Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Braviax/mljihee.dll Removed, Now Having Ssl Issues?


  • This topic is locked This topic is locked
14 replies to this topic

#1 lowvoltage

lowvoltage

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 10 March 2008 - 05:29 PM

Hello all,
I recently got infected with ultimatedefender + mljihee.dll. I hoped that I had gotten everything removed but it doesnt appear so. I dont have the annoying icons/popups on my taskbar anymore, and my browser hijacking has ceased for the most part. I do occasionally still get a fake virus warning popup though, and now I am getting SSL failures when I try to update Adaware or other such programs. I cannot view the login page for Hotmail either (with both IE or Mozilla). A scan with Spyhunter does not come up with anything anymore (this is where I first had indications of BraviaX and the mljihee.dll entries. Overall performance has slowed down as well.

Here is my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:28:00 PM, on 3/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Lexmark 4200 Series\lxbmbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark 4200 Series] "C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BMdf9d004c] Rundll32.exe "C:\WINDOWS\system32\kwywyvbq.dll",s
O4 - HKLM\..\Run: [dcae33d0] rundll32.exe "C:\WINDOWS\system32\ayoptvta.dll",b
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1204395679406
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://pegasusauth04.pearsoncmg.com/webwiz/s/stub.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4697 bytes


Any help that you can provide would be awesome!
Thanks,
J

BC AdBot (Login to Remove)

 


m

#2 lowvoltage

lowvoltage
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 17 March 2008 - 10:26 AM

Ok, things are starting to look better now. I'm hoping I've gotten rid of whatever was still on my system. I had a stubborn Virtumonde infection, and also kept finding Bravia.exe. After a good week of following cleansing procedures from the other forum areas on this site everything appears to be normal again. Adaware and Spybot update correctly, web pages display correctly again and overall speed is better. Can someone take a look at my latest HJT log and see if it's clean?
Many thanks!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:04:16 AM, on 3/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [Lexmark 4200 Series] "C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1204395679406
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://pegasusauth04.pearsoncmg.com/webwiz/s/stub.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: winbhh32 - C:\WINDOWS\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5313 bytes

#3 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:08:49 AM

Posted 22 March 2008 - 03:10 PM

Hello lowvoltage and welcome to the BC HijackThis forum. I only see one line that is quesitonable. It looks like most of it is gone. Let's see if we can get a little more information on that.

Before running a new scan let's clean out the temporoary folders.

Download ATF Cleaner to your Desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Click Select All found at the bottom of the list.
  • Click the Empty Selected button.
If you use Firefox browser, do this also:
  • Click Firefox at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser, do this also:
  • Click Opera at the top and choose Select All from the list.
  • Close ALL Internet browsers (very important).
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Now download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
  • In the Drivers section click on Non-Microsoft.
  • Under Additional Scans click the checkboxes in front of the following items to select them:
    • Reg - BotCheck
      File - Additional Folder Scans
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. Make sure that the first line is code with brackets around it [] and that the last line is /code with brackets around it [].

If, after posting, the last line is not <End of Report> then the log is too big to fit into a single post and you will need to split it into multiple posts or attach it as a file.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#4 lowvoltage

lowvoltage
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 23 March 2008 - 11:35 AM

Thanks for the response. Sorry it took a little while to get back to you, Easter activities have been taking up some time.
Here is the OTScanit log:

OTScanIt logfile created on: 3/23/2008 12:27:45 PM
OTScanIt by OldTimer - Version 1.0.6.0	 Folder = C:\Documents and Settings\Dad\Desktop\OTScanIt
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 73.94% Memory free
3.85 Gb Paging File | 3.48 Gb Available in Paging File | 90.43% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 447.45 Gb Free Space | 96.07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 18.64 Gb Total Space | 18.49 Gb Free Space | 99.21% Space Free | Partition Type: NTFS
Drive F: | 39.07 Gb Total Space | 25.86 Gb Free Space | 66.20% Space Free | Partition Type: NTFS
Drive G: | 39.07 Gb Total Space | 8.67 Gb Free Space | 22.20% Space Free | Partition Type: NTFS
Drive H: | 33.65 Gb Total Space | 14.06 Gb Free Space | 41.77% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: THISIDEU-XSKPET
Current User Name: Dad
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user

[Processes - Non-Microsoft Only]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 3/17/2008 2:26:58 AM | Attr =	]
rthdcpl.exe -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.1.0.8 | Size = 16269312 bytes | Modified Date = 10/29/2006 11:49:54 PM | Attr = R  ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 3/17/2008 1:07:21 AM | Attr =	]
nvraidservice.exe -> %SystemRoot%\system32\nvraidservice.exe -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 137216 bytes | Modified Date = 9/21/2006 4:40:48 PM | Attr =	]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 3/17/2008 1:07:22 AM | Attr =	]
lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.8.13.1 | Size = 79136 bytes | Modified Date = 6/28/2007 12:31:38 PM | Attr =	]
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.6.0 | Size = 311808 bytes | Modified Date = 3/19/2008 6:01:26 PM | Attr =	]

