[code] OTScanIt logfile created on: 4/13/2008 9:43:28 PM OTScanIt by OldTimer - Version 1.0.9.0 Folder = C:\Documents and Settings\Ruberc\Desktop\OTScanIt Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00003409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy 502.42 Mb Total Physical Memory | 137.20 Mb Available Physical Memory | 27.31% Memory free 1.20 Gb Paging File | 0.90 Gb Available in Paging File | 74.77% Paging File free Paging file location(s): c:\pagefile.sys 756 1512; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19.53 Gb Total Space | 12.32 Gb Free Space | 63.09% Space Free | Partition Type: NTFS Drive D: | 17.72 Gb Total Space | 14.71 Gb Free Space | 83.01% Space Free | Partition Type: NTFS Drive E: | 681.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive F: | 7.69 Mb Total Space | 3.71 Mb Free Space | 48.27% Space Free | Partition Type: FAT G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CLARONE Current User Name: Ruberc Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] ibmpmsvc.exe -> %SystemRoot%\system32\ibmpmsvc.exe -> [Ver = | Size = 57344 bytes | Modified Date = 11/5/2004 1:30:00 AM | Attr = R ] mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc [Ver = 6, 0, 0, 16 | Size = 303104 bytes | Modified Date = 9/22/2005 6:29:08 PM | Attr = ] mskagent.exe -> %ProgramFiles%\McAfee\SpamKiller\MSKAgent.exe -> McAfee Inc. [Ver = 6.1.0.6 | Size = 126976 bytes | Modified Date = 3/23/2005 4:33:58 PM | Attr = ] ymsgr_tray.exe -> %ProgramFiles%\Yahoo!\Messenger\Ymsgr_tray.exe -> Yahoo! Inc. [Ver = 8,1,0,0 | Size = 103664 bytes | Modified Date = 8/30/2007 5:43:18 PM | Attr = ] dcfssvc.exe -> %SystemRoot%\system32\drivers\dcfssvc.exe -> Eastman Kodak Company [Ver = 1.1.1600.0 | Size = 75324 bytes | Modified Date = 5/18/2000 3:00:12 PM | Attr = ] massrv.exe -> %ProgramFiles%\McAfee\McAfee AntiSpyware\MASSrv.exe -> McAfee, Inc. [Ver = 1.5.0.110 | Size = 876544 bytes | Modified Date = 1/6/2006 3:13:32 PM | Attr = ] mcdetect.exe -> %ProgramFiles%\McAfee.com\Agent\Mcdetect.exe -> McAfee, Inc [Ver = 6, 0, 0, 19 | Size = 126976 bytes | Modified Date = 10/13/2005 7:56:16 PM | Attr = ] mcshield.exe -> %ProgramFiles%\McAfee.com\VSO\McShield.exe -> McAfee Inc. [Ver = 11.0.0.151 | Size = 221184 bytes | Modified Date = 8/10/2005 11:22:02 AM | Attr = ] mctskshd.exe -> %ProgramFiles%\McAfee.com\Agent\McTskshd.exe -> McAfee, Inc [Ver = 6, 0, 0, 13 | Size = 122368 bytes | Modified Date = 8/24/2005 4:01:04 PM | Attr = ] oasclnt.exe -> %ProgramFiles%\McAfee.com\VSO\oasclnt.exe -> McAfee, Inc. [Ver = 10, 0, 0, 24 | Size = 53248 bytes | Modified Date = 8/11/2005 10:02:44 PM | Attr = ] mpfservice.exe -> %ProgramFiles%\McAfee.com\Personal Firewall\MpfService.exe -> McAfee Corporation [Ver = 6.1.0.44 | Size = 552960 bytes | Modified Date = 4/5/2005 2:40:06 PM | Attr = ] msksrvr.exe -> %ProgramFiles%\McAfee\SpamKiller\MSKSrvr.exe -> McAfee Inc. [Ver = 6.1.0.7 | Size = 956928 bytes | Modified Date = 4/5/2005 5:56:16 PM | Attr = ] mcvsshld.exe -> %ProgramFiles%\McAfee.com\VSO\mcvsshld.exe -> McAfee, Inc. [Ver = 10, 0, 0, 22 | Size = 163840 bytes | Modified Date = 8/10/2005 12:49:20 PM | Attr = ] mcvsescn.exe -> %ProgramFiles%\McAfee.com\VSO\McVSEscn.exe -> McAfee, Inc. [Ver = 10, 0, 0, 20 | Size = 483328 bytes | Modified Date = 7/8/2005 6:16:16 PM | Attr = ] qconsvc.exe -> %SystemRoot%\system32\QCONSVC.EXE -> IBM Corp. [Ver = 3, 7, 1, 0 | Size = 77824 bytes | Modified Date = 3/18/2005 3:07:00 AM | Attr = ] smagent.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 | Size = 45056 bytes | Modified Date = 9/20/2002 3:50:10 PM | Attr = ] tpkmpsvc.exe -> %SystemRoot%\system32\TpKmpSvc.exe -> [Ver = | Size = 32768 bytes | Modified Date = 7/11/2003 6:19:22 PM | Attr = ] chikkalauncher.exe -> %ProgramFiles%\ChikkaV4\ChikkaLauncher.exe -> [Ver = 1, 0, 0, 25 | Size = 36864 bytes | Modified Date = 12/25/2007 9:00:20 AM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.9.0 | Size = 369152 bytes | Modified Date = 4/4/2008 12:24:38 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 11/25/2007 6:48:04 PM | Attr = ] (Dcfssvc) Dcfssvc [Win32_Own | Auto | Running] -> %SystemRoot%\system32\drivers\dcfssvc.exe -> Eastman Kodak Company [Ver = 1.1.1600.0 | Size = 75324 bytes | Modified Date = 5/18/2000 3:00:12 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 6:56:50 AM | Attr = ] (IBMPMSVC) IBM PM Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ibmpmsvc.exe -> [Ver = | Size = 57344 bytes | Modified Date = 11/5/2004 1:30:00 AM | Attr = R ] (iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.1.1.5 | Size = 500800 bytes | Modified Date = 4/27/2007 11:25:52 AM | Attr = ] (McAfee AntiSpyware Service) McAfee AntiSpyware Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\McAfee AntiSpyware\MASSrv.exe -> McAfee, Inc. [Ver = 1.5.0.110 | Size = 876544 bytes | Modified Date = 1/6/2006 3:13:32 PM | Attr = ] (McDetect.exe) McAfee WSC Integration [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\Agent\Mcdetect.exe -> McAfee, Inc [Ver = 6, 0, 0, 19 | Size = 126976 bytes | Modified Date = 10/13/2005 7:56:16 PM | Attr = ] (McShield) McAfee.com McShield [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\VSO\McShield.exe -> McAfee Inc. [Ver = 11.0.0.151 | Size = 221184 bytes | Modified Date = 8/10/2005 11:22:02 AM | Attr = ] (McTskshd.exe) McAfee Task Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\Agent\McTskshd.exe -> McAfee, Inc [Ver = 6, 0, 0, 13 | Size = 122368 bytes | Modified Date = 8/24/2005 4:01:04 PM | Attr = ] (mcupdmgr.exe) McAfee SecurityCenter Update Manager [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee.com\Agent\mcupdmgr.exe -> McAfee, Inc [Ver = 6, 0, 0, 4 | Size = 245760 