[code] OTScanIt2 logfile created on: 11/10/2008 6:39:08 PM - Run 2 OTScanIt2 by OldTimer - Version 1.0.0.33b Folder = C:\Documents and Settings\User1\Desktop\OTScanIt\OTScanIt2 Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.38% Memory free 1.85 Gb Paging File | 1.49 Gb Available in Paging File | 80.30% Paging File free Paging file location(s): %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 89.91 Gb Free Space | 70.24% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HAL Current User Name: User1 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days [Processes - Safe List] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2006/05/03 08:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> [2008/08/19 18:11:53 | 00,611,664 | ---- | M] (Lavasoft) ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2006/05/03 08:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) cli.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> [2006/01/02 15:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) razerhid.exe -> %ProgramFiles%\Razer\razerhid.exe -> [2005/05/17 17:21:12 | 00,147,456 | ---- | M] () groovemonitor.exe -> %ProgramFiles%\Microsoft Office\Office12\GrooveMonitor.exe -> [2007/08/24 06:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) rthdcpl.exe -> %SystemRoot%\RTHDCPL.exe -> [2007/11/22 00:40:32 | 16,858,112 | R--- | M] (Realtek Semiconductor Corp.) winampa.exe -> %ProgramFiles%\Winamp\winampa.exe -> [2008/03/26 22:35:38 | 00,036,352 | ---- | M] () jusched.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe -> [2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) cac.exe -> %ProgramFiles%\Computer Alarm Clock\cac.exe -> [2007/09/06 14:29:26 | 00,696,832 | ---- | M] (Think Art Computing.) rundll32.exe -> %SystemRoot%\system32\rundll32.exe -> [2004/08/03 23:56:56 | 00,033,280 | ---- | M] (Microsoft Corporation) dropbox.exe -> %ProgramFiles%\Dropbox\dropbox.exe -> [2008/07/03 18:25:54 | 08,767,575 | ---- | M] (Evenflow, Inc.) cmdagent.exe -> %ProgramFiles%\COMODO\Firewall\cmdagent.exe -> [2008/09/12 17:47:48 | 00,519,936 | ---- | M] () openvpnas.exe -> %ProgramFiles%\Hotspot Shield\bin\openvpnas.exe -> [2008/08/27 10:14:34 | 00,084,440 | ---- | M] () wdfmgr.exe -> %SystemRoot%\system32\wdfmgr.exe -> [2005/01/28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) wlservice.exe -> %ProgramFiles%\Linksys\WUSB54GSC\WLService.exe -> [2005/07/04 15:46:04 | 00,053,307 | ---- | M] (GEMTEKS) wusb54gsc.exe -> %ProgramFiles%\Linksys\WUSB54GSC\WUSB54GSC.exe -> [2007/02/15 07:24:48 | 05,646,848 | R--- | M] (Linksys) razertra.exe -> %ProgramFiles%\Razer\razertra.exe -> [2005/04/06 19:32:24 | 00,114,688 | ---- | M] () wscntfy.exe -> %SystemRoot%\system32\wscntfy.exe -> [2004/08/03 23:56:58 | 00,013,824 | ---- | M] (Microsoft Corporation) razerofa.exe -> %ProgramFiles%\Razer\razerofa.exe -> [2005/01/18 00:06:12 | 00,143,360 | ---- | M] (Razer Inc.) cli.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> [2006/01/02 15:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) cli.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe -> [2006/01/02 15:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) otscanit2.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt2\OTScanIt2.exe -> [2008/11/09 11:18:54 | 00,464,896 | ---- | M] (OldTimer Tools) [Win32 Services - Safe List] (aawservice) Lavasoft Ad-Aware Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> [2008/08/19 18:11:53 | 00,611,664 | ---- | M] (Lavasoft) (aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2005/09/23 06:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> [2006/05/03 08:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) (ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ati2sgag.exe -> [2006/05/03 10:57:00 | 00,520,192 | ---- | M] () (Bonjour Service) ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2005/09/23 06:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) (cmdAgent) COMODO Firewall Pro Helper Service [Win32_Own | Auto | Running] -> %ProgramFiles%\COMODO\Firewall\cmdagent.exe -> [2008/09/12 17:47:48 | 00,519,936 | ---- | M] () (FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2008/07/17 17:27:31 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) (getPlus(R) Helper) getPlus(R) Helper [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\NOS\bin\getPlus_HelperSvc.exe -> [2008/08/29 09:01:22 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) (HotspotShieldService) Hotspot Shield Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Hotspot Shield\bin\openvpnas.exe -> [2008/08/27 