 | ---D | C]
Symantec -> %ProgramFiles%\Symantec -> [2008/11/08 14:22:16 | 00,000,000 | ---D | C]
SymEFA.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.sys -> [2008/11/08 14:22:10 | 00,309,296 | ---- | C] (Symantec Corporation)
srtsp.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.sys -> [2008/11/08 14:22:10 | 00,305,712 | ---- | C] (Symantec Corporation)
symtdi.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symtdi.sys -> [2008/11/08 14:22:10 | 00,198,192 | ---- | C] (Symantec Corporation)
symfw.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symfw.sys -> [2008/11/08 14:22:10 | 00,089,904 | ---- | C] (Symantec Corporation)
srtspx.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.sys -> [2008/11/08 14:22:10 | 00,043,696 | ---- | C] (Symantec Corporation)
symndisv.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symndisv.sys -> [2008/11/08 14:22:10 | 00,040,496 | ---- | C] (Symantec Corporation)
symndis.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symndis.sys -> [2008/11/08 14:22:10 | 00,037,424 | ---- | C] (Symantec Corporation)
symids.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symids.sys -> [2008/11/08 14:22:10 | 00,034,608 | ---- | C] (Symantec Corporation)
symredrv.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symredrv.sys -> [2008/11/08 14:22:10 | 00,024,752 | ---- | C] (Symantec Corporation)
symdns.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symdns.sys -> [2008/11/08 14:22:10 | 00,012,976 | ---- | C] (Symantec Corporation)
BHDrvx86.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.sys -> [2008/11/08 14:22:09 | 00,254,512 | ---- | C] (Symantec Corporation)
SymEFA.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.inf -> [2008/11/08 14:22:00 | 00,003,375 | ---- | C] ()
SymNet.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymNet.inf -> [2008/11/08 14:22:00 | 00,001,611 | ---- | C] ()
srtspx.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.inf -> [2008/11/08 14:22:00 | 00,001,389 | ---- | C] ()
srtsp.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.inf -> [2008/11/08 14:22:00 | 00,001,383 | ---- | C] ()
BHDrvx86.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.inf -> [2008/11/08 14:22:00 | 00,000,641 | ---- | C] ()
isolate.ini -> %SystemRoot%\System32\drivers\NAV\1000000.07D\isolate.ini -> [2008/11/08 14:22:00 | 00,000,172 | ---- | C] ()
SymNet.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymNet.cat -> [2008/11/08 14:21:54 | 00,013,089 | ---- | C] ()
SymEFA.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.cat -> [2008/11/08 14:21:54 | 00,010,659 | ---- | C] ()
srtspx.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.cat -> [2008/11/08 14:21:54 | 00,010,621 | ---- | C] ()
srtsp.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.cat -> [2008/11/08 14:21:54 | 00,010,617 | ---- | C] ()
BHDrvx86.CAT -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.CAT -> [2008/11/08 14:21:54 | 00,010,613 | ---- | C] ()
NAV -> %SystemRoot%\System32\drivers\NAV -> [2008/11/08 14:21:54 | 00,000,000 | ---D | C]
1000000.07D -> %SystemRoot%\System32\drivers\NAV\1000000.07D -> [2008/11/08 14:21:54 | 00,000,000 | ---D | C]
Windows Sidebar -> %ProgramFiles%\Windows Sidebar -> [2008/11/08 14:21:51 | 00,000,000 | ---D | C]
Norton AntiVirus -> %ProgramFiles%\Norton AntiVirus -> [2008/11/08 14:21:51 | 00,000,000 | ---D | C]
Norton -> %AllUsersProfile%\Application Data\Norton -> [2008/11/08 14:21:39 | 00,000,000 | ---D | C]
NortonInstaller -> %ProgramFiles%\NortonInstaller -> [2008/11/08 14:21:35 | 00,000,000 | ---D | C]
NortonInstaller -> %AllUsersProfile%\Application Data\NortonInstaller -> [2008/11/08 14:21:35 | 00,000,000 | ---D | C]
PrepLogic -> %AppData%\PrepLogic -> [2008/11/06 21:49:46 | 00,000,000 | ---D | C]
fusioncache.dat -> %UserProfile%\Local Settings\Application Data\fusioncache.dat -> [2008/11/06 21:49:39 | 00,000,136 | ---- | C] ()
ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory -> [2008/11/06 21:49:36 | 00,000,000 | ---D | C]
ParetoLogic Registration.job -> %SystemRoot%\tasks\ParetoLogic Registration.job -> [2008/11/06 21:32:19 | 00,000,458 | ---- | C] ()
ParetoLogic -> %AppData%\ParetoLogic -> [2008/11/06 21:07:10 | 00,000,000 | ---D | C]
ParetoLogic -> %AllUsersProfile%\Application Data\ParetoLogic -> [2008/11/06 21:06:55 | 00,000,000 | ---D | C]
Downloaded Installations -> %AllUsersProfile%\Application Data\Downloaded Installations -> [2008/11/06 21:06:27 | 00,000,000 | ---D | C]
IGUltraGrid20.ocx -> %SystemRoot%\System32\IGUltraGrid20.ocx -> [2008/11/06 18:24:40 | 01,140,472 | ---- | C] (Infragistics, Inc.)