bytes | Modified Date = 7/1/2005 7:22:50 PM | Attr = ] (MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\Personal Firewall\MpfService.exe -> McAfee Corporation [Ver = 6.1.0.44 | Size = 552960 bytes | Modified Date = 4/5/2005 2:40:06 PM | Attr = ] (MskService) McAfee SpamKiller Server [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\SpamKiller\MSKSrvr.exe -> McAfee Inc. [Ver = 6.1.0.7 | Size = 956928 bytes | Modified Date = 4/5/2005 5:56:16 PM | Attr = ] (QCONSVC) QCONSVC [Win32_Own | Auto | Running] -> %SystemRoot%\system32\QCONSVC.EXE -> IBM Corp. [Ver = 3, 7, 1, 0 | Size = 77824 bytes | Modified Date = 3/18/2005 3:07:00 AM | Attr = ] (SoundMAX Agent Service (default)) SoundMAX Agent Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Analog Devices\SoundMAX\SMAgent.exe -> Analog Devices, Inc. [Ver = 3, 2, 6, 0 | Size = 45056 bytes | Modified Date = 9/20/2002 3:50:10 PM | Attr = ] (TpKmpSVC) IBM KCU Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\TpKmpSvc.exe -> [Ver = | Size = 32768 bytes | Modified Date = 7/11/2003 6:19:22 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> BLOG -> %ProgramFiles%\ThinkPad\Utilities\BATLOGEX.DLL [rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog] -> [Ver = | Size = 208896 bytes | Modified Date = 4/20/2005 1:38:00 AM | Attr = ] BMMGAG -> %ProgramFiles%\ThinkPad\Utilities\PWRMONIT.DLL [RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor] -> IBM Corp. [Ver = 1, 0, 0, 0 | Size = 110592 bytes | Modified Date = 4/20/2005 1:38:00 AM | Attr = ] MCAgentExe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe [c:\PROGRA~1\mcafee.com\agent\McAgent.exe] -> McAfee, Inc [Ver = 6, 0, 0, 16 | Size = 303104 bytes | Modified Date = 9/22/2005 6:29:08 PM | Attr = ] MCUpdateExe -> %ProgramFiles%\McAfee.com\Agent\mcupdate.exe [C:\PROGRA~1\mcafee.com\agent\mcupdate.exe] -> McAfee, Inc [Ver = 6, 0, 0, 21 | Size = 212992 bytes | Modified Date = 1/11/2006 12:05:42 PM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> kxva -> %SystemRoot%\system32\kxvo.exe [C:\WINDOWS\system32\kxvo.exe] -> File not found MSKAGENTEXE -> %ProgramFiles%\McAfee\SpamKiller\MSKAgent.exe [C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe] -> McAfee Inc. [Ver = 6.1.0.6 | Size = 126976 bytes | Modified Date = 3/23/2005 4:33:58 PM | Attr = ] Yahoo! Pager -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe ["C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet] -> Yahoo! Inc. [Ver = 8,1,0,421 | Size = 4670704 bytes | Modified Date = 8/30/2007 5:43:18 PM | Attr = ] < RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> ARC -> %ProgramFiles%\McAfee\McAfee QuickClean\Uni.exe ["C:\Program Files\McAfee\McAfee QuickClean\Uni.exe" /ARC:Boxing Manager Professional Edition 1.8.3] -> McAfee, Inc. [Ver = 5.00.1.0 | Size = 77824 bytes | Modified Date = 8/25/2004 5:00:00 AM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Ruberc Startup Folder > -> C:\Documents and Settings\Ruberc\Start Menu\Programs\Startup -> < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> %SystemRoot%\system32\igfxsrvc.dll -> Intel Corporation [Ver = 3.0.0.3943 | Size = 348160 bytes | Modified Date = 11/2/2004 8:59:20 AM | Attr = R ] QConGina -> %SystemRoot%\system32\QConGina.dll -> IBM Corp. [Ver = 3, 7, 1, 0 | Size = 262144 bytes | Modified Date = 3/18/2005 3:07:00 AM | Attr = ] tphotkey -> %SystemRoot%\system32\tphklock.dll -> [Ver = | Size = 24576 bytes | Modified Date = 8/12/2004 8:11:26 PM | Attr = R ] WgaLogon -> -> File not found < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLegacyLogonScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLogoffScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunLogonScriptSync -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunStartupScriptSync -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideStartupScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 36 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> (binary data) -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLegacyLogonScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLogoffScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunLogonScriptSync -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunStartupScriptSync -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideStartupScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.yahoo.com/ -> HKEY_CURRENT_USER\: SearchURL\\ -> http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> .[msn] -> My Computer -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 11:08:42 PM | Attr = ] < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {BA52B914-B692-46c4-B683-905236F6F655} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee.com\VSO\mcvsshl.dll [McAfee VirusScan] -> McAfee, Inc. [Ver = 10, 0, 0, 19 | Size = 114688 bytes | Modified Date = 7/1/2005 8:44:30 PM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {85d1f590-48f4-11d9-9669-0800200c9a66}:Exec -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [Ver = | Size = 53248 bytes | Modified Date = 1/9/2008 3:01:48 PM | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {728068BE-467A-4D03-AABB-EEE88287DA79} -> (Intel(R) PRO/Wireless 2200BG Network Connection) -> {C74239D3-4A4B-4721-A4E8-1C043B15DE24} -> (Intel(R) PRO/100 VE Network Connection) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value vnd.ms.radio:{3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\msdxm.ocx[AsyncPProt Class] -> [Ver = | Size = 844314 bytes | Modified Date = 8/4/2004 4:51:04 AM | Attr = ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}[HKEY_LOCAL_MACHINE] -> http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab[CKAVWebScan Object] -> {149E45D8-163E-4189-86FC-45022AB2B6C9}[HKEY_LOCAL_MACHINE] -> file://C:\Program Files\Chessmaster Challenge\Images\stg_drm.ocx[SpinTop DRM Control] -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}[HKEY_LOCAL_MACHINE] -> http://download.bitdefender.com/resources/scan8/oscan8.cab[BDSCANONLINE Control] -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}[HKEY_LOCAL_MACHINE] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.3] -> {CC450D71-CC90-424C-8638-1F2DBAC87A54}[HKEY_LOCAL_MACHINE] -> file://C:\Program Files\Chessmaster Challenge\Images\armhelper.ocx[ArmHelper Control] -> Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandel.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandel.exe\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandel.exe\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandellang.ini\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandellang.ini\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/bdoscandellang.ini\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/armhelper.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/armhelper.ocx\\.Owner -> {CC450D71-CC90-424C-8638-1F2DBAC87A54} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/armhelper.ocx\\{CC450D71-CC90-424C-8638-1F2DBAC87A54} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/asinst.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/asinst.dll\\.Owner -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/asinst.dll\\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/auc_lib.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/auc_lib.dll\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/auc_lib.dll\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdcore.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdcore.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdcore.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdupd.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdupd.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/bdupd.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ca.pub\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ca.pub\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ca.pub\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/stg_drm.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/stg_drm.ocx\\.Owner -> {149E45D8-163E-4189-86FC-45022AB2B6C9} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/stg_drm.ocx\\{149E45D8-163E-4189-86FC-45022AB2B6C9} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.2/stg_drm.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.2/stg_drm.ocx\\.Owner -> {149E45D8-163E-4189-86FC-45022AB2B6C9} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.2/stg_drm.ocx\\{149E45D8-163E-4189-86FC-45022AB2B6C9} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/daas_s.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/daas_s.dll\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/daas_s.dll\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fscax.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fscax.dll\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/fscax.dll\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/gatelauncher.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/gatelauncher.exe\\.Owner -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/gatelauncher.exe\\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ipsupd.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ipsupd.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ipsupd.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/lang.ini\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/lang.ini\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/lang.ini\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libfn.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libfn.dll\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/libfn.dll\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/live.ini\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/live.ini\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/live.ini\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/oscan82.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/oscan82.ocx\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/oscan82.ocx\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/scanoptions.tsi\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/scanoptions.tsi\\.Owner -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/scanoptions.tsi\\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/stg_drm.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/stg_drm.ocx\\.Owner -> {149E45D8-163E-4189-86FC-45022AB2B6C9} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/stg_drm.ocx\\{149E45D8-163E-4189-86FC-45022AB2B6C9} -> -> [Files/Folders - Created Within 30 days] 23990098.$$$ -> %SystemDrive%\23990098.