10:14:34 | 00,084,440 | ---- | M] () (Microsoft Office Groove Audit Service) Microsoft Office Groove Audit Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Microsoft Office\Office12\GrooveAuditService.exe -> [2007/08/24 05:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) (odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) (rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> [2007/11/06 12:22:26 | 00,092,792 | ---- | M] (CACE Technologies) (UMWdf) Windows User Mode Driver Framework [Win32_Own | Auto | Running] -> %SystemRoot%\system32\wdfmgr.exe -> [2005/01/28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) (WUSB54GSC) WUSB54GSC [Win32_Own | Auto | Running] -> -> File not found [Driver Services - Safe List] (AegisP) AEGIS Protocol (IEEE 802.1x) v3.2.0.3 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\AegisP.sys -> [2008/07/21 00:02:02 | 00,017,801 | ---- | M] (Meetinghouse Data Communications) (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> [2006/05/03 08:50:42 | 01,540,608 | ---- | M] (ATI Technologies Inc.) (cmdGuard) COMODO Firewall Pro Sandbox Driver [File_System | System | Running] -> %SystemRoot%\system32\drivers\cmdguard.sys -> [2008/09/12 17:47:49 | 00,087,056 | ---- | M] (COMODO) (cmdHlp) COMODO Firewall Pro Helper Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cmdhlp.sys -> [2008/09/12 17:47:49 | 00,024,208 | ---- | M] (COMODO) (FET5X86V) VIA Rhine-Family Fast-Ethernet Adapter Driver Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\fetnd5bv.sys -> [2007/02/27 00:14:50 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) (FETNDIS) VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\fetnd5.sys -> [2001/08/17 04:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) (gameenum) Game Port Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\gameenum.sys -> [2004/08/03 22:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hdaudbus.sys -> [2005/01/07 16:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) (Inspect) COMODO Firewall Pro Firewall Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\inspect.sys -> [2008/09/12 17:47:49 | 00,079,760 | ---- | M] (COMODO) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> [2007/11/27 04:06:42 | 04,630,016 | R--- | M] (Realtek Semiconductor Corp.) (irsir) Microsoft Serial Infrared Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\irsir.sys -> [2001/08/17 05:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) (kbdcap) kbdcap [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\KbdCap.sys -> [2008/09/22 19:00:22 | 00,109,440 | ---- | M] () (ms_mpu401) Microsoft MPU-401 MIDI UART Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\msmpu401.sys -> [2001/08/17 06:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) (nm) Network Monitor Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nmnt.sys -> [2004/08/03 21:59:52 | 00,040,320 | ---- | M] (Microsoft Corporation) (NPF) NetGroup Packet Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\npf.sys -> [2007/11/06 12:22:06 | 00,034,064 | ---- | M] (CACE Technologies) (PCANDIS5) PCANDIS5 Protocol Driver [Kernel | On_Demand | Stopped] -> %ProgramFiles%\NETGEAR\MA111 Configuration Utility\PCANDIS5.SYS -> [2001/04/19 19:27:44 | 00,016,292 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2001/08/23 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\PxHelp20.sys -> [2008/01/04 13:58:46 | 00,043,528 | ---- | M] (Sonic Solutions) (Razerlow) Razerlow USB Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Razerlow.sys -> [2005/04/24 21:43:58 | 00,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) (SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [2008/05/28 09:33:36 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (SASENUM) SASENUM [Kernel | On_Demand | Stopped] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> [2008/05/28 09:33:38 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) (SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [2008/05/28 09:33:36 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2004/07/17 10:36:38 | 00,027,440 | ---- | M] () (tapvpn) TAP VPN Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\tapvpn.sys -> [2008/01/23 13:25:32 | 00,027,136 | ---- | M] (The OpenVPN Project) (truecrypt) truecrypt [Kernel | System | Running] -> %SystemRoot%\system32\drivers\truecrypt.sys -> [2008/07/24 14:40:06 | 00,235,840 | ---- | M] (TrueCrypt Foundation) (uagp35) Microsoft AGPv3.5 Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\uagp35.sys -> [2004/08/03 22:07:44 | 00,044,672 | ---- | M] (Microsoft Corporation) (USB_RNDIS) Compact