[code] OTS logfile created on: 8/19/2009 2:43:13 AM - Run 4 OTS by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Neil\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 69.01% Memory free 2.60 Gb Paging File | 2.15 Gb Available in Paging File | 82.79% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 52.44 Gb Total Space | 19.68 Gb Free Space | 37.53% Space Free | Partition Type: NTFS Drive D: | 14.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive E: | 3.38 Gb Total Space | 0.39 Gb Free Space | 11.62% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 3.74 Gb Total Space | 2.76 Gb Free Space | 73.85% Space Free | Partition Type: FAT32 Drive I: | 465.76 Gb Total Space | 49.68 Gb Free Space | 10.67% Space Free | Partition Type: NTFS Computer Name: NEILMETZLER Current User Name: Neil Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] 1xconfig.exe -> C:\Program Files\Intel\Wireless\Bin\1XConfig.exe -> [2004/09/07 23:03:40 | 00,245,760 | ---- | M] (Intel) 764556.exe -> C:\WINDOWS\System32\9CEF43\764556.EXE -> [2009/03/31 14:51:32 | 01,405,739 | RHS- | M] () avgnsx.exe -> C:\Program Files\AVG\AVG8\avgnsx.exe -> [2009/06/29 10:20:11 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) avgrsx.exe -> C:\Program Files\AVG\AVG8\avgrsx.exe -> [2009/08/04 06:59:49 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) avgtray.exe -> C:\Program Files\AVG\AVG8\avgtray.exe -> [2009/06/29 10:20:08 | 01,948,440 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files\AVG\AVG8\avgwdsvc.exe -> [2009/08/04 06:59:24 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) calmain.exe -> C:\Program Files\Canon\CAL\CALMAIN.exe -> [2005/10/01 02:22:50 | 00,096,341 | ---- | M] (Canon Inc.) evteng.exe -> C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -> [2004/09/07 23:02:40 | 00,086,016 | ---- | M] (Intel Corporation) explorer.exe -> C:\WINDOWS\Explorer.EXE -> [2008/04/14 02:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) fabrikhomebackup.exe -> C:\Program Files\Fabrik Ultimate Backup\fabrikhomebackup.exe -> [2009/02/09 08:04:48 | 00,045,888 | ---- | M] (Fabrik, Inc.) lexbces.exe -> C:\WINDOWS\System32\LEXBCES.EXE -> [2004/03/04 18:30:48 | 00,311,296 | ---- | M] (Lexmark International, Inc.) lexpps.exe -> C:\WINDOWS\System32\LEXPPS.EXE -> [2004/03/04 18:26:20 | 00,174,592 | ---- | M] (Lexmark International, Inc.) nicconfigsvc.exe -> C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> [2005/03/04 06:29:02 | 00,356,352 | ---- | M] (Dell Inc.) ots.exe -> C:\Documents and Settings\Neil\Desktop\OTS.exe -> [2009/08/19 01:57:51 | 00,514,048 | ---- | M] (OldTimer Tools) regsrvc.exe -> C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -> [2004/09/07 23:02:04 | 00,139,264 | ---- | M] (Intel Corporation) s24evmon.exe -> C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -> [2004/09/07 23:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) taskmgr.exe -> C:\WINDOWS\System32\taskmgr.exe -> [2008/04/14 02:12:37 | 00,135,680 | ---- | M] (Microsoft Corporation) wlkeeper.exe -> C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -> [2004/09/07 23:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) wmiprvse.exe -> C:\WINDOWS\System32\wbem\wmiprvse.exe -> [2009/02/06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) zcfgsvc.exe -> C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe -> [2004/09/07 23:08:02 | 00,389,120 | ---- | M] (Intel Corporation) [Win32 Services - Safe List] (aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Disabled | Stopped] -> C:\WINDOWS\System32\Ati2evxx.exe -> [2005/05/13 09:43:50 | 00,364,544 | ---- | M] (ATI Technologies Inc.) (avg8wd) AVG Free8 WatchDog [Win32_Own | Auto | Running] -> C:\Program Files\AVG\AVG8\avgwdsvc.exe -> [2009/08/04 06:59:24 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) (CCALib8) Canon Camera Access Library 8 [Win32_Own | Auto | Running] -> C:\Program Files\Canon\CAL\CALMAIN.exe -> [2005/10/01 02:22:50 | 00,096,341 | ---- | M] (Canon Inc.) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) (EvtEng) EvtEng [Win32_Own | Auto | Running] -> C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -> [2004/09/07 23:02:40 | 00,086,016 | ---- | M] (Intel Corporation) (fabrikhomebackup) Fabrik Ultimate Backup Backup Service [Win32_Own | Auto | Running] -> C:\Program Files\Fabrik Ultimate Backup\fabrikhomebackup.exe -> [2009/02/09 08:04:48 | 00,045,888 | ---- | M] (Fabrik, Inc.) (getPlus(R) Helper) getPlus(R) Helper [Win32_Own | On_Demand | Stopped] -> C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -> [2008/08/29 10:01:22 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) (gusvc) Google Software Updater [Win32_Own | Auto | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/03/26 03:10:17 | 00,183,280 | ---- | M] (Google) (helpsvc) Help and Support [Win32_Shared | Auto | Running] -> C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/14 02:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 06:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) (iPod Service) iPod Service [Win32_Own | Disabled | Stopped] -> C:\Program Files\iPod\bin\iPodService.exe -> [2006/09/25 20:54:22 | 00,451,136 | ---- | M] (Apple Computer, Inc.) (LexBceS) LexBce Server [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\LEXBCES.EXE -> [2004/03/04 18:30:48 | 00,311,296 | ---- | M] (Lexmark International, Inc.) (NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> [2005/03/04 06:29:02 | 00,356,352 | ---- | M] (Dell Inc.) (RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -> [2004/09/07 23:02:04 | 00,139,264 | ---- | M] (Intel Corporation) (S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Running] -> C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -> [2004/09/07 23:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) (usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) (WinDefend) Windows Defender Service [Win32_Own | Disabled | Stopped] -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/04/03 12:12:14 | 00,014,032 | ---- | M] (Microsoft Corporation) (WLANKEEPER) WLANKEEPER [Win32_Own | Auto | Running] -> C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -> [2004/09/07 23:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) (WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Windows Media Player\WMPNetwk.exe -> [2006/10/19 03:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (AegisP) AEGIS Protocol (IEEE 802.1x) v3.1.0.1 [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\AegisP.sys -> [2005/08/12 21:25:15 | 00,017,056 | ---- | M] (Meetinghouse Data Communications) (AliIde) AliIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 20:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) (amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2008/04/13 20:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) (ApfiltrService) Alps Touch Pad Filter Driver for Windows 2000/XP [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\Apfiltr.sys -> [2004/11/16 23:03:52 | 00,108,791 | ---- | M] (Alps Electric Co., Ltd.) (Appdrv) Appdrv [Kernel | On_Demand | Running] -> C:\Program Files\Dell\NICCONFIGSVC\Appdrv.sys -> [2004/06/30 16:39:36 | 00,016,128 | ---- | M] (Dell Inc) (asc) asc [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 20:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) (asc3550) asc3550 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 20:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -> [2005/05/13 09:46:20 | 01,132,544 | ---- | M] (ATI Technologies Inc.) (AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgldx86.sys -> [2009/08/04 06:59:49 | 00,335,752 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> C:\WINDOWS\System32\Drivers\avgmfx86.sys -> [2009/08/04 06:59:49 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgTdiX) AVG Free8 Network Redirector [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgtdix.sys -> [2009/06/29 10:20:36 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) (bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys -> [2004/05/27 03:18:18 | 00,044,928 | ---- | M] (Broadcom Corporation) (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/17 20:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) (dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 20:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) (drvmcdb) drvmcdb [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\drvmcdb.sys -> [2004/12/01 10:22:00 | 00,087,488 | ---- | M] (Sonic Solutions) (drvnddm) drvnddm [File_System | Auto | Running] -> C:\WINDOWS\System32\drivers\drvnddm.sys -> [2004/11/23 09:56:00 | 00,040,480 | ---- | M] (Sonic Solutions) (E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\e100b325.sys -> [2001/08/17 19:12:10 | 00,117,760 | ---- | M] (Intel Corporation) (fabrikhomeFilter) fabrikhomeFilter [File_System | System | Running] -> C:\WINDOWS\System32\DRIVERS\fabrikhome.sys -> [2009/02/09 08:04:02 | 00,053,752 | ---- | M] (Mozy, Inc.) (GarenaPEngine) GarenaPEngine [Kernel | On_Demand | Stopped] -> C:\Documents and Settings\Neil\Local Settings\Temp\SKN2C.tmp -> [2009/07/14 15:12:18 | 00,018,704 | ---- | M] () (GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -> [2006/07/14 21:03:02 | 00,014,448 | ---- | M] (GEAR Software Inc.) (HSFHWICH) HSFHWICH [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys -> [2004/06/18 03:57:02 | 00,200,064 | ---- | M] (Conexant Systems, Inc.) (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\HSF_DP.sys -> [2004/06/18 03:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) (IWCA) Intel Wireless Connection Agent Miniport for Win XP [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\iwca.sys -> [2004/08/12 15:44:04 | 00,234,496 | ---- | M] (Intel Corporation) (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -> [2004/03/18 01:04:14 | 00,013,059 | ---- | M] (Conexant) (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 20:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) (nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -> [2004/08/04 05:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) (NwlnkIpx) NWLink IPX/SPX/NetBIOS Compatible Transport Protocol [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys -> [2008/04/13 20:56:06 | 00,088,320 | ---- | M] (Microsoft Corporation) (NwlnkNb) NWLink NetBIOS [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\nwlnknb.sys -> [2004/08/04 12:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) (NwlnkSpx) NWLink SPX/SPXII Protocol [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys -> [2004/08/04 12:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) (omci) OMCI WDM Device Driver [Kernel | System | Running] -> C:\WINDOWS\System32\DRIVERS\omci.sys -> [2004/02/13 23:46:00 | 00,017,153 | ---- | M] (Dell Inc) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\ptilink.sys -> [2004/08/04 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2008/11/20 21:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) (ql1080) ql1080 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 20:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) (ql12160) ql12160 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 20:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) (ql1280) ql1280 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 20:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) (s24trans) WLAN Transport [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\s24trans.sys -> [2004/08/31 15:53:04 | 00,011,354 | ---- | M] (Intel Corporation) (Secdrv) Secdrv [Kernel | Auto | Running] -> C:\WINDOWS\System32\DRIVERS\secdrv.sys -> [2007/11/13 12:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sisagp.sys -> [2008/04/13 20:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/17 21:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) (sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2008/11/04 19:29:01 | 00,717,296 | ---- | M] () (sscdbhk5) sscdbhk5 [File_System | System | Running] -> C:\WINDOWS\System32\drivers\sscdbhk5.sys -> [2004/07/14 18:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) (ssrtln) ssrtln [File_System | System | Running] -> C:\WINDOWS\System32\drivers\ssrtln.sys -> [2004/07/14 18:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) (STAC97) SigmaTel C-Major Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\STAC97.sys -> [2005/03/11 05:56:06 | 00,273,168 | ---- | M] (SigmaTel, Inc.) (symc810) symc810 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/17 21:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/17 21:07:36 | 00,032,640 | ---- | M] (LSI Logic) (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/17 21:07:40 | 00,028,384 | ---- | M] (LSI Logic) (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/17 21:07:42 | 00,030,688 | ---- | M] (LSI Logic) (TF0003) %TF0003.SvcDesc% [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\DRIVERS\TF0003.sys -> [2007/05/17 09:47:14 | 00,006,144 | ---- | M] () (tfsnboio) tfsnboio [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnboio.sys -> [2004/12/06 08:05:00 | 00,025,883 | ---- | M] (Sonic Solutions) (tfsncofs) tfsncofs [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsncofs.sys -> [2004/12/06 08:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) (tfsndrct) tfsndrct [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsndrct.sys -> [2004/12/06 08:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) (tfsndres) tfsndres [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsndres.sys -> [2004/12/06 08:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) (tfsnifs) tfsnifs [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnifs.sys -> [2004/12/06 08:05:00 | 00,086,586 | ---- | M] (Sonic Solutions) (tfsnopio) tfsnopio [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnopio.sys -> [2004/12/06 08:05:00 | 00,015,227 | ---- | M] (Sonic Solutions) (tfsnpool) tfsnpool [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnpool.sys -> [2004/12/06 08:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) (tfsnudf) tfsnudf [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnudf.sys -> [2004/12/06 08:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) (tfsnudfa) tfsnudfa [File_System | Auto | Running] -> C:\WINDOWS\System32\dla\tfsnudfa.sys -> [2004/12/06 08:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) (tmcomm) tmcomm [Kernel | Auto | Running] -> C:\WINDOWS\System32\drivers\tmcomm.sys -> [2007/10/20 20:03:42 | 00,102,664 | ---- | M] (Trend Micro Inc.) (ultra) ultra [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 20:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) (usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\usbaudio.sys -> [2008/04/13 20:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) (VBus) Virtual Bus [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\DRIVERS\NkVBus.sys -> [2005/06/17 20:11:00 | 00,017,664 | ---- | M] (Nikon Corporation) (w29n51) Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\w29n51.sys -> [2004/10/22 03:56:04 | 03,210,496 | ---- | M] (Intel® Corporation) (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -> [2004/06/18 03:55:38 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> HKEY_USERS\.DEFAULT\: Main\\"First Home Page" -> http://www.dell4me.com/myway -> HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.dell4me.com/myway -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-18\: Main\\"First Home Page" -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\] > -> -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\: Main\\"Start Page" -> http://www.gmail.com/ -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\: URLSearchHooks\\"*{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2009/06/26 10:36:56 | 01,008,896 | ---- | M] () HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Neil\Application Data\Mozilla\FireFox\Profiles\la1jo3ax.default\prefs.js -> browser.search.selectedEngine -> "Google" -> browser.startup.homepage -> "http://www.google.com/ig" -> extensions.enabledItems -> {CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}:1.5.2.29 -> extensions.enabledItems -> {3f963a5b-e555-4543-90e2-c3908898db71}:8.5 -> extensions.enabledItems -> foxyproxy@eric.h.jung:2.9 -> extensions.enabledItems -> moveplayer@movenetworks.com:1.0.0.07074039 -> extensions.enabledItems -> {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.29 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\PROGRAM FILES\AVG\AVG8\FIREFOX [C:\PROGRAM FILES\AVG\AVG8\FIREFOX] -> [2009/08/04 07:01:39 | 00,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\avg@igeared -> C:\PROGRAM FILES\AVG\AVG8\TOOLBAR\FIREFOX\AVG@IGEARED [C:\PROGRAM FILES\AVG\AVG8\TOOLBAR\FIREFOX\AVG@IGEARED] -> [2009/06/29 10:20:23 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components -> C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/08/06 21:39:17 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/08/06 21:39:17 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\Neil\Application Data\mozilla\Extensions -> [2005/09/03 18:18:06 | 00,000,335 | ---- | M] () -> C:\Documents and Settings\Neil\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2005/09/03 18:18:06 | 00,000,335 | ---- | M] () -> C:\Documents and Settings\Neil\Application Data\mozilla\Firefox\Profiles\la1jo3ax.default\extensions -> [2009/08/06 21:39:34 | 00,098,310 | ---- | M] () -> C:\Documents and Settings\Neil\Application Data\mozilla\Firefox\Profiles\la1jo3ax.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} -> [2009/08/06 21:39:34 | 00,098,310 | ---- | M] () -> C:\Documents and Settings\Neil\Application Data\mozilla\Firefox\Profiles\la1jo3ax.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} -> [2009/08/06 21:39:34 | 00,098,310 | ---- | M] () -> C:\Documents and Settings\Neil\Application Data\mozilla\Firefox\Profiles\la1jo3ax.default\extensions\foxyproxy@eric.h.jung -> [2009/08/06 21:39:34 | 00,098,310 | ---- | M] () -> C:\Documents and Settings\Neil\Application Data\mozilla\Firefox\Profiles\la1jo3ax.default\extensions\moveplayer@movenetworks.com -> [2009/08/06 21:39:34 | 00,098,310 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions -> [2009/08/06 21:39:17 | 09,747,960 | ---- | M] (Mozilla Foundation) -> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/08/06 21:39:17 | 09,747,960 | ---- | M] (Mozilla Foundation) < FireFox Components [Program Folders] > -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\components -> [2009/08/06 21:39:17 | 00,000,000 | ---D | M] browserdirprovider.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\browserdirprovider.dll -> [2009/08/06 21:39:11 | 00,023,032 | ---- | M] (Mozilla Foundation) brwsrcmp.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\brwsrcmp.dll -> [2009/08/06 21:39:11 | 00,134,648 | ---- | M] (Mozilla Foundation) < FireFox Plugins [Program Folders] > -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins -> [2009/08/06 21:39:17 | 00,000,000 | ---D | M] np32dsw.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\np32dsw.dll -> [2003/02/11 13:02:56 | 00,032,768 | ---- | M] (Macromedia, Inc.) npdivx32.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npdivx32.dll -> [2008/02/21 04:04:00 | 01,335,600 | ---- | M] (DivX,Inc.) npdivx32.xpt -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npdivx32.xpt -> [2008/02/21 04:04:02 | 00,001,607 | ---- | M] () npnul32.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npnul32.dll -> [2009/08/06 21:39:13 | 00,065,528 | ---- | M] (mozilla.org) nppdf32.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nppdf32.dll -> [2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) nppl3260.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nppl3260.dll -> [2005/09/18 22:08:00 | 00,139,305 | ---- | M] (RealNetworks, Inc.) npqtplugin.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin.dll -> [2006/10/09 19:23:58 | 00,131,072 | ---- | M] (Apple Computer, Inc.) npqtplugin2.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin2.dll -> [2006/10/09 19:23:58 | 00,131,072 | ---- | M] (Apple Computer, Inc.) npqtplugin3.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin3.dll -> [2006/10/09 19:23:58 | 00,131,072 | ---- | M] (Apple Computer, Inc.) npqtplugin4.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin4.dll -> [2006/10/09 19:23:58 | 00,131,072 | ---- | M] (Apple Computer, Inc.) npqtplugin5.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin5.dll -> [2006/10/09 19:23:58 | 00,131,072 | ---- | M] (Apple Computer, Inc.) npqtplugin6.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin6.dll -> [2006/10/09 19:23:58 | 00,131,072 | ---- | M] (Apple Computer, Inc.) npqtplugin7.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npqtplugin7.dll -> [2006/10/09 19:23:58 | 00,131,072 | ---- | M] (Apple Computer, Inc.) nprjplug.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nprjplug.dll -> [2005/09/18 22:08:13 | 00,024,621 | ---- | M] (RealNetworks, Inc.) nprpjplug.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nprpjplug.dll -> [2005/09/18 22:07:51 | 00,081,967 | ---- | M] (RealNetworks, Inc.) npsnapfish.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npsnapfish.dll -> [2006/01/18 19:50:00 | 00,319,488 | ---- | M] ( ) npUpload.xpt -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npUpload.xpt -> [2008/02/21 04:03:46 | 00,000,535 | ---- | M] () np_gp.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\np_gp.dll -> [2008/08/29 10:01:22 | 00,106,348 | ---- | M] (NOS Microsystems Ltd.) nsIQTScriptablePlugin.xpt -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nsIQTScriptablePlugin.xpt -> [2006/10/09 19:23:58 | 00,002,394 | ---- | M] () QuickTimePlugin.class -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\QuickTimePlugin.cla -> [2006/10/09 19:23:57 | 00,004,208 | ---- | M] () ShockwavePlugin.class -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\ShockwavePlugin.cla -> [2003/02/11 13:08:04 | 00,001,144 | ---- | M] () < FireFox SearchPlugins [Program Folders] > -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins -> [2009/06/29 10:21:05 | 00,000,000 | ---D | M] amazondotcom.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\amazondotcom.xml -> [2008/09/30 02:44:05 | 00,001,394 | ---- | M] () answers.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\answers.xml -> [2008/09/30 02:44:05 | 00,002,193 | ---- | M] () avg_igeared.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\avg_igeared.xml -> [2009/06/29 11:27:29 | 00,001,465 | ---- | M] () creativecommons.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\creativecommons.xml -> [2008/09/30 02:44:05 | 00,001,534 | ---- | M] () eBay.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\eBay.xml -> [2008/11/15 16:40:20 | 00,002,343 | ---- | M] () google.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\google.xml -> [2008/09/30 02:44:05 | 00,001,706 | ---- | M] () wikipedia.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\wikipedia.xml -> [2008/09/30 02:44:05 | 00,001,178 | ---- | M] () < HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 12:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG8\avgssie.dll [AVG Safe Search] -> [2009/08/04 06:59:33 | 01,111,320 | ---- | M] (AVG Technologies CZ, s.r.o.) {5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\System32\dla\tfswshx.dll [DriveLetterAccess] -> [2004/12/06 08:05:00 | 00,118,842 | ---- | M] (Sonic Solutions) {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2006/07/07 06:29:52 | 00,324,416 | ---- | M] (Microsoft Corporation) {A3BC75A2-1F87-4686-AA43-5347D756017C} [HKLM] -> C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2009/06/26 10:36:56 | 01,008,896 | ---- | M] () {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [Google Toolbar Notifier BHO] -> [2009/03/26 03:10:24 | 00,668,656 | ---- | M] (Google Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2009/06/26 10:36:56 | 01,008,896 | ---- | M] () < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\] > -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2009/06/26 10:36:56 | 01,008,896 | ---- | M] () < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "764556" -> C:\WINDOWS\System32\9CEF43\764556.EXE [C:\WINDOWS\system32\9CEF43\764556.EXE] -> [2009/03/31 14:51:32 | 01,405,739 | RHS- | M] () "Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) "AVG8_TRAY" -> C:\Program Files\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> [2009/06/29 10:20:08 | 01,948,440 | ---- | M] (AVG Technologies CZ, s.r.o.) "ISUSPM Startup" -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup] -> [2005/02/17 01:15:22 | 00,221,184 | ---- | M] (InstallShield Software Corporation) "MSConfig" -> C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto] -> [2008/04/14 02:12:27 | 00,169,984 | ---- | M] (Microsoft Corporation) < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Neil Startup Folder > -> C:\Documents and Settings\Neil\Start Menu\Programs\Startup -> C:\Documents and Settings\Neil\Start Menu\Programs\Startup\764556.lnk -> C:\WINDOWS\System32\9CEF43\764556.EXE -> [2009/03/31 14:51:32 | 01,405,739 | RHS- | M] () < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [91 00 00 00 [binary data]] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [91 00 00 00 [binary data]] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006] > -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000] -> [2009/05/05 13:53:16 | 09,361,232 | R--- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000] -> [2009/05/05 13:53:16 | 09,361,232 | R--- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2009/05/01 20:30:36 | 03,366,912 | ---- | M] (Google Inc.) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2009/05/01 20:30:36 | 03,366,912 | ---- | M] (Google Inc.) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\] > -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2009/05/01 20:30:36 | 03,366,912 | ---- | M] (Google Inc.) E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000] -> [2009/05/05 13:53:16 | 09,361,232 | R--- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Menu: Sun Java Console] -> File not found {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/14 02:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/14 02:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Sun Java Console] -> File not found CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Sun Java Console] -> File not found CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\] > -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Sun Java Console] -> File not found CmdMapping\\"{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}" [HKLM] -> [Reg Error: Key error.] -> File not found CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\] > -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> www_kexp.org [http] -> Trusted sites -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\] > -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-3887160309-2736909168-1689148372-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://go.microsoft.com/fwlink/?linkid=39204 [Windows Genuine Advantage Validation Tool] -> {33564D57-0000-0010-8000-00AA00389B71} [HKLM] -> http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB [Reg Error: Key error.] -> {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [HKLM] -> http://office.microsoft.com/officeupdate/content/opuc3.cab [Office Update Installation Engine] -> {68B5B09E-9CB4-4E93-A75B-44DD4362120C} [HKLM] -> http://comic.daum.net/download/new/ToonsXContentsPlug.cab [ToonsXContentsPlug Control] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Java Plug-in 1.4.2_04] -> {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} [HKLM] -> http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab [NsvPlayX Control] -> {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Java Plug-in 1.4.2_03] -> {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Java Plug-in 1.4.2_04] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {4FD2F176-5D73-41B6-B417-9F9C815DD6F6}\\DhcpNameServer -> 192.168.0.1 (Broadcom 440x 10/100 Integrated Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 02:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AtiExtEvent -> C:\WINDOWS\System32\ati2evxx.dll -> [2005/05/13 09:43:54 | 00,046,080 | ---- | M] (ATI Technologies Inc.) avgrsstarter -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/08/04 06:59:50 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) IntelWireless -> C:\Program Files\Intel\Wireless\Bin\LgNotify.dll -> [2004/09/07 23:08:06 | 00,110,592 | ---- | M] (Intel Corporation) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" [HKLM] -> C:\Program Files\Windows Defender\MpShHook.dll [Microsoft AntiMalware ShellExecuteHook] -> [2006/04/03 12:12:16 | 00,081,616 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 02:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL] -> File not found "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found "C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\System32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 02:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\games\serioussam\Bin\SeriousSam.exe" -> C:\games\serioussam\Bin\SeriousSam.exe [C:\games\serioussam\Bin\SeriousSam.exe:*:Enabled:SeriousSam] -> [2001/03/01 04:53:18 | 00,425,984 | ---- | M] () "C:\games\Warcraft III\Frozen Throne.exe" -> C:\games\Warcraft III\Frozen Throne.exe [C:\games\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne] -> [2006/05/14 03:17:45 | 00,274,432 | ---- | M] (Blizzard Entertainment) "C:\Program Files\AIM\aim.exe" -> C:\Program Files\AIM\aim.exe [C:\Program Files\AIM\aim.exe:*:Disabled:AOL Instant Messenger] -> File not found "C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL] -> File not found "C:\Program Files\AVG\AVG8\avgnsx.exe" -> C:\Program Files\AVG\AVG8\avgnsx.exe [C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe] -> [2009/06/29 10:20:11 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG8\avgupd.exe" -> C:\Program Files\AVG\AVG8\avgupd.exe [C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> [2009/08/04 06:58:30 | 01,086,744 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL] -> File not found "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL] -> File not found "C:\Program Files\DC++\DCPlusPlus.exe" -> C:\Program Files\DC++\DCPlusPlus.exe [C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++] -> [2009/03/06 19:17:42 | 05,827,072 | ---- | M] () "C:\Program Files\Garena\Garena.exe" -> C:\Program Files\Garena\Garena.exe [C:\Program Files\Garena\Garena.exe:*:Enabled:Garena] -> [2009/03/23 12:30:52 | 03,288,848 | ---- | M] (Garena Interactive PTE LTD) "C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2006/09/25 20:54:22 | 15,262,784 | ---- | M] (Apple Computer, Inc.) "C:\Program Files\Java\j2re1.4.2_04\bin\javaw.exe" -> C:\Program Files\Java\j2re1.4.2_04\bin\javaw.exe [C:\Program Files\Java\j2re1.4.2_04\bin\javaw.exe:*:Disabled:javaw] -> [2004/02/23 05:52:44 | 00,028,779 | ---- | M] () "C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/14 02:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) "C:\Program Files\Mozilla Firefox\firefox.exe" -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox] -> [2009/08/06 21:39:11 | 00,307,704 | ---- | M] (Mozilla Corporation) "C:\Program Files\Real\RealPlayer\realplay.exe" -> C:\Program Files\Real\RealPlayer\realplay.exe [C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer] -> [2005/09/18 22:07:45 | 00,208,941 | ---- | M] (RealNetworks, Inc.) "C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2009/04/16 13:36:36 | 24,264,488 | R--- | M] (Skype Technologies S.A.) "C:\Program Files\Starcraft\StarCraft.exe" -> C:\Program Files\Starcraft\StarCraft.exe [C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft] -> File not found "C:\Program Files\The All-Seeing Eye\eye.exe" -> C:\Program Files\The All-Seeing Eye\eye.exe [C:\Program Files\The All-Seeing Eye\eye.exe:*:Disabled:Yahoo! All-Seeing Eye] -> [2005/11/06 09:13:16 | 00,497,664 | ---- | M] (Yahoo! Inc.) "C:\Program Files\uTorrent\uTorrent.exe" -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [2008/10/12 15:27:26 | 00,270,128 | ---- | M] (BitTorrent, Inc.) "C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\LEXPPS.EXE" -> C:\WINDOWS\System32\LEXPPS.EXE [C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE] -> [2004/03/04 18:26:20 | 00,174,592 | ---- | M] (Lexmark International, Inc.) "F:\Battle for Middle-Earth 2\game.dat" -> F:\Battle for Middle-Earth 2\game.dat [F:\Battle for Middle-Earth 2\game.dat:*:Enabled:The Battle for Middle-earth(tm) II] -> File not found "F:\Media\games\madden08\Updater.exe" -> F:\Media\games\madden08\Updater.exe [F:\Media\games\madden08\Updater.exe:*:Enabled:Updater] -> File not found "F:\Neverwinter Nights 2\nwmain.exe" -> F:\Neverwinter Nights 2\nwmain.exe [F:\Neverwinter Nights 2\nwmain.exe:*:Enabled:Neverwinter Nights] -> File not found "I:\games\medi2\kingdoms.exe" -> I:\games\medi2\kingdoms.exe [I:\games\medi2\kingdoms.exe:*:Enabled:Medieval 2 Total War: Kingdoms] -> [2007/08/03 19:07:34 | 25,341,952 | ---- | M] (The Creative Assembly Ltd) "I:\games\medi2\medieval2.exe" -> I:\games\medi2\medieval2.exe [I:\games\medi2\medieval2.exe:*:Enabled:Medieval 2: Total War] -> [2007/09/04 18:40:03 | 19,779,584 | ---- | M] (The Creative Assembly Ltd) "I:\games\pe2008\PES2008.exe" -> I:\games\pe2008\PES2008.exe [I:\games\pe2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008] -> [2007/12/04 02:00:50 | 31,236,496 | ---- | M] (KONAMI) "I:\games\pe2009\pes2009.exe" -> I:\games\pe2009\pes2009.exe [I:\games\pe2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/08/10 20:04:08 | 00,000,000 | ---- | M] () E:\AUTOEXEC.BAT [@echo off | :: AUTOEXEC.BAT for Dell System Restore | :: A00 20 May 2004 | | | :: | :: Reset the customer OS partition back active, and the DSR back to type DB in | :: case the customer pulls the plug from under the restore process (we want to | :: boot back to the customer's OS in this case). | :: DSRCheck returns non-zero if the partition layout in the current MBR is | :: different from the original factory settings. | :: | \bin\dsrcheck run | if errorlevel 1 goto PartChanged | | | :: | :: Load the mouse driver for GUI control in the restore tool | :: | \bin\mouse.exe | | | :: | :: SRC2 contains the first step (starting place) in the restore process | :: | cd \src2 | srclient | if errorlevel 1 goto End | | :: dsrreset will set the UP active and mount it as D:. This allows us to set | :: the UP back up for EBTS boot, which is desired after a restore. | \bin\dsrreset run | if errorlevel 1 goto End | | :: Reinstate the EBTS version of config.sys, and we don't use autoexec for | :: EBTS (if diags are installed, breaking the seal will set that up again). | copy d:\config.bts d:\config.sys /y | if exist d:\autoexec.bat del d:\autoexec.bat | | :: Ready to reboot | \bin\restart /x /w | goto BootMiss | | | :: | :: If DSRCheck indicated the customer partition layout is different from | :: factory, SRC1 contains the interface that tells the customer to "Call Dell". | :: Load the mouse for GUI control in the "Call Dell" screen. | :: | :PartChanged | \bin\mouse.exe | cd \src1 | srclient | goto End | | | :End | \bin\restart /x /w | | :BootMiss | cls | echo ************************************************************ | echo *** *** | echo *** Please power your system off then back on to restart *** | echo *** *** | echo ************************************************************ | | ] -> E:\AUTOEXEC.BAT [ FAT32 ] -> [2004/05/20 23:37:06 | 00,001,858 | ---- | M] () H:\autorun.inf [[AutoRun] | open=Recycle.exe | shell\1=´ò¿ª(&O) | shell\1\Command=Recycle.exe | shell\2\=ä¯ÀÀ(&B) | shell\2\Command=Recycle.exe | shellexecute=Recycle.exe | ] -> H:\autorun.inf [ FAT32 ] -> [2009/08/19 01:58:48 | 00,000,148 | RHS- | M] () I:\autorun.inf [[AutoRun] | open=Recycle.exe | shell\1=´ò¿ª(&O) | shell\1\Command=Recycle.exe | shell\2\=ä¯ÀÀ(&B) | shell\2\Command=Recycle.exe | shellexecute=Recycle.exe | ] -> I:\autorun.inf [ NTFS ] -> [2009/08/19 01:59:33 | 00,000,148 | RHS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{1b0c15c0-2dd8-11de-a779-00123fe2cabe} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b0c15c0-2dd8-11de-a779-00123fe2cabe}\Shell \{1b0c15c0-2dd8-11de-a779-00123fe2cabe}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b0c15c0-2dd8-11de-a779-00123fe2cabe}\Shell\1\Command \{1b0c15c0-2dd8-11de-a779-00123fe2cabe}\Shell\1\Command\\"" -> F:\Recycle.exe [F:\Recycle.exe] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b0c15c0-2dd8-11de-a779-00123fe2cabe}\Shell\2\Command \{1b0c15c0-2dd8-11de-a779-00123fe2cabe}\Shell\2\Command\\"" -> F:\Recycle.exe [F:\Recycle.exe] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b0c15c0-2dd8-11de-a779-00123fe2cabe}\Shell\AutoRun \{1b0c15c0-2dd8-11de-a779-00123fe2cabe}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found \{39812176-7598-11da-aa31-00123fe2cabe} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39812176-7598-11da-aa31-00123fe2cabe}\Shell \{39812176-7598-11da-aa31-00123fe2cabe}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39812176-7598-11da-aa31-00123fe2cabe}\Shell\1\Command \{39812176-7598-11da-aa31-00123fe2cabe}\Shell\1\Command\\"" -> J:\Recycle.exe [J:\Recycle.exe] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39812176-7598-11da-aa31-00123fe2cabe}\Shell\2\Command \{39812176-7598-11da-aa31-00123fe2cabe}\Shell\2\Command\\"" -> J:\Recycle.exe [J:\Recycle.exe] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39812176-7598-11da-aa31-00123fe2cabe}\Shell\AutoRun \{39812176-7598-11da-aa31-00123fe2cabe}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found \{5a96526e-2075-11db-ab30-00123fe2cabe} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a96526e-2075-11db-ab30-00123fe2cabe}\Shell \{5a96526e-2075-11db-ab30-00123fe2cabe}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a96526e-2075-11db-ab30-00123fe2cabe}\Shell\AutoRun \{5a96526e-2075-11db-ab30-00123fe2cabe}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found \{87996fa8-a45e-11dd-a600-00123fe2cabe} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87996fa8-a45e-11dd-a600-00123fe2cabe}\Shell\AutoRun\command \{87996fa8-a45e-11dd-a600-00123fe2cabe}\Shell\AutoRun\command\\"" -> G:\Menu.exe [G:\Menu.exe] -> File not found \{8f92c38c-7773-11dd-a57d-00123fe2cabe} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f92c38c-7773-11dd-a57d-00123fe2cabe}\Shell \{8f92c38c-7773-11dd-a57d-00123fe2cabe}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f92c38c-7773-11dd-a57d-00123fe2cabe}\Shell\1\Command \{8f92c38c-7773-11dd-a57d-00123fe2cabe}\Shell\1\Command\\"" -> I:\Recycle.exe [I:\Recycle.exe] -> [2009/08/19 01:59:33 | 01,405,739 | RHS- | M] () HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f92c38c-7773-11dd-a57d-00123fe2cabe}\Shell\2\Command \{8f92c38c-7773-11dd-a57d-00123fe2cabe}\Shell\2\Command\\"" -> I:\Recycle.exe [I:\Recycle.exe] -> [2009/08/19 01:59:33 | 01,405,739 | RHS- | M] () HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f92c38c-7773-11dd-a57d-00123fe2cabe}\Shell\AutoRun \{8f92c38c-7773-11dd-a57d-00123fe2cabe}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found \{b5fda130-0f3d-11db-ab1f-00123fe2cabe} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5fda130-0f3d-11db-ab1f-00123fe2cabe}\Shell \{b5fda130-0f3d-11db-ab1f-00123fe2cabe}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5fda130-0f3d-11db-ab1f-00123fe2cabe}\Shell\1\Command \{b5fda130-0f3d-11db-ab1f-00123fe2cabe}\Shell\1\Command\\"" -> [.\RECYCLER\RECYCLER\autorun.exe] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5fda130-0f3d-11db-ab1f-00123fe2cabe}\Shell\2\Command \{b5fda130-0f3d-11db-ab1f-00123fe2cabe}\Shell\2\Command\\"" -> [.