$$$ -> [Ver = | Size = 0 bytes | Created Date = 3/31/2008 1:29:51 PM | Attr = ] autorun.inf -> %SystemDrive%\autorun.inf -> [Ver = | Size = 521 bytes | Created Date = 4/5/2008 10:02:31 AM | Attr = RHS] Avenger -> %SystemDrive%\Avenger -> [Folder | Created Date = 4/2/2008 7:30:57 PM | Attr = ] Bases -> %SystemDrive%\Bases -> [Folder | Created Date = 3/31/2008 11:04:22 AM | Attr = ] ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 4/5/2008 10:42:07 AM | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 4/2/2008 7:35:25 PM | Attr = ] Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 3/31/2008 11:04:22 AM | Attr = ] fsaua.data -> %SystemDrive%\fsaua.data -> [Folder | Created Date = 4/9/2008 10:09:12 AM | Attr = ] Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Created Date = 3/31/2008 11:02:48 AM | Attr = ] n2.bat -> %SystemDrive%\n2.bat -> [Ver = | Size = 157333 bytes | Created Date = 4/8/2008 11:26:00 AM | Attr = RHS] QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 4/3/2008 6:59:48 PM | Attr = ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 4/4/2008 11:09:55 PM | Attr = HS] w2ngo.com -> %SystemDrive%\w2ngo.com -> [Ver = | Size = 157141 bytes | Created Date = 4/10/2008 11:57:54 PM | Attr = RHS] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 4/6/2008 10:38:59 PM | Attr = ] asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 3/24/2008 8:44:08 PM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Created Date = 3/29/2008 11:56:25 PM | Attr = ] 41 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 4/3/2008 6:59:43 PM | Attr = ] grep.exe -> %SystemRoot%\System32\grep.exe -> [Ver = | Size = 80412 bytes | Created Date = 4/3/2008 6:59:43 PM | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Created Date = 3/24/2008 8:42:55 PM | Attr = ] Kaspersky Lab -> %SystemRoot%\System32\Kaspersky Lab -> [Folder | Created Date = 3/27/2008 11:24:36 AM | Attr = ] sed.exe -> %SystemRoot%\System32\sed.exe -> [Ver = | Size = 98816 bytes | Created Date = 4/3/2008 6:59:43 PM | Attr = ] swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 4/3/2008 6:59:43 PM | Attr = ] swsc.exe -> %SystemRoot%\System32\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 4/3/2008 6:59:43 PM | Attr = ] swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 4/3/2008 6:59:43 PM | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Created Date = 3/24/2008 8:42:55 PM | Attr = ] VFind.exe -> %SystemRoot%\System32\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 4/3/2008 6:59:43 PM | Attr = ] zip.exe -> %SystemRoot%\System32\zip.exe -> [Ver = | Size = 68096 bytes | Created Date = 4/3/2008 6:59:43 PM | Attr = ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 3/29/2008 11:53:13 PM | Attr = H ] 6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 3/29/2008 11:52:18 PM | Attr = H ] BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Created Date = 4/6/2008 8:24:51 PM | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 4/3/2008 7:00:08 PM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 3/29/2008 11:53:49 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 3/29/2008 11:58:16 PM | Attr = ] iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.4 | Size = 737280 bytes | Created Date = 3/24/2008 1:56:23 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 3/29/2008 11:47:58 PM | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 4/3/2008 6:59:44 PM | Attr = ] PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Created Date = 4/4/2008 9:55:17 AM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 4/7/2008 7:29:18 AM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 4/7/2008 7:29:18 AM | Attr = H ] WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 3/29/2008 11:56:29 PM | Attr = ] [Files/Folders - Modified Within 30 days] 23990098.$$$ -> %SystemDrive%\23990098.$$$ -> [Ver = | Size = 0 bytes | Modified Date = 4/5/2008 12:49:51 AM | Attr = ] autorun.inf -> %SystemDrive%\autorun.inf -> [Ver = | Size = 521 bytes | Modified Date = 4/13/2008 9:24:14 PM | Attr = RHS] Avenger -> %SystemDrive%\Avenger -> [Folder | Modified Date = 4/13/2008 9:33:04 PM | Attr = ] Bases -> %SystemDrive%\Bases -> [Folder | Modified Date = 4/4/2008 11:00:01 PM | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 3/29/2008 11:15:52 PM | Attr = HS] ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 4/5/2008 10:42:11 AM | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 4/2/2008 7:35:25 PM | Attr = ] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 4/4/2008 10:59:48 PM | Attr = ] fsaua.data -> %SystemDrive%\fsaua.data -> [Folder | Modified Date = 4/9/2008 10:09:12 AM | Attr = ] Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Modified Date = 4/4/2008 11:00:55 PM | Attr = ] n2.bat -> %SystemDrive%\n2.bat -> [Ver = | Size = 157333 bytes | Modified Date = 4/8/2008 11:25:29 AM | Attr = RHS] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 4/13/2008 9:32:26 PM | Attr = R ] QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 4/4/2008 9:51:12 AM | Attr = ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 4/4/2008 11:09:55 PM | Attr = HS] sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/27/2008 9:38:55 AM | Attr = H ] sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/27/2008 9:50:12 AM | Attr = H ] sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/27/2008 10:09:48 AM | Attr = H ] sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/27/2008 11:42:20 AM | Attr = H ] sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/28/2008 5:43:49 PM | Attr = H ] sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/29/2008 12:51:58 AM | Attr = H ] sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/29/2008 9:03:47 AM | Attr = H ] sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/29/2008 11:10:58 PM | Attr = H ] sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/29/2008 11:16:14 PM | Attr = H ] sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/24/2008 3:52:05 PM | Attr = H ] sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/24/2008 7:16:49 PM | Attr = H ] sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/24/2008 10:47:56 PM | Attr = H ] sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/25/2008 1:00:16 AM | Attr = H ] sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/25/2008 6:50:41 PM | Attr = H ] sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/26/2008 12:27:03 AM | Attr = H ] sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/26/2008 11:03:16 AM | Attr = H ] sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/26/2008 6:54:25 PM | Attr = H ] sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/26/2008 10:10:26 PM | Attr = H ] sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/27/2008 2:36:35 AM | Attr = H ] sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 268 bytes | Modified Date = 3/27/2008 8:29:50 AM | Attr = H ] sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/27/2008 9:38:55 AM | Attr = H ] sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/27/2008 9:50:12 AM | Attr = H ] sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/27/2008 10:09:48 AM | Attr = H ] sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/27/2008 11:42:20 AM | Attr = H ] sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/28/2008 5:43:49 PM | Attr = H ] sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/29/2008 12:51:58 AM | Attr = H ] sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/29/2008 9:03:46 AM | Attr = H ] sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/29/2008 11:10:58 PM | Attr = H ] sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/29/2008 11:16:14 PM | Attr = H ] sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/24/2008 3:52:05 PM | Attr = H ] sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/24/2008 7:16:49 PM | Attr = H ] sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/24/2008 10:47:56 PM | Attr = H ] sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/25/2008 1:00:16 AM | Attr = H ] sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/25/2008 6:50:41 PM | Attr = H ] sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/26/2008 12:27:03 AM | Attr = H ] sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/26/2008 11:03:16 AM | Attr = H ] sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/26/2008 6:54:24 PM | Attr = H ] sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/26/2008 10:10:26 PM | Attr = H ] sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/27/2008 2:36:35 AM | Attr = H ] sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 3/27/2008 8:29:49 AM | Attr = H ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 4/6/2008 10:52:39 PM | Attr = HS] w2ngo.com -> %SystemDrive%\w2ngo.com -> [Ver = | Size = 157141 bytes | Modified Date = 4/12/2008 6:42:59 PM | Attr = RHS] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 4/10/2008 11:05:47 PM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 4/6/2008 10:38:59 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 4/13/2008 9:41:38 AM | Attr = ] 41 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 3/29/2008 11:56:43 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 4/10/2008 9:57:08 PM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 4/13/2008 9:32:25 PM | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 3/29/2008 11:58:33 PM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 650680 bytes | Modified Date = 4/10/2008 10:45:05 PM | Attr = ] Help.ico -> %SystemRoot%\System32\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 3/24/2008 8:42:55 PM | Attr = ] Kaspersky Lab -> %SystemRoot%\System32\Kaspersky Lab -> [Folder | Modified Date = 3/27/2008 11:24:36 AM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 4/6/2008 10:52:40 PM | Attr = ] Status.MPF -> %SystemRoot%\System32\Status.MPF -> [Ver = | Size = 93568 bytes | Modified Date = 4/13/2008 9:33:49 PM | Attr = ] Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 3/24/2008 8:42:56 PM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 3/24/2008 9:54:50 PM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 4/10/2008 8:03:36 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 4/10/2008 9:57:18 PM | Attr = H ] 6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 3/29/2008 11:53:13 PM | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 3/29/2008 11:52:18 PM | Attr = H ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 3/24/2008 9:43:22 PM | Attr = ] BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Modified Date = 4/6/2008 9:27:35 PM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 4/13/2008 9:32:50 PM | Attr = S] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 4/9/2008 11:16:38 PM | Attr = S] erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 4/3/2008 7:00:08 PM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 3/30/2008 1:20:50 PM | Attr = ] ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 3/29/2008 11:55:48 PM | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 3/29/2008 11:59:33 PM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Modified Date = 3/24/2008 9:45:17 PM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 4/10/2008 9:57:14 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 4/10/2008 9:57:25 PM | Attr = H ] iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.1.4 | Size = 737280 bytes | Modified Date = 3/24/2008 1:59:41 PM | Attr = ] mdm.ini -> %SystemRoot%\mdm.ini -> [Ver = | Size = 185 bytes | Modified Date = 4/7/2008 8:43:03 PM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 3/29/2008 11:56:13 PM | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 4/3/2008 9:38:48 PM | Attr = ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 3/29/2008 11:47:58 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 4/13/2008 9:39:11 PM | Attr = ] PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Modified Date = 4/4/2008 9:55:17 AM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 3/28/2008 8:37:32 AM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 4/7/2008 7:29:18 AM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 4/7/2008 7:29:18 AM | Attr = H ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 