[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 3/17/2008 2:26:58 AM | Attr =	]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 3/17/2008 1:07:21 AM | Attr =	]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 3/17/2008 1:07:22 AM | Attr =	]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 3:56:48 AM | Attr =	]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 1:41:10 AM | Attr =	]
(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.8.13.1 | Size = 79136 bytes | Modified Date = 6/28/2007 12:31:38 PM | Attr =	]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 7, 3, 1 | Size = 779560 bytes | Modified Date = 7/4/2007 2:59:24 PM | Attr =	]
(NMIndexingService) NMIndexingService [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 1, 5, 13, 0 | Size = 267560 bytes | Modified Date = 7/4/2007 3:01:52 PM | Attr =	]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 1/11/2008 11:16:38 PM | Attr =	]
AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 3/17/2008 1:07:21 AM | Attr =	]
NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 8523776 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]
NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]
NVRaidService -> %SystemRoot%\system32\nvraidservice.exe -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 137216 bytes | Modified Date = 9/21/2006 4:40:48 PM | Attr =	]
nwiz -> %SystemRoot%\system32\nwiz.exe ->  [Ver =  | Size = 1626112 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]
RTHDCPL -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.1.0.8 | Size = 16269312 bytes | Modified Date = 10/29/2006 11:49:54 PM | Attr = R  ]
SkyTel -> %SystemRoot%\SkyTel.exe -> Realtek Semiconductor Corp. [Ver = 1.0.0.0 | Size = 2879488 bytes | Modified Date = 5/15/2006 10:04:26 PM | Attr = R  ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> 
IMAIL-> Installed = 1 -> 
MAPI-> Installed = 1 -> 
MSFS-> Installed = 1 -> 
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
< Dad Startup Folder > -> C:\Documents and Settings\Dad\Start Menu\Programs\Startup -> 
%UserProfile%\Start Menu\Programs\Startup\Yahoo! Widgets.lnk -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 12/11/2007 6:34:48 PM | Attr =	]
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
{182C7ED7-E56D-4509-9D9B-AC49318D9895} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
winbhh32 ->  -> File not found
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoRecentDocsHistory -> 1 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> 
HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> 
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4250 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4248 domain(s) found. -> 
31 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr =	]
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> 
{32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr =	]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr =	]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{2670000A-7350-4f3c-8081-5663EE0C6C49} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{7F0046B3-8534-40D1-955A-1E24C9D3E01D} ->	(1394 Net Adapter) -> 
{EDFE87CF-B905-40EF-A666-A1236D485B9F} ->	(NVIDIA nForce Networking Controller) -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value  does not exist or could not be read.] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value  does not exist or could not be read.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> 
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll[Installation Support] -> 
{6414512B-B978-451D-A0D8-FCFDF33E833C}[HKEY_LOCAL_MACHINE] -> http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1204395679406[WUWebControl Class] -> 
{74DBCB52-F298-4110-951D-AD2FF67BC8AB}[HKEY_LOCAL_MACHINE] -> http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab[NVIDIA Smart Scan] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> 
{B3E32D88-8E7F-468F-B0E2-3A300FD4A82C}[HKEY_LOCAL_MACHINE] -> http://pegasusauth04.pearsoncmg.com/webwiz/s/stub.cab[Enlite 2.x Simulation Engine Installer] -> 
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
DirectAnimation Java Classes[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\dajava.cab[Reg Error: Key does not exist or could not be opened.] -> 
Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> 