\RECYCLER\RECYCLER\autorun.exe] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5fda130-0f3d-11db-ab1f-00123fe2cabe}\Shell\AutoRun \{b5fda130-0f3d-11db-ab1f-00123fe2cabe}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found [Registry - Additional Scans - Safe List] < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 7/12/2009 3:33:12 PM Computer Name = NEILMETZLER | Source = crypt32 | ID = 131083 -> Description = Failed extract of third-party root list from auto update cab at: with error: The data is invalid. Application [ Error ] 7/12/2009 3:33:12 PM Computer Name = NEILMETZLER | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: with error: The specified server cannot perform the requested operation. Application [ Error ] 7/12/2009 3:33:12 PM Computer Name = NEILMETZLER | Source = crypt32 | ID = 131083 -> Description = Failed extract of third-party root list from auto update cab at: with error: The data is invalid. Application [ Error ] 7/12/2009 3:33:12 PM Computer Name = NEILMETZLER | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: with error: The specified server cannot perform the requested operation. Application [ Error ] 7/12/2009 5:45:12 PM Computer Name = NEILMETZLER | Source = MsiInstaller | ID = 11324 -> Description = Product: Rome - Total War(TM) -- Error 1324.The path dc++ contains an invalid character. Application [ Error ] 7/12/2009 5:45:25 PM Computer Name = NEILMETZLER | Source = MsiInstaller | ID = 11324 -> Description = Product: Rome - Total War(TM) -- Error 1324.The path dc++ contains an invalid character. Application [ Error ] 7/12/2009 5:45:35 PM Computer Name = NEILMETZLER | Source = MsiInstaller | ID = 11324 -> Description = Product: FIFA 09 -- Error 1324. The folder path 'dc++' contains an invalid character. Application [ Error ] 7/12/2009 5:47:18 PM Computer Name = NEILMETZLER | Source = MsiInstaller | ID = 11324 -> Description = Product: FIFA 09 -- Error 1324. The folder path 'dc++' contains an invalid character. Application [ Error ] 7/22/2009 9:57:23 AM Computer Name = NEILMETZLER | Source = Application Hang | ID = 1002 -> Description = Hanging application vlc.exe, version 0.9.4.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 7/23/2009 6:13:52 PM Computer Name = NEILMETZLER | Source = Application Error | ID = 1000 -> Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting module wmvcore.dll, version 11.0.5721.5251, fault address 0x000d29e1. System [ Error ] 8/18/2009 4:44:36 PM Computer Name = NEILMETZLER | Source = W32Time | ID = 39452701 -> Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. System [ Error ] 8/18/2009 4:59:36 PM Computer Name = NEILMETZLER | Source = W32Time | ID = 39452689 -> Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) System [ Error ] 8/18/2009 4:59:36 PM Computer Name = NEILMETZLER | Source = W32Time | ID = 39452701 -> Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 29 minutes. NtpClient has no source of accurate time. System [ Error ] 8/18/2009 7:29:15 PM Computer Name = NEILMETZLER | Source = W32Time | ID = 39452689 -> Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) System [ Error ] 8/18/2009 7:29:15 PM Computer Name = NEILMETZLER | Source = W32Time | ID = 39452701 -> Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. System [ Error ] 8/18/2009 7:29:16 PM Computer Name = NEILMETZLER | Source = PSched | ID = 14103 -> Description = QoS [Adapter {4FD2F176-5D73-41B6-B417-9F9C815DD6F6}]: The netcard driver failed the query for OID_GEN_LINK_SPEED. System [ Error ] 8/18/2009 7:29:19 PM Computer Name = NEILMETZLER | Source = W32Time | ID = 39452689 -> Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) System [ Error ] 8/18/2009 7:29:19 PM Computer Name = NEILMETZLER | Source = W32Time | ID = 39452701 -> Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. System [ Error ] 8/18/2009 7:29:30 PM Computer Name = NEILMETZLER | Source = W32Time | ID = 39452689 -> Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) System [ Error ] 8/18/2009 7:29:30 PM Computer Name = NEILMETZLER | Source = W32Time | ID = 39452701 -> Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. [Files/Folders - Created Within 30 Days] 764556.lnk -> C:\Documents and Settings\Neil\Start Menu\Programs\Startup\764556.lnk -> [2009/08/19 02:29:15 | 00,000,677 | ---- | C] () RootRepeal.rar -> C:\Documents and Settings\Neil\Desktop\RootRepeal.rar -> [2009/08/19 01:58:25 | 00,465,298 | ---- | C] () OTS.exe -> C:\Documents and Settings\Neil\Desktop\OTS.exe -> [2009/08/19 01:57:46 | 00,514,048 | ---- | C] (OldTimer Tools) k metz -> C:\Documents and Settings\Neil\Desktop\k metz -> [2009/07/25 13:31:32 | 00,000,000 | ---D | C] The_Alchemist-Rappers_Best_Friend-2007 -> C:\Documents and Settings\Neil\Desktop\The_Alchemist-Rappers_Best_Friend-2007 -> [2009/07/23 16:32:35 | 00,000,000 | ---D | C] VF2E.INI -> C:\WINDOWS\VF2E.INI -> [2009/07/15 17:16:52 | 00,000,547 | ---- | C] () CmdLineExt03.dll -> C:\WINDOWS\System32\CmdLineExt03.dll -> [2009/03/25 10:14:17 | 00,043,520 | ---- | C] () TF0003.sys -> C:\WINDOWS\System32\drivers\TF0003.sys -> [2009/03/23 11:21:12 | 00,006,144 | ---- | C] () RomeTW.ini -> C:\WINDOWS\RomeTW.ini -> [2008/12/11 19:25:56 | 00,000,241 | ---- | C] () libmplayer.dll -> C:\WINDOWS\System32\libmplayer.dll -> [2008/05/01 21:30:30 | 00,395,776 | ---- | C] () TomsMoComp_ff.dll -> C:\WINDOWS\System32\TomsMoComp_ff.dll -> [2008/05/01 21:30:30 | 00,262,144 | ---- | C] () libmpeg2_ff.dll -> C:\WINDOWS\System32\libmpeg2_ff.dll -> [2008/05/01 21:30:30 | 00,112,640 | ---- | C] () libavcodec.dll -> C:\WINDOWS\System32\libavcodec.dll -> [2008/05/01 21:30:29 | 02,255,360 | ---- | C] () sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2007/10/20 21:07:26 | 00,717,296 | ---- | C] () PICSDK.ini -> C:\WINDOWS\System32\PICSDK.ini -> [2007/09/12 03:30:06 | 00,000,097 | ---- | C] () EAL32.INI -> C:\WINDOWS\System32\EAL32.INI -> [2007/09/12 03:28:04 | 00,000,051 | ---- | C] () EPSONSC88+.ini -> C:\WINDOWS\EPSONSC88+.ini -> [2007/09/12 03:27:57 | 00,000,058 | ---- | C] () WaveletDecoder.dll -> C:\WINDOWS\System32\WaveletDecoder.dll -> [2007/04/05 07:58:10 | 00,167,936 | ---- | C] () IndexedColorDecoder.dll -> C:\WINDOWS\System32\IndexedColorDecoder.dll -> [2007/04/05 07:58:10 | 00,167,936 | ---- | C] () ToonsXHook.dll -> C:\WINDOWS\System32\ToonsXHook.dll -> [2007/04/05 07:58:10 | 00,045,056 | ---- | C] () CaptureProtect.dll -> C:\WINDOWS\System32\CaptureProtect.dll -> [2007/02/06 20:49:50 | 00,028,672 | ---- | C] () dellstat.ini -> C:\WINDOWS\dellstat.ini -> [2006/09/20 02:05:15 | 00,000,330 | ---- | C] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2006/09/04 04:29:51 | 00,000,116 | ---- | C] () vidx16.dll -> C:\WINDOWS\System32\vidx16.dll -> [2006/01/15 00:59:11 | 00,010,240 | ---- | C] () pcfriend.INI -> C:\WINDOWS\pcfriend.INI -> [2005/09/24 20:06:39 | 00,000,000 | ---- | C] () cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2005/09/18 22:10:07 | 00,000,092 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2005/09/08 02:32:55 | 00,000,376 | ---- | C] () winamp.ini -> C:\WINDOWS\winamp.ini -> [2005/09/04 05:16:48 | 00,001,125 | ---- | C] () msoffice.ini -> C:\WINDOWS\msoffice.ini -> [2005/09/01 16:50:04 | 00,000,002 | ---- | C] () smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2005/08/12 21:49:46 | 00,000,061 | ---- | C] () wininit.ini -> C:\WINDOWS\wininit.ini -> [2005/08/12 21:42:11 | 00,000,138 | ---- | C] () stac97co.dll -> C:\WINDOWS\System32\stac97co.dll -> [2005/08/12 21:05:02 | 00,192,512 | ---- | C] () OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2005/08/12 21:04:00 | 00,000,372 | ---- | C] () px.ini -> C:\WINDOWS\System32\px.ini -> [2005/04/10 00:04:54 | 00,000,000 | ---- | C] () iwca.dll -> C:\WINDOWS\System32\iwca.dll -> [2004/08/12 15:44:10 | 00,016,384 | ---- | C] () orun32.ini -> C:\WINDOWS\orun32.ini -> [2004/08/10 20:12:05 | 00,000,780 | ---- | C] () fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2004/08/10 20:01:18 | 00,001,793 | ---- | C] () win.ini -> C:\WINDOWS\win.ini -> [2004/08/10 19:51:28 | 00,000,664 | ---- | C] () system.ini -> C:\WINDOWS\system.ini -> [2004/08/10 19:51:26 | 00,000,227 | ---- | C] () dlbccoin.ini -> C:\WINDOWS\System32\dlbccoin.ini -> [2004/02/10 22:08:00 | 00,000,373 | ---- | C] () dlbcvs.dll -> C:\WINDOWS\System32\dlbcvs.dll -> [2002/11/13 22:40:22 | 00,040,960 | ---- | C] () [Files/Folders - Modified Within 30 Days] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 603 C:\Documents and Settings\Neil\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Neil\Local Settings\Temp\*.tmp -> 4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 764556.lnk -> C:\Documents and Settings\Neil\Start Menu\Programs\Startup\764556.lnk -> [2009/08/19 02:29:15 | 00,000,677 | ---- | M] () NTUSER.DAT -> C:\Documents and Settings\Neil\NTUSER.DAT -> [2009/08/19 02:20:50 | 09,175,040 | -H-- | M] () win.ini -> C:\WINDOWS\win.ini -> [2009/08/19 02:03:38 | 00,000,664 | ---- | M] () system.ini -> C:\WINDOWS\system.ini -> [2009/08/19 02:03:38 | 00,000,227 | ---- | M] () boot.ini -> C:\boot.ini -> [2009/08/19 02:03:38 | 00,000,203 | RHS- | M] () settings.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\Rar$EX02.656\settings.dat -> [2009/08/19 02:01:10 | 00,000,000 | ---- | M] () RootRepeal.rar -> C:\Documents and Settings\Neil\Desktop\RootRepeal.rar -> [2009/08/19 01:58:29 | 00,465,298 | ---- | M] () OTS.exe -> C:\Documents and Settings\Neil\Desktop\OTS.exe -> [2009/08/19 01:57:51 | 00,514,048 | ---- | M] (OldTimer Tools) incavi.avm -> C:\WINDOWS\System32\drivers\Avg\incavi.avm -> [2009/08/19 01:31:36 | 39,968,284 | ---- | M] () microavi.avg -> C:\WINDOWS\System32\drivers\Avg\microavi.avg -> [2009/08/19 01:31:36 | 00,067,775 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2009/08/18 22:44:59 | 00,002,206 | ---- | M] () Google Software Updater.job -> C:\WINDOWS\tasks\Google Software Updater.job -> [2009/08/18 22:44:33 | 00,000,868 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2009/08/18 22:43:55 | 00,000,006 | -H-- | M] () ntuser.ini -> C:\Documents and Settings\Neil\ntuser.ini -> [2009/08/18 22:42:34 | 00,000,278 | -HS- | M] () RootRepeal.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\Rar$EX02.656\RootRepeal.exe -> [2009/08/13 11:14:17 | 00,472,064 | ---- | M] ( ) Microsoft Word.lnk -> C:\Documents and Settings\Neil\Desktop\Microsoft Word.lnk -> [2009/08/06 21:41:42 | 00,002,483 | ---- | M] () War3Unin.dat -> C:\WINDOWS\War3Unin.dat -> [2009/08/06 09:10:07 | 00,062,092 | ---- | M] () Perflib_Perfdata_754.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_754.dat -> [2009/08/06 09:07:36 | 00,016,384 | ---- | M] () Neil M China Midterm.doc -> C:\Documents and Settings\Neil\My Documents\Neil M China Midterm.doc -> [2009/08/06 00:50:29 | 00,049,664 | ---- | M] () Perflib_Perfdata_500.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_500.dat -> [2009/08/06 00:30:25 | 00,016,384 | ---- | M] () qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/08/04 11:25:35 | 00,004,646 | ---- | M] () qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/08/04 11:25:35 | 00,004,232 | ---- | M] () Perflib_Perfdata_2e8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_2e8.dat -> [2009/08/04 08:35:25 | 00,016,384 | ---- | M] () avgrsstx.dll -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/08/04 06:59:50 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) avgldx86.sys -> C:\WINDOWS\System32\drivers\avgldx86.sys -> [2009/08/04 06:59:49 | 00,335,752 | ---- | M] (AVG Technologies CZ, s.r.o.) avgmfx86.sys -> C:\WINDOWS\System32\drivers\avgmfx86.sys -> [2009/08/04 06:59:49 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) Perflib_Perfdata_5b8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5b8.dat -> [2009/07/27 07:37:14 | 00,016,384 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Neil\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/07/25 10:57:49 | 00,009,216 | ---- | M] () Skype.lnk -> C:\Documents and Settings\All Users\Desktop\Skype.lnk -> [2009/07/24 15:48:50 | 00,002,265 | ---- | M] () Perflib_Perfdata_35c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_35c.dat -> [2009/07/18 11:36:35 | 00,016,384 | ---- | M] () Perflib_Perfdata_488.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_488.dat -> [2009/07/16 20:31:56 | 00,016,384 | ---- | M] () Perflib_Perfdata_5fc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5fc.dat -> [2009/07/16 12:41:56 | 00,016,384 | ---- | M] () Perflib_Perfdata_354.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_354.dat -> [2009/07/16 06:36:09 | 00,016,384 | ---- | M] () Perflib_Perfdata_670.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_670.dat -> [2009/07/14 12:26:42 | 00,016,384 | ---- | M] () Perflib_Perfdata_3b0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3b0.dat -> [2009/07/13 11:34:31 | 00,016,384 | ---- | M] () Perflib_Perfdata_5e8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5e8.dat -> [2009/07/12 20:51:55 | 00,016,384 | ---- | M] () Perflib_Perfdata_30c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_30c.dat -> [2009/07/12 18:10:44 | 00,016,384 | ---- | M] () Perflib_Perfdata_600.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_600.dat -> [2009/07/06 22:49:42 | 00,016,384 | ---- | M] () Perflib_Perfdata_49c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_49c.dat -> [2009/07/06 15:48:37 | 00,016,384 | ---- | M] () Perflib_Perfdata_544.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_544.dat -> [2009/07/06 00:40:31 | 00,016,384 | ---- | M] () Perflib_Perfdata_634.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_634.dat -> [2009/07/04 23:47:06 | 00,016,384 | ---- | M] () Perflib_Perfdata_5e0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5e0.dat -> [2009/07/03 11:13:20 | 00,016,384 | ---- | M] () drm_dialogs.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\drm_dialogs.dll -> [2009/07/02 19:50:39 | 00,065,536 | ---- | M] (Sony DADC Austria AG) drm_dyndata_7350006.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\drm_dyndata_7350006.dll -> [2009/07/02 19:50:38 | 00,208,896 | ---- | M] (Sony DADC Austria AG) drm_dyndata_7330016.