AS-Exp2.ocx -> %SystemRoot%\System32\AS-Exp2.ocx -> [2008/11/06 18:24:40 | 00,265,753 | ---- | C] (Ariad Software)
systray.ocx -> %SystemRoot%\System32\systray.ocx -> [2008/11/06 18:24:40 | 00,028,672 | ---- | C] (Microsoft Corporation)
md5.dll -> %SystemRoot%\System32\md5.dll -> [2008/11/06 18:24:39 | 00,010,752 | ---- | C] (                      )
BPS Remover -> %ProgramFiles%\BPS Remover -> [2008/11/06 18:24:38 | 00,000,000 | ---D | C]
MSADODC.ocx -> %SystemRoot%\System32\MSADODC.ocx -> [2008/11/06 18:19:49 | 00,131,856 | ---- | C] (Microsoft Corporation)
Flash.ocx -> %SystemRoot%\System32\Flash.ocx -> [2008/11/06 18:19:48 | 02,267,368 | ---- | C] (Adobe Systems, Inc.)
XceedCry.dll -> %SystemRoot%\System32\XceedCry.dll -> [2008/11/06 18:19:48 | 00,512,688 | ---- | C] (Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com)
XceedBkp.dll -> %SystemRoot%\System32\XceedBkp.dll -> [2008/11/06 18:19:48 | 00,423,784 | ---- | C] (Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com)
ACTSKN43.OCX -> %SystemRoot%\System32\ACTSKN43.OCX -> [2008/11/06 18:19:48 | 00,389,120 | ---- | C] ()
ProgressBar4.ocx -> %SystemRoot%\System32\ProgressBar4.ocx -> [2008/11/06 18:19:48 | 00,089,088 | ---- | C] (Ariad Software)
threadapi.tlb -> %SystemRoot%\System32\threadapi.tlb -> [2008/11/06 18:19:47 | 00,011,012 | ---- | C] ()
Mozilla -> %AppData%\Mozilla -> [2008/11/03 19:47:56 | 00,000,000 | ---D | C]
nyjiurnt -> %AppData%\nyjiurnt -> [2008/11/03 19:47:55 | 00,000,000 | ---D | C]
1&1 -> %AppData%\1&1 -> [2008/11/02 11:01:12 | 00,000,000 | ---D | C]
1&1 -> %ProgramFiles%\1&1 -> [2008/11/02 11:01:07 | 00,000,000 | ---D | C]
U3 -> %AppData%\U3 -> [2008/11/02 08:46:55 | 00,000,000 | ---D | C]
Manuals -> %SystemDrive%\Manuals -> [2008/11/01 17:53:09 | 00,000,000 | ---D | C]
btosifn.dll -> %SystemRoot%\System32\btosifn.dll -> [2008/10/31 21:53:59 | 00,097,280 | ---- | C] (Alcohol Soft Development Team)
docsdiag -> %SystemDrive%\docsdiag -> [2008/10/26 19:10:45 | 00,000,000 | ---D | C]
SP3-Fix -> %AllUsersProfile%\Documents\SP3-Fix -> [2008/10/24 21:05:59 | 00,000,000 | ---D | C]
Adobe -> %SystemRoot%\System32\Adobe -> [2008/10/24 18:14:22 | 00,000,000 | ---D | C]
Angel-One-Software-v2.6-Upgrade-Bundle.zip -> %UserProfile%\Desktop\Angel-One-Software-v2.6-Upgrade-Bundle.zip -> [2008/10/24 17:14:11 | 04,641,444 | ---- | C] ()
netapi32.dll -> %SystemRoot%\System32\dllcache\netapi32.dll -> [2008/10/23 15:38:03 | 00,337,408 | ---- | C] (Microsoft Corporation)
Crystal_Nelson_ Student_ID.jpg -> %UserProfile%\My Documents\Crystal_Nelson_ Student_ID.jpg -> [2008/10/22 20:07:00 | 00,073,156 | ---- | C] ()
srv.sys -> %SystemRoot%\System32\dllcache\srv.sys -> [2008/10/16 17:16:18 | 00,333,824 | ---- | C] (Microsoft Corporation)