[Registry - Additional Scans - Non-Microsoft Only]
< BotCheck > -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> ->
*Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 3:56:43 AM | Attr =	]
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> 
*Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 6/15/2005 1:49:30 PM | Attr =	]
msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 3:56:43 AM | Attr =	]
schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 10:21:15 AM | Attr =	]
wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 3/24/2006 12:37:50 AM | Attr =	]
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 780 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> 
*Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> 
scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/4/2004 3:56:44 AM | Attr =	]
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\enabledcom -> y -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> 
*ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> 
Windows NT Access Provider ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/4/2004 3:56:44 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\System32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 3:56:57 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup ->  -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 12654 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/4/2004 3:56:42 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 3:56:56 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 3:56:56 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> Microsoft Corporation [Ver = 12.0.6300.5000 | Size = 12829216 bytes | Modified Date = 12/12/2007 11:56:18 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\GROOVE.EXE -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove] -> Microsoft Corporation [Ver = 12.0.4518.1014 | Size = 338216 bytes | Modified Date = 10/27/2006 4:37:44 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> Microsoft Corporation [Ver = 12.0.4518.1014 | Size = 1018664 bytes | Modified Date = 10/27/2006 4:03:04 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avginet.exe -> C:\Program Files\Grisoft\AVG7\avginet.exe [C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe] -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 510976 bytes | Modified Date = 3/17/2008 1:07:21 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avgamsvr.exe -> C:\Program Files\Grisoft\AVG7\avgamsvr.exe [C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe] -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 3/17/2008 1:07:21 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avgcc.exe -> C:\Program Files\Grisoft\AVG7\avgcc.exe [C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe] -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 3/17/2008 1:07:21 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\\Security -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{EDFE87CF-B905-40EF-A666-A1236D485B9F} -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 3:56:57 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/4/2004 3:56:46 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> 
Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> -> 
Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> 