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\drm_dyndata_7330016.dll -> [2009/07/02 19:44:45 | 00,208,896 | ---- | M] (Sony DADC Austria AG) drm_dyndata_7330011.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\drm_dyndata_7330011.dll -> [2009/06/30 11:55:59 | 00,212,992 | ---- | M] (Sony DADC Austria AG) Perflib_Perfdata_788.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_788.dat -> [2009/06/29 11:34:23 | 00,016,384 | ---- | M] () avg_free_stf_en_85_364a1545.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\avg8setup\avg_free_stf_en_85_364a1545.exe -> [2009/06/29 10:09:15 | 65,778,464 | ---- | M] (AVG Technologies) Perflib_Perfdata_7f0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7f0.dat -> [2009/06/28 21:05:38 | 00,016,384 | ---- | M] () Perflib_Perfdata_100.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_100.dat -> [2009/06/25 15:53:17 | 00,016,384 | ---- | M] () Perflib_Perfdata_390.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_390.dat -> [2009/06/24 02:50:30 | 00,016,384 | ---- | M] () drm_dyndata_7330014.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\drm_dyndata_7330014.dll -> [2009/06/23 23:18:35 | 00,212,992 | ---- | M] (Sony DADC Austria AG) Perflib_Perfdata_7fc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7fc.dat -> [2009/06/21 16:53:23 | 00,016,384 | ---- | M] () Perflib_Perfdata_220.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_220.dat -> [2009/06/20 22:36:24 | 00,016,384 | ---- | M] () Perflib_Perfdata_71c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_71c.dat -> [2009/06/20 17:30:26 | 00,016,384 | ---- | M] () Perflib_Perfdata_43c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_43c.dat -> [2009/06/19 22:31:48 | 00,016,384 | ---- | M] () Perflib_Perfdata_1e0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1e0.dat -> [2009/06/18 11:35:55 | 00,016,384 | ---- | M] () Perflib_Perfdata_768.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_768.dat -> [2009/06/18 00:10:37 | 00,016,384 | ---- | M] () Perflib_Perfdata_208.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_208.dat -> [2009/06/17 11:56:57 | 00,016,384 | ---- | M] () Perflib_Perfdata_108.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_108.dat -> [2009/06/17 00:46:22 | 00,016,384 | ---- | M] () Perflib_Perfdata_1ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1ec.dat -> [2009/06/16 20:07:15 | 00,016,384 | ---- | M] () Perflib_Perfdata_750.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_750.dat -> [2009/06/16 16:25:40 | 00,016,384 | ---- | M] () Perflib_Perfdata_c0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_c0.dat -> [2009/06/16 15:11:59 | 00,016,384 | ---- | M] () Perflib_Perfdata_1b8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1b8.dat -> [2009/06/16 12:44:08 | 00,016,384 | ---- | M] () Perflib_Perfdata_ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_ec.dat -> [2009/06/15 17:24:45 | 00,016,384 | ---- | M] () Perflib_Perfdata_11c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_11c.dat -> [2009/06/11 08:00:49 | 00,016,384 | ---- | M] () Perflib_Perfdata_cc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_cc.dat -> [2009/06/11 07:43:03 | 00,016,384 | ---- | M] () Perflib_Perfdata_708.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_708.dat -> [2009/06/10 16:51:32 | 00,016,384 | ---- | M] () Perflib_Perfdata_778.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_778.dat -> [2009/06/09 18:13:42 | 00,016,384 | ---- | M] () Perflib_Perfdata_90.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_90.dat -> [2009/06/08 23:00:43 | 00,016,384 | ---- | M] () Perflib_Perfdata_1c8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1c8.dat -> [2009/06/06 22:05:38 | 00,016,384 | ---- | M] () Perflib_Perfdata_160.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_160.dat -> [2009/06/06 17:42:39 | 00,016,384 | ---- | M] () Perflib_Perfdata_fc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_fc.dat -> [2009/06/04 22:44:37 | 00,016,384 | ---- | M] () Perflib_Perfdata_790.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_790.dat -> [2009/06/04 09:39:32 | 00,016,384 | ---- | M] () Perflib_Perfdata_740.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_740.dat -> [2009/05/19 19:41:19 | 00,016,384 | ---- | M] () SkypeSetup.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\SkypeSetup.exe -> [2009/05/18 07:43:26 | 20,614,440 | ---- | M] (Skype Technologies S.A.) Perflib_Perfdata_b4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_b4.dat -> [2009/05/18 07:38:19 | 00,016,384 | ---- | M] () Perflib_Perfdata_560.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_560.dat -> [2009/05/17 11:26:06 | 00,016,384 | ---- | M] () Perflib_Perfdata_6ac.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6ac.dat -> [2009/05/16 22:48:49 | 00,016,384 | ---- | M] () Perflib_Perfdata_dc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_dc.dat -> [2009/05/16 12:54:07 | 00,016,384 | ---- | M] () Perflib_Perfdata_744.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_744.dat -> [2009/05/15 15:23:07 | 00,016,384 | ---- | M] () Perflib_Perfdata_514.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_514.dat -> [2009/05/14 21:00:59 | 00,016,384 | ---- | M] () Perflib_Perfdata_a8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_a8.dat -> [2009/05/14 13:08:08 | 00,016,384 | ---- | M] () drm_dyndata_7370014.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\drm_dyndata_7370014.dll -> [2009/05/13 13:54:03 | 00,204,800 | ---- | M] (Sony DADC Austria AG) Perflib_Perfdata_748.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_748.dat -> [2009/05/12 23:00:28 | 00,016,384 | ---- | M] () Perflib_Perfdata_570.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_570.dat -> [2009/05/11 12:10:43 | 00,016,384 | ---- | M] () Perflib_Perfdata_84.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_84.dat -> [2009/05/08 21:57:42 | 00,016,384 | ---- | M] () Perflib_Perfdata_6dc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6dc.dat -> [2009/05/07 20:15:34 | 00,016,384 | ---- | M] () Perflib_Perfdata_6e0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6e0.dat -> [2009/05/07 13:04:34 | 00,016,384 | ---- | M] () Perflib_Perfdata_7f4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7f4.dat -> [2009/05/06 12:58:39 | 00,016,384 | ---- | M] () Perflib_Perfdata_774.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_774.dat -> [2009/05/05 23:59:38 | 00,016,384 | ---- | M] () Perflib_Perfdata_7cc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7cc.dat -> [2009/05/05 12:07:32 | 00,016,384 | ---- | M] () Perflib_Perfdata_7b8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7b8.dat -> [2009/05/05 00:30:30 | 00,016,384 | ---- | M] () Perflib_Perfdata_7a8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7a8.dat -> [2009/05/03 22:30:04 | 00,016,384 | ---- | M] () Perflib_Perfdata_13c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_13c.dat -> [2009/04/29 15:21:38 | 00,016,384 | ---- | M] () Perflib_Perfdata_20c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_20c.dat -> [2009/04/29 11:44:35 | 00,016,384 | ---- | M] () Perflib_Perfdata_6ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6ec.dat -> [2009/04/28 20:47:47 | 00,016,384 | ---- | M] () Perflib_Perfdata_7d4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7d4.dat -> [2009/04/28 11:40:23 | 00,016,384 | ---- | M] () Perflib_Perfdata_7c4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7c4.dat -> [2009/04/27 20:18:56 | 00,016,384 | ---- | M] () Perflib_Perfdata_7d0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7d0.dat -> [2009/04/27 13:17:31 | 00,016,384 | ---- | M] () Perflib_Perfdata_6d0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6d0.dat -> [2009/04/26 21:34:04 | 00,016,384 | ---- | M] () Perflib_Perfdata_73c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_73c.dat -> [2009/04/26 16:05:49 | 00,016,384 | ---- | M] () Perflib_Perfdata_624.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_624.dat -> [2009/04/25 21:59:43 | 00,016,384 | ---- | M] () Perflib_Perfdata_56c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_56c.dat -> [2009/04/25 21:44:07 | 00,016,384 | ---- | M] () Perflib_Perfdata_664.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_664.dat -> [2009/04/25 15:56:48 | 00,016,384 | ---- | M] () Perflib_Perfdata_734.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_734.dat -> [2009/04/24 20:57:38 | 00,016,384 | ---- | M] () Perflib_Perfdata_6f8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6f8.dat -> [2009/04/24 11:15:55 | 00,016,384 | ---- | M] () Perflib_Perfdata_518.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_518.dat -> [2009/04/23 20:15:41 | 00,016,384 | ---- | M] () Perflib_Perfdata_5f4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5f4.dat -> [2009/04/21 18:20:24 | 00,016,384 | ---- | M] () Perflib_Perfdata_698.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_698.dat -> [2009/04/21 15:31:30 | 00,016,384 | ---- | M] () Perflib_Perfdata_6f0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6f0.dat -> [2009/04/21 09:46:13 | 00,016,384 | ---- | M] () Perflib_Perfdata_70c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_70c.dat -> [2009/04/20 20:02:24 | 00,016,384 | ---- | M] () Perflib_Perfdata_710.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_710.dat -> [2009/04/20 01:02:22 | 00,016,384 | ---- | M] () Perflib_Perfdata_6fc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6fc.dat -> [2009/04/19 15:38:15 | 00,016,384 | ---- | M] () Perflib_Perfdata_7a0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7a0.dat -> [2009/04/19 12:27:10 | 00,016,384 | ---- | M] () Perflib_Perfdata_6e8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6e8.dat -> [2009/04/18 10:06:25 | 00,016,384 | ---- | M] () Perflib_Perfdata_58c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_58c.dat -> [2009/04/15 22:21:21 | 00,016,384 | ---- | M] () Perflib_Perfdata_394.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_394.dat -> [2009/04/15 10:19:27 | 00,016,384 | ---- | M] () Perflib_Perfdata_72c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_72c.dat -> [2009/04/14 20:11:50 | 00,016,384 | ---- | M] () Perflib_Perfdata_770.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_770.dat -> [2009/04/13 13:19:45 | 00,016,384 | ---- | M] () Perflib_Perfdata_718.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_718.dat -> [2009/04/12 10:02:59 | 00,016,384 | ---- | M] () Perflib_Perfdata_6b4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6b4.dat -> [2009/04/11 21:31:41 | 00,016,384 | ---- | M] () Perflib_Perfdata_6c8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6c8.dat -> [2009/04/11 09:38:41 | 00,016,384 | ---- | M] () Perflib_Perfdata_a4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_a4.dat -> [2009/04/10 21:58:14 | 00,016,384 | ---- | M] () Perflib_Perfdata_720.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_720.dat -> [2009/04/09 12:31:14 | 00,016,384 | ---- | M] () Perflib_Perfdata_3c4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3c4.dat -> [2009/04/06 07:21:56 | 00,016,384 | ---- | M] () Perflib_Perfdata_554.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_554.dat -> [2009/04/05 07:34:31 | 00,016,384 | ---- | M] () Perflib_Perfdata_4f4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4f4.dat -> [2009/04/04 13:37:30 | 00,016,384 | ---- | M] () Perflib_Perfdata_6d4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6d4.dat -> [2009/04/04 03:14:41 | 00,016,384 | ---- | M] () Perflib_Perfdata_6a4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6a4.dat -> [2009/04/03 14:41:34 | 00,016,384 | ---- | M] () Perflib_Perfdata_714.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_714.dat -> [2009/04/03 09:40:09 | 00,016,384 | ---- | M] () Perflib_Perfdata_6b8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6b8.dat -> [2009/04/03 05:54:46 | 00,016,384 | ---- | M] () Perflib_Perfdata_4dc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4dc.dat -> [2009/04/01 15:26:25 | 00,016,384 | ---- | M] () Perflib_Perfdata_63c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_63c.dat -> [2009/04/01 05:08:00 | 00,016,384 | ---- | M] () Perflib_Perfdata_3c0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3c0.dat -> [2009/03/31 17:30:15 | 00,016,384 | ---- | M] () Perflib_Perfdata_3a4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3a4.dat -> [2009/03/31 14:41:10 | 00,016,384 | ---- | M] () Perflib_Perfdata_3a0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3a0.dat -> [2009/03/31 12:06:48 | 00,016,384 | ---- | M] () Perflib_Perfdata_524.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_524.dat -> [2009/03/31 11:48:58 | 00,016,384 | ---- | M] () Perflib_Perfdata_350.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_350.dat -> [2009/03/31 11:37:35 | 00,016,384 | ---- | M] () Perflib_Perfdata_a34.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_a34.dat -> [2009/03/31 07:04:58 | 00,016,384 | ---- | M] () fabrikhome-update-256895b17e9b6d9af8c7d13c184bf180.exe -> C:\WINDOWS\Temp\fabrikhome-update-256895b17e9b6d9af8c7d13c184bf180.exe -> [2009/03/31 07:03:45 | 07,161,624 | ---- | M] (Fabrik, Inc.) Perflib_Perfdata_490.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_490.dat -> [2009/03/30 16:05:06 | 00,016,384 | ---- | M] () Perflib_Perfdata_620.