[code] OTScanIt2 logfile created on: 1/31/2009 1:13:03 AM - Run 1 OTScanIt2 by OldTimer - Version 1.0.7.1 Folder = C:\Documents and Settings\Bogdanian\Desktop\OTScanIt2 Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1023.11 Mb Total Physical Memory | 696.57 Mb Available Physical Memory | 68.08% Memory free 2.41 Gb Paging File | 2.20 Gb Available in Paging File | 91.32% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19.53 Gb Total Space | 2.69 Gb Free Space | 13.77% Space Free | Partition Type: NTFS Drive D: | 68.36 Gb Total Space | 0.22 Gb Free Space | 0.32% Space Free | Partition Type: NTFS Drive E: | 68.36 Gb Total Space | 0.10 Gb Free Space | 0.14% Space Free | Partition Type: NTFS Drive F: | 68.36 Gb Total Space | 0.08 Gb Free Space | 0.12% Space Free | Partition Type: NTFS Drive G: | 73.46 Gb Total Space | 0.73 Gb Free Space | 1.00% Space Free | Partition Type: NTFS Drive H: | 213.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF Drive I: | 2.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Drive J: | 494.75 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: ACASA-806DAN Current User Name: Bogdanian Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On File Age = 30 Days [Processes - Safe List] ctsched.exe -> %ProgramFiles%\Creative\Shared Files\CTSched.exe -> [2006/01/09 04:43:42 | 00,135,260 | ---- | M] (Creative Technology Ltd) ctsvccda.exe -> %SystemRoot%\system32\CTSVCCDA.EXE -> [1999/12/13 03:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) ctsysvol.exe -> %ProgramFiles%\Creative\SBAudigy\Surround Mixer\CTSysVol.exe -> [2005/10/31 10:51:52 | 00,135,168 | ---- | M] (Creative Technology Ltd) daemon.exe -> %ProgramFiles%\D-Tools\daemon.exe -> [2004/08/22 17:05:02 | 00,159,744 | ---- | M] (DAEMON'S HOME) incd.exe -> %ProgramFiles%\Ahead\InCD\InCD.exe -> [2006/11/02 08:55:16 | 01,397,760 | ---- | M] (Nero AG) incdsrv.exe -> %ProgramFiles%\Ahead\InCD\InCDsrv.exe -> [2005/07/08 16:24:46 | 00,871,424 | ---- | M] (Nero AG) jqs.exe -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2008/11/10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) jusched.exe -> %ProgramFiles%\Java\jre6\bin\jusched.exe -> [2008/11/10 05:43:42 | 00,214,424 | ---- | M] (Sun Microsystems, Inc.) lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> [2006/10/19 13:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) mdm.exe -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2007/07/24 14:17:08 | 00,229,376 | ---- | M] (Apple Inc.) nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> [2008/10/07 13:33:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2009/01/26 12:13:22 | 00,485,376 | ---- | M] (OldTimer Tools) pdvdserv.exe -> %ProgramFiles%\CyberLink DVD Solution\PowerDVD\PDVDServ.exe -> [2004/11/02 20:24:46 | 00,102,400 | ---- | M] (Cyberlink Corp.) pnkbstra.exe -> %SystemRoot%\system32\PnkBstrA.exe -> [2008/03/14 21:56:01 | 00,066,872 | ---- | M] () rundll32.exe -> %SystemRoot%\system32\rundll32.exe -> [2004/08/04 01:56:56 | 00,033,280 | ---- | M] (Microsoft Corporation) rundll32.exe -> %SystemRoot%\system32\rundll32.exe -> [2004/08/04 01:56:56 | 00,033,280 | ---- | M] (Microsoft Corporation) runservice.exe -> %SystemRoot%\Runservice.exe -> [2007/11/15 14:19:38 | 00,002,560 | ---- | M] () scsiaccess.exe -> %ProgramFiles%\Photodex\ProShowGold\scsiaccess.exe -> [2008/03/23 18:09:35 | 00,181,312 | ---- | M] () smax4pnp.exe -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> [2005/05/18 10:00:00 | 01,003,520 | R--- | M] (Analog Devices, Inc.) veca.exe -> %UserProfile%\Local Settings\temp\veca.exe -> [2009/01/31 01:10:28 | 00,019,456 | ---- | M] () wdfmgr.exe -> %SystemRoot%\system32\wdfmgr.exe -> [2005/01/28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) winisccaf.exe -> %UserProfile%\Local Settings\temp\winisccaf.exe -> [2009/01/31 01:10:17 | 00,008,704 | ---- | M] () winsdvd.exe -> %UserProfile%\Local Settings\temp\winsdvd.exe -> [2009/01/31 01:10:22 | 00,007,680 | ---- | M] () ymsgr_tray.exe -> %ProgramFiles%\Yahoo!\Messenger\Ymsgr_tray.exe -> [2006/10/24 16:10:18 | 00,103,928 | ---- | M] (Yahoo! Inc.) [Win32 Services - Safe List] (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2007/11/10 16:35:18 | 00,146,432 | ---- | M] (Adobe Systems) (aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) (Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2007/07/24 14:17:08 | 00,229,376 | ---- | M] (Apple Inc.) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) (Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %SystemRoot%\system32\CTSVCCDA.EXE -> [1999/12/13 03:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/03/05 16:10:11 | 00,207,800 | ---- | M] (Google) (helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\pchealth\helpctr\binaries\pchsvc.dll -> [2004/08/04 01:56:46 | 00,038,912 | ---- | M] (Microsoft Corporation) (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/03 23:41:10 | 00,139,264 | ---- | M] (Macrovision Corporation) (InCDsrv) InCD Helper [Win32_Own | Auto | Running] -> %ProgramFiles%\Ahead\InCD\InCDsrv.exe -> [2005/07/08 16:24:46 | 00,871,424 | ---- | M] (Nero AG) (JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2008/11/10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) (LicCtrlService) LicCtrl Service [Win32_Own | Auto | Running] -> %SystemRoot%\Runservice.exe -> [2007/11/15 14:19:38 | 00,002,560 | ---- | M] () (LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> [2006/10/19 13:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) (MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> [2008/10/07 13:33:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) (ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 12:28:22 | 00,162,864 | ---- | M] (Microsoft Corporation) (PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrA.exe -> [2008/03/14 21:56:01 | 00,066,872 | ---- | M] () (ScsiAccess) ScsiAccess [Win32_Own | Auto | Running] -> %ProgramFiles%\Photodex\ProShowGold\scsiaccess.exe -> [2008/03/23 18:09:35 | 00,181,312 | ---- | M] () (UMWdf) Windows User Mode Driver Framework [Win32_Own | Auto | Running] -> %SystemRoot%\system32\wdfmgr.exe -> [2005/01/28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (ADIHdAudAddService) ADI UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ADIHdAud.sys -> [2006/07/04 18:01:00 | 00,151,552 | R--- | M] (Analog Devices, Inc.) (AEAudioService) AEAudio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aeaudio.sys -> [2005/12/19 10:00:00 | 00,092,800 | R--- | M] (Andrea Electronics Corporation) (Afc) PPdus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\afc.sys -> [2006/11/09 23:05:00 | 00,018,688 | ---- | M] (Arcsoft, Inc.) (AsIO) AsIO [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AsIO.sys -> [2005/12/22 04:22:18 | 00,005,685 | R--- | M] () (ctsfm2k) Creative SoundFont Management Device Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctsfm2k.sys -> [2005/01/10 12:15:24 | 00,138,752 | R--- | M] (Creative Technology Ltd) (d347bus) d347bus [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\d347bus.sys -> [2004/08/22 16:31:10 | 00,155,136 | ---- | M] ( ) (d347prt) d347prt [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\d347prt.sys -> [2004/08/22 16:31:48 | 00,005,248 | ---- | M] ( ) (HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Hdaudio.sys -> [2004/10/27 15:21:30 | 00,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Hdaudbus.sys -> [2004/10/27 15:21:36 | 00,138,240 | ---- | M] (Windows (R) Server 2003 DDK provider) (InCDfs) InCD File System [File_System | Disabled | Running] -> %SystemRoot%\system32\drivers\InCDfs.sys -> [2005/07/08 16:17:54 | 00,099,584 | ---- | M] (Nero AG) (InCDPass) InCDPass [Kernel | System | Running] -> %SystemRoot%\system32\drivers\InCDpass.sys -> [2005/07/08 16:17:36 | 00,029,696 | ---- | M] (Nero AG) (incdrm) InCD Reader [Kernel | System | Running] -> %SystemRoot%\system32\drivers\InCDrm.sys -> [2006/11/02 08:55:17 | 00,028,672 | ---- | M] (Nero AG) (MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ASACPI.sys -> [2004/08/13 04:56:20 | 00,005,810 | R--- | M] () (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> [2008/10/07 13:33:00 | 06,133,856 | ---- | M] (NVIDIA Corporation) (ossrv) Creative OS Services Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ctoss2k.sys -> [2005/01/10 12:15:30 | 00,106,496 | R--- | M] (Creative Technology Ltd.) (P17) Sound Blaster Audigy [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\P17.sys -> [2005/07/07 10:14:30 | 01,389,056 | R--- | M] (Creative Technology Ltd.) (pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> [2008/06/23 20:54:24 | 00,010,368 | ---- | M] (Padus, Inc.) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2001/08/23 16:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\PxHelp20.sys -> [2006/08/25 05:47:00 | 00,036,528 | ---- | M] (Sonic Solutions) (RTLE8023xp) Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Rtenicxp.sys -> [2006/08/14 00:09:00 | 00,083,200 | R--- | M] (Realtek Semiconductor Corporation ) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 12:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (SenFiltService) SenFilt Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\senfilt.sys -> [2005/06/07 10:00:00 | 00,393,088 | R--- | M] (Sensaura) (SONYPVU1) Sony USB Filter Driver (SONYPVU1) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SONYPVU1.SYS -> [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) (WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ws2ifsl.sys -> [2001/08/23 16:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) (asc3360pr) asc3360pr [Kernel | On_Demand | Running] -> -> File not found [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\windows\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.ro -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\"Local Page" -> \blank.htm -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.google.com/ -> HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.ro -> HKEY_CURRENT_USER\: SearchURL\\"provider" -> gogl -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\] > -> -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\: Main\\"Local Page" -> \blank.htm -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\: Main\\"Start Page" -> http://www.google.com/ -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\: SearchURL\\"" -> http://www.google.ro -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\: SearchURL\\"provider" -> gogl -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\: "ProxyOverride" -> *.local -> < FireFox Settings [Default Profile] > -> C:\Documents and Settings\Bogdanian\Application Data\Mozilla\FireFox\Profiles\8r9j2g21.default\prefs.js -> browser.startup.homepage_override.mstone -> "rv:1.9.0.5" -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10 -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5 -> < HOSTS File > (27 bytes and 1 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2008/11/10 05:43:31 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.) {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> %ProgramFiles%\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2008/11/10 05:43:16 | 00,034,816 | ---- | M] (Sun Microsystems, Inc.) {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> %ProgramFiles%\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2008/11/10 05:43:17 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/10/15 01:04:34 | 00,113,520 | ---- | M] (Adobe Systems Incorporated) "CreativeTaskScheduler" -> %ProgramFiles%\Creative\Shared Files\CTSched.exe ["C:\Program Files\Creative\Shared Files\CTSched.exe" /logon] -> [2006/01/09 04:43:42 | 00,135,260 | ---- | M] (Creative Technology Ltd) "CTSysVol" -> %ProgramFiles%\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r] -> [2005/10/31 10:51:52 | 00,135,168 | ---- | M] (Creative Technology Ltd) "DAEMON Tools-1033" -> %ProgramFiles%\D-Tools\daemon.exe ["C:\Program Files\D-Tools\daemon.exe" -lang 1033] -> [2004/08/22 17:05:02 | 00,159,744 | ---- | M] (DAEMON'S HOME) "High Definition Audio Property Page Shortcut" -> %SystemRoot%\system32\HdAShCut.exe [HDAShCut.exe] -> [2004/10/27 15:21:30 | 00,135,680 | ---- | M] (Windows (R) Server 2003 DDK provider) "InCD" -> %ProgramFiles%\Ahead\InCD\InCD.exe [C:\Program Files\Ahead\InCD\InCD.exe] -> [2006/11/02 08:55:16 | 01,397,760 | ---- | M] (Nero AG) "NeroFilterCheck" -> %SystemRoot%\system32\NeroCheck.exe [C:\WINDOWS\system32\NeroCheck.exe] -> [2001/07/09 09:50:42 | 00,229,376 | ---- | M] (Ahead Software Gmbh) "NvCplDaemon" -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2008/10/07 13:33:00 | 13,574,144 | ---- | M] (NVIDIA Corporation) "NvMediaCenter" -> %SystemRoot%\system32\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> [2008/10/07 13:33:00 | 00,086,016 | ---- | M] (NVIDIA Corporation) "nwiz" -> %SystemRoot%\system32\nwiz.exe [nwiz.exe /install] -> [2008/10/07 13:33:00 | 01,699,840 | ---- | M] () "P17Helper" -> %SystemRoot%\system32\P17.dll [Rundll32 P17.dll,P17Helper] -> [2005/05/03 13:38:42 | 00,064,512 | R--- | M] () "RemoteControl" -> %ProgramFiles%\CyberLink DVD Solution\PowerDVD\PDVDServ.exe ["C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"] -> [2004/11/02 20:24:46 | 00,102,400 | ---- | M] (Cyberlink Corp.) "SoundMAXPnP" -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe [C:\Program Files\Analog Devices\Core\smax4pnp.exe] -> [2005/05/18 10:00:00 | 01,003,520 | R--- | M] (Analog Devices, Inc.) "SunJavaUpdateSched" -> %ProgramFiles%\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2008/11/10 05:43:42 | 00,214,424 | ---- | M] (Sun Microsystems, Inc.) "UpdReg" -> %SystemRoot%\Updreg.EXE [C:\WINDOWS\UpdReg.EXE] -> [2000/05/11 01:00:00 | 00,163,840 | ---- | M] (Creative Technology Ltd.) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "swg" -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] -> [2008/03/05 16:10:20 | 00,253,368 | ---- | M] (Google Inc.) "Yahoo! Pager" -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe ["C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet] -> [2006/10/24 16:10:18 | 04,732,408 | ---- | M] (Yahoo! Inc.) < Run [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "swg" -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] -> [2008/03/05 16:10:20 | 00,253,368 | ---- | M] (Google Inc.) "Yahoo! Pager" -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe ["C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet] -> [2006/10/24 16:10:18 | 04,732,408 | ---- | M] (Yahoo! Inc.) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk -> %ProgramFiles%\Microsoft Office\OFFICE11\ONENOTEM.EXE -> [2003/08/06 13:23:32 | 00,051,776 | ---- | M] (Microsoft Corporation) < Bogdanian Startup Folder > -> C:\Documents and Settings\Bogdanian\Start Menu\Programs\Startup -> %UserProfile%\Start Menu\Programs\Startup\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> [2005/03/16 19:16:50 | 00,187,392 | ---- | M] (Adobe Systems, Inc.) < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> < Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> < Software Policy Settings [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003] > -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [227] -> File not found \\"NoDrives" -> [0] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"EnableLUA" -> [0] -> File not found \\"DisableRegistryTools" -> [0] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableChangePassword" -> [0] -> File not found \\"DisableLockWorkstation" -> [0] -> File not found \\"DisableRegistryTools" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003] > -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003] > -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableChangePassword" -> [0] -> File not found \\"DisableLockWorkstation" -> [0] -> File not found \\"DisableRegistryTools" -> [0] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2003/08/13 02:34:38 | 10,142,776 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2003/08/13 02:34:38 | 10,142,776 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2003/07/14 22:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> File not found {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> File not found < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found CmdMapping\\"{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2003/07/14 22:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation) CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\"{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}" [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe [Messenger Class] -> [2006/10/24 16:10:18 | 04,732,408 | ---- | M] (Yahoo! Inc.) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> File not found < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found CmdMapping\\"{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2003/07/14 22:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation) CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\"{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}" [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe [Messenger Class] -> [2006/10/24 16:10:18 | 04,732,408 | ---- | M] (Yahoo! Inc.) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4485 domain(s) found. -> 36 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7211 domain(s) found. -> 43 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4494 domain(s) found. -> 35 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4494 domain(s) found. -> 35 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7211 domain(s) found. -> 43 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1957994488-2049760794-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {193C772A-87BE-4B19-A7BB-445B226FE9A1} [HKLM] -> http://downloads.ewido.net/ewidoOnlineScan.cab [ewidoOnlineScan Control] -> {1E54D648-B804-468d-BC78-4AFFED8E262E} [HKLM] -> http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab [System Requirements Lab Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab [Reg Error: Key does not exist or could not be opened.] -> {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab [Shockwave Flash Object] -> IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004/08/04 01:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004/08/04 01:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation) "%windir%\system32\TV_View_Plugin_4.7.ocx" -> C:\WINDOWS\system32\TV_View_Plugin_4.7.ocx [%windir%\system32\TV_View_Plugin_4.7.ocx:*:Enabled:TV_View_Plugin_4.7.ocx] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\ffsmg.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\ffsmg.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\ffsmg.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\jeoy.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\jeoy.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\jeoy.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\jifh.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\jifh.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\jifh.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\nfjj.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\nfjj.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\nfjj.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\nqopyp.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\nqopyp.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\nqopyp.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\qafv.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\qafv.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\qafv.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\slkpec.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\slkpec.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\slkpec.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\sxawsx.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\sxawsx.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\sxawsx.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\tecew.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\tecew.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\tecew.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\tycwhe.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\tycwhe.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\tycwhe.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\uqgv.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\uqgv.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\uqgv.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\veca.exe" -> C:\Documents and Settings\Bogdanian\Local Settings\temp\veca.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\veca.exe:*:Enabled:ipsec] -> [2009/01/31 01:10:28 | 00,019,456 | ---- | M] () "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winakhica.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winakhica.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winakhica.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\wincfgl.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\wincfgl.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\wincfgl.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winfxpdtn.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winfxpdtn.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winfxpdtn.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winhgwfsv.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winhgwfsv.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winhgwfsv.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winisccaf.exe" -> C:\Documents and Settings\Bogdanian\Local Settings\temp\winisccaf.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winisccaf.exe:*:Enabled:ipsec] -> [2009/01/31 01:10:17 | 00,008,704 | ---- | M] () "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winjbllji.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winjbllji.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winjbllji.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winjqbety.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winjqbety.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winjqbety.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winkeah.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winkeah.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winkeah.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winkvgfpy.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winkvgfpy.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winkvgfpy.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winkxeheu.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winkxeheu.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winkxeheu.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winlygxx.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winlygxx.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winlygxx.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winmrtbe.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winmrtbe.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winmrtbe.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winnbad.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winnbad.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winnbad.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winntly.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winntly.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winntly.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winohcg.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winohcg.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winohcg.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winoxeci.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winoxeci.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winoxeci.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winpthu.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winpthu.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winpthu.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winsdvd.exe" -> C:\Documents and Settings\Bogdanian\Local Settings\temp\winsdvd.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winsdvd.exe:*:Enabled:ipsec] -> [2009/01/31 01:10:22 | 00,007,680 | ---- | M] () "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winuntfrn.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winuntfrn.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winuntfrn.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winvahlvv.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winvahlvv.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\winvahlvv.exe:*:Enabled:ipsec] -> File not found "C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\xusl.exe" -> C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\xusl.exe [C:\DOCUME~1\BOGDAN~1\LOCALS~1\Temp\xusl.exe:*:Enabled:ipsec] -> File not found "C:\Program Files\Analog Devices\Core\smax4pnp.exe" -> C:\Program Files\Analog Devices\Core\smax4pnp.exe [C:\Program Files\Analog Devices\Core\smax4pnp.exe:*:Enabled:ipsec] -> [2005/05/18 10:00:00 | 01,003,520 | R--- | M] (Analog Devices, Inc.) "C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2007/07/24 14:17:08 | 00,229,376 | ---- | M] (Apple Inc.) "C:\Program Files\Creative\Shared Files\CTSched.exe" -> C:\Program Files\Creative\Shared Files\CTSched.exe [C:\Program Files\Creative\Shared Files\CTSched.exe:*:Enabled:ipsec] -> [2006/01/09 04:43:42 | 00,135,260 | ---- | M] (Creative Technology Ltd) "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -> C:\Program Files\Internet Explorer\IEXPLORE.EXE [C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Disabled:Internet Explorer] -> [2004/08/04 01:56:52 | 00,093,184 | ---- | M] (Microsoft Corporation) "C:\Program Files\mIRC\mirc.exe" -> C:\Program Files\mIRC\mirc.exe [C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC] -> [2007/11/01 21:57:24 | 02,838,016 | ---- | M] (mIRC Co. Ltd.) "C:\Program Files\oDC\oDC.exe" -> C:\Program Files\oDC\oDC.exe [C:\Program Files\oDC\oDC.exe:*:Enabled:oDC] -> [2004/01/10 00:41:08 | 01,347,584 | ---- | M] () "C:\Program Files\oDC\StrongDC.exe" -> C:\Program Files\oDC\StrongDC.exe [C:\Program Files\oDC\StrongDC.exe:*:Enabled:StrongDC++] -> [2006/11/05 15:00:54 | 02,813,952 | ---- | M] () "C:\Program Files\SopCast\adv\SopAdver.exe" -> C:\Program Files\SopCast\adv\SopAdver.exe [C:\Program Files\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver] -> [2007/03/07 12:27:12 | 00,641,112 | ---- | M] (www.sopcast.com) "C:\Program Files\Soulseek\slsk.exe" -> C:\Program Files\Soulseek\slsk.exe [C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek] -> [2005/04/18 00:08:10 | 03,186,688 | ---- | M] () "C:\Program Files\SoulseekNS\slsk.exe" -> C:\Program Files\SoulseekNS\slsk.exe [C:\Program Files\SoulseekNS\slsk.exe:*:Disabled:SoulSeek] -> [2008/08/02 15:59:20 | 03,534,848 | ---- | M] () "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> [2006/10/24 16:10:18 | 04,732,408 | ---- | M] (Yahoo! Inc.) "C:\Program Files\Yahoo!