[Files/Folders - Created Within 30 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG ->  [Folder | Created Date = 3/17/2008 1:28:08 AM | Attr = RH ]
AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr =	]
b4a7bb7186989f2e54977486e3 -> %SystemDrive%\b4a7bb7186989f2e54977486e3 ->  [Folder | Created Date = 3/21/2008 2:11:14 PM | Attr =	]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 281 bytes | Created Date = 3/1/2008 8:23:11 AM | Attr = RHS]
c867271164e46ed2a6 -> %SystemDrive%\c867271164e46ed2a6 ->  [Folder | Created Date = 3/21/2008 2:10:39 PM | Attr =	]
Config.Msi -> %SystemDrive%\Config.Msi ->  [Folder | Created Date = 3/10/2008 12:58:21 AM | Attr =  HS]
CONFIG.SYS -> %SystemDrive%\CONFIG.SYS ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr =	]
Documents and Settings -> %SystemDrive%\Documents and Settings ->  [Folder | Created Date = 3/1/2008 8:24:02 AM | Attr =	]
EPSONREG -> %SystemDrive%\EPSONREG ->  [Folder | Created Date = 3/22/2008 6:06:47 PM | Attr =	]
IO.SYS -> %SystemDrive%\IO.SYS ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr = RHS]
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr = RHS]
MSOCache -> %SystemDrive%\MSOCache ->  [Folder | Created Date = 3/1/2008 4:33:50 PM | Attr = RH ]
NVIDIA -> %SystemDrive%\NVIDIA ->  [Folder | Created Date = 3/1/2008 5:25:03 PM | Attr =	]
Office 07 -> %SystemDrive%\Office 07 ->  [Folder | Created Date = 3/1/2008 2:14:51 PM | Attr =	]
Program Files -> %ProgramFiles% ->  [Folder | Created Date = 3/1/2008 8:24:46 AM | Attr = R  ]
RECYCLER -> %SystemDrive%\RECYCLER ->  [Folder | Created Date = 3/1/2008 2:17:41 PM | Attr =  HS]
System Volume Information -> %SystemDrive%\System Volume Information ->  [Folder | Created Date = 3/1/2008 1:34:02 PM | Attr =  HS]
User Programs -> %SystemDrive%\User Programs ->  [Folder | Created Date = 3/1/2008 2:14:42 PM | Attr =	]
WINDOWS -> %SystemRoot% ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
WUTemp -> %SystemDrive%\WUTemp ->  [Folder | Created Date = 3/1/2008 1:54:42 PM | Attr =	]
apphelp.sdb -> %SystemRoot%\System32\dllcache\apphelp.sdb ->  [Ver =  | Size = 217118 bytes | Created Date = 3/21/2008 2:13:14 PM | Attr =	]
apph_sp.sdb -> %SystemRoot%\System32\dllcache\apph_sp.sdb ->  [Ver =  | Size = 764868 bytes | Created Date = 3/21/2008 2:13:14 PM | Attr =	]
cap7146.sys -> %SystemRoot%\System32\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 3/1/2008 1:30:52 PM | Attr =	]
chtskf.dll -> %SystemRoot%\System32\dllcache\chtskf.dll ->  [Ver =  | Size = 173568 bytes | Created Date = 3/1/2008 1:30:54 PM | Attr =	]
CLASSES.CAT -> %SystemRoot%\System32\dllcache\CLASSES.CAT ->  [Ver =  | Size = 657548 bytes | Created Date = 3/1/2008 8:24:25 AM | Attr =	]
DAJAVAC.CAT -> %SystemRoot%\System32\dllcache\DAJAVAC.CAT ->  [Ver =  | Size = 56081 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
dgrpsetu.dll -> %SystemRoot%\System32\dllcache\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
dgsetup.dll -> %SystemRoot%\System32\dllcache\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
DX3.CAT -> %SystemRoot%\System32\dllcache\DX3.CAT ->  [Ver =  | Size = 52311 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
eqnclass.dll -> %SystemRoot%\System32\dllcache\eqnclass.dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
esucmd.dll -> %SystemRoot%\System32\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 3/1/2008 1:30:58 PM | Attr =	]
esuimgd.dll -> %SystemRoot%\System32\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 3/1/2008 1:30:58 PM | Attr =	]
esunid.dll -> %SystemRoot%\System32\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 3/1/2008 1:30:58 PM | Attr =	]
hanja.lex -> %SystemRoot%\System32\dllcache\hanja.lex ->  [Ver =  | Size = 108827 bytes | Created Date = 3/1/2008 1:31:00 PM | Attr =	]
HPCRDP.CAT -> %SystemRoot%\System32\dllcache\HPCRDP.CAT ->  [Ver =  | Size = 13472 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
htrn_jis.dll -> %SystemRoot%\System32\dllcache\htrn_jis.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 13312 bytes | Created Date = 3/1/2008 1:28:12 PM | Attr =	]
hwxjpn.dll -> %SystemRoot%\System32\dllcache\hwxjpn.dll ->  [Ver =  | Size = 13463552 bytes | Created Date = 3/1/2008 1:31:05 PM | Attr =	]
IASNT4.CAT -> %SystemRoot%\System32\dllcache\IASNT4.CAT ->  [Ver =  | Size = 8574 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
imekr.lex -> %SystemRoot%\System32\dllcache\imekr.lex ->  [Ver =  | Size = 134339 bytes | Created Date = 3/1/2008 1:31:12 PM | Attr =	]
imjpinst.exe -> %SystemRoot%\System32\dllcache\imjpinst.exe ->  [Ver =  | Size = 196665 bytes | Created Date = 3/1/2008 1:31:13 PM | Attr =	]
imscinst.exe -> %SystemRoot%\System32\dllcache\imscinst.exe ->  [Ver =  | Size = 59392 bytes | Created Date = 3/1/2008 1:31:14 PM | Attr =	]
korwbrkr.lex -> %SystemRoot%\System32\dllcache\korwbrkr.lex ->  [Ver =  | Size = 1158818 bytes | Created Date = 3/1/2008 1:31:17 PM | Attr =	]