win32k.sys -> %SystemRoot%\System32\dllcache\win32k.sys -> [2008/10/16 17:15:38 | 01,846,400 | ---- | C] (Microsoft Corporation)
ntkrnlmp.exe -> %SystemRoot%\System32\dllcache\ntkrnlmp.exe -> [2008/10/16 17:15:31 | 02,145,280 | ---- | C] (Microsoft Corporation)
ntoskrnl.exe -> %SystemRoot%\System32\dllcache\ntoskrnl.exe -> [2008/10/16 17:15:30 | 02,189,184 | ---- | C] (Microsoft Corporation)
ntkrpamp.exe -> %SystemRoot%\System32\dllcache\ntkrpamp.exe -> [2008/10/16 17:15:29 | 02,023,936 | ---- | C] (Microsoft Corporation)
ntkrnlpa.exe -> %SystemRoot%\System32\dllcache\ntkrnlpa.exe -> [2008/10/16 17:15:27 | 02,066,048 | ---- | C] (Microsoft Corporation)
Brother -> %AppData%\Brother -> [2008/10/14 16:30:38 | 00,000,000 | R--D | C]
BRVIDEO.INI -> %SystemRoot%\BRVIDEO.INI -> [2008/10/14 16:30:00 | 00,000,012 | ---- | C] ()
brmx2001.ini -> %SystemRoot%\brmx2001.ini -> [2008/10/14 16:30:00 | 00,000,000 | ---- | C] ()
BRWMARK.INI -> %SystemRoot%\BRWMARK.INI -> [2008/10/14 16:29:43 | 00,000,410 | ---- | C] ()
Pdrvinst.dll -> %SystemRoot%\System32\Pdrvinst.dll -> [2008/10/14 16:29:25 | 00,192,512 | ---- | C] (brother)
BROSNMP.DLL -> %SystemRoot%\System32\BROSNMP.DLL -> [2008/10/14 16:29:25 | 00,176,128 | ---- | C] (Brother Industries, Ltd.)
BRRBTOOL.EXE -> %SystemRoot%\System32\BRRBTOOL.EXE -> [2008/10/14 16:29:25 | 00,094,208 | ---- | C] (Brother Industries Ltd)
BRLM03A.DLL -> %SystemRoot%\System32\BRLM03A.DLL -> [2008/10/14 16:29:25 | 00,024,223 | ---- | C] (brother Industries Ltd)
Brownie.ini -> %SystemRoot%\Brownie.ini -> [2008/10/14 16:28:49 | 00,000,238 | ---- | C] ()
Brother -> %AllUsersProfile%\Application Data\Brother -> [2008/10/14 15:49:59 | 00,000,000 | ---D | C]
Inetpub -> %SystemDrive%\Inetpub -> [2008/10/10 13:17:00 | 00,000,000 | ---D | C]
 
[Files/Folders - Modified Within 30 Days]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [2005/12/23 08:27:34 | 00,000,000 | ---D | M]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/11/04 15:58:15 | 00,004,232 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/11/04 15:58:14 | 00,005,523 | ---- | M] ()
C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [2005/12/23 08:24:06 | 00,000,000 | ---D | M]
opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2005/12/23 09:21:57 | 00,008,206 | ---- | M] ()
C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [2008/11/08 21:49:44 | 00,000,000 | ---D | M]
Perflib_Perfdata_be8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_be8.dat -> [2008/11/08 21:12:01 | 00,016,384 | ---- | M] ()
1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2008/11/08 22:29:25 | 00,635,463 | ---- | M] ()
HiJackThis.exe -> %UserProfile%\Desktop\HiJackThis.exe -> [2008/11/08 21:32:02 | 00,401,720 | ---- | M] (Trend Micro Inc.)
ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [2008/11/08 21:26:46 | 00,000,592 | ---- | M] ()
erunt_setup.exe -> %UserProfile%\Desktop\erunt_setup.exe -> [2008/11/08 21:25:53 | 00,791,393 | ---- | M] (Lars Hederer                                                )
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008/11/08 21:14:52 | 00,481,850 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2008/11/08 21:14:52 | 00,409,800 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2008/11/08 21:14:52 | 00,064,774 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/11/08 21:10:43 | 00,002,206 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/11/08 21:10:16 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/11/08 21:10:11 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/11/08 21:10:06 | 10,731,39712 | -HS- | M] ()
FixVundo.exe -> %UserProfile%\Desktop\FixVundo.exe -> [2008/11/08 19:28:07 | 00,173,456 | ---- | M] (Symantec Corporation)
ParetoLogic Registration.job -> %SystemRoot%\tasks\ParetoLogic Registration.job -> [2008/11/08 18:08:16 | 00,000,458 | ---- | M] ()
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2008/11/08 17:19:12 | 00,000,696 | ---- | M] ()
mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> [2008/11/08 17:17:42 | 02,372,472 | ---- | M] (Malwarebytes Corporation                                    )
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2008/11/08 17:06:16 | 00,004,566 | ---- | M] ()
nsreg.dat -> %SystemRoot%\nsreg.dat -> [2008/11/08 16:57:29 | 00,000,000 | ---- | M] ()
Cat.DB -> %SystemRoot%\System32\drivers\NAV\1000000.07D\Cat.DB -> [2008/11/08 14:22:42 | 00,616,328 | ---- | M] ()
SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> [2008/11/08 14:22:16 | 00,124,464 | ---- | M] (Symantec Corporation)
S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> [2008/11/08 14:22:16 | 00,060,808 | ---- | M] (Symantec Corporation)
SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [2008/11/08 14:22:16 | 00,010,635 | ---- | M] ()
SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [2008/11/08 14:22:16 | 00,000,806 | ---- | M] ()
SymEFA.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.sys -> [2008/11/08 14:22:10 | 00,309,296 | ---- | M] (Symantec Corporation)
srtsp.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.sys -> [2008/11/08 14:22:10 | 00,305,712 | ---- | M] (Symantec Corporation)
symtdi.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symtdi.sys -> [2008/11/08 14:22:10 | 00,198,192 | ---- | M] (Symantec Corporation)
symfw.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symfw.sys -> [2008/11/08 14:22:10 | 00,089,904 | ---- | M] (Symantec Corporation)
srtspx.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.sys -> [2008/11/08 14:22:10 | 00,043,696 | ---- | M] (Symantec Corporation)
symndisv.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symndisv.sys -> [2008/11/08 14:22:10 | 00,040,496 | ---- | M] (Symantec Corporation)
symndis.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symndis.sys -> [2008/11/08 14:22:10 | 00,037,424 | ---- | M] (Symantec Corporation)
SymIM.sys -> %SystemRoot%\System32\drivers\SymIM.sys -> [2008/11/08 14:22:10 | 00,035,888 | R--- | M] (Symantec Corporation)
symids.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symids.sys -> [2008/11/08 14:22:10 | 00,034,608 | ---- | M] (Symantec Corporation)
symredrv.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symredrv.sys -> [2008/11/08 14:22:10 | 00,024,752 | ---- | M] (Symantec Corporation)