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_620.dat -> [2009/03/29 06:55:43 | 00,016,384 | ---- | M] () Perflib_Perfdata_6c0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6c0.dat -> [2009/03/28 08:34:54 | 00,016,384 | ---- | M] () GoogleUpdaterService.exe -> C:\WINDOWS\Temp\gis15649\GoogleUpdaterService.exe -> [2009/03/26 03:10:07 | 00,183,280 | ---- | M] (Google) GoogleUpdaterSetup.exe -> C:\WINDOWS\Temp\gis15649\2.4.1536.6592\GoogleUpdaterSetup.exe -> [2009/03/26 03:10:07 | 00,176,112 | ---- | M] (Google Inc.) GoogleUpdater.exe -> C:\WINDOWS\Temp\gis15649\GoogleUpdater.exe -> [2009/03/26 03:10:07 | 00,161,776 | ---- | M] (Google) cires.dll -> C:\WINDOWS\Temp\gis15649\2.4.1536.6592\cires.dll -> [2009/03/26 03:10:07 | 00,100,848 | ---- | M] () ci.dll -> C:\WINDOWS\Temp\gis15649\2.4.1536.6592\ci.dll -> [2009/03/26 03:10:06 | 01,204,208 | ---- | M] (Google) GoogleUpdaterAdminPrefs.exe -> C:\WINDOWS\Temp\gis15649\2.4.1536.6592\GoogleUpdaterAdminPrefs.exe -> [2009/03/26 03:10:06 | 00,227,824 | ---- | M] (Google) GoogleUpdaterInstallMgr.exe -> C:\WINDOWS\Temp\gis15649\2.4.1536.6592\GoogleUpdaterInstallMgr.exe -> [2009/03/26 03:10:06 | 00,169,968 | ---- | M] (Google) npCIDetect13.dll -> C:\WINDOWS\Temp\gis15649\2.4.1536.6592\npCIDetect13.dll -> [2009/03/26 03:10:06 | 00,099,824 | ---- | M] (Google) Perflib_Perfdata_68c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_68c.dat -> [2009/03/26 03:09:50 | 00,016,384 | ---- | M] () SIntfNT.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\SIntfNT.dll -> [2009/03/25 10:21:47 | 00,024,744 | ---- | M] () SIntf32.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\SIntf32.dll -> [2009/03/25 10:21:47 | 00,020,016 | ---- | M] () SIntf16.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\SIntf16.dll -> [2009/03/25 10:21:47 | 00,012,305 | ---- | M] () Perflib_Perfdata_6bc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6bc.dat -> [2009/03/25 10:19:17 | 00,016,384 | ---- | M] () Perflib_Perfdata_548.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_548.dat -> [2009/03/24 03:34:03 | 00,016,384 | ---- | M] () _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\isp63.tmp\_Setup.dll -> [2009/03/23 11:22:53 | 00,380,928 | ---- | M] (Macrovision Corporation) setup.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\bye45.tmp\Disk1\setup.exe -> [2009/03/23 11:20:40 | 00,121,064 | ---- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\isp43.tmp\_Setup.dll -> [2009/03/23 11:18:04 | 00,380,928 | ---- | M] (Macrovision Corporation) setup.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\bye11.tmp\Disk1\setup.exe -> [2009/03/23 05:00:25 | 00,121,064 | ---- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\ispD.tmp\_Setup.dll -> [2009/03/23 04:59:01 | 00,380,928 | ---- | M] (Macrovision Corporation) Perflib_Perfdata_5ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5ec.dat -> [2009/03/22 03:48:15 | 00,016,384 | ---- | M] () Perflib_Perfdata_650.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_650.dat -> [2009/03/20 14:24:59 | 00,016,384 | ---- | M] () Perflib_Perfdata_688.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_688.dat -> [2009/03/20 02:32:09 | 00,016,384 | ---- | M] () Perflib_Perfdata_660.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_660.dat -> [2009/03/19 10:01:00 | 00,016,384 | ---- | M] () Perflib_Perfdata_690.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_690.dat -> [2009/03/17 15:28:20 | 00,016,384 | ---- | M] () Perflib_Perfdata_580.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_580.dat -> [2009/03/17 02:50:45 | 00,016,384 | ---- | M] () Perflib_Perfdata_53c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_53c.dat -> [2009/03/16 01:03:05 | 00,016,384 | ---- | M] () Perflib_Perfdata_588.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_588.dat -> [2009/03/15 14:32:12 | 00,016,384 | ---- | M] () Perflib_Perfdata_158.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_158.dat -> [2009/03/10 23:11:51 | 00,016,384 | ---- | M] () Perflib_Perfdata_528.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_528.dat -> [2009/03/09 22:29:58 | 00,016,384 | ---- | M] () Perflib_Perfdata_5cc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5cc.dat -> [2009/03/08 16:47:06 | 00,016,384 | ---- | M] () asneu.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{AC76BA86-1033-0000-7760-100000000002}\asneu.dll -> [2009/03/06 15:29:22 | 00,212,992 | ---- | M] () Perflib_Perfdata_584.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_584.dat -> [2009/03/04 13:55:41 | 00,016,384 | ---- | M] () Perflib_Perfdata_574.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_574.dat -> [2009/03/02 11:42:04 | 00,016,384 | ---- | M] () Perflib_Perfdata_5f0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5f0.dat -> [2009/03/01 15:37:11 | 00,016,384 | ---- | M] () Perflib_Perfdata_590.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_590.dat -> [2009/02/28 14:15:30 | 00,016,384 | ---- | M] () Perflib_Perfdata_5b0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5b0.dat -> [2009/02/27 13:17:33 | 00,016,384 | ---- | M] () Perflib_Perfdata_55c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_55c.dat -> [2009/02/21 15:30:30 | 00,016,384 | ---- | M] () Perflib_Perfdata_594.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_594.dat -> [2009/02/19 13:33:16 | 00,016,384 | ---- | M] () Perflib_Perfdata_54c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_54c.dat -> [2009/02/15 19:34:48 | 00,016,384 | ---- | M] () Perflib_Perfdata_59c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_59c.dat -> [2009/02/14 15:14:51 | 00,016,384 | ---- | M] () Perflib_Perfdata_3d8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3d8.dat -> [2009/02/13 22:48:40 | 00,016,384 | ---- | M] () Perflib_Perfdata_57c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_57c.dat -> [2009/02/13 20:15:46 | 00,016,384 | ---- | M] () Perflib_Perfdata_564.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_564.dat -> [2009/02/13 15:22:21 | 00,016,384 | ---- | M] () Perflib_Perfdata_558.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_558.dat -> [2009/02/13 11:09:55 | 00,016,384 | ---- | M] () Perflib_Perfdata_5d0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5d0.dat -> [2009/02/11 13:18:35 | 00,016,384 | ---- | M] () Perflib_Perfdata_530.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_530.dat -> [2009/02/10 15:52:29 | 00,016,384 | ---- | M] () Perflib_Perfdata_618.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_618.dat -> [2009/02/10 01:24:32 | 00,016,384 | ---- | M] () Perflib_Perfdata_5a4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5a4.dat -> [2009/02/09 20:46:56 | 00,016,384 | ---- | M] () Perflib_Perfdata_5a0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5a0.dat -> [2009/02/09 20:38:08 | 00,016,384 | ---- | M] () Perflib_Perfdata_398.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_398.dat -> [2009/02/09 15:06:09 | 00,016,384 | ---- | M] () Perflib_Perfdata_5a8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5a8.dat -> [2009/02/09 12:22:03 | 00,016,384 | ---- | M] () Perflib_Perfdata_5c4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5c4.dat -> [2009/02/09 01:23:47 | 00,016,384 | ---- | M] () Perflib_Perfdata_630.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_630.dat -> [2009/02/08 05:44:18 | 00,016,384 | ---- | M] () Perflib_Perfdata_568.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_568.dat -> [2009/02/07 19:16:41 | 00,016,384 | ---- | M] () Perflib_Perfdata_684.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_684.dat -> [2009/02/07 14:34:31 | 00,016,384 | ---- | M] () Perflib_Perfdata_614.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_614.dat -> [2009/02/06 22:55:25 | 00,016,384 | ---- | M] () System.dll -> C:\WINDOWS\Temp\nsb5F.tmp\System.dll -> [2009/02/03 21:49:29 | 00,009,216 | ---- | M] () NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsb5F.tmp\NSIS_Picasa.dll -> [2009/02/03 21:48:59 | 00,057,344 | ---- | M] () Perflib_Perfdata_67c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_67c.dat -> [2009/02/03 18:53:53 | 00,016,384 | ---- | M] () Perflib_Perfdata_668.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_668.dat -> [2009/02/03 13:04:03 | 00,016,384 | ---- | M] () Perflib_Perfdata_324.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_324.dat -> [2009/02/02 15:26:11 | 00,016,384 | ---- | M] () Perflib_Perfdata_380.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_380.dat -> [2009/02/02 12:38:23 | 00,016,384 | ---- | M] () Perflib_Perfdata_644.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_644.dat -> [2009/02/02 00:42:53 | 00,016,384 | ---- | M] () Perflib_Perfdata_680.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_680.dat -> [2009/02/01 13:38:01 | 00,016,384 | ---- | M] () Perflib_Perfdata_60c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_60c.dat -> [2009/01/31 20:26:38 | 00,016,384 | ---- | M] () Perflib_Perfdata_648.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_648.dat -> [2009/01/31 12:41:26 | 00,016,384 | ---- | M] () Perflib_Perfdata_674.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_674.dat -> [2009/01/30 23:29:49 | 00,016,384 | ---- | M] () Perflib_Perfdata_64c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_64c.dat -> [2009/01/30 22:35:44 | 00,016,384 | ---- | M] () Perflib_Perfdata_65c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_65c.dat -> [2009/01/30 03:44:17 | 00,016,384 | ---- | M] () Perflib_Perfdata_66c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_66c.dat -> [2009/01/29 13:28:33 | 00,016,384 | ---- | M] () Perflib_Perfdata_658.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_658.dat -> [2009/01/28 23:41:31 | 00,016,384 | ---- | M] () Perflib_Perfdata_610.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_610.dat -> [2009/01/28 14:59:48 | 00,016,384 | ---- | M] () Perflib_Perfdata_5bc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5bc.dat -> [2009/01/27 20:21:07 | 00,016,384 | ---- | M] () Perflib_Perfdata_40c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_40c.dat -> [2009/01/27 20:16:12 | 00,016,384 | ---- | M] () Perflib_Perfdata_640.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_640.dat -> [2009/01/26 17:11:12 | 00,016,384 | ---- | M] () Perflib_Perfdata_5c0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5c0.dat -> [2009/01/26 14:55:37 | 00,016,384 | ---- | M] () Perflib_Perfdata_21c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_21c.dat -> [2009/01/26 01:05:12 | 00,016,384 | ---- | M] () Perflib_Perfdata_218.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_218.dat -> [2009/01/25 19:24:48 | 00,016,384 | ---- | M] () Perflib_Perfdata_244.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_244.dat -> [2009/01/25 13:27:14 | 00,016,384 | ---- | M] () Perflib_Perfdata_140.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_140.dat -> [2009/01/25 03:38:03 | 00,016,384 | ---- | M] () Perflib_Perfdata_2a0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_2a0.dat -> [2009/01/24 20:28:00 | 00,016,384 | ---- | M] () Perflib_Perfdata_25c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_25c.dat -> [2009/01/22 22:56:52 | 00,016,384 | ---- | M] () Perflib_Perfdata_200.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_200.dat -> [2009/01/22 20:53:11 | 00,016,384 | ---- | M] () Perflib_Perfdata_210.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_210.dat -> [2009/01/22 00:02:13 | 00,016,384 | ---- | M] () Perflib_Perfdata_1e8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1e8.dat -> [2009/01/21 23:57:56 | 00,016,384 | ---- | M] () Perflib_Perfdata_388.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_388.dat -> [2009/01/20 12:17:18 | 00,016,384 | ---- | M] () Perflib_Perfdata_344.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_344.dat -> [2009/01/19 22:10:08 | 00,016,384 | ---- | M] () Perflib_Perfdata_2ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_2ec.dat -> [2009/01/19 14:23:49 | 00,016,384 | ---- | M] () Perflib_Perfdata_274.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_274.dat -> [2009/01/17 09:33:33 | 00,016,384 | ---- | M] () Perflib_Perfdata_364.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_364.dat -> [2009/01/16 22:44:30 | 00,016,384 | ---- | M] () Perflib_Perfdata_298.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_298.dat -> [2009/01/16 20:13:57 | 00,016,384 | ---- | M] () Perflib_Perfdata_2d0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_2d0.dat -> [2009/01/16 12:57:49 | 00,016,384 | ---- | M] () Perflib_Perfdata_6d8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6d8.dat -> [2009/01/15 19:00:13 | 00,016,384 | ---- | M] () Perflib_Perfdata_6b0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6b0.dat -> [2009/01/15 16:20:40 | 00,016,384 | ---- | M] () Perflib_Perfdata_204.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_204.dat -> [2009/01/15 15:11:06 | 00,016,384 | ---- | M] () Perflib_Perfdata_3b4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3b4.dat -> [2009/01/15 13:08:45 | 00,016,384 | ---- | M] () Perflib_Perfdata_1fc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1fc.dat -> [2009/01/14 15:57:17 | 00,016,384 | ---- | M] () Perflib_Perfdata_3ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3ec.dat -> [2009/01/13 13:03:26 | 00,016,384 | ---- | M] () Perflib_Perfdata_33c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_33c.dat -> [2009/01/12 13:02:56 | 00,016,384 | ---- | M] () Perflib_Perfdata_348.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_348.dat -> [2009/01/11 17:16:47 | 00,016,384 | ---- | M] () Perflib_Perfdata_374.