ltts1033.lxa -> %SystemRoot%\System32\dllcache\ltts1033.lxa ->  [Ver =  | Size = 643717 bytes | Created Date = 3/1/2008 8:24:47 AM | Attr =	]
MAPIMIG.CAT -> %SystemRoot%\System32\dllcache\MAPIMIG.CAT ->  [Ver =  | Size = 399645 bytes | Created Date = 3/1/2008 8:24:25 AM | Attr =	]
MSJDBC.CAT -> %SystemRoot%\System32\dllcache\MSJDBC.CAT ->  [Ver =  | Size = 14031 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
MW770.CAT -> %SystemRoot%\System32\dllcache\MW770.CAT ->  [Ver =  | Size = 37484 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
nls302en.lex -> %SystemRoot%\System32\dllcache\nls302en.lex ->  [Ver =  | Size = 4399505 bytes | Created Date = 3/1/2008 1:30:05 PM | Attr =	]
NT5IIS.CAT -> %SystemRoot%\System32\dllcache\NT5IIS.CAT ->  [Ver =  | Size = 797189 bytes | Created Date = 3/1/2008 8:24:25 AM | Attr =	]
nv4_disp.dll -> %SystemRoot%\System32\dllcache\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 5421312 bytes | Created Date = 3/1/2008 1:36:49 PM | Attr =	]
nv4_mini.sys -> %SystemRoot%\System32\dllcache\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Created Date = 3/1/2008 1:36:52 PM | Attr =	]
OEMBIOS.CAT -> %SystemRoot%\System32\dllcache\OEMBIOS.CAT ->  [Ver =  | Size = 7382 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
pintlcsa.dll -> %SystemRoot%\System32\dllcache\pintlcsa.dll ->  [Ver =  | Size = 175104 bytes | Created Date = 3/1/2008 1:31:25 PM | Attr =	]
r1033tts.lxa -> %SystemRoot%\System32\dllcache\r1033tts.lxa ->  [Ver =  | Size = 605050 bytes | Created Date = 3/1/2008 8:24:48 AM | Attr =	]
rw330ext.dll -> %SystemRoot%\System32\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 3/1/2008 1:31:27 PM | Attr =	]
rwia001.dll -> %SystemRoot%\System32\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 3/1/2008 1:31:27 PM | Attr =	]
rwia330.dll -> %SystemRoot%\System32\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 3/1/2008 1:31:27 PM | Attr =	]
sam.sdf -> %SystemRoot%\System32\dllcache\sam.sdf ->  [Ver =  | Size = 888 bytes | Created Date = 3/1/2008 8:24:48 AM | Attr =	]
sam.spd -> %SystemRoot%\System32\dllcache\sam.spd ->  [Ver =  | Size = 1685606 bytes | Created Date = 3/1/2008 8:24:48 AM | Attr =	]
spxcoins.dll -> %SystemRoot%\System32\dllcache\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
srframe.mmf -> %SystemRoot%\System32\dllcache\srframe.mmf ->  [Ver =  | Size = 984 bytes | Created Date = 3/1/2008 1:29:18 PM | Attr =	]
sysmain.sdb -> %SystemRoot%\System32\dllcache\sysmain.sdb ->  [Ver =  | Size = 1197294 bytes | Created Date = 3/21/2008 2:13:14 PM | Attr =	]
TCLASSES.CAT -> %SystemRoot%\System32\dllcache\TCLASSES.CAT ->  [Ver =  | Size = 22151 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
WFC.CAT -> %SystemRoot%\System32\dllcache\WFC.CAT ->  [Ver =  | Size = 390168 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
XMLDSOC.CAT -> %SystemRoot%\System32\dllcache\XMLDSOC.CAT ->  [Ver =  | Size = 21281 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
afc.sys -> %SystemRoot%\System32\drivers\afc.sys -> Arcsoft, Inc. [Ver = 1, 0, 0, 2 | Size = 11776 bytes | Created Date = 3/22/2008 4:11:54 PM | Attr =	]
avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Created Date = 3/17/2008 1:07:23 AM | Attr =	]
avg7rsw.sys -> %SystemRoot%\System32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Created Date = 3/17/2008 1:07:26 AM | Attr =	]
avg7rsxp.sys -> %SystemRoot%\System32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Created Date = 3/17/2008 1:07:26 AM | Attr =	]
avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Created Date = 3/17/2008 1:07:26 AM | Attr =	]
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 26952 bytes | Created Date = 3/17/2008 1:07:26 AM | Attr =	]
disdn -> %SystemRoot%\System32\drivers\disdn ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
etc -> %SystemRoot%\System32\drivers\etc ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
hosts.20080316-180057.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080316-180057.backup ->  [Ver =  | Size = 734 bytes | Created Date = 3/16/2008 6:00:57 PM | Attr =	]
netwlan5.img -> %SystemRoot%\System32\drivers\netwlan5.img ->  [Ver =  | Size = 67866 bytes | Created Date = 3/1/2008 3:04:04 PM | Attr =	]
nv4_mini.sys -> %SystemRoot%\System32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Created Date = 3/1/2008 1:36:52 PM | Attr =	]
NVENETFD.sys -> %SystemRoot%\System32\drivers\NVENETFD.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 52736 bytes | Created Date = 3/1/2008 1:54:19 PM | Attr =	]
nvnetbus.sys -> %SystemRoot%\System32\drivers\nvnetbus.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 18944 bytes | Created Date = 3/1/2008 1:54:17 PM | Attr =	]
nvnrm.sys -> %SystemRoot%\System32\drivers\nvnrm.sys -> NVIDIA Corporation [Ver = 1.00.02.06024 | Size = 1104896 bytes | Created Date = 3/1/2008 1:54:17 PM | Attr =	]