Wireless-G USB Network Adapter with SpeedBooster [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usb8023.sys -> [2004/08/03 22:04:34 | 00,012,672 | ---- | M] (Microsoft Corporation) (viaagp1) VIA AGP Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\VIAAGP1.SYS -> [2003/07/01 12:42:00 | 00,027,904 | R--- | M] (VIA Technologies, Inc.) (videX32) videX32 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\videX32.sys -> [2006/10/17 04:22:26 | 00,009,216 | R--- | M] (VIA Technologies, Inc.) (WlanUIB) NETGEAR 802.11b USB Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MA111nd5.sys -> [2004/09/29 09:28:38 | 00,666,624 | ---- | M] ( ) (WLAN_USB) Wireless LAN USB Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MA111nd5.sys -> [2004/09/29 09:28:38 | 00,666,624 | ---- | M] ( ) (GTNDIS5) GTNDIS5 NDIS Protocol Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\GTNDIS5.sys -> [2003/09/25 21:15:32 | 00,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default" -> -> HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_CURRENT_USER\: SearchURL\\"provider" -> -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> < HOSTS File > (718252 bytes and 19205 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> First 25 entries... 127.0.0.1 localhost 127.0.0.1 ad.a8.net 127.0.0.1 asy.a8ww.net 127.0.0.1 a9rhiwa.cn #[Google.Warning] 127.0.0.1 www.a9rhiwa.cn 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net] 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions] 127.0.0.1 phpadsnew.abac.com 127.0.0.1 a.abnad.net 127.0.0.1 b.abnad.net 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie] 127.0.0.1 d.abnad.net 127.0.0.1 e.abnad.net 127.0.0.1 t.abnad.net 127.0.0.1 z.abnad.net 127.0.0.1 banners.absolpublisher.com 127.0.0.1 tracking.absolstats.com 127.0.0.1 adv.abv.bg 127.0.0.1 bimg.abv.bg 127.0.0.1 www2.a-counter.kiev.ua 127.0.0.1 track.acclaimnetwork.com 127.0.0.1 accuserveadsystem.com 127.0.0.1 www.accuserveadsystem.com 127.0.0.1 gtb5.acecounter.com 127.0.0.1 gtcc1.acecounter.com < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 14:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 03:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) {E0BCC603-3693-4063-AA8A-41615CCCB7C3} [HKLM] -> %SystemRoot%\system32\rqRLBSLB.dll [Reg Error: Value does not exist or could not be read.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/01/11 21:16:38 | 00,039,792 | ---- | M] (Adobe Systems Incorporated) "ATICCC" -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe ["C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay] -> [2006/01/02 15:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) "Computer Alarm Clock" -> %ProgramFiles%\Computer Alarm Clock\cac.exe [C:\Program Files\Computer Alarm Clock\cac.exe] -> [2007/09/06 14:29:26 | 00,696,832 | ---- | M] (Think Art Computing.) "GrooveMonitor" -> %ProgramFiles%\Microsoft Office\Office12\GrooveMonitor.exe ["C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"] -> [2007/08/24 06:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) "QuickTime Task" -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2008/01/31 22:13:08 | 00,385,024 | ---- | M] (Apple Inc.) "razer" -> %ProgramFiles%\Razer\razerhid.exe [C:\Program Files\Razer\razerhid.exe] -> [2005/05/17 17:21:12 | 00,147,456 | ---- | M] () "RTHDCPL" -> %SystemRoot%\RTHDCPL.exe [RTHDCPL.EXE] -> [2007/11/22 00:40:32 | 16,858,112 | R--- | M] (Realtek Semiconductor Corp.) "SunJavaUpdateSched" -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> [2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) "WinampAgent" -> %ProgramFiles%\Winamp\winampa.exe ["C:\Program Files\Winamp\winampa.exe"] -> [2008/03/26 22:35:38 | 00,036,352 | ---- | M] () "WinPatrol" -> %ProgramFiles%\BillP Studios\WinPatrol\WinPatrol.exe [C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot] -> [2008/07/04 08:58:06 | 00,333,120 | ---- | M] (BillP Studios) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < User1 Startup Folder > -> C:\Documents and Settings\User1\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\Dropbox.lnk -> %ProgramFiles%\Dropbox\dropbox.exe -> [2008/07/03 18:25:54 | 08,767,575 | ---- | M] (Evenflow, Inc.) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2008/07/30 02:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2007/12/13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2007/12/13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 19:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2008/09/15 14:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2004/08/03 23:56:54 | 01,667,584 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2004/08/03 23:56:54 | 01,667,584 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) CmdMapping\\"{2670000A-7350-4f3c-8081-5663EE0C6C49}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Send to OneNote] -> [2007/12/13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 19:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2008/09/15 14:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/08/03 23:56:54 | 01,667,584 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5192 domain(s) found. -> 49 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7347 domain(s) found. -> 55 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} [HKLM] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.3] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {3421C473-681B-4320-9AAE-9EC4363F3A89} -> 192.168.0.1,192.168.1.1 (Compact Wireless-G USB Network Adapter with SpeedBooster) -> {3E81E603-890E-4DFF-8535-7BDDC8B03F4E} -> (VIA Rhine II Fast Ethernet Adapter) -> {78173723-2115-46D9-AF05-DB8A70C02C4E} -> () -> {CBAE6C67-0A8B-4E7E-8164-F9429A6355D2} -> (NETGEAR MA111 802.11b Wireless USB Adapter) -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> -> -> File not found C:\WINDOWS\system32\guard32.dll -> %SystemRoot%\system32\guard32.dll -> [2008/09/12 17:47:49 | 00,143,104 | ---- | M] () *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> [2007/04/19 12:41:36 | 00,294,912 | ---- | M] (SUPERAntiSpyware.com) AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> [2006/05/03 08:44:54 | 00,061,440 | ---- | M] (ATI Technologies Inc.) dimsntfy -> -> File not found < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> [2008/05/13 09:13:36 | 00,077,824 | ---- | M] (SuperAdBlocker.com) "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2007/08/24 06:01:22 | 02,212,224 | ---- | M] (Microsoft Corporation) < LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> *LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> C:\WINDOWS\system32\rqRLBSLB -> -> File not found *MultiFile Done* -> -> < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004/08/03 23:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Grizli777\Adobe Photoshop CS4 beta 01\4000005700003i\mDNSResponder.exe" -> C:\Grizli777\Adobe Photoshop CS4 beta 01\4000005700003i\mDNSResponder.exe [C:\Grizli777\Adobe Photoshop CS4 beta 01\4000005700003i\mDNSResponder.exe:*:Disabled:mDNSResponder] -> [2002/11/07 23:53:50 | 00,008,704 | ---- | M] () "C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe" -> C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe [C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe:*:Enabled:Photoshop.exe] -> [2007/07/06 10:25:14 | 44,937,216 | ---- | M] (Adobe Systems, Incorporated) "C:\Program Files\Ventrilo\Ventrilo.exe" -> C:\Program Files\Ventrilo\Ventrilo.exe [C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo] -> [2007/11/17 14:58:48 | 01,388,544 | ---- | M] () "C:\Program Files\VentSrv\ventrilo_srv.exe" -> C:\Program Files\VentSrv\ventrilo_srv.exe [C:\Program Files\VentSrv\ventrilo_srv.exe:*:Enabled:ventrilo_srv] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [System32\DRIVERS\cdrom.sys] -> [2004/08/03 21:59:54 | 00,049,536 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2008/07/15 01:58:43 | 00,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> [Files/Folders - Created Within 30 Days] fsaua.data -> %SystemDrive%\fsaua.data -> [2008/11/10 15:51:54 | 00,000,000 | ---D | C] vjrngenj.ini -> %SystemRoot%\System32\vjrngenj.ini -> [2008/11/10 15:00:23 | 01,578,121 | -HS- | C] () jnegnrjv.dll -> %SystemRoot%\System32\jnegnrjv.dll -> [2008/11/10 15:00:19 | 00,070,656 | ---- | C] () fdvuhhtr.ini -> %SystemRoot%\System32\fdvuhhtr.ini -> [2008/11/09 21:36:26 | 01,931,385 | -HS- | C] () CS3.exe -> %UserProfile%\Desktop\CS3.exe -> [2008/11/07 14:42:13 | 14,296,064 | ---- | C] (Microsoft Corporation) Ventrilo.lnk -> %UserProfile%\Desktop\Ventrilo.lnk -> [2008/11/05 21:55:41 | 00,000,630 | ---- | C] () Ventrilo -> %ProgramFiles%\Ventrilo -> [2008/11/05 21:55:41 | 00,000,000 | ---D | C] ventrilo-3.0.1-Windows-i386(2).exe -> %UserProfile%\Desktop\ventrilo-3.0.1-Windows-i386(2).exe -> [2008/11/05 21:55:02 | 02,732,032 | ---- | C] () ventrilo-3.0.1-Windows-i386.exe -> %UserProfile%\Desktop\ventrilo-3.0.1-Windows-i386.exe -> [2008/11/05 21:29:56 | 02,732,032 | ---- | C] () Hotspot Shield Launch.lnk -> %UserProfile%\Desktop\Hotspot Shield Launch.lnk -> [2008/11/05 16:04:40 | 00,000,799 | ---- | C] () Hotspot Shield -> %ProgramFiles%\Hotspot Shield -> [2008/11/05 16:04:39 | 00,000,000 | ---D | C] HSS-1.07-install-anchorfree-76-conduit.zip -> %UserProfile%\Desktop\HSS-1.07-install-anchorfree-76-conduit.zip -> [2008/11/05 16:04:09 | 03,110,004 | ---- | C] () Wireshark -> %AppData%\Wireshark -> [2008/11/05 15:54:27 | 00,000,000 | ---D | C] WinPcap -> %ProgramFiles%\WinPcap -> [2008/11/05 15:53:34 | 00,000,000 | ---D | C] Wireshark -> %ProgramFiles%\Wireshark -> [2008/11/05 15:53:18 | 00,000,000 | ---D | C] wireshark-setup-1.0.4.exe -> %UserProfile%\Desktop\wireshark-setup-1.0.4.exe -> [2008/11/05 15:49:43 | 22,238,802 | ---- | C] () Ventrilo -> %AppData%\Ventrilo -> [2008/11/04 18:06:15 | 00,000,000 | ---D | C] Affiliate marketing code - 86403 -> %UserProfile%\Desktop\Affiliate marketing code - 86403 -> [2008/11/01 23:46:05 | 00,000,000 | ---D | C] SetACL.ocx -> %SystemRoot%\System32\SetACL.ocx -> [2008/11/01 15:56:22 | 00,453,632 | ---- | C] () QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2008/10/30 19:54:36 | 00,054,156 | -H-- | C] () QTFont.for -> %SystemRoot%\QTFont.for -> [2008/10/30 19:54:36 | 00,001,409 | ---- | C] () Downloads -> %SystemDrive%\Downloads -> [2008/10/30 13:41:44 | 00,000,000 | ---D | C] Orbit -> %AppData%\Orbit -> [2008/10/30 13:41:38 | 00,000,000 | ---D | C] Orbitdownloader -> %ProgramFiles%\Orbitdownloader -> [2008/10/30 13:41:37 | 00,000,000 | ---D | C] Twunk001.MTX -> %SystemRoot%\Twunk001.MTX -> [2008/10/27 22:12:07 | 00,000,156 | ---- | C] () Twain001.Mtx -> %SystemRoot%\Twain001.Mtx -> [2008/10/27 22:12:07 | 00,000,003 | ---- | C] () Twunk002.MTX -> %SystemRoot%\Twunk002.MTX -> [2008/10/27 22:12:07 | 00,000,000 | ---- | C] () Publish Providers -> %AppData%\Publish Providers -> [2008/10/27 22:12:06 | 00,000,000 | ---D | C] Sony -> %UserProfile%\Local Settings\Application Data\Sony -> [2008/10/27 22:11:49 | 00,000,000 | ---D | C] Sony -> %AppData%\Sony -> [2008/10/27 22:11:49 | 00,000,000 | ---D | C] Vegas Movie Studio Platinum 8.0.lnk -> %AllUsersProfile%\Desktop\Vegas Movie Studio Platinum 8.0.lnk -> [2008/10/27 22:10:34 | 00,001,828 | ---- | C] () Vstplugins -> %ProgramFiles%\Vstplugins -> [2008/10/27 22:10:30 | 00,000,000 | ---D | C] Sony -> %AllUsersProfile%\Application Data\Sony -> [2008/10/27 22:10:26 | 00,000,000 | ---D | C] Sony -> %ProgramFiles%\Sony -> [2008/10/27 22:10:18 | 00,000,000 | ---D | C] Sony Setup -> %AppData%\Sony Setup -> [2008/10/27 22:05:02 | 00,000,000 | ---D | C] Sony Setup -> %ProgramFiles%\Sony Setup -> [2008/10/27 22:04:45 | 00,000,000 | ---D | C] NCH Software -> %AppData%\NCH Software -> [2008/10/26 00:48:26 | 00,000,000 | ---D | C] NCH Software -> %AllUsersProfile%\Application Data\NCH Software -> [2008/10/26 00:46:33 | 00,000,000 | ---D | C] Prism Video Converter.lnk -> %AllUsersProfile%\Desktop\Prism Video Converter.lnk -> [2008/10/26 00:43:03 | 00,000,761 | ---- | C] () NCH Software -> %ProgramFiles%\NCH Software -> [2008/10/26 00:43:01 | 00,000,000 | ---D | C] netapi32.dll -> %SystemRoot%\System32\dllcache\netapi32.dll -> [2008/10/23 14:04:00 | 00,332,800 | ---- | C] (Microsoft Corporation) Adobe Photoshop CS3.lnk -> %UserProfile%\Desktop\Adobe Photoshop CS3.lnk -> [2008/10/15 20:01:02 | 00,000,856 | ---- | C] () srv.sys -> %SystemRoot%\System32\dllcache\srv.sys -> [2008/10/14 14:01:02 | 00,333,056 | ---- | C] (Microsoft Corporation) win32k.sys -> %SystemRoot%\System32\dllcache\win32k.sys -> [2008/10/14 14:01:00 | 01,846,016 | ---- | C] (Microsoft Corporation) ntkrnlmp.exe -> %SystemRoot%\System32\dllcache\ntkrnlmp.exe -> [2008/10/14 14:00:56 | 02,136,064 | ---- | C] (Microsoft Corporation) ntoskrnl.exe -> %SystemRoot%\System32\dllcache\ntoskrnl.exe -> [2008/10/14 14:00:55 | 02,180,352 | ---- | C] (Microsoft Corporation) ntkrnlpa.exe -> %SystemRoot%\System32\dllcache\ntkrnlpa.exe -> [2008/10/14 14:00:55 | 02,057,728 | ---- | C] (Microsoft Corporation) ntkrpamp.exe -> %SystemRoot%\System32\dllcache\ntkrpamp.exe -> [2008/10/14 14:00:55 | 02,015,744 | ---- | C] (Microsoft Corporation) Computer Alarm Clock -> %ProgramFiles%\Computer Alarm Clock -> [2008/10/13 14:00:38 | 00,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [2008/11/10 15:02:42 | 00,000,000 | ---D | M] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/11/10 15:02:42 | 00,004,096 | ---- | M] () qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/11/10 15:02:42 | 00,004,096 | ---- | M] () C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [2008/07/24 13:03:16 | 00,000,000 | ---D | M] opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [2008/07/24 13:03:16 | 00,008,206 | ---- | M] () C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus -> [2008/11/10 16:12:10 | 00,000,000 | ---D | M] fsgk32.exe -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk32.exe -> [2008/11/10 15:55:11 | 00,413,696 | ---- | M] (F-Secure Corp.) fssm32.exe -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fssm32.exe -> [2008/11/10 15:55:11 | 00,494,592 | ---- | M] (F-Secure Corp.) C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta -> [2008/11/10 15:55:11 | 00,000,000 | ---D | M] fsgk32.exe -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgk32.exe -> [2008/11/10 15:55:11 | 00,413,696 | ---- | M] (F-Secure Corp.) fssm32.exe -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fssm32.exe -> [2008/11/10 15:55:11 | 00,494,592 | ---- | M] (F-Secure Corp.) C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus -> [2008/11/10 16:12:10 | 00,000,000 | ---D | M] AVPFPI0.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\AVPFPI0.dll -> [2008/11/10 15:55:11 | 00,147,538 | ---- | M] (Kaspersky Lab) avpproxy.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\avpproxy.dll -> [2008/11/10 15:55:11 | 00,077,910 | ---- | M] (F-Secure Corporation) daas_s.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\daas_s.dll -> [2008/02/27 15:59:28 | 00,495,616 | ---- | M] (F-Secure Corporation) fm4av.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fm4av.dll -> [2008/11/10 15:55:11 | 00,514,048 | ---- | M] () fpinor.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fpinor.dll -> [2008/11/10 15:55:11 | 00,113,664 | ---- | M] (F-Secure Corporation) fsbl.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbl.dll -> [2008/11/10 15:55:11 | 00,049,152 | ---- | M] (F-Secure Corporation) fsbld.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbld.dll -> [2008/11/10 15:54:51 | 00,731,784 | ---- | M] (F-Secure Corporation) fsecr32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsecr32.dll -> [2008/11/10 15:55:03 | 00,262,144 | ---- | M] (F-Secure Corporation) fsgkiapi.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgkiapi.dll -> [2008/11/10 15:55:11 | 00,082,432 | ---- | M] (F-Secure Corp.) fsmart.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsmart.dll -> [2008/11/10 15:55:06 | 00,147,456 | ---- | M] (F-Secure Corporation) fspe32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fspe32.dll -> [2008/11/10 15:55:03 | 00,385,024 | ---- | M] (F-Secure Corporation) fssubmit.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fssubmit.dll -> [2008/11/10 15:54:52 | 00,651,264 | ---- | M] (F-Secure Corporation) fsup32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsup32.dll -> [2008/11/10 15:55:03 | 00,577,536 | ---- | M] (F-Secure Corporation) fsupcx32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupcx32.dll -> [2008/11/10 15:55:03 | 00,073,728 | ---- | M] (F-Secure Corporation) fsupfg32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupfg32.dll -> [2008/11/10 15:55:03 | 00,098,304 | ---- | M] (F-Secure Corporation) fsupmw32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupmw32.dll -> [2008/11/10 15:55:03 | 00,086,016 | ---- | M] (F-Secure Corporation) fsupnp32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupnp32.dll -> [2008/11/10 15:55:03 | 00,098,304 | ---- | M] (F-Secure Corporation) fsupux32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupux32.dll -> [2008/11/10 15:55:03 | 00,090,112 | ---- | M] (F-Secure Corporation) fsupwu32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupwu32.dll -> [2008/11/10 15:55:03 | 00,090,112 | ---- | M] (F-Secure Corporation) fsusscr.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsusscr.dll -> [2008/11/10 15:55:06 | 00,883,336 | ---- | M] (F-Secure Corporation) Nse_w32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\Nse_w32.dll -> [2008/11/10 15:54:48 | 00,588,856 | ---- | M] (Norman ASA) C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta -> [2008/11/10 15:55:11 | 00,000,000 | ---D | M] AVPFPI0.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\AVPFPI0.dll -> [2008/11/10 15:55:11 | 00,147,538 | ---- | M] (Kaspersky Lab) avpproxy.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\avpproxy.dll -> [2008/11/10 15:55:11 | 00,077,910 | ---- | M] (F-Secure Corporation) fm4av.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fm4av.dll -> [2008/11/10 15:55:11 | 00,514,048 | ---- | M] () fpinor.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fpinor.dll -> [2008/11/10 15:55:11 | 00,113,664 | ---- | M] (F-Secure Corporation) fsbl.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsbl.dll -> [2008/11/10 15:55:11 | 00,049,152 | ---- | M] (F-Secure Corporation) fsgkiapi.