\Messenger\YServer.exe" -> C:\Program Files\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> [2006/10/24 16:10:20 | 00,168,952 | ---- | M] (Yahoo! Inc.) "C:\WINDOWS\Explorer.EXE" -> C:\WINDOWS\explorer.exe [C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec] -> [2007/06/13 12:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\notepad.exe" -> C:\WINDOWS\NOTEPAD.EXE [C:\WINDOWS\notepad.exe:*:Enabled:ipsec] -> [2004/08/04 01:56:56 | 00,069,120 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\CF9495.exe" -> C:\WINDOWS\system32\CF9495.exe [C:\WINDOWS\system32\CF9495.exe:*:Enabled:ipsec] -> File not found "C:\WINDOWS\system32\HDAShCut.exe" -> C:\WINDOWS\system32\HdAShCut.exe [C:\WINDOWS\system32\HDAShCut.exe:*:Enabled:ipsec] -> [2004/10/27 15:21:30 | 00,135,680 | ---- | M] (Windows (R) Server 2003 DDK provider) "C:\WINDOWS\system32\nwiz.exe" -> C:\WINDOWS\system32\nwiz.exe [C:\WINDOWS\system32\nwiz.exe:*:Enabled:ipsec] -> [2008/10/07 13:33:00 | 01,699,840 | ---- | M] () "C:\WINDOWS\system32\PnkBstrA.exe" -> C:\WINDOWS\system32\PnkBstrA.exe [C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA] -> [2008/03/14 21:56:01 | 00,066,872 | ---- | M] () "C:\WINDOWS\system32\PnkBstrB.exe" -> C:\WINDOWS\system32\PnkBstrB.exe [C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB] -> [2008/03/14 21:56:06 | 00,103,736 | ---- | M] () "C:\WINDOWS\system32\userinit.exe" -> C:\WINDOWS\system32\userinit.exe [C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec] -> [2004/08/04 01:56:58 | 00,024,576 | ---- | M] (Microsoft Corporation) "D:\Games-kitturi\FIFA2007\fifa07.exe" -> D:\Games-kitturi\FIFA2007\fifa07.exe [D:\Games-kitturi\FIFA2007\fifa07.exe:*:Enabled:fifa07] -> [2006/09/25 20:32:28 | 05,308,416 | ---- | M] () "D:\ZOMBIESS\System\LOTD.exe" -> D:\ZOMBIESS\System\LOTD.exe [D:\ZOMBIESS\System\LOTD.exe:*:Enabled:Land Of The Dead] -> [2008/12/29 00:45:12 | 00,237,568 | ---- | M] (Groove Games/Brainbox Games) "E:\Guitar Hero 3\GH3.exe" -> E:\Guitar Hero 3\GH3.exe [E:\Guitar Hero 3\GH3.exe:*:Disabled:Guitar Hero III] -> [2008/07/14 17:49:28 | 07,059,456 | ---- | M] (Aspyr Media, Inc.) "E:\Marvel game\Marvel Vs\MarvelVs.exe" -> E:\Marvel game\Marvel Vs\MarvelVs.exe [E:\Marvel game\Marvel Vs\MarvelVs.exe:*:Enabled:MarvelVs] -> [2007/05/31 21:32:07 | 04,610,560 | ---- | M] () "E:\motogp2\motogp2.exe" -> E:\motogp2\motogp2.exe [E:\motogp2\motogp2.exe:*:Enabled:motogp2] -> [2007/03/24 00:29:46 | 02,056,192 | ---- | M] () "E:\Warcraft III- Reign of Chaos & Frozen Throne\warcraft iii\Warcraft III.exe" -> E:\Warcraft III- Reign of Chaos & Frozen Throne\warcraft iii\Warcraft III.exe [E:\Warcraft III- Reign of Chaos & Frozen Throne\warcraft iii\Warcraft III.exe:*:Enabled:Warcraft III] -> [2007/03/22 17:59:34 | 00,344,064 | ---- | M] (Blizzard Entertainment) "G:\BitLord\BitLord.exe" -> G:\BitLord\BitLord.exe [G:\BitLord\BitLord.exe:*:Enabled:BitLord] -> [2005/05/07 02:47:08 | 02,293,760 | ---- | M] (www.BitLord.com) "G:\CrySis Game\Bin32\Crysis.exe" -> G:\CrySis Game\Bin32\Crysis.exe [G:\CrySis Game\Bin32\Crysis.exe:*:Enabled:Crysis_32] -> [2007/11/11 08:55:08 | 09,556,801 | ---- | M] (Crytek GmbH) "G:\CrySis Game\Bin32\CrysisDedicatedServer.exe" -> G:\CrySis Game\Bin32\CrysisDedicatedServer.exe [G:\CrySis Game\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32] -> [2007/10/25 00:11:28 | 00,017,120 | ---- | M] (Crytek GmbH) "G:\Far2\Far Cry 2\bin\FarCry2.exe" -> G:\Far2\Far Cry 2\bin\FarCry2.exe [G:\Far2\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2] -> [2008/10/22 11:49:47 | 00,035,270 | ---- | M] (Ubisoft Entertainment) "G:\Far2\Far Cry 2\bin\FC2Editor.exe" -> G:\Far2\Far Cry 2\bin\FC2Editor.exe [G:\Far2\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor] -> [2008/09/30 19:05:34 | 01,249,280 | ---- | M] (Ubisoft Entertainment) "G:\Far2\Far Cry 2\bin\FC2Launcher.exe" -> G:\Far2\Far Cry 2\bin\FC2Launcher.exe [G:\Far2\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater] -> [2008/09/30 19:09:18 | 00,692,872 | ---- | M] (Ubisoft) < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2004/08/03 23:59:54 | 00,049,536 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2007/11/09 21:18:11 | 00,000,000 | ---- | M] () C:\autorun.inf [] -> %SystemDrive%\autorun.inf [ NTFS ] -> [2008/07/12 23:51:31 | 00,000,000 | -HSD | M] D:\autorun.inf [] -> D:\autorun.inf [ NTFS ] -> [2008/07/12 23:51:31 | 00,000,000 | RHSD | M] E:\autorun.inf [] -> E:\autorun.inf [ NTFS ] -> [2008/07/12 23:51:32 | 00,000,000 | RHSD | M] F:\autorun.inf [] -> F:\autorun.inf [ NTFS ] -> [2008/07/12 23:51:32 | 00,000,000 | RHSD | M] G:\autorun.inf [] -> G:\autorun.inf [ NTFS ] -> [2008/07/12 23:51:32 | 00,000,000 | RHSD | M] I:\AutoRun [] -> I:\AutoRun.exe [ UDF ] -> [2006/09/07 00:15:27 | 00,741,376 | R--- | M] (Electronic Arts Inc.) I:\AutoRun.exe [MZ | ] -> I:\AutoRun.exe [ UDF ] -> [2006/09/07 00:15:27 | 00,741,376 | R--- | M] (Electronic Arts Inc.) I:\AutoRunGUI.dll [MZ | ] -> I:\AutoRunGUI.dll [ UDF ] -> [2006/08/23 19:58:17 | 00,593,920 | R--- | M] (Electronic Arts Inc.) I:\autorun.inf [[autorun] | open=Autorun.exe | Icon=fifapc.ico | Name=FIFA 07 | | [Special] | Disk=1 | ProductGuiID={5A438E06-0BB3-4C5F-0085-B14F1F4077E6} | | ] -> I:\autorun.inf [ UDF ] -> [2006/09/07 00:28:53 | 00,000,136 | R--- | M] () J:\autorun.inf [[autorun] | open=RunGame.exe | Icon=TCM2004.ico | Name=Total Club Manager 2004 | | ] -> J:\autorun.inf [ CDFS ] -> [2003/10/23 13:28:28 | 00,000,079 | R--- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \L HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\Shell \L\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\Shell\AutoRun \L\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\Shell\AutoRun\command \L\Shell\AutoRun\command\\"" -> L:\LaunchU3.exe [L:\LaunchU3.exe -a] -> File not found [Registry - Additional Scans - Safe List] < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 12/19/2008 6:01:25 PM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} and it will not be loaded. This is most likely caused by a faulty registration. Application [ Error ] 12/19/2008 6:08:18 PM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} and it will not be loaded. This is most likely caused by a faulty registration. Application [ Error ] 12/19/2008 6:08:18 PM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} and it will not be loaded. This is most likely caused by a faulty registration. Application [ Error ] 12/20/2008 3:29:10 AM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} and it will not be loaded. This is most likely caused by a faulty registration. Application [ Error ] 12/20/2008 3:29:10 AM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} and it will not be loaded. This is most likely caused by a faulty registration. Application [ Error ] 12/20/2008 3:29:42 AM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} and it will not be loaded. This is most likely caused by a faulty registration. Application [ Error ] 12/20/2008 3:29:42 AM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} and it will not be loaded. This is most likely caused by a faulty registration. Application [ Error ] 12/20/2008 6:45:38 AM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} and it will not be loaded. This is most likely caused by a faulty registration. Application [ Error ] 12/20/2008 6:45:38 AM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} and it will not be loaded. This is most likely caused by a faulty registration. Application [ Error ] 12/20/2008 6:45:45 AM Computer Name = ACASA-806DAN | Source = Userenv | ID = 1041 -> Description = Windows cannot query DllName registry entry for {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} and it will not be loaded. This is most likely caused by a faulty registration. System [ Error ] 1/30/2009 4:11:32 PM Computer Name = ACASA-806DAN | Source = Service Control Manager | ID = 7034 -> Description = The Windows User Mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 1/30/2009 4:11:32 PM Computer Name = ACASA-806DAN | Source = Service Control Manager | ID = 7034 -> Description = The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 1/30/2009 4:11:32 PM Computer Name = ACASA-806DAN | Source = Service Control Manager | ID = 7034 -> Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 1/30/2009 4:11:32 PM Computer Name = ACASA-806DAN | Source = Service Control Manager | ID = 7031 -> Description = The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. System [ Error ] 1/30/2009 4:11:32 PM Computer Name = ACASA-806DAN | Source = Service Control Manager | ID = 7034 -> Description = The ScsiAccess service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 1/30/2009 4:11:33 PM Computer Name = ACASA-806DAN | Source = Service Control Manager | ID = 7034 -> Description = The InCD Helper service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 1/30/2009 4:22:51 PM Computer Name = ACASA-806DAN | Source = Service Control Manager | ID = 7000 -> Description = The AMON service failed to start due to the following error: %%2 System [ Error ] 1/30/2009 4:23:10 PM Computer Name = ACASA-806DAN | Source = Print | ID = 23 -> Description = Printer Export To Web failed to initialize because a suitable Web Export driver could not be found. System [ Error ] 1/30/2009 7:06:43 PM Computer Name = ACASA-806DAN | Source = Print | ID = 23 -> Description = Printer Export To Web failed to initialize because a suitable Web Export driver could not be found. System [ Error ] 1/30/2009 7:07:05 PM Computer Name = ACASA-806DAN | Source = Service Control Manager | ID = 7000 -> Description = The AMON service failed to start due to the following error: %%2 [Files/Folders - Created Within 30 Days] 9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 30 C:\Documents and Settings\Bogdanian\Desktop\*.tmp files -> C:\Documents and Settings\Bogdanian\Desktop\*.tmp -> OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2009/01/31 01:11:13 | 00,000,000 | ---D | C] OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/01/31 01:08:40 | 00,656,714 | ---- | C] () Avenger -> %SystemDrive%\Avenger -> [2009/01/31 01:06:10 | 00,000,000 | ---D | C] zip.exe -> %SystemDrive%\zip.exe -> [2009/01/31 01:04:23 | 00,135,168 | ---- | C] () cleanup.exe -> %SystemDrive%\cleanup.exe -> [2009/01/31 01:04:23 | 00,019,286 | ---- | C] () backup.reg -> %SystemDrive%\backup.reg -> [2009/01/31 01:04:23 | 00,001,297 | ---- | C] () cleanup.bat -> %SystemDrive%\cleanup.bat -> [2009/01/31 01:04:23 | 00,000,574 | ---- | C] () avenger -> %UserProfile%\Desktop\avenger -> [2009/01/31 01:02:03 | 00,000,000 | ---D | C] avenger.zip -> %UserProfile%\Desktop\avenger.zip -> [2009/01/31 01:01:06 | 00,724,952 | ---- | C] () ComboFix -> %SystemDrive%\ComboFix -> [2009/01/31 00:39:51 | 00,000,000 | ---D | C] temp -> %SystemRoot%\temp -> [2009/01/30 22:11:56 | 00,000,000 | ---D | C] Clasamente handbal JGR.doc -> %UserProfile%\Desktop\Clasamente handbal JGR.doc -> [2009/01/30 13:37:55 | 00,050,688 | ---- | C] () OTMoveIt3.exe -> %UserProfile%\Desktop\OTMoveIt3.exe -> [2009/01/30 10:48:50 | 00,348,160 | ---- | C] (OldTimer Tools) Magiunel.bmp -> %UserProfile%\Desktop\Magiunel.bmp -> [2009/01/30 10:42:35 | 00,777,350 | ---- | C] () Cotolan.bmp -> %UserProfile%\Desktop\Cotolan.bmp -> [2009/01/30 10:40:53 | 00,867,778 | ---- | C] () Dunarea Sport 4.doc -> %UserProfile%\Desktop\Dunarea Sport 4.doc -> [2009/01/30 09:26:04 | 00,039,936 | ---- | C] () New Folder (2) -> %UserProfile%\Desktop\New Folder (2) -> [2009/01/30 08:46:01 | 00,000,000 | ---D | C] Sport JGR 4.doc -> %UserProfile%\Desktop\Sport JGR 4.doc -> [2009/01/30 07:21:15 | 00,113,152 | ---- | C] () Minidump -> %SystemRoot%\Minidump -> [2009/01/30 00:09:31 | 00,000,000 | ---D | C] setupeng.exe -> %UserProfile%\Desktop\setupeng.exe -> [2009/01/30 00:08:01 | 09,303,248 | ---- | C] () Install_SPMT -> %UserProfile%\Desktop\Install_SPMT -> [2009/01/29 23:40:50 | 00,000,000 | ---D | C] Install_SPMT.zip -> %UserProfile%\Desktop\Install_SPMT.zip -> [2009/01/29 23:37:49 | 01,595,245 | ---- | C] () SPMT.rar -> %SystemDrive%\SPMT.rar -> [2009/01/29 23:34:51 | 04,408,452 | ---- | C] () 1137279856_0812226957.jpg -> %UserProfile%\Desktop\1137279856_0812226957.jpg -> [2009/01/29 11:02:03 | 00,146,766 | ---- | C] () dsc09114fl0.jpg -> %UserProfile%\Desktop\dsc09114fl0.jpg -> [2009/01/29 11:00:32 | 00,277,399 | ---- | C] () faza4au9.jpg -> %UserProfile%\Desktop\faza4au9.jpg -> [2009/01/29 11:00:11 | 00,441,180 | ---- | C] () Consiliul Local - Valahia.doc -> %UserProfile%\Desktop\Consiliul Local - Valahia.doc -> [2009/01/29 10:26:21 | 00,025,600 | ---- | C] () marin barbu.bmp -> %UserProfile%\Desktop\marin barbu.bmp -> [2009/01/29 10:12:59 | 00,777,352 | ---- | C] () marin%20barbu24.bmp -> %UserProfile%\Desktop\marin%20barbu24.bmp -> [2009/01/29 10:10:58 | 00,777,350 | ---- | C] () staffeditor -> %UserProfile%\Desktop\staffeditor -> [2009/01/28 17:06:51 | 00,000,000 | ---D | C] staffeditor.zip -> %UserProfile%\Desktop\staffeditor.zip -> [2009/01/28 17:06:16 | 02,305,647 | ---- | C] () FM_Dunarea Giurgiu_051208 -> %UserProfile%\Desktop\FM_Dunarea Giurgiu_051208 -> [2009/01/28 16:59:51 | 00,000,000 | ---D | C] FM_Dunarea Giurgiu_051208.rar -> %UserProfile%\Desktop\FM_Dunarea Giurgiu_051208.rar -> [2009/01/28 16:50:21 | 00,008,166 | ---- | C] () sub_Che-Part-One-2008_1 -> %UserProfile%\Desktop\sub_Che-Part-One-2008_1 -> [2009/01/27 22:05:43 | 00,000,000 | ---D | C] www[1].AllSubs.org_che-guevara-english-subtitles_10194 -> %UserProfile%\Desktop\www[1].AllSubs.org_che-guevara-english-subtitles_10194 -> [2009/01/27 22:00:20 | 00,000,000 | ---D | C] www[1].AllSubs.org_che-guevara-english-subtitles_10194.zip -> %UserProfile%\Desktop\www[1].AllSubs.org_che-guevara-english-subtitles_10194.zip -> [2009/01/27 21:44:15 | 00,023,803 | ---- | C] () guerrilla[1].(2008).pol.1cd.(3410939) -> %UserProfile%\Desktop\guerrilla[1].(2008).pol.1cd.(3410939) -> [2009/01/27 21:40:04 | 00,000,000 | ---D | C] Cleopatra_Stratan_-_Noapte_Buna.mp3 -> %UserProfile%\Desktop\Cleopatra_Stratan_-_Noapte_Buna.mp3 -> [2009/01/27 20:06:45 | 03,776,512 | ---- | C] () 27-ian-prosport.pdf -> %UserProfile%\My Documents\27-ian-prosport.pdf -> [2009/01/27 19:08:29 | 07,450,160 | ---- | C] () DivaTV - 26 ian. 2009.doc -> %UserProfile%\Desktop\DivaTV - 26 ian. 2009.doc -> [2009/01/26 13:36:13 | 00,031,744 | ---- | C] () Vladu - materiale finale, corectate -> %SystemDrive%\Vladu - materiale finale, corectate -> [2009/01/23 20:42:16 | 00,000,000 | ---D | C] Revista - Vladu - corectat, TOT.doc -> %SystemDrive%\Revista - Vladu - corectat, TOT.doc -> [2009/01/23 20:09:38 | 00,156,672 | ---- | C] () DSCF6216.jpg -> %UserProfile%\Desktop\DSCF6216.jpg -> [2009/01/23 19:51:39 | 02,314,843 | ---- | C] () Virgil GEORGESCU jr..jpg -> %SystemDrive%\Virgil GEORGESCU jr..jpg -> [2009/01/23 19:49:01 | 00,565,756 | ---- | C] () DSC_0185.JPG -> %SystemDrive%\DSC_0185.JPG -> [2009/01/23 19:48:32 | 01,560,614 | ---- | C] () DSC09990.JPG -> %SystemDrive%\DSC09990.JPG -> [2009/01/23 19:46:56 | 00,421,157 | ---- | C] () IMG008_-_Copia_%283%29.jpg -> %UserProfile%\Desktop\IMG008_-_Copia_%283%29.jpg -> [2009/01/23 11:09:31 | 00,015,961 | ---- | C] () JGR Sport 3 Dunarea.doc -> %UserProfile%\Desktop\JGR Sport 3 Dunarea.doc -> [2009/01/23 09:39:59 | 00,045,056 | ---- | C] () Damian Marian - pres css.doc -> %UserProfile%\Desktop\Damian Marian - pres css.doc -> [2009/01/23 09:24:07 | 00,026,112 | ---- | C] () DSC_0182.JPG -> %UserProfile%\Desktop\DSC_0182.JPG -> [2009/01/23 08:56:51 | 01,239,746 | ---- | C] () Sport JGR 3.doc -> %UserProfile%\Desktop\Sport JGR 3.doc -> [2009/01/23 07:16:08 | 00,052,224 | ---- | C] () screenshot.png -> %SystemDrive%\screenshot.png -> [2009/01/23 01:02:43 | 00,257,895 | ---- | C] () HIM-Rockpalast.2000.DVBRip.x264.HIMMANIA.mkv -> %SystemDrive%\HIM-Rockpalast.2000.DVBRip.x264.HIMMANIA.mkv -> [2009/01/23 01:00:00 | 73,478,9316 | ---- | C] () screens-thumbs.jpg -> %SystemDrive%\screens-thumbs.jpg -> [2009/01/23 01:00:00 | 00,260,068 | ---- | C] () JGR - 3 -II -.doc -> %UserProfile%\Desktop\JGR - 3 -II -.doc -> [2009/01/22 11:32:13 | 00,027,136 | ---- | C] () JGR - 3.doc -> %UserProfile%\Desktop\JGR - 3.doc -> [2009/01/22 09:47:00 | 00,031,744 | ---- | C] () www_RegieLive_ro_SLUMDOG_MILLIONAIRE_1CD__2.rar -> %UserProfile%\Desktop\www_RegieLive_ro_SLUMDOG_MILLIONAIRE_1CD__2.rar -> [2009/01/21 21:11:43 | 00,024,222 | ---- | C] () www_RegieLive_ro_SLUMDOG_MILLIONAIRE_1CD__1.rar -> %UserProfile%\Desktop\www_RegieLive_ro_SLUMDOG_MILLIONAIRE_1CD__1.rar -> [2009/01/21 21:11:36 | 00,024,227 | ---- | C] () scan0002.jpg -> %UserProfile%\Desktop\scan0002.jpg -> [2009/01/21 20:26:46 | 00,170,422 | ---- | C] () scan0001.jpg -> %UserProfile%\Desktop\scan0001.jpg -> [2009/01/21 20:26:34 | 00,657,493 | ---- | C] () 20012009465.jpg -> %UserProfile%\Desktop\20012009465.jpg -> [2009/01/20 22:03:24 | 00,565,756 | ---- | C] () E-P_09_by_RIP -> %UserProfile%\Desktop\E-P_09_by_RIP -> [2009/01/20 16:54:49 | 00,000,000 | ---D | C] DivaTV - 19 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 19 ianuarie 2009.doc -> [2009/01/19 11:41:05 | 00,030,720 | ---- | C] () Ciocarlan -gol-.jpg -> %UserProfile%\Desktop\Ciocarlan -gol-.jpg -> [2009/01/17 20:22:19 | 00,094,461 | ---- | C] () Ciocarlan.jpg -> %UserProfile%\Desktop\Ciocarlan.jpg -> [2009/01/17 20:20:51 | 00,106,503 | ---- | C] () untitled.bmp -> %UserProfile%\Desktop\untitled.bmp -> [2009/01/16 21:03:10 | 00,247,038 | ---- | C] () CojenelsiUngureanu.png -> %UserProfile%\Desktop\CojenelsiUngureanu.png -> [2009/01/16 10:40:57 | 00,391,126 | ---- | C] () DSCF3572.jpg -> %SystemDrive%\DSCF3572.jpg -> [2009/01/16 10:35:13 | 00,054,530 | ---- | C] () DSCF3572.jpg -> %UserProfile%\Desktop\DSCF3572.jpg -> [2009/01/16 10:32:36 | 00,187,022 | ---- | C] () ungureanubccw5.jpg -> %UserProfile%\Desktop\ungureanubccw5.jpg -> [2009/01/16 10:28:59 | 00,440,650 | ---- | C] () DSCF6224.jpg -> %UserProfile%\Desktop\DSCF6224.jpg -> [2009/01/16 10:04:51 | 02,261,123 | ---- | C] () Sport2 - JGR.doc -> %UserProfile%\Desktop\Sport2 - JGR.doc -> [2009/01/16 08:09:39 | 00,045,056 | ---- | C] () DivaTV - 15 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 15 ianuarie 2009.doc -> [2009/01/15 13:46:21 | 00,026,624 | ---- | C] () aaa.doc -> %UserProfile%\Desktop\aaa.doc -> [2009/01/15 12:57:57 | 00,024,064 | ---- | C] () JGR - 2 - 09.doc -> %UserProfile%\Desktop\JGR - 2 - 09.doc -> [2009/01/15 07:54:23 | 00,039,424 | ---- | C] () Winter Sports 2009 -> %AllUsersProfile%\Application Data\Winter Sports 2009 -> [2009/01/14 17:09:18 | 00,000,000 | ---D | C] DivaTV - 14 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 14 ianuarie 2009.doc -> [2009/01/14 13:06:36 | 00,027,136 | ---- | C] () DivaTV - 12 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 12 ianuarie 2009.doc -> [2009/01/12 14:40:44 | 00,026,624 | ---- | C] () Sport1 - JGR.doc -> %UserProfile%\Desktop\Sport1 - JGR.doc -> [2009/01/09 07:11:41 | 00,086,528 | ---- | C] () DivaTV - 8 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 8 ianuarie 2009.doc -> [2009/01/08 15:33:51 | 00,024,576 | ---- | C] () INTRO - Land of the Dead.mp3 -> %UserProfile%\Desktop\INTRO - Land of the Dead.mp3 -> [2009/01/08 10:21:04 | 01,658,109 | ---- | C] () 08 - Land of the Dead.mp3 -> %UserProfile%\Desktop\08 - Land of the Dead.mp3 -> [2009/01/08 10:14:31 | 15,412,101 | ---- | C] () JurnalGR 1-09.doc -> %UserProfile%\Desktop\JurnalGR 1-09.doc -> [2009/01/08 08:30:24 | 00,034,816 | ---- | C] () Scooterrrrr.mp3 -> %UserProfile%\Desktop\Scooterrrrr.mp3 -> [2009/01/07 20:24:37 | 00,811,387 | ---- | C] () DivaTV - 7 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 7 ianuarie 2009.doc -> [2009/01/07 13:42:45 | 00,039,936 | ---- | C] () Nistorache (nr. 11).JPG -> %UserProfile%\Desktop\Nistorache (nr. 11).JPG -> [2009/01/06 20:09:14 | 00,516,143 | ---- | C] () Sapte jucatori pusi pe liber.doc -> %UserProfile%\Desktop\Sapte jucatori pusi pe liber.doc -> [2009/01/06 19:58:49 | 00,030,720 | ---- | C] () DivaTV - 6 ian. 2009.doc -> %UserProfile%\Desktop\DivaTV - 6 ian. 2009.doc -> [2009/01/06 13:44:55 | 00,040,448 | ---- | C] () INCOMPLETE~10 - Dursun Zaman.mp3 -> %UserProfile%\My Documents\INCOMPLETE~10 - Dursun Zaman.mp3 -> [2009/01/05 23:22:52 | 02,368,512 | ---- | C] () manga -> %UserProfile%\My Documents\manga -> [2009/01/05 22:01:45 | 00,000,000 | ---D | C] Soulseek Chat Logs -> %UserProfile%\My Documents\Soulseek Chat Logs -> [2009/01/05 21:58:06 | 00,000,000 | ---D | C] Poster Coman.bmp -> %UserProfile%\Desktop\Poster Coman.bmp -> [2009/01/05 20:19:17 | 01,185,344 | ---- | C] () Comann2.JPG -> %UserProfile%\Desktop\Comann2.JPG -> [2009/01/05 20:18:25 | 00,048,654 | ---- | C] () all cards(2).rar -> %UserProfile%\Desktop\all cards(2).rar -> [2009/01/02 22:02:23 | 00,002,062 | ---- | C] () all cards.rar -> %UserProfile%\Desktop\all cards.rar -> [2009/01/02 22:01:59 | 00,002,078 | ---- | C] () NV20842420.TMP -> %SystemRoot%\NV20842420.TMP -> [2009/01/01 02:10:14 | 00,000,000 | ---D | C] NVIDIA -> %SystemDrive%\NVIDIA -> [2009/01/01 02:09:44 | 00,000,000 | ---D | C] SystemRequirementsLab -> %ProgramFiles%\SystemRequirementsLab -> [2009/01/01 02:06:21 | 00,000,000 | ---D | C] XAudio2_1.dll -> %SystemRoot%\System32\XAudio2_1.dll -> [2009/01/01 01:37:42 | 00,507,400 | ---- | C] (Microsoft Corporation) xactengine3_1.dll -> %SystemRoot%\System32\xactengine3_1.dll -> [2009/01/01 01:37:42 | 00,238,088 | ---- | C] (Microsoft Corporation) XAPOFX1_0.dll -> %SystemRoot%\System32\XAPOFX1_0.dll -> [2009/01/01 01:37:42 | 00,065,032 | ---- | C] (Microsoft Corporation) D3DX9_38.dll -> %SystemRoot%\System32\D3DX9_38.dll -> [2009/01/01 01:37:41 | 03,850,760 | ---- | C] (Microsoft Corporation) D3DCompiler_38.dll -> %SystemRoot%\System32\D3DCompiler_38.dll -> [2009/01/01 01:37:41 | 01,491,992 | ---- | C] (Microsoft Corporation) d3dx10_38.dll -> %SystemRoot%\System32\d3dx10_38.dll -> [2009/01/01 01:37:41 | 00,467,984 | ---- | C] (Microsoft Corporation) X3DAudio1_4.dll -> %SystemRoot%\System32\X3DAudio1_4.dll -> [2009/01/01 01:37:41 | 00,025,608 | ---- | C] (Microsoft Corporation) D3DCompiler_37.dll -> %SystemRoot%\System32\D3DCompiler_37.dll -> [2009/01/01 01:37:40 | 01,420,824 | ---- | C] (Microsoft Corporation) XAudio2_0.dll -> %SystemRoot%\System32\XAudio2_0.dll -> [2009/01/01 01:37:40 | 00,479,752 | ---- | C] (Microsoft Corporation) d3dx10_37.dll -> %SystemRoot%\System32\d3dx10_37.dll -> [2009/01/01 01:37:40 | 00,462,864 | ---- | C] (Microsoft Corporation) xactengine3_0.dll -> %SystemRoot%\System32\xactengine3_0.dll -> [2009/01/01 01:37:40 | 00,238,088 | ---- | C] (Microsoft Corporation) X3DAudio1_3.dll -> %SystemRoot%\System32\X3DAudio1_3.dll -> [2009/01/01 01:37:40 | 00,025,608 | ---- | C] (Microsoft Corporation) D3DX9_37.dll -> %SystemRoot%\System32\D3DX9_37.dll -> [2009/01/01 01:37:39 | 03,786,760 | ---- | C] (Microsoft Corporation) Logs -> %SystemRoot%\Logs -> [2009/01/01 01:36:38 | 00,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 30 C:\Documents and Settings\Bogdanian\Desktop\*.tmp files -> C:\Documents and Settings\Bogdanian\Desktop\*.tmp -> 3 C:\Documents and Settings\Bogdanian\Local Settings\temp\*.tmp files -> C:\Documents and Settings\Bogdanian\Local Settings\temp\*.tmp -> veca.exe -> %UserProfile%\Local Settings\temp\veca.exe -> [2009/01/31 01:10:28 | 00,019,456 | ---- | M] () winsdvd.exe -> %UserProfile%\Local Settings\temp\winsdvd.exe -> [2009/01/31 01:10:22 | 00,007,680 | ---- | M] () winisccaf.exe -> %UserProfile%\Local Settings\temp\winisccaf.exe -> [2009/01/31 01:10:17 | 00,008,704 | ---- | M] () OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/01/31 01:08:42 | 00,656,714 | ---- | M] () Perflib_Perfdata_e8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_e8.dat -> [2009/01/31 01:07:05 | 00,016,384 | ---- | M] () mmf.sys -> %SystemRoot%\System32\mmf.sys -> [2009/01/31 01:07:05 | 00,000,777 | -HS- | M] () nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [2009/01/31 01:06:42 | 00,196,167 | ---- | M] () SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/01/31 01:06:35 | 00,000,006 | -H-- | M] () bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/01/31 01:06:33 | 00,002,048 | --S- | M] () ntuser.dat -> %UserProfile%\ntuser.dat -> [2009/01/31 01:05:45 | 13,107,200 | ---- | M] () zip.exe -> %SystemDrive%\zip.exe -> [2009/01/31 01:04:23 | 00,135,168 | ---- | M] () cleanup.exe -> %SystemDrive%\cleanup.exe -> [2009/01/31 01:04:23 | 00,019,286 | ---- | M] () backup.reg -> %SystemDrive%\backup.reg -> [2009/01/31 01:04:23 | 00,001,297 | ---- | M] () cleanup.bat -> %SystemDrive%\cleanup.bat -> [2009/01/31 01:04:23 | 00,000,574 | ---- | M] () avenger.zip -> %UserProfile%\Desktop\avenger.zip -> [2009/01/31 01:01:12 | 00,724,952 | ---- | M] () system.ini -> %SystemRoot%\system.ini -> [2009/01/30 22:23:19 | 00,000,265 | ---- | M] () hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2009/01/30 22:22:59 | 00,000,027 | ---- | M] () FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/01/30 21:59:10 | 00,317,952 | ---- | M] () IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2009/01/30 17:28:36 | 02,641,218 | -H-- | M] () Sport JGR 4.doc -> %UserProfile%\Desktop\Sport JGR 4.doc -> [2009/01/30 13:38:01 | 00,113,152 | ---- | M] () Clasamente handbal JGR.doc -> %UserProfile%\Desktop\Clasamente handbal JGR.doc -> [2009/01/30 13:37:55 | 