nvphy.bin -> %SystemRoot%\System32\drivers\nvphy.bin ->  [Ver =  | Size = 1428 bytes | Created Date = 3/1/2008 1:54:19 PM | Attr = R  ]
nvsnpu.sys -> %SystemRoot%\System32\drivers\nvsnpu.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 261120 bytes | Created Date = 3/1/2008 1:54:17 PM | Attr =	]
nvtcp.sys -> %SystemRoot%\System32\drivers\nvtcp.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 110080 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
RtkHDAud.Sys -> %SystemRoot%\System32\drivers\RtkHDAud.Sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5319 built by: WinDDK | Size = 4394496 bytes | Created Date = 3/1/2008 1:57:16 PM | Attr = R  ]
SDTHOOK.SYS -> %SystemRoot%\System32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Created Date = 3/10/2008 3:40:42 AM | Attr =	]
UMDF -> %SystemRoot%\System32\drivers\UMDF ->  [Folder | Created Date = 3/21/2008 2:11:09 PM | Attr =	]
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf ->  [Ver =  | Size = 0 bytes | Created Date = 3/21/2008 2:11:10 PM | Attr =  H ]
upiwbmleutdk.sys -> %SystemRoot%\System32\drivers\upiwbmleutdk.sys -> Panda Software International [Ver = 1, 0, 0, 5 | Size = 8576 bytes | Created Date = 3/10/2008 3:40:10 AM | Attr =	]
$winnt$.inf -> %SystemRoot%\System32\$winnt$.inf ->  [Ver =  | Size = 261 bytes | Created Date = 3/1/2008 8:23:11 AM | Attr =	]
1025 -> %SystemRoot%\System32\1025 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
1028 -> %SystemRoot%\System32\1028 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1031 -> %SystemRoot%\System32\1031 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1033 -> %SystemRoot%\System32\1033 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1037 -> %SystemRoot%\System32\1037 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1041 -> %SystemRoot%\System32\1041 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1042 -> %SystemRoot%\System32\1042 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1054 -> %SystemRoot%\System32\1054 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
2052 -> %SystemRoot%\System32\2052 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
3076 -> %SystemRoot%\System32\3076 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
3com_dmi -> %SystemRoot%\System32\3com_dmi ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ALSndMgr.Cpl -> %SystemRoot%\System32\ALSndMgr.Cpl -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 10 | Size = 299008 bytes | Created Date = 3/1/2008 1:56:56 PM | Attr = R  ]
amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb ->  [Ver =  | Size = 16832 bytes | Created Date = 3/1/2008 1:30:40 PM | Attr =	]
amstream.dll -> %SystemRoot%\System32\amstream.dll ->  [Ver =  | Size = 70656 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
apvvlrgu.ini -> %SystemRoot%\System32\apvvlrgu.ini ->  [Ver =  | Size = 1313885 bytes | Created Date = 3/13/2008 1:30:54 PM | Attr =  HS]
asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 3/10/2008 3:30:20 AM | Attr =	]
atvtpoya.ini -> %SystemRoot%\System32\atvtpoya.ini ->  [Ver =  | Size = 1315230 bytes | Created Date = 3/10/2008 1:22:33 PM | Attr =  HS]
AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT ->  [Ver =  | Size = 1688 bytes | Created Date = 3/1/2008 8:24:30 AM | Attr =	]
bdco1.dll -> %SystemRoot%\System32\bdco1.dll -> NVIDIA Corporation [Ver = 1.0 | Size = 10240 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
bdco1ins.dll -> %SystemRoot%\System32\bdco1ins.dll -> NVIDIA Corporation [Ver = 1.0 | Size = 10240 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
bits -> %SystemRoot%\System32\bits ->  [Folder | Created Date = 3/1/2008 2:26:33 PM | Attr =	]
bopomofo.uce -> %SystemRoot%\System32\bopomofo.uce ->  [Ver =  | Size = 22984 bytes | Created Date = 3/1/2008 1:28:04 PM | Attr =	]
BuzzingBee.wav -> %SystemRoot%\System32\BuzzingBee.wav ->  [Ver =  | Size = 146650 bytes | Created Date = 3/1/2008 2:00:00 PM | Attr =	]
CapabilityTable.exe -> %SystemRoot%\System32\CapabilityTable.exe -> NVIDIA Corporation [Ver = 2, 2, 1, 464 | Size = 446464 bytes | Created Date = 3/1/2008 5:26:03 PM | Attr =	]
CatRoot -> %SystemRoot%\System32\CatRoot ->  [Folder | Created Date = 3/1/2008 8:24:18 AM | Attr =	]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 ->  [Folder | Created Date = 3/1/2008 8:24:18 AM | Attr =	]
cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
ChCfg.exe -> %SystemRoot%\System32\ChCfg.exe ->  [Ver =  | Size = 49152 bytes | Created Date = 3/1/2008 1:57:40 PM | Attr = R  ]
Com -> %SystemRoot%\System32\Com ->  [Folder | Created Date = 3/1/2008 1:27:40 PM | Attr =	]
config -> %SystemRoot%\System32\config ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT ->  [Ver =  | Size = 2577 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr =	]
c_10006.nls -> %SystemRoot%\System32\c_10006.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