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_374.dat -> [2009/01/11 17:11:17 | 00,016,384 | ---- | M] () Perflib_Perfdata_36c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_36c.dat -> [2009/01/11 02:42:43 | 00,016,384 | ---- | M] () Perflib_Perfdata_3b8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3b8.dat -> [2009/01/10 16:44:07 | 00,016,384 | ---- | M] () Perflib_Perfdata_338.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_338.dat -> [2009/01/10 13:43:05 | 00,016,384 | ---- | M] () Perflib_Perfdata_314.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_314.dat -> [2009/01/09 15:07:32 | 00,016,384 | ---- | M] () Perflib_Perfdata_340.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_340.dat -> [2009/01/08 12:41:52 | 00,016,384 | ---- | M] () Perflib_Perfdata_148.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_148.dat -> [2009/01/07 17:01:48 | 00,016,384 | ---- | M] () System.dll -> C:\WINDOWS\Temp\nslA.tmp\System.dll -> [2008/12/27 20:33:27 | 00,009,216 | ---- | M] () NSIS_Picasa.dll -> C:\WINDOWS\Temp\nslA.tmp\NSIS_Picasa.dll -> [2008/12/27 20:33:11 | 00,056,832 | ---- | M] () NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsy90.tmp\NSIS_Picasa.dll -> [2008/12/14 15:41:47 | 00,056,832 | ---- | M] () PicasaUpdater_351c.exe -> C:\WINDOWS\Temp\PicasaUpdater_351c.exe -> [2008/12/14 15:41:46 | 07,575,208 | ---- | M] () PicasaUpdater_3fca.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\PicasaUpdater_3fca.exe -> [2008/12/14 15:41:43 | 07,710,272 | ---- | M] (Google Inc.) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\isp74.tmp\_Setup.dll -> [2008/10/28 23:38:35 | 00,368,640 | ---- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\isp7.tmp\_Setup.dll -> [2008/10/28 22:16:06 | 00,368,640 | ---- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\isp42.tmp\_Setup.dll -> [2008/10/28 21:39:31 | 00,368,640 | ---- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\isp25.tmp\_Setup.dll -> [2008/10/28 20:57:59 | 00,368,640 | ---- | M] (Macrovision Corporation) CmdLineExt02.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\CmdLineExt02.dll -> [2008/02/07 01:08:06 | 00,036,864 | ---- | M] () Perflib_Perfdata_fec.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\Perflib_Perfdata_fec.dat -> [2007/11/19 21:27:15 | 00,016,384 | ---- | M] () _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{E64E7CED-35E1-4C8B-B927-AE69A7F28852}\_Setup.dll -> [2007/08/05 04:10:59 | 00,152,496 | R--- | M] (Macrovision Corporation) ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{E64E7CED-35E1-4C8B-B927-AE69A7F28852}\ISSetup.dll -> [2007/08/05 04:10:58 | 00,552,214 | R--- | M] (Macrovision Corporation) _isC6.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_isC6.exe -> [2007/08/05 04:10:58 | 00,455,600 | R--- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{351675A1-34FB-41C5-ADBC-15E42DEEDB4A}\_Setup.dll -> [2007/08/05 04:09:49 | 00,152,496 | R--- | M] (Macrovision Corporation) ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{351675A1-34FB-41C5-ADBC-15E42DEEDB4A}\ISSetup.dll -> [2007/08/05 04:09:48 | 00,552,214 | R--- | M] (Macrovision Corporation) _is8E.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_is8E.exe -> [2007/08/05 04:09:48 | 00,455,600 | R--- | M] (Macrovision Corporation) ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{D868A1A1-A5DC-4C1D-A0D1-D17749C133C4}\ISSetup.dll -> [2007/08/05 04:09:46 | 00,552,214 | R--- | M] (Macrovision Corporation) ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{2BAD440F-4FF8-4937-90A6-DE23418804BC}\ISSetup.dll -> [2007/08/05 04:09:46 | 00,552,214 | R--- | M] (Macrovision Corporation) ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{9F7846CB-9199-47A5-AC45-1AB5AA8E5F7E}\ISSetup.dll -> [2007/08/05 04:07:08 | 00,552,214 | R--- | M] (Macrovision Corporation) ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{C676A395-E041-455A-88E3-7353D421D8DA}\ISSetup.dll -> [2007/08/05 04:01:24 | 00,552,214 | R--- | M] (Macrovision Corporation) AutoRun.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\AutoRun.exe -> [2007/07/04 04:32:31 | 00,634,880 | ---- | M] (Electronic Arts Inc.) eauninstall.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\eauninstall.exe -> [2007/07/04 04:32:31 | 00,319,488 | ---- | M] (Electronic Arts Inc.) EAInstall.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\EAInstall.dll -> [2007/07/04 04:23:45 | 00,876,544 | ---- | M] () AutoRunGUI.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\AutoRunGUI.dll -> [2007/07/04 04:23:42 | 00,585,728 | ---- | M] (Electronic Arts Inc.) dsetup32.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{4BC5B612-584C-409E-9A5C-014CAF5AF723}\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\directx9\dsetup32.dll -> [2007/04/23 09:44:18 | 02,248,912 | R--- | M] (Microsoft Corporation) DXSETUP.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\{4BC5B612-584C-409E-9A5C-014CAF5AF723}\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\directx9\DXSETUP.exe -> [2007/04/23 09:44:16 | 00,484,560 | R--- | M] (Microsoft Corporation) DSETUP.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{4BC5B612-584C-409E-9A5C-014CAF5AF723}\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\directx9\DSETUP.dll -> [2007/04/23 09:44:16 | 00,074,448 | R--- | M] (Microsoft Corporation) ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{DCA2A439-0871-4B5E-BDF4-F7C4ECBCB8C5}\ISSetup.dll -> [2007/04/05 23:36:12 | 00,492,032 | R--- | M] (Macrovision Corporation) ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{C532EC30-3F97-48FB-BE8B-56DEEEA35252}\ISSetup.dll -> [2007/04/05 23:36:12 | 00,492,032 | R--- | M] (Macrovision Corporation) madden_inst.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\madden_inst.exe -> [2007/03/07 20:39:15 | 00,045,056 | ---- | M] () ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{A5B6B8EE-400A-4924-A03A-35224EAD1E71}\ISSetup.dll -> [2007/03/01 00:59:40 | 00,492,032 | R--- | M] (Macrovision Corporation) _is6A.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_is6A.exe -> [2007/02/28 01:08:00 | 00,456,416 | R--- | M] (Macrovision Corporation) _is69.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_is69.exe -> [2007/02/28 01:08:00 | 00,456,416 | R--- | M] (Macrovision Corporation) _is9.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_is9.exe -> [2007/02/28 00:08:44 | 00,456,416 | R--- | M] (Macrovision Corporation) ISSetup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{93797D74-BE10-4756-B556-6F27BFC45003}\ISSetup.dll -> [2006/10/06 01:12:20 | 00,552,214 | R--- | M] (Macrovision Corporation) Perflib_Perfdata_90.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\Perflib_Perfdata_90.dat -> [2006/06/09 21:48:33 | 00,016,384 | ---- | M] () mca_setup_10.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\Nikon\MessageCenter\mca_setup_10.exe -> [2006/06/09 21:45:33 | 00,714,858 | ---- | M] () _isCB.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_isCB.exe -> [2006/05/24 21:10:42 | 00,455,600 | R--- | M] (Macrovision Corporation) _isCA.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_isCA.exe -> [2006/05/24 21:10:42 | 00,455,600 | R--- | M] (Macrovision Corporation) _isC7.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_isC7.exe -> [2006/05/24 21:10:42 | 00,455,600 | R--- | M] (Macrovision Corporation) _is8D.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_is8D.exe -> [2006/05/24 21:10:42 | 00,455,600 | R--- | M] (Macrovision Corporation) _is60.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\_is60.exe -> [2006/05/24 05:10:42 | 00,455,600 | R--- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{D868A1A1-A5DC-4C1D-A0D1-D17749C133C4}\_Setup.dll -> [2006/05/17 20:21:06 | 00,152,496 | R--- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{C676A395-E041-455A-88E3-7353D421D8DA}\_Setup.dll -> [2006/05/17 20:21:06 | 00,152,496 | R--- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{9F7846CB-9199-47A5-AC45-1AB5AA8E5F7E}\_Setup.dll -> [2006/05/17 20:21:06 | 00,152,496 | R--- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{2BAD440F-4FF8-4937-90A6-DE23418804BC}\_Setup.dll -> [2006/05/17 20:21:06 | 00,152,496 | R--- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{A5B6B8EE-400A-4924-A03A-35224EAD1E71}\_Setup.dll -> [2006/05/17 19:21:08 | 00,373,680 | R--- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{DCA2A439-0871-4B5E-BDF4-F7C4ECBCB8C5}\_Setup.dll -> [2006/05/17 18:21:08 | 00,373,680 | R--- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{C532EC30-3F97-48FB-BE8B-56DEEEA35252}\_Setup.dll -> [2006/05/17 18:21:08 | 00,373,680 | R--- | M] (Macrovision Corporation) _Setup.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\{93797D74-BE10-4756-B556-6F27BFC45003}\_Setup.dll -> [2006/05/17 04:21:06 | 00,152,496 | R--- | M] (Macrovision Corporation) opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\opa11.dat -> [2006/05/13 17:42:04 | 00,008,388 | ---- | M] () SetupX.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\SetupX.exe -> [2006/04/22 11:02:58 | 01,064,960 | ---- | M] (Nero AG) nps.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Setup\nps.dll -> [2006/04/22 11:01:44 | 01,617,920 | ---- | M] (Nero AG) NeroDelTmp.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Setup\NeroDelTmp.exe -> [2006/03/31 08:36:12 | 01,556,480 | ---- | M] (Nero AG) MpEngine.dll -> C:\WINDOWS\Temp\MpEngine.dll -> [2006/03/20 13:45:24 | 02,625,296 | ---- | M] (Microsoft Corporation) xpcom.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\ns_temp\xpcom.ns\bin\xpcom.dll -> [2006/03/20 05:13:39 | 00,378,978 | ---- | M] (Mozilla Foundation) js3250.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\ns_temp\xpcom.ns\bin\js3250.dll -> [2006/03/20 05:13:39 | 00,329,822 | ---- | M] (Netscape Communications Corporation) xpinstal.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\ns_temp\xpcom.ns\bin\components\xpinstal.dll -> [2006/03/20 05:13:39 | 00,160,871 | ---- | M] (Mozilla Foundation) nspr4.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\ns_temp\xpcom.ns\bin\nspr4.dll -> [2006/03/20 05:13:39 | 00,155,749 | ---- | M] (Netscape Communications Corporation) xpcom_compat.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\ns_temp\xpcom.ns\bin\xpcom_compat.dll -> [2006/03/20 05:13:39 | 00,068,204 | ---- | M] (Mozilla Foundation) jar50.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\ns_temp\xpcom.ns\bin\components\jar50.dll -> [2006/03/20 05:13:39 | 00,041,573 | ---- | M] (Mozilla Foundation) plc4.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\ns_temp\xpcom.ns\bin\plc4.dll -> [2006/03/20 05:13:39 | 00,028,778 | ---- | M] (Netscape Communications Corporation) plds4.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\ns_temp\xpcom.ns\bin\plds4.dll -> [2006/03/20 05:13:39 | 00,024,677 | ---- | M] (Netscape Communications Corporation) index.dat -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat -> [2006/01/28 08:16:25 | 00,032,768 | ---- | M] () index.dat -> C:\WINDOWS\Temp\History\History.IE5\index.dat -> [2006/01/28 08:16:25 | 00,032,768 | ---- | M] () index.dat -> C:\WINDOWS\Temp\Cookies\index.dat -> [2006/01/28 08:16:25 | 00,032,768 | ---- | M] () unrar.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Setup\unrar.dll -> [2006/01/05 11:56:08 | 00,160,768 | ---- | M] () The Battle for Middle-earth II_uninst.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\The Battle for Middle-earth II_uninst.exe -> [2006/01/04 05:54:47 | 00,073,728 | ---- | M] (Electronic Arts Inc.) 1131214828187playershim1161.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\.viv\1131214828187playershim1161.dll -> [2005/11/05 20:20:28 | 00,024,576 | ---- | M] () xerces-c_2_5_0_qb.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\xerces-c_2_5_0_qb.dll -> [2005/09/16 00:24:54 | 01,916,928 | ---- | M] (Apache Software Foundation) MFC71.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\MFC71.dll -> [2005/09/16 00:24:52 | 01,060,864 | ---- | M] (Microsoft Corporation) stlport_vc746.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\stlport_vc746.dll -> [2005/09/16 00:24:52 | 00,552,960 | ---- | M] (STLport Consulting, Inc.) msvcp71.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\msvcp71.dll -> [2005/09/16 00:24:52 | 00,499,712 | ---- | M] (Microsoft Corporation) qbinstal.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\qbinstal.dll -> [2005/09/16 00:24:52 | 00,380,928 | ---- | M] (Intuit, Inc.) pcc.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\pcc.dll -> [2005/09/16 00:24:52 | 00,372,736 | ---- | M] (Intuit, Inc.) msvcr71.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\msvcr71.dll -> [2005/09/16 00:24:52 | 00,348,160 | ---- | M] (Microsoft Corporation) ESGServices.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\ESGServices.dat -> [2005/09/16 00:24:52 | 00,015,573 | ---- | M] () paystat.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\paystat.dat -> [2005/09/16 00:24:52 | 00,001,442 | ---- | M] () EntitlementClientInstall.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\EntitlementClientInstall.dll -> [2005/09/16 00:24:51 | 01,552,384 | ---- | M] (Intuit, Inc.) qbm3t2.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\qbm3t2.dat -> [2005/09/16 00:24:51 | 00,007,768 | ---- | M] () UninstallNero.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Setup\UninstallNero.exe -> [2005/09/12 10:13:46 | 00,233,472 | ---- | M] (Nero AG) data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [2005/09/11 02:28:07 | 00,003,804 | ---- | M] () wssetup.