3/24/2008 9:47:38 PM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 4/4/2008 9:54:13 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 4/13/2008 9:32:26 PM | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 4/13/2008 9:33:46 PM | Attr = ] Thumbs.db -> %SystemRoot%\Thumbs.db -> [Ver = | Size = 7168 bytes | Modified Date = 3/31/2008 11:03:28 AM | Attr = HS] @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 3/29/2008 11:56:29 PM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 726 bytes | Modified Date = 3/29/2008 11:15:51 PM | Attr = ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 4/13/2008 4:09:02 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 4/13/2008 9:32:53 PM | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4617 bytes | Modified Date = 4/10/2008 8:07:33 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4232 bytes | Modified Date = 4/10/2008 8:07:33 PM | Attr = ] opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [Ver = | Size = 8206 bytes | Modified Date = 6/21/2007 10:17:26 PM | Attr = ] nircmd.exe -> C:\Documents and Settings\Ruberc\Local Settings\Temp\nircmd.exe -> NirSoft [Ver = 1.85 | Size = 26112 bytes | Modified Date = 7/24/2006 1:38:26 AM | Attr = ] 4 C:\Documents and Settings\Ruberc\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Ruberc\Local Settings\Temp\*.tmp -> sed.exe -> C:\Documents and Settings\Ruberc\Local Settings\Temp\~uvehcyh.tmp\sed.exe -> [Ver = | Size = 37376 bytes | Modified Date = 7/30/2007 10:23:07 AM | Attr = ] swreg.exe -> C:\Documents and Settings\Ruberc\Local Settings\Temp\~uvehcyh.tmp\swreg.exe -> SteelWerX [Ver = 2.0.2.0 | Size = 119296 bytes | Modified Date = 7/30/2007 10:23:07 AM | Attr = ] fsgk32.exe -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk32.exe -> F-Secure Corp. [Ver = 7.60.14020.0 | Size = 413696 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fssm32.exe -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fssm32.exe -> F-Secure Corp. [Ver = 7.60.14020.0 | Size = 494592 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fsgk32.exe -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgk32.exe -> F-Secure Corp. [Ver = 7.60.14020.0 | Size = 413696 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fssm32.exe -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fssm32.exe -> F-Secure Corp. [Ver = 7.60.14020.0 | Size = 494592 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] 5yswe.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\5yswe.dll -> [Ver = | Size = 25675 bytes | Modified Date = 4/8/2008 11:24:23 AM | Attr = H ] 8lm5ns.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\8lm5ns.dll -> [Ver = | Size = 26010 bytes | Modified Date = 4/10/2008 12:51:08 AM | Attr = H ] e.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\e.dll -> [Ver = | Size = 25774 bytes | Modified Date = 4/10/2008 11:56:24 PM | Attr = H ] ivtwdmwz.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\ivtwdmwz.dll -> [Ver = | Size = 27548 bytes | Modified Date = 4/9/2008 8:22:54 AM | Attr = H ] kkd7.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\kkd7.dll -> [Ver = | Size = 26805 bytes | Modified Date = 4/12/2008 6:41:56 PM | Attr = H ] t89tym.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\t89tym.dll -> [Ver = | Size = 26992 bytes | Modified Date = 4/13/2008 9:40:34 AM | Attr = H ] udtas9b.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\udtas9b.dll -> [Ver = | Size = 25627 bytes | Modified Date = 4/10/2008 12:49:21 AM | Attr = H ] 4 C:\Documents and Settings\Ruberc\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Ruberc\Local Settings\Temp\*.tmp -> AVPFPI0.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\AVPFPI0.dll -> Kaspersky Lab [Ver = 7.0.171.8410 | Size = 147538 bytes | Modified Date = 4/9/2008 10:22:32 AM | Attr = ] avpproxy.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\avpproxy.dll -> F-Secure Corporation [Ver = 1.2.12160 | Size = 77910 bytes | Modified Date = 4/9/2008 10:22:32 AM | Attr = ] daas_s.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\daas_s.dll -> F-Secure Corporation [Ver = 6.00.14023 | Size = 495616 bytes | Modified Date = 2/27/2008 3:59:28 PM | Attr = ] fm4av.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fm4av.dll -> [Ver = | Size = 514048 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fpinor.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fpinor.dll -> F-Secure Corporation [Ver = 1.20.13330 | Size = 113664 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fsbl.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbl.dll -> F-Secure Corporation [Ver = 1, 0, 0, 1 | Size = 49152 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fsbld.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbld.dll -> F-Secure Corporation [Ver = 1, 0, 0, 64 | Size = 524288 bytes | Modified Date = 4/9/2008 10:21:11 AM | Attr = ] fsecr32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsecr32.dll -> F-Secure Corporation [Ver = 2.08.8110 | Size = 262144 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsgkiapi.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgkiapi.dll -> F-Secure Corp. [Ver = 7.60.13372.8144 | Size = 82432 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fsmart.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsmart.dll -> F-Secure Corporation [Ver = 1, 0, 0, 28 | Size = 147456 bytes | Modified Date = 4/9/2008 10:22:09 AM | Attr = ] fspe32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fspe32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 475136 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fssubmit.