symdns.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\symdns.sys -> [2008/11/08 14:22:10 | 00,012,976 | ---- | M] (Symantec Corporation)
BHDrvx86.sys -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.sys -> [2008/11/08 14:22:09 | 00,254,512 | ---- | M] (Symantec Corporation)
SymEFA.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.inf -> [2008/11/08 14:22:00 | 00,003,375 | ---- | M] ()
SymNet.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymNet.inf -> [2008/11/08 14:22:00 | 00,001,611 | ---- | M] ()
srtspx.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.inf -> [2008/11/08 14:22:00 | 00,001,389 | ---- | M] ()
srtsp.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.inf -> [2008/11/08 14:22:00 | 00,001,383 | ---- | M] ()
BHDrvx86.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.inf -> [2008/11/08 14:22:00 | 00,000,641 | ---- | M] ()
isolate.ini -> %SystemRoot%\System32\drivers\NAV\1000000.07D\isolate.ini -> [2008/11/08 14:22:00 | 00,000,172 | ---- | M] ()
SymNet.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymNet.cat -> [2008/11/08 14:21:54 | 00,013,089 | ---- | M] ()
SymEFA.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.cat -> [2008/11/08 14:21:54 | 00,010,659 | ---- | M] ()
srtspx.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.cat -> [2008/11/08 14:21:54 | 00,010,621 | ---- | M] ()
srtsp.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.cat -> [2008/11/08 14:21:54 | 00,010,617 | ---- | M] ()
BHDrvx86.CAT -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.CAT -> [2008/11/08 14:21:54 | 00,010,613 | ---- | M] ()
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2008/11/08 13:51:22 | 00,000,732 | ---- | M] ()
fusioncache.dat -> %UserProfile%\Local Settings\Application Data\fusioncache.dat -> [2008/11/06 21:49:39 | 00,000,136 | ---- | M] ()
Brownie.ini -> %SystemRoot%\Brownie.ini -> [2008/11/06 19:23:28 | 00,000,238 | ---- | M] ()
BRVIDEO.INI -> %SystemRoot%\BRVIDEO.INI -> [2008/11/06 19:23:28 | 00,000,012 | ---- | M] ()
Cpqdiag.ini -> %SystemRoot%\Cpqdiag.ini -> [2008/11/05 16:51:49 | 00,001,074 | ---- | M] ()
ACT_CFG.INI -> %SystemRoot%\ACT_CFG.INI -> [2008/11/05 16:51:48 | 00,001,732 | ---- | M] ()
Angel-One-Software-v2.6-Upgrade-Bundle.zip -> %UserProfile%\Desktop\Angel-One-Software-v2.6-Upgrade-Bundle.zip -> [2008/10/24 17:14:11 | 04,641,444 | ---- | M] ()
Crystal_Nelson_ Student_ID.jpg -> %UserProfile%\My Documents\Crystal_Nelson_ Student_ID.jpg -> [2008/10/22 20:07:00 | 00,073,156 | ---- | M] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/10/22 16:10:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/10/22 16:10:22 | 00,015,504 | ---- | M] (Malwarebytes Corporation)
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/10/16 19:40:42 | 00,204,120 | ---- | M] ()
win.ini -> %SystemRoot%\win.ini -> [2008/10/16 19:07:13 | 00,000,910 | ---- | M] ()
hpbafd.ini -> %SystemRoot%\hpbafd.ini -> [2008/10/16 17:57:33 | 00,000,178 | ---- | M] ()
netapi32.dll -> %SystemRoot%\System32\netapi32.dll -> [2008/10/15 10:34:24 | 00,337,408 | ---- | M] (Microsoft Corporation)
netapi32.dll -> %SystemRoot%\System32\dllcache\netapi32.dll -> [2008/10/15 10:34:24 | 00,337,408 | ---- | M] (Microsoft Corporation)
brmx2001.ini -> %SystemRoot%\brmx2001.ini -> [2008/10/14 16:30:00 | 00,000,000 | ---- | M] ()
BRWMARK.INI -> %SystemRoot%\BRWMARK.INI -> [2008/10/14 16:29:43 | 00,000,410 | ---- | M] ()
QTSBandwidthCache -> %AllUsersProfile%\Application Data\QTSBandwidthCache -> [2008/10/10 18:10:51 | 00,001,367 | ---- | M] ()
< End of report >
[/code]