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgkiapi.dll -> [2008/11/10 15:55:11 | 00,082,432 | ---- | M] (F-Secure Corp.) C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin -> [2008/11/10 15:55:03 | 00,000,000 | ---D | M] fsecr32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsecr32.dll -> [2008/11/10 15:55:03 | 00,262,144 | ---- | M] (F-Secure Corporation) fspe32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fspe32.dll -> [2008/11/10 15:55:03 | 00,385,024 | ---- | M] (F-Secure Corporation) fsup32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsup32.dll -> [2008/11/10 15:55:03 | 00,577,536 | ---- | M] (F-Secure Corporation) fsupcx32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupcx32.dll -> [2008/11/10 15:55:03 | 00,073,728 | ---- | M] (F-Secure Corporation) fsupfg32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupfg32.dll -> [2008/11/10 15:55:03 | 00,098,304 | ---- | M] (F-Secure Corporation) fsupmw32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupmw32.dll -> [2008/11/10 15:55:03 | 00,086,016 | ---- | M] (F-Secure Corporation) fsupnp32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupnp32.dll -> [2008/11/10 15:55:03 | 00,098,304 | ---- | M] (F-Secure Corporation) fsupux32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupux32.dll -> [2008/11/10 15:55:03 | 00,090,112 | ---- | M] (F-Secure Corporation) fsupwu32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupwu32.dll -> [2008/11/10 15:55:03 | 00,090,112 | ---- | M] (F-Secure Corporation) C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\mlcwin\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\mlcwin -> [2008/11/10 15:55:06 | 00,000,000 | ---D | M] fsmart.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsmart.dll -> [2008/11/10 15:55:06 | 00,147,456 | ---- | M] (F-Secure Corporation) fsusscr.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsusscr.dll -> [2008/11/10 15:55:06 | 00,883,336 | ---- | M] (F-Secure Corporation) C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb -> [2008/11/10 15:54:48 | 00,000,000 | ---D | M] Nse_w32.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\Nse_w32.dll -> [2008/11/10 15:54:48 | 00,588,856 | ---- | M] (Norman ASA) C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\ols_33_bin -> [2008/11/10 15:54:52 | 00,000,000 | ---D | M] fssubmit.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\fssubmit.dll -> [2008/11/10 15:54:52 | 00,651,264 | ---- | M] (F-Secure Corporation) C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\ols_bl\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\ols_bl -> [2008/11/10 15:54:51 | 00,000,000 | ---D | M] fsblu.dll -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\ols_bl\fsblu.dll -> [2008/11/10 15:54:51 | 00,731,784 | ---- | M] (F-Secure Corporation) C:\Documents and Settings\User1\Local Settings\Temp\ -> C:\Documents and Settings\User1\Local Settings\Temp -> [2008/11/10 18:39:02 | 00,000,000 | ---D | M] Perflib_Perfdata_2e8.dat -> C:\Documents and Settings\User1\Local Settings\Temp\Perflib_Perfdata_2e8.dat -> [2008/11/10 15:02:52 | 00,016,384 | ---- | M] () Perflib_Perfdata_c08.dat -> C:\Documents and Settings\User1\Local Settings\Temp\Perflib_Perfdata_c08.dat -> [2008/11/10 15:03:10 | 00,016,384 | ---- | M] () Perflib_Perfdata_c10.dat -> C:\Documents and Settings\User1\Local Settings\Temp\Perflib_Perfdata_c10.dat -> [2008/11/10 15:03:10 | 00,016,384 | ---- | M] () 1 C:\Documents and Settings\User1\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\User1\Local Settings\Temp\*.tmp -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus -> [2008/11/10 16:12:10 | 00,000,000 | ---D | M] ext.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\ext.dat -> [2008/11/10 15:54:41 | 00,000,444 | ---- | M] () fsedb.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsedb.dat -> [2008/11/10 15:55:03 | 01,739,714 | ---- | M] () fsupdllb.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupdllb.dat -> [2008/11/10 15:55:03 | 00,422,594 | ---- | M] () fsupplgn.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupplgn.dat -> [2008/11/10 15:55:03 | 00,000,226 | ---- | M] () fsuptmpl.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\fsuptmpl.dat -> [2008/11/10 15:55:03 | 00,005,828 | ---- | M] () perf.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\perf.dat -> [2008/11/10 18:36:41 | 00,000,128 | ---- | M] () sae.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\sae.dat -> [2008/11/10 15:54:41 | 00,000,243 | ---- | M] () sai.