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\WebshotsTemp\wssetup.exe -> [2005/09/06 21:33:11 | 00,990,629 | ---- | M] () acufutls.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\acufutls.dll -> [2005/07/11 17:33:52 | 00,106,496 | ---- | M] () binkplay.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\data\binkplay.exe -> [2005/02/17 13:35:56 | 00,124,416 | ---- | M] () strconst.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\data\strconst.dat -> [2005/02/17 13:35:54 | 03,882,460 | ---- | M] () strconst-oldandbad.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\data\strconst-oldandbad.dat -> [2005/02/17 13:35:54 | 03,200,315 | ---- | M] () cards.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\data\cards.dat -> [2005/02/17 13:35:54 | 02,237,533 | ---- | M] () magic1.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\data\magic1.exe -> [2005/02/17 13:35:54 | 01,589,248 | ---- | M] () magic.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\data\magic.exe -> [2005/02/17 13:35:54 | 00,512,000 | ---- | M] () mss32.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\data\mss32.dll -> [2005/02/17 13:35:54 | 00,346,624 | ---- | M] () ctypes.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\data\ctypes.dat -> [2005/02/17 13:35:54 | 00,005,774 | ---- | M] () autoyld.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\data\autoyld.dat -> [2005/02/17 13:35:54 | 00,002,184 | ---- | M] () huff.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\data\huff.dat -> [2005/02/17 13:35:54 | 00,001,024 | ---- | M] () ctrtypes.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\data\ctrtypes.dat -> [2005/02/17 13:35:54 | 00,000,942 | ---- | M] () ltypes.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\data\ltypes.dat -> [2005/02/17 13:35:54 | 00,000,184 | ---- | M] () newcards.dat -> C:\Documents and Settings\Neil\Local Settings\Temp\data\newcards.dat -> [2005/02/17 13:35:54 | 00,000,008 | ---- | M] () uninst.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\uninst.dll -> [2004/09/01 18:56:56 | 00,114,688 | ---- | M] () RESCAN.EXE -> C:\Documents and Settings\Neil\Local Settings\Temp\EPSTPTMP\SETUP\RESCAN.EXE -> [2003/10/06 17:22:40 | 00,050,688 | ---- | M] (EPSON America Inc.) 50comupd.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\50comupd.exe -> [2002/12/18 07:43:16 | 00,509,984 | ---- | M] (Microsoft Corporation) APATCH.DLL -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Setup\APATCH.DLL -> [2002/05/27 14:50:06 | 00,263,848 | ---- | M] (Catalyst Development Corporation) instmsia.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsia.exe -> [2002/03/11 09:45:02 | 01,708,856 | ---- | M] (Microsoft Corporation) msi.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\msi.dll -> [2002/01/25 20:16:48 | 01,994,240 | ---- | M] (Microsoft Corporation) msisip.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\msisip.dll -> [2002/01/25 20:15:28 | 00,039,936 | ---- | M] (Microsoft Corporation) msiexec.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\msiexec.exe -> [2002/01/25 20:15:26 | 00,063,488 | ---- | M] (Microsoft Corporation) msiinst.exe -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\msiinst.exe -> [2002/01/25 20:14:12 | 00,052,224 | ---- | M] (Microsoft Corporation) msihnd.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\msihnd.dll -> [2002/01/25 20:14:04 | 00,304,640 | ---- | M] (Microsoft Corporation) riched20.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\riched20.dll -> [2002/01/25 19:59:26 | 00,431,133 | ---- | M] (Microsoft Corporation) usp10.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\usp10.dll -> [2002/01/25 19:59:26 | 00,314,906 | ---- | M] (Microsoft Corporation) imagehlp.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\imagehlp.dll -> [2002/01/25 19:59:26 | 00,106,013 | ---- | M] (Microsoft Corporation) mspatcha.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\mspatcha.dll -> [2002/01/25 19:59:26 | 00,027,136 | ---- | M] (Microsoft Corporation) shfolder.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\shfolder.dll -> [2002/01/25 19:59:26 | 00,021,021 | ---- | M] (Microsoft Corporation) msimsg.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\msimsg.dll -> [2002/01/25 19:58:54 | 00,847,872 | ---- | M] (Microsoft Corporation) msls31.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\msls31.dll -> [2002/01/25 12:30:14 | 00,167,936 | ---- | M] (Microsoft Corporation) cabinet.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\cabinet.dll -> [2002/01/25 12:30:12 | 00,056,080 | ---- | M] (Microsoft Corporation) sdbapiU.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\instmsiw\sdbapiU.dll -> [2001/08/17 15:37:08 | 00,072,192 | ---- | M] (Microsoft Corporation) ShFolder.Exe -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\ShFolder.Exe -> [2001/01/23 06:13:28 | 00,117,288 | ---- | M] (Microsoft Corporation) msvcp60.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\MS\System\msvcp60.dll -> [2000/08/28 20:19:16 | 00,401,462 | ---- | M] (Microsoft Corporation) oleaut32.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\MS\System\oleaut32.dll -> [2000/04/12 08:00:24 | 00,598,288 | ---- | M] (Microsoft Corporation) mfc42.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\MS\System\mfc42.dll -> [2000/04/06 14:13:36 | 00,995,383 | ---- | M] (Microsoft Corporation) msvcrt.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\MS\System\msvcrt.dll -> [2000/04/06 14:10:40 | 00,278,581 | ---- | M] (Microsoft Corporation) msvcirt.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\MS\System\msvcirt.dll -> [2000/04/06 14:10:38 | 00,077,878 | ---- | M] (Microsoft Corporation) olepro32.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\MS\System\olepro32.dll -> [1999/03/08 06:50:56 | 00,164,112 | ---- | M] (Microsoft Corporation) asycfilt.dll -> C:\Documents and Settings\Neil\Local Settings\Temp\NeroDemo9936\Redist\MS\System\asycfilt.dll -> [1999/03/08 06:50:56 | 00,147,728 | ---- | M] (Microsoft Corporation) [Files/Folders - Unicode - All] C:\Documents and Settings\Neil\My Documents\??????.doc -> C:\Documents and Settings\Neil\My Documents\口头报告第一.doc -> [2006/06/22 09:59:21 | 00,024,576 | ---- | C] () C:\Documents and Settings\Neil\My Documents\??????.doc -> C:\Documents and Settings\Neil\My Documents\口头报告第一.doc -> [2006/06/22 10:48:50 | 00,024,576 | ---- | M] () C:\Documents and Settings\Neil\My Documents\??????.doc -> C:\Documents and Settings\Neil\My Documents\张老师一封信.doc -> [2006/08/15 03:35:51 | 00,024,576 | ---- | C] () C:\Documents and Settings\Neil\My Documents\??????.doc -> C:\Documents and Settings\Neil\My Documents\张老师一封信.doc -> [2006/08/15 03:35:52 | 00,024,576 | ---- | M] () C:\Documents and Settings\Neil\My Documents\????.doc -> C:\Documents and Settings\Neil\My Documents\悲天悯人.doc -> [2006/10/15 04:58:05 | 00,024,576 | ---- | C] () C:\Documents and Settings\Neil\My Documents\????.doc -> C:\Documents and Settings\Neil\My Documents\悲天悯人.doc -> [2006/10/15 05:05:28 | 00,024,576 | ---- | M] () C:\Documents and Settings\Neil\My Documents\????? -> C:\Documents and Settings\Neil\My Documents\普大暑期班 -> [2006/06/20 10:49:47 | 00,000,000 | ---D | C] C:\Documents and Settings\Neil\My Documents\????? -> C:\Documents and Settings\Neil\My Documents\普大暑期班 -> [2007/03/03 03:13:27 | 00,000,000 | ---D | M] [File - Lop Check] Application Data -> C:\Documents and Settings\Administrator\Application Data -> [2005/08/12 21:47:12 | 00,000,000 | RH-D | M] Intel -> C:\Documents and Settings\Administrator\Application Data\Intel -> [2005/08/12 21:25:36 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\All Users\Application Data -> [2009/06/29 20:47:16 | 00,000,000 | RH-D | M] Ableton -> C:\Documents and Settings\All Users\Application Data\Ableton -> [2008/03/27 07:06:27 | 00,000,000 | ---D | M] AVG Security Toolbar -> C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar -> [2009/06/29 17:56:22 | 00,000,000 | ---D | M] Dell Photo Printer 720 -> C:\Documents and Settings\All Users\Application Data\Dell Photo Printer 720 -> [2006/09/20 02:19:11 | 00,000,000 | ---D | M] EnterNHelp -> C:\Documents and Settings\All Users\Application Data\EnterNHelp -> [2006/06/09 21:43:21 | 00,000,000 | ---D | M] Intel -> C:\Documents and Settings\All Users\Application Data\Intel -> [2005/08/12 21:24:58 | 00,000,000 | ---D | M] Intuit -> C:\Documents and Settings\All Users\Application Data\Intuit -> [2005/08/12 21:39:31 | 00,000,000 | ---D | M] muvee Technologies -> C:\Documents and Settings\All Users\Application Data\muvee Technologies -> [2006/06/09 22:20:29 | 00,000,000 | ---D | M] SBSI -> C:\Documents and Settings\All Users\Application Data\SBSI -> [2004/08/10 20:13:06 | 00,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2009/03/31 14:14:58 | 00,000,000 | ---D | M] Ultima_T15 -> C:\Documents and Settings\All Users\Application Data\Ultima_T15 -> [2006/06/09 21:43:21 | 00,000,000 | ---D | M] Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2006/04/12 03:31:56 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\Default User\Application Data -> [2005/08/12 21:47:12 | 00,000,000 | RH-D | M] Intel -> C:\Documents and Settings\Default User\Application Data\Intel -> [2005/08/12 21:25:36 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\LocalService\Application Data -> [2006/12/31 01:26:00 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\Neil\Application Data -> [2009/07/07 16:10:26 | 00,000,000 | ---D | M] Ableton -> C:\Documents and Settings\Neil\Application Data\Ableton -> [2008/03/27 07:06:28 | 00,000,000 | ---D | M] AccurateRip -> C:\Documents and Settings\Neil\Application Data\AccurateRip -> [2008/07/29 10:13:26 | 00,000,000 | ---D | M] Ahead -> C:\Documents and Settings\Neil\Application Data\Ahead -> [2006/08/07 14:00:39 | 00,000,000 | ---D | M] CyberLink -> C:\Documents and Settings\Neil\Application Data\CyberLink -> [2006/03/05 05:21:44 | 00,000,000 | ---D | M] DAEMON Tools -> C:\Documents and Settings\Neil\Application Data\DAEMON Tools -> [2008/11/04 19:28:51 | 00,000,000 | ---D | M] DC++ -> C:\Documents and Settings\Neil\Application Data\DC++ -> [2009/07/19 15:25:14 | 00,000,000 | ---D | M] dvdcss -> C:\Documents and Settings\Neil\Application Data\dvdcss -> [2009/07/19 13:07:00 | 00,000,000 | ---D | M] gadcom -> C:\Documents and Settings\Neil\Application Data\gadcom -> [2008/11/17 15:36:50 | 00,000,000 | ---D | M] Intel -> C:\Documents and Settings\Neil\Application Data\Intel -> [2005/08/12 21:25:36 | 00,000,000 | ---D | M] Leadertech -> C:\Documents and Settings\Neil\Application Data\Leadertech -> [2006/02/02 07:03:29 | 00,000,000 | ---D | M] Move Networks -> C:\Documents and Settings\Neil\Application Data\Move Networks -> [2007/12/15 21:54:47 | 00,000,000 | ---D | M] muvee Technologies -> C:\Documents and Settings\Neil\Application Data\muvee Technologies -> [2006/06/09 22:20:37 | 00,000,000 | ---D | M] My Battle for Middle-earth(tm) II Files -> C:\Documents and Settings\Neil\Application Data\My Battle for Middle-earth(tm) II Files -> [2009/02/28 17:24:53 | 00,000,000 | ---D | M] My Games -> C:\Documents and Settings\Neil\Application Data\My Games -> [2009/07/07 16:11:14 | 00,000,000 | ---D | M] NI.GSCNS -> C:\Documents and Settings\Neil\Application Data\NI.GSCNS -> [2008/11/16 23:38:48 | 00,000,000 | ---D | M] Nikon -> C:\Documents and Settings\Neil\Application Data\Nikon -> [2006/06/09 21:45:37 | 00,000,000 | ---D | M] ourTunes -> C:\Documents and Settings\Neil\Application Data\ourTunes -> [2005/11/20 05:19:06 | 00,000,000 | ---D | M] Petroglyph -> C:\Documents and Settings\Neil\Application Data\Petroglyph -> [2009/06/30 11:53:02 | 00,000,000 | ---D | M] Snapfish -> C:\Documents and Settings\Neil\Application Data\Snapfish -> [2006/02/25 19:07:10 | 00,000,000 | ---D | M] SogouPY -> C:\Documents and Settings\Neil\Application Data\SogouPY -> [2008/09/19 16:17:36 | 00,000,000 | ---D | M] SogouPY.users -> C:\Documents and Settings\Neil\Application Data\SogouPY.users -> [2008/03/30 01:24:38 | 00,000,000 | ---D | M] System Requirements Lab -> C:\Documents and Settings\Neil\Application Data\System Requirements Lab -> [2006/07/15 15:58:43 | 00,000,000 | ---D | M] U3 -> C:\Documents and Settings\Neil\Application Data\U3 -> [2009/04/08 15:08:28 | 00,000,000 | ---D | M] uTorrent -> C:\Documents and Settings\Neil\Application Data\uTorrent -> [2009/07/25 23:08:02 | 00,000,000 | ---D | M] Webshots -> C:\Documents and Settings\Neil\Application Data\Webshots -> [2006/03/05 18:08:44 | 00,000,000 | ---D | M] Wizards of the Coast -> C:\Documents and Settings\Neil\Application Data\Wizards of the Coast -> [2009/05/16 01:28:21 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\NetworkService\Application Data -> [2004/08/10 20:08:14 | 00,000,000 | ---D | M] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [2009/08/18 22:44:32 | 00,000,000 | --SD | M] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [2008/09/03 18:00:20 | 00,000,065 | RH-- | M] () Google Software Updater.job -> C:\WINDOWS\Tasks\Google Software Updater.job -> [2009/08/18 22:44:33 | 00,000,868 | ---- | M] () SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [2009/08/18 22:43:55 | 00,000,006 | -H-- | M] () [File - Purity Scan] [Alternate Data Streams] @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EB2C187A @Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:992566D9 < End of report > [/code]