00,050,688 | ---- | M] () OTMoveIt3.exe -> %UserProfile%\Desktop\OTMoveIt3.exe -> [2009/01/30 10:48:51 | 00,348,160 | ---- | M] (OldTimer Tools) Magiunel.bmp -> %UserProfile%\Desktop\Magiunel.bmp -> [2009/01/30 10:42:35 | 00,777,350 | ---- | M] () Cotolan.bmp -> %UserProfile%\Desktop\Cotolan.bmp -> [2009/01/30 10:40:53 | 00,867,778 | ---- | M] () Dunarea Sport 4.doc -> %UserProfile%\Desktop\Dunarea Sport 4.doc -> [2009/01/30 10:31:57 | 00,039,936 | ---- | M] () nu_se_stie.xls -> %UserProfile%\Desktop\nu_se_stie.xls -> [2009/01/30 08:45:48 | 00,107,520 | ---- | M] () setupeng.exe -> %UserProfile%\Desktop\setupeng.exe -> [2009/01/30 00:08:09 | 09,303,248 | ---- | M] () Install_SPMT.zip -> %UserProfile%\Desktop\Install_SPMT.zip -> [2009/01/29 23:37:54 | 01,595,245 | ---- | M] () SPMT.rar -> %SystemDrive%\SPMT.rar -> [2009/01/29 23:34:38 | 04,408,452 | ---- | M] () ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/01/29 23:30:39 | 00,000,278 | -HS- | M] () Thumbs.db -> %UserProfile%\Desktop\Thumbs.db -> [2009/01/29 23:05:37 | 02,262,418 | -HS- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/01/29 17:58:57 | 00,190,976 | ---- | M] () 1137279856_0812226957.jpg -> %UserProfile%\Desktop\1137279856_0812226957.jpg -> [2009/01/29 11:01:51 | 00,146,766 | ---- | M] () dsc09114fl0.jpg -> %UserProfile%\Desktop\dsc09114fl0.jpg -> [2009/01/29 11:00:23 | 00,277,399 | ---- | M] () faza4au9.jpg -> %UserProfile%\Desktop\faza4au9.jpg -> [2009/01/29 10:59:53 | 00,441,180 | ---- | M] () Consiliul Local - Valahia.doc -> %UserProfile%\Desktop\Consiliul Local - Valahia.doc -> [2009/01/29 10:44:40 | 00,025,600 | ---- | M] () marin barbu.bmp -> %UserProfile%\Desktop\marin barbu.bmp -> [2009/01/29 10:13:00 | 00,777,352 | ---- | M] () marin%20barbu24.bmp -> %UserProfile%\Desktop\marin%20barbu24.bmp -> [2009/01/29 10:10:58 | 00,777,350 | ---- | M] () staffeditor.zip -> %UserProfile%\Desktop\staffeditor.zip -> [2009/01/28 17:06:16 | 02,305,647 | ---- | M] () FM_Dunarea Giurgiu_051208.rar -> %UserProfile%\Desktop\FM_Dunarea Giurgiu_051208.rar -> [2009/01/28 16:50:21 | 00,008,166 | ---- | M] () www[1].AllSubs.org_che-guevara-english-subtitles_10194.zip -> %UserProfile%\Desktop\www[1].AllSubs.org_che-guevara-english-subtitles_10194.zip -> [2009/01/27 21:44:15 | 00,023,803 | ---- | M] () Cleopatra_Stratan_-_Noapte_Buna.mp3 -> %UserProfile%\Desktop\Cleopatra_Stratan_-_Noapte_Buna.mp3 -> [2009/01/27 20:07:30 | 03,776,512 | ---- | M] () 27-ian-prosport.pdf -> %UserProfile%\My Documents\27-ian-prosport.pdf -> [2009/01/27 19:08:29 | 07,450,160 | ---- | M] () DivaTV - 26 ian. 2009.doc -> %UserProfile%\Desktop\DivaTV - 26 ian. 2009.doc -> [2009/01/26 14:27:26 | 00,031,744 | ---- | M] () wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/01/24 12:36:26 | 00,002,206 | ---- | M] () Revista - Vladu - corectat, TOT.doc -> %SystemDrive%\Revista - Vladu - corectat, TOT.doc -> [2009/01/23 20:41:10 | 00,156,672 | ---- | M] () DSCF6216.jpg -> %UserProfile%\Desktop\DSCF6216.jpg -> [2009/01/23 19:51:39 | 02,314,843 | ---- | M] () DSC_0185.JPG -> %SystemDrive%\DSC_0185.JPG -> [2009/01/23 19:48:33 | 01,560,614 | ---- | M] () IMG008_-_Copia_%283%29.jpg -> %UserProfile%\Desktop\IMG008_-_Copia_%283%29.jpg -> [2009/01/23 11:09:20 | 00,015,961 | ---- | M] () JGR Sport 3 Dunarea.doc -> %UserProfile%\Desktop\JGR Sport 3 Dunarea.doc -> [2009/01/23 11:07:30 | 00,045,056 | ---- | M] () Damian Marian - pres css.doc -> %UserProfile%\Desktop\Damian Marian - pres css.doc -> [2009/01/23 09:36:16 | 00,026,112 | ---- | M] () DSC_0182.JPG -> %UserProfile%\Desktop\DSC_0182.JPG -> [2009/01/23 08:56:51 | 01,239,746 | ---- | M] () Sport JGR 3.doc -> %UserProfile%\Desktop\Sport JGR 3.doc -> [2009/01/23 08:47:56 | 00,052,224 | ---- | M] () JGR - 3 -II -.doc -> %UserProfile%\Desktop\JGR - 3 -II -.doc -> [2009/01/22 11:47:15 | 00,027,136 | ---- | M] () JGR - 3.doc -> %UserProfile%\Desktop\JGR - 3.doc -> [2009/01/22 10:35:13 | 00,031,744 | ---- | M] () www_RegieLive_ro_SLUMDOG_MILLIONAIRE_1CD__2.rar -> %UserProfile%\Desktop\www_RegieLive_ro_SLUMDOG_MILLIONAIRE_1CD__2.rar -> [2009/01/21 21:11:43 | 00,024,222 | ---- | M] () www_RegieLive_ro_SLUMDOG_MILLIONAIRE_1CD__1.rar -> %UserProfile%\Desktop\www_RegieLive_ro_SLUMDOG_MILLIONAIRE_1CD__1.rar -> [2009/01/21 21:11:36 | 00,024,227 | ---- | M] () scan0002.jpg -> %UserProfile%\Desktop\scan0002.jpg -> [2009/01/21 20:26:49 | 00,170,422 | ---- | M] () scan0001.jpg -> %UserProfile%\Desktop\scan0001.jpg -> [2009/01/21 20:26:45 | 00,657,493 | ---- | M] () Virgil GEORGESCU jr..jpg -> %SystemDrive%\Virgil GEORGESCU jr..jpg -> [2009/01/20 22:03:25 | 00,565,756 | ---- | M] () 20012009465.jpg -> %UserProfile%\Desktop\20012009465.jpg -> [2009/01/20 22:03:25 | 00,565,756 | ---- | M] () Sport1 - JGR.doc -> %UserProfile%\Desktop\Sport1 - JGR.doc -> [2009/01/20 07:30:41 | 00,086,528 | ---- | M] () DivaTV - 19 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 19 ianuarie 2009.doc -> [2009/01/19 12:18:57 | 00,030,720 | ---- | M] () Ciocarlan -gol-.jpg -> %UserProfile%\Desktop\Ciocarlan -gol-.jpg -> [2009/01/17 20:19:22 | 00,094,461 | ---- | M] () Ciocarlan.jpg -> %UserProfile%\Desktop\Ciocarlan.jpg -> [2009/01/17 20:07:37 | 00,106,503 | ---- | M] () untitled.bmp -> %UserProfile%\Desktop\untitled.bmp -> [2009/01/16 21:03:10 | 00,247,038 | ---- | M] () CojenelsiUngureanu.png -> %UserProfile%\Desktop\CojenelsiUngureanu.png -> [2009/01/16 10:40:59 | 00,391,126 | ---- | M] () DSCF3572.jpg -> %SystemDrive%\DSCF3572.jpg -> [2009/01/16 10:37:20 | 00,054,530 | ---- | M] () DSCF3572.jpg -> %UserProfile%\Desktop\DSCF3572.jpg -> [2009/01/16 10:33:26 | 00,187,022 | ---- | M] () ungureanubccw5.jpg -> %UserProfile%\Desktop\ungureanubccw5.jpg -> [2009/01/16 10:28:42 | 00,440,650 | ---- | M] () Sport2 - JGR.doc -> %UserProfile%\Desktop\Sport2 - JGR.doc -> [2009/01/16 10:16:31 | 00,045,056 | ---- | M] () DivaTV - 15 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 15 ianuarie 2009.doc -> [2009/01/15 14:23:03 | 00,026,624 | ---- | M] () aaa.doc -> %UserProfile%\Desktop\aaa.doc -> [2009/01/15 12:58:11 | 00,024,064 | ---- | M] () JGR - 2 - 09.doc -> %UserProfile%\Desktop\JGR - 2 - 09.doc -> [2009/01/15 10:13:33 | 00,039,424 | ---- | M] () mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/01/14 16:11:32 | 00,038,496 | ---- | M] (Malwarebytes Corporation) mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/01/14 16:11:28 | 00,015,504 | ---- | M] (Malwarebytes Corporation) DivaTV - 14 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 14 ianuarie 2009.doc -> [2009/01/14 13:41:48 | 00,027,136 | ---- | M] () DSCF6224.jpg -> %UserProfile%\Desktop\DSCF6224.jpg -> [2009/01/12 23:37:50 | 02,261,123 | ---- | M] () DivaTV - 12 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 12 ianuarie 2009.doc -> [2009/01/12 15:23:02 | 00,026,624 | ---- | M] () NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [2009/01/09 18:45:13 | 00,000,116 | ---- | M] () DGR - FM2009.xls -> %UserProfile%\Desktop\DGR - FM2009.xls -> [2009/01/09 09:22:34 | 00,036,352 | ---- | M] () Sapte jucatori pusi pe liber.doc -> %UserProfile%\Desktop\Sapte jucatori pusi pe liber.doc -> [2009/01/09 07:34:01 | 00,030,720 | ---- | M] () DivaTV - 8 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 8 ianuarie 2009.doc -> [2009/01/08 15:40:29 | 00,024,576 | ---- | M] () INTRO - Land of the Dead.mp3 -> %UserProfile%\Desktop\INTRO - Land of the Dead.mp3 -> [2009/01/08 10:21:07 | 01,658,109 | ---- | M] () 08 - Land of the Dead.mp3 -> %UserProfile%\Desktop\08 - Land of the Dead.mp3 -> [2009/01/08 10:17:24 | 15,412,101 | ---- | M] () JurnalGR 1-09.doc -> %UserProfile%\Desktop\JurnalGR 1-09.doc -> [2009/01/08 09:50:15 | 00,034,816 | ---- | M] () Scooterrrrr.mp3 -> %UserProfile%\Desktop\Scooterrrrr.mp3 -> [2009/01/07 20:24:39 | 00,811,387 | ---- | M] () DivaTV - 7 ianuarie 2009.doc -> %UserProfile%\Desktop\DivaTV - 7 ianuarie 2009.doc -> [2009/01/07 15:06:38 | 00,039,936 | ---- | M] () Nistorache (nr. 11).JPG -> %UserProfile%\Desktop\Nistorache (nr. 11).JPG -> [2009/01/06 20:10:28 | 00,516,143 | ---- | M] () DivaTV - 6 ian. 2009.doc -> %UserProfile%\Desktop\DivaTV - 6 ian. 2009.doc -> [2009/01/06 19:58:36 | 00,040,448 | ---- | M] () INCOMPLETE~10 - Dursun Zaman.mp3 -> %UserProfile%\My Documents\INCOMPLETE~10 - Dursun Zaman.mp3 -> [2009/01/05 23:35:59 | 02,368,512 | ---- | M] () Comann2.JPG -> %UserProfile%\Desktop\Comann2.JPG -> [2009/01/05 20:18:25 | 00,048,654 | ---- | M] () qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/01/05 12:33:53 | 00,004,232 | ---- | M] () qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/01/05 12:32:55 | 00,005,390 | ---- | M] () screens-thumbs.jpg -> %SystemDrive%\screens-thumbs.jpg -> [2009/01/03 05:00:53 | 00,260,068 | ---- | M] () screenshot.png -> %SystemDrive%\screenshot.png -> [2009/01/03 05:00:11 | 00,257,895 | ---- | M] () HIM-Rockpalast.2000.DVBRip.x264.HIMMANIA.mkv -> %SystemDrive%\HIM-Rockpalast.2000.DVBRip.x264.HIMMANIA.mkv -> [2009/01/03 04:07:52 | 73,478,9316 | ---- | M] () all cards(2).rar -> %UserProfile%\Desktop\all cards(2).rar -> [2009/01/02 22:02:19 | 00,002,062 | ---- | M] () all cards.rar -> %UserProfile%\Desktop\all cards.rar -> [2009/01/02 22:01:52 | 00,002,078 | ---- | M] () Jurnal 50.doc -> %UserProfile%\Desktop\Jurnal 50.doc -> [2009/01/02 20:54:21 | 00,039,424 | ---- | M] () CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> [2009/01/01 01:37:52 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) hhcolreg.dat -> %AllUsersProfile%\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [2007/11/16 16:35:59 | 00,008,134 | ---- | M] () opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2007/11/10 16:19:36 | 00,008,206 | ---- | M] () [Alternate Data Streams] @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable @Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable @Alternate Data Stream - 0 bytes -> %UserProfile%\My Documents\Thumbs.db:encryptable @Alternate Data Stream - 120 bytes -> %AllUsersProfile%\Application Data\TEMP:5C321E34 @Alternate Data Stream - 132 bytes -> %AllUsersProfile%\Application Data\TEMP:94A19129 @Alternate Data Stream - 146 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 184 bytes -> %AllUsersProfile%\Application Data\TEMP:A31FAD21 [File - Lop Check] Application Data -> C:\Documents and Settings\All Users\Application Data -> [2009/01/30 00:05:44 | 00,000,000 | RH-D | M] ACD Systems -> C:\Documents and Settings\All Users\Application Data\ACD Systems -> [2008/05/10 00:48:00 | 00,000,000 | ---D | M] Anvsoft -> C:\Documents and Settings\All Users\Application Data\Anvsoft -> [2008/05/25 20:46:41 | 00,000,000 | ---D | M] CyberLink -> C:\Documents and Settings\All Users\Application Data\CyberLink -> [2007/12/11 18:39:28 | 00,000,000 | ---D | M] Quark -> C:\Documents and Settings\All Users\Application Data\Quark -> [2008/04/04 12:18:25 | 00,000,000 | ---D | M] SmartSound Software Inc -> C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc -> [2008/10/18 02:57:15 | 00,000,000 | ---D | M] Soulseek -> C:\Documents and Settings\All Users\Application Data\Soulseek -> [2009/01/07 02:59:37 | 00,000,000 | ---D | M] Systweak -> C:\Documents and Settings\All Users\Application Data\Systweak -> [2008/05/30 23:41:01 | 00,000,000 | ---D | M] TechSmith -> C:\Documents and Settings\All Users\Application Data\TechSmith -> [2008/09/27 16:06:40 | 00,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2009/01/29 23:33:29 | 00,000,000 | ---D | M] Ulead Systems -> C:\Documents and Settings\All Users\Application Data\Ulead Systems -> [2008/10/25 01:33:54 | 00,000,000 | ---D | M] Winter Sports 2009 -> C:\Documents and Settings\All Users\Application Data\Winter Sports 2009 -> [2009/01/14 17:09:18 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\Bogdanian\Application Data -> [2009/01/21 12:07:46 | 00,000,000 | RH-D | M] ACD Systems -> C:\Documents and Settings\Bogdanian\Application Data\ACD Systems -> [2007/11/10 17:06:14 | 00,000,000 | ---D | M] Ahead -> C:\Documents and Settings\Bogdanian\Application Data\Ahead -> [2007/11/13 16:33:30 | 00,000,000 | ---D | M] ArcSoft -> C:\Documents and Settings\Bogdanian\Application Data\ArcSoft -> [2008/05/25 19:33:34 | 00,000,000 | ---D | M] Codemasters -> C:\Documents and Settings\Bogdanian\Application Data\Codemasters -> [2008/06/12 00:35:18 | 00,000,000 | ---D | M] CyberLink -> C:\Documents and Settings\Bogdanian\Application Data\CyberLink -> [2007/11/14 22:22:16 | 00,000,000 | ---D | M] dp3d -> C:\Documents and Settings\Bogdanian\Application Data\dp3d -> [2008/01/09 12:42:27 | 00,000,000 | ---D | M] dvdcss -> C:\Documents and Settings\Bogdanian\Application Data\dvdcss -> [2008/12/28 18:18:57 | 00,000,000 | ---D | M] GetRightToGo -> C:\Documents and Settings\Bogdanian\Application Data\GetRightToGo -> [2007/11/15 16:36:22 | 00,000,000 | ---D | M] GrabIt -> C:\Documents and Settings\Bogdanian\Application Data\GrabIt -> [2008/12/14 21:13:13 | 00,000,000 | ---D | M] Incredible Ink -> C:\Documents and Settings\Bogdanian\Application Data\Incredible Ink -> [2007/11/15 14:14:49 | 00,000,000 | ---D | M] mIRC -> C:\Documents and Settings\Bogdanian\Application Data\mIRC -> [2009/01/02 21:54:54 | 00,000,000 | ---D | M] MSNInstaller -> C:\Documents and Settings\Bogdanian\Application Data\MSNInstaller -> [2008/07/14 00:04:22 | 00,000,000 | ---D | M] MyLogoMaker -> C:\Documents and Settings\Bogdanian\Application Data\MyLogoMaker -> [2008/08/09 22:49:54 | 00,000,000 | ---D | M] Netscape -> C:\Documents and Settings\Bogdanian\Application Data\Netscape -> [2008/03/23 18:09:46 | 00,000,000 | ---D | M] Opera -> C:\Documents and Settings\Bogdanian\Application Data\Opera -> [2008/05/01 23:05:42 | 00,000,000 | ---D | M] PlayFirst -> C:\Documents and Settings\Bogdanian\Application Data\PlayFirst -> [2009/01/21 12:07:46 | 00,000,000 | ---D | M] Quark -> C:\Documents and Settings\Bogdanian\Application Data\Quark -> [2008/04/04 12:20:49 | 00,000,000 | ---D | M] RM Royal Media Ltd -> C:\Documents and Settings\Bogdanian\Application Data\RM Royal Media Ltd -> [2008/06/12 22:44:29 | 00,000,000 | ---D | M] Smart Recorder -> C:\Documents and Settings\Bogdanian\Application Data\Smart Recorder -> [2007/11/29 19:33:00 | 00,000,000 | ---D | M] Sports Interactive -> C:\Documents and Settings\Bogdanian\Application Data\Sports Interactive -> [2008/01/16 15:15:22 | 00,000,000 | ---D | M] Systweak -> C:\Documents and Settings\Bogdanian\Application Data\Systweak -> [2008/05/30 23:41:01 | 00,000,000 | ---D | M] temp -> C:\Documents and Settings\Bogdanian\Application Data\temp -> [2008/07/12 18:23:10 | 00,000,000 | ---D | M] Ulead Systems -> C:\Documents and Settings\Bogdanian\Application Data\Ulead Systems -> [2008/10/18 03:18:49 | 00,000,000 | ---D | M] Uniblue -> C:\Documents and Settings\Bogdanian\Application Data\Uniblue -> [2008/11/22 22:13:18 | 00,000,000 | ---D | M] zweitgeist -> C:\Documents and Settings\Bogdanian\Application Data\zweitgeist -> [2008/06/02 14:53:27 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\Default User\Application Data -> [2007/11/09 23:06:27 | 00,000,000 | RH-D | M] Application Data -> C:\Documents and Settings\LocalService\Application Data -> [2008/05/25 19:36:06 | 00,000,000 | ---D | M] Application Data -> C:\Documents and Settings\NetworkService\Application Data -> [2007/11/09 21:21:16 | 00,000,000 | ---D | M] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [2008/08/09 21:23:59 | 00,000,000 | --SD | M] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [2001/08/23 16:00:00 | 00,000,065 | RH-- | M] () SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [2009/01/31 01:06:35 | 00,000,006 | -H-- | M] () [File - Purity Scan] [CatchMe Rootkit Scan by GMER] < Windows folder & sub-folders > scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40] "khjeh"=hex:20,02,00,00,61,06,24,00,23,8a,13,82,b1,81,5a,e5,df,02,e4,06,cf,.. "hj34z0"=hex:2f,77,2a,fc,1e,dc,4c,91,c4,4f,f3,72,5d,66,ba,dc,83,99,68,78,72,.. "hj34z1"=hex:b7,77,2a,fc,66,dc,4c,91,c5,4f,f2,72,5c,66,ba,dc,83,99,68,78,42,.. "hj34z2"=hex:b7,77,2a,fc,66,dc,4c,91,c5,4f,f2,72,5c,66,ba,dc,83,99,68,78,42,.. "hj34z3"=hex:b7,77,2a,fc,66,dc,4c,91,c5,4f,f2,72,5c,66,ba,dc,83,99,68,78,42,.. "hj34z4"=hex:b7,77,2a,fc,66,dc,4c,91,c5,4f,f2,72,5c,66,ba,dc,83,99,68,78,42,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf41] "khjeh"=hex:20,02,00,00,61,06,24,00,33,44,f3,7d,b1,81,5a,e5,8a,13,e4,06,cf,.. "hj34z0"=hex:2e,76,2a,fc,0e,dd,4c,91,c4,4f,f3,72,5d,66,ba,dc,83,99,68,78,3d,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf42] "khjeh"=hex:20,02,00,00,8c,8e,7b,02,d2,42,18,9d,dd,a1,44,0f,fc,d8,ed,1b,ef,.. "hj34z0"=hex:a7,2c,fc,3a,2e,64,5b,17,24,ea,1d,24,3d,58,72,e3,e3,55,d2,47,dd,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] "TracesProcessed"=dword:00000010 scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 2 < Document and Settings folder & sub folders > scanning hidden files ... C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 120 bytes C:\Documents and Settings\All Users\Application Data\TEMP:94A19129 132 bytes C:\Documents and Settings\All Users\Application Data\TEMP:A31FAD21 184 bytes C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 146 bytes C:\Documents and Settings\All Users\Start Menu\Programs\DotNes\Golgo 13 Top Secret Episode\Golgo 13: Top Secret Episode.lnk 1016 bytes C:\Documents and Settings\All Users\Start Menu\Programs\DotNes\Gremlins 2 The New Batch\Gremlins 2: The New Batch.lnk 997 bytes scan completed successfully hidden files: 46 < End of report > [/code]