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\Anti-Virus\sai.dat -> [2008/11/10 15:54:41 | 00,001,348 | ---- | M] () C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\avmisc\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\avmisc -> [2008/11/10 15:54:41 | 00,000,000 | ---D | M] ext.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\avmisc\ext.dat -> [2008/11/10 15:54:41 | 00,000,444 | ---- | M] () sae.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\avmisc\sae.dat -> [2008/11/10 15:54:41 | 00,000,243 | ---- | M] () sai.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\avmisc\sai.dat -> [2008/11/10 15:54:41 | 00,001,348 | ---- | M] () C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\ -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin -> [2008/11/10 15:55:03 | 00,000,000 | ---D | M] fsedb.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsedb.dat -> [2008/11/10 15:55:03 | 01,739,714 | ---- | M] () fsupdllb.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupdllb.dat -> [2008/11/10 15:55:03 | 00,422,594 | ---- | M] () fsupplgn.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupplgn.dat -> [2008/11/10 15:55:03 | 00,000,226 | ---- | M] () fsuptmpl.dat -> C:\Documents and Settings\User1\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsuptmpl.dat -> [2008/11/10 15:55:03 | 00,005,828 | ---- | M] () vjrngenj.ini -> %SystemRoot%\System32\vjrngenj.ini -> [2008/11/10 15:50:32 | 01,578,121 | -HS- | M] () SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/11/10 15:02:36 | 00,000,006 | -H-- | M] () bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/11/10 15:02:32 | 00,002,048 | --S- | M] () jnegnrjv.dll -> %SystemRoot%\System32\jnegnrjv.dll -> [2008/11/10 15:00:20 | 00,070,656 | ---- | M] () wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/11/10 14:56:51 | 00,002,206 | ---- | M] () fdvuhhtr.ini -> %SystemRoot%\System32\fdvuhhtr.ini -> [2008/11/09 21:36:34 | 01,931,385 | -HS- | M] () CS3.exe -> %UserProfile%\Desktop\CS3.exe -> [2008/11/07 14:48:48 | 14,296,064 | ---- | M] (Microsoft Corporation) Ventrilo.lnk -> %UserProfile%\Desktop\Ventrilo.lnk -> [2008/11/05 21:55:41 | 00,000,630 | ---- | M] () ventrilo-3.0.1-Windows-i386(2).exe -> %UserProfile%\Desktop\ventrilo-3.0.1-Windows-i386(2).exe -> [2008/11/05 21:55:18 | 02,732,032 | ---- | M] () ventrilo-3.0.1-Windows-i386.exe -> %UserProfile%\Desktop\ventrilo-3.0.1-Windows-i386.exe -> [2008/11/05 21:30:33 | 02,732,032 | ---- | M] () Hotspot Shield Launch.lnk -> %UserProfile%\Desktop\Hotspot Shield Launch.lnk -> [2008/11/05 16:04:40 | 00,000,799 | ---- | M] () HSS-1.07-install-anchorfree-76-conduit.zip -> %UserProfile%\Desktop\HSS-1.07-install-anchorfree-76-conduit.zip -> [2008/11/05 16:04:14 | 03,110,004 | ---- | M] () wireshark-setup-1.0.4.exe -> %UserProfile%\Desktop\wireshark-setup-1.0.4.exe -> [2008/11/05 15:52:44 | 22,238,802 | ---- | M] () PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008/11/02 12:09:58 | 00,475,330 | ---- | M] () perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2008/11/02 12:09:58 | 00,403,968 | ---- | M] () perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2008/11/02 12:09:58 | 00,063,188 | ---- | M] () QTFont.for -> %SystemRoot%\QTFont.for -> [2008/10/30 19:54:36 | 00,001,409 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/10/29 14:02:34 | 00,008,704 | ---- | M] () Twunk002.MTX -> %SystemRoot%\Twunk002.MTX -> [2008/10/27 22:12:07 | 00,000,000 | ---- | M] () Vegas Movie Studio Platinum 8.0.lnk -> %AllUsersProfile%\Desktop\Vegas Movie Studio Platinum 8.0.lnk -> [2008/10/27 22:10:34 | 00,001,828 | ---- | M] () Prism Video Converter.lnk -> %AllUsersProfile%\Desktop\Prism Video Converter.lnk -> [2008/10/26 00:43:03 | 00,000,761 | ---- | M] () mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/10/22 16:10:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/10/22 16:10:22 | 00,015,504 | ---- | M] (Malwarebytes Corporation) GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2008/10/16 13:45:14 | 00,069,232 | ---- | M] () FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/10/16 13:44:52 | 01,556,792 | ---- | M] () Adobe Photoshop CS3.lnk -> %UserProfile%\Desktop\Adobe Photoshop CS3.lnk -> [2008/10/15 20:01:02 | 00,000,856 | ---- | M] () netapi32.dll -> %SystemRoot%\System32\netapi32.dll -> [2008/10/15 08:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) netapi32.dll -> %SystemRoot%\System32\dllcache\netapi32.dll -> [2008/10/15 08:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) imsins.BAK -> %SystemRoot%\imsins.BAK -> [2008/10/14 22:36:55 | 00,001,393 | ---- | M] () < End of report > [/code]