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fssubmit.dll -> F-Secure Corporation [Ver = 1.0.11 | Size = 651264 bytes | Modified Date = 4/9/2008 10:21:05 AM | Attr = ] fsup32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsup32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 573440 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupcx32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupcx32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 73728 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupfg32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupfg32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 122880 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupmw32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupmw32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 106496 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupnp32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupnp32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 131072 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupux32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupux32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 122880 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupwu32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupwu32.dll -> [Ver = | Size = 126976 bytes | Modified Date = 4/9/2008 10:21:55 AM | Attr = ] fsusscr.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsusscr.dll -> F-Secure Corporation [Ver = 2.30.14093 | Size = 880640 bytes | Modified Date = 4/9/2008 10:22:09 AM | Attr = ] Nse_w32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\Nse_w32.dll -> [Ver = | Size = 506936 bytes | Modified Date = 4/9/2008 10:20:55 AM | Attr = ] AVPFPI0.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\fsav_beta\AVPFPI0.dll -> Kaspersky Lab [Ver = 7.0.171.8410 | Size = 147538 bytes | Modified Date = 4/9/2008 10:22:32 AM | Attr = ] avpproxy.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\fsav_beta\avpproxy.dll -> F-Secure Corporation [Ver = 1.2.12160 | Size = 77910 bytes | Modified Date = 4/9/2008 10:22:32 AM | Attr = ] fm4av.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fm4av.dll -> [Ver = | Size = 514048 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fpinor.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fpinor.dll -> F-Secure Corporation [Ver = 1.20.13330 | Size = 113664 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fsbl.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsbl.dll -> F-Secure Corporation [Ver = 1, 0, 0, 1 | Size = 49152 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fsgkiapi.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgkiapi.dll -> F-Secure Corp. [Ver = 7.60.13372.8144 | Size = 82432 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] fsecr32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsecr32.dll -> F-Secure Corporation [Ver = 2.08.8110 | Size = 262144 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fspe32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fspe32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 475136 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsup32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsup32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 573440 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupcx32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupcx32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 73728 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupfg32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupfg32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 122880 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupmw32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupmw32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 106496 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupnp32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupnp32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 131072 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupux32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupux32.dll -> F-Secure Corporation [Ver = 1.2.410 | Size = 122880 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupwu32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupwu32.dll -> [Ver = | Size = 126976 bytes | Modified Date = 4/9/2008 10:21:55 AM | Attr = ] fsmart.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsmart.dll -> F-Secure Corporation [Ver = 1, 0, 0, 28 | Size = 147456 bytes | Modified Date = 4/9/2008 10:22:09 AM | Attr = ] fsusscr.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsusscr.dll -> F-Secure Corporation [Ver = 2.30.14093 | Size = 880640 bytes | Modified Date = 4/9/2008 10:22:09 AM | Attr = ] Nse_w32.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\Nse_w32.dll -> [Ver = | Size = 506936 bytes | Modified Date = 4/9/2008 10:20:55 AM | Attr = ] fssubmit.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\fssubmit.dll -> F-Secure Corporation [Ver = 1.0.11 | Size = 651264 bytes | Modified Date = 4/9/2008 10:21:05 AM | Attr = ] fsblu.dll -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\ols_bl\fsblu.dll -> F-Secure Corporation [Ver = 1, 0, 0, 64 | Size = 524288 bytes | Modified Date = 4/9/2008 10:21:11 AM | Attr = ] ext.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\ext.dat -> [Ver = | Size = 444 bytes | Modified Date = 4/9/2008 10:20:16 AM | Attr = ] fsedb.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsedb.dat -> [Ver = | Size = 718730 bytes | Modified Date = 4/9/2008 3:29:58 PM | Attr = ] fsupdllb.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupdllb.dat -> [Ver = | Size = 422594 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupplgn.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupplgn.dat -> [Ver = | Size = 226 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsuptmpl.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\fsuptmpl.dat -> [Ver = | Size = 5858 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] perf.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\perf.dat -> [Ver = | Size = 128 bytes | Modified Date = 4/10/2008 12:48:36 AM | Attr = ] sae.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\sae.dat -> [Ver = | Size = 243 bytes | Modified Date = 4/9/2008 10:20:13 AM | Attr = ] sai.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\sai.dat -> [Ver = | Size = 1348 bytes | Modified Date = 4/9/2008 10:20:13 AM | Attr = ] ext.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\avmisc\ext.dat -> [Ver = | Size = 444 bytes | Modified Date = 4/9/2008 10:20:16 AM | Attr = ] sae.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\avmisc\sae.dat -> [Ver = | Size = 243 bytes | Modified Date = 4/9/2008 10:20:13 AM | Attr = ] sai.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\avmisc\sai.dat -> [Ver = | Size = 1348 bytes | Modified Date = 4/9/2008 10:20:13 AM | Attr = ] fsedb.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsedb.dat -> [Ver = | Size = 718730 bytes | Modified Date = 4/9/2008 3:29:58 PM | Attr = ] fsupdllb.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupdllb.dat -> [Ver = | Size = 422594 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsupplgn.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupplgn.dat -> [Ver = | Size = 226 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] fsuptmpl.dat -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsuptmpl.dat -> [Ver = | Size = 5858 bytes | Modified Date = 4/9/2008 10:21:54 AM | Attr = ] FS@av.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@av.ini -> [Ver = | Size = 203 bytes | Modified Date = 4/9/2008 10:20:15 AM | Attr = ] FS@avpe.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@avpe.ini -> [Ver = | Size = 205 bytes | Modified Date = 4/9/2008 3:29:53 PM | Attr = ] FS@bleng.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@bleng.ini -> [Ver = | Size = 241 bytes | Modified Date = 4/9/2008 10:21:11 AM | Attr = ] FS@corp.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@corp.ini -> [Ver = | Size = 176 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] FS@hydra.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@hydra.ini -> [Ver = | Size = 250 bytes | Modified Date = 4/9/2008 3:29:58 PM | Attr = ] FS@mlc.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@mlc.ini -> [Ver = | Size = 204 bytes | Modified Date = 4/9/2008 10:22:09 AM | Attr = ] FS@ols.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@ols.ini -> [Ver = | Size = 168 bytes | Modified Date = 4/9/2008 10:21:05 AM | Attr = ] FS@peg.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\FS@peg.ini -> [Ver = | Size = 204 bytes | Modified Date = 4/9/2008 10:20:55 AM | Attr = ] verdicts.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\Anti-Virus\verdicts.ini -> [Ver = | Size = 2539 bytes | Modified Date = 4/9/2008 10:20:11 AM | Attr = ] FS@av.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\avmisc\FS@av.ini -> [Ver = | Size = 203 bytes | Modified Date = 4/9/2008 10:20:15 AM | Attr = ] FS@avpe.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\avpe\FS@avpe.ini -> [Ver = | Size = 205 bytes | Modified Date = 4/9/2008 3:29:53 PM | Attr = ] verdicts.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\avpe\verdicts.ini -> [Ver = | Size = 2539 bytes | Modified Date = 4/9/2008 10:20:11 AM | Attr = ] FS@corp.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\fsav_beta\FS@corp.ini -> [Ver = | Size = 176 bytes | Modified Date = 4/9/2008 10:22:33 AM | Attr = ] FS@hydra.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\hydrawin\FS@hydra.ini -> [Ver = | Size = 250 bytes | Modified Date = 4/9/2008 3:29:58 PM | Attr = ] FS@mlc.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\mlcwin\FS@mlc.ini -> [Ver = | Size = 204 bytes | Modified Date = 4/9/2008 10:22:09 AM | Attr = ] FS@peg.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\FS@peg.ini -> [Ver = | Size = 204 bytes | Modified Date = 4/9/2008 10:20:55 AM | Attr = ] FS@ols.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\FS@ols.ini -> [Ver = | Size = 168 bytes | Modified Date = 4/9/2008 10:21:05 AM | Attr = ] FS@bleng.ini -> C:\Documents and Settings\Ruberc\Local Settings\Temp\OnlineScanner\updates\ols_bl\FS@bleng.ini -> [Ver = | Size = 241 bytes | Modified Date = 4/9/2008 10:21:11 AM | Attr = ] index.dat -> C:\WINDOWS\Temp\Cookies\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 4/13/2008 6:19:12 PM | Attr = HS] index.dat -> C:\WINDOWS\Temp\History\History.IE5\index.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/13/2008 6:19:12 PM | Attr = HS] index.dat -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 4/13/2008 6:19:12 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\History\History.IE5\desktop.ini -> [Ver = | Size = 145 bytes | Modified Date = 4/4/2008 1:14:33 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 4/4/2008 1:14:32 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\0B7ZPXOV\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 4/4/2008 1:14:33 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\13PK18T2\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 4/4/2008 1:14:33 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\89R3BTG7\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 4/4/2008 1:14:33 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8VR9KGL9\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 4/4/2008 1:14:33 PM | Attr = HS] < End of report > [/code]