c_10007.nls -> %SystemRoot%\System32\c_10007.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:41 AM | Attr =	]
c_10010.nls -> %SystemRoot%\System32\c_10010.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:35 AM | Attr =	]
c_10017.nls -> %SystemRoot%\System32\c_10017.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:41 AM | Attr =	]
c_10029.nls -> %SystemRoot%\System32\c_10029.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:35 AM | Attr =	]
c_10081.nls -> %SystemRoot%\System32\c_10081.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:44 AM | Attr =	]
c_10082.nls -> %SystemRoot%\System32\c_10082.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:35 AM | Attr =	]
c_20127.nls -> %SystemRoot%\System32\c_20127.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:34 AM | Attr =	]
C_28594.NLS -> %SystemRoot%\System32\C_28594.NLS ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:37 AM | Attr =	]
C_28595.NLS -> %SystemRoot%\System32\C_28595.NLS ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:41 AM | Attr =	]
C_28597.NLS -> %SystemRoot%\System32\C_28597.NLS ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
c_28599.nls -> %SystemRoot%\System32\c_28599.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:44 AM | Attr =	]
c_28603.nls -> %SystemRoot%\System32\c_28603.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:46 AM | Attr =	]
c_737.nls -> %SystemRoot%\System32\c_737.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
c_852.nls -> %SystemRoot%\System32\c_852.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:35 AM | Attr =	]
c_855.nls -> %SystemRoot%\System32\c_855.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:37 AM | Attr =	]
c_857.nls -> %SystemRoot%\System32\c_857.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:44 AM | Attr =	]
c_866.nls -> %SystemRoot%\System32\c_866.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:37 AM | Attr =	]
c_869.nls -> %SystemRoot%\System32\c_869.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
c_875.nls -> %SystemRoot%\System32\c_875.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
desktop.ini -> %SystemRoot%\System32\desktop.ini ->  [Ver =  | Size = 2 bytes | Created Date = 3/1/2008 1:29:25 PM | Attr =	]
devenum.dll -> %SystemRoot%\System32\devenum.dll ->  [Ver =  | Size = 59904 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
dgrpsetu.dll -> %SystemRoot%\System32\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
dgsetup.dll -> %SystemRoot%\System32\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
dhcp -> %SystemRoot%\System32\dhcp ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
DirectX -> %SystemRoot%\System32\DirectX ->  [Folder | Created Date = 3/1/2008 1:29:58 PM | Attr =	]
dllcache -> %SystemRoot%\System32\dllcache ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
dtfnmviu.ini -> %SystemRoot%\System32\dtfnmviu.ini ->  [Ver =  | Size = 1320215 bytes | Created Date = 3/11/2008 1:24:53 PM | Attr =  HS]
dumphive.exe -> %SystemRoot%\System32\dumphive.exe ->  [Ver =  | Size = 51200 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat ->  [Ver =  | Size = 21640 bytes | Created Date = 3/1/2008 1:28:39 PM | Attr =	]
en-US -> %SystemRoot%\System32\en-US ->  [Folder | Created Date = 3/2/2008 12:29:26 PM | Attr =	]
EPPICLocal_BP.cfg -> %SystemRoot%\System32\EPPICLocal_BP.cfg ->  [Ver =  | Size = 6478 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_CF.cfg -> %SystemRoot%\System32\EPPICLocal_CF.cfg ->  [Ver =  | Size = 6366 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_EN.cfg -> %SystemRoot%\System32\EPPICLocal_EN.cfg ->  [Ver =  | Size = 12669 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_ES.cfg -> %SystemRoot%\System32\EPPICLocal_ES.cfg ->  [Ver =  | Size = 6226 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_FR.cfg -> %SystemRoot%\System32\EPPICLocal_FR.cfg ->  [Ver =  | Size = 6366 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_PT.cfg -> %SystemRoot%\System32\EPPICLocal_PT.cfg ->  [Ver =  | Size = 6478 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EpPicMgr.dll -> %SystemRoot%\System32\EpPicMgr.dll -> SEIKO EPSON CORPORATION [Ver = 1, 1, 0, 1 | Size = 51360 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern1.dat -> %SystemRoot%\System32\EPPICPattern1.dat ->  [Ver =  | Size = 29114 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern121.dat -> %SystemRoot%\System32\EPPICPattern121.dat ->  [Ver =  | Size = 27417 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern131.dat -> %SystemRoot%\System32\EPPICPattern131.dat ->  [Ver =  | Size = 31053 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern2.dat -> %SystemRoot%\System32\EPPICPattern2.dat ->  [Ver =  | Size = 13280 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern3.dat -> %SystemRoot%\System32\EPPICPattern3.dat ->  [Ver =  | Size = 21021 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern4.dat -> %SystemRoot%\System32\EPPICPattern4.dat ->  [Ver =  | Size = 10673 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern5.dat -> %SystemRoot%\System32\EPPICPattern5.dat ->  [Ver =  | Size = 15670 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern6.dat -> %SystemRoot%\System32\EPPICPattern6.dat ->  [Ver =  | Size = 4943 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_BP.dat -> %SystemRoot%\System32\EPPICPresetData_BP.dat ->  [Ver =  | Size = 1140 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_CF.dat -> %SystemRoot%\System32\EPPICPresetData_CF.dat ->  [Ver =  | Size = 1130 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_EN.dat -> %SystemRoot%\System32\EPPICPresetData_EN.dat ->  [Ver =  | Size = 1104 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_ES.dat -> %SystemRoot%\System32\EPPICPresetData_ES.dat ->  [Ver =  | Size = 1137 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_FR.dat -> %SystemRoot%\System32\EPPICPresetData_FR.dat ->  [Ver =  | Size = 1130 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_PT.dat -> %SystemRoot%\System32\EPPICPresetData_PT.dat ->  [Ver =  | Size = 1140 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPrinterDB.dat -> %SystemRoot%\System32\EPPICPrinterDB.dat ->  [Ver =  | Size = 73220 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EpPicPrt.dll -> %SystemRoot%\System32\EpPicPrt.dll -> SEIKO EPSON CORPORATION [Ver = 1, 1, 0, 1 | Size = 51360 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EqnClass.Dll -> %SystemRoot%\System32\EqnClass.Dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
escwiad.dll -> %SystemRoot%\System32\escwiad.dll -> SEIKO EPSON CORP. [Ver = 1.72 | Size = 67072 bytes | Created Date = 3/22/2008 3:58:46 PM | Attr =	]
EVGA -> %SystemRoot%\System32\EVGA ->  [Folder | Created Date = 3/1/2008 1:36:48 PM | Attr =	]
evga.ico -> %SystemRoot%\System32\evga.ico ->  [Ver =  | Size = 16958 bytes | Created Date = 3/1/2008 1:37:24 PM | Attr =	]
export -> %SystemRoot%\System32\export ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
fdco1.dll -> %SystemRoot%\System32\fdco1.dll -> NVIDIA Corporation [Ver = 1.1 | Size = 202240 bytes | Created Date = 3/1/2008 1:54:19 PM | Attr =	]
fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT ->  [Ver =  | Size = 264616 bytes | Created Date = 3/1/2008 8:24:01 AM | Attr =	]
gb2312.uce -> %SystemRoot%\System32\gb2312.uce ->  [Ver =  | Size = 24006 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
ggseguyo.ini -> %SystemRoot%\System32\ggseguyo.ini ->  [Ver =  | Size = 1348343 bytes | Created Date = 3/12/2008 1:27:53 PM | Attr =  HS]
grep.exe -> %SystemRoot%\System32\grep.exe ->  [Ver =  | Size = 80412 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
Help.ico -> %SystemRoot%\System32\Help.ico ->  [Ver =  | Size = 1406 bytes | Created Date = 3/10/2008 3:29:58 AM | Attr =	]
hticons.dll -> %SystemRoot%\System32\hticons.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Created Date = 3/1/2008 1:28:12 PM | Attr =	]
ias -> %SystemRoot%\System32\ias ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
icsxml -> %SystemRoot%\System32\icsxml ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ideograf.uce -> %SystemRoot%\System32\ideograf.uce ->  [Ver =  | Size = 60458 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver =  | Size = 82432 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
imagX7.dll -> %SystemRoot%\System32\imagX7.dll -> Pegasus Imaging Corp. [Ver = 7.0.46.0 | Size = 1568768 bytes | Created Date = 3/10/2008 12:58:24 AM | Attr =	]
imagXpr7.dll -> %SystemRoot%\System32\imagXpr7.dll -> Pegasus Imaging Corp. [Ver = 7.0.46.0 | Size = 476320 bytes | Created Date = 3/10/2008 12:58:24 AM | Attr =	]
IME -> %SystemRoot%\System32\IME ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
inetsrv -> %SystemRoot%\System32\inetsrv ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
isrdbg32.dll -> %SystemRoot%\System32\isrdbg32.dll -> Intel Corporation [Ver = 0.0 | Size = 32768 bytes | Created Date = 3/1/2008 1:29:17 PM | Attr =	]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/17/2008 12:31:03 AM | Attr =	]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Created Date = 3/17/2008 12:31:03 AM | Attr =	]
javasup.vxd -> %SystemRoot%\System32\javasup.vxd ->  [Ver =  | Size = 7315 bytes | Created Date = 3/1/2008 2:50:13 PM | Attr =	]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/17/2008 12:31:03 AM | Attr =	]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 3/17/2008 12:31:03 AM | Attr =	]
jevudgco.ini -> %SystemRoot%\System32\jevudgco.ini ->  [Ver =  | Size = 1313945 bytes | Created Date = 3/13/2008 2:30:52 PM | Attr =  HS]
kanji_1.uce -> %SystemRoot%\System32\kanji_1.uce ->  [Ver =  | Size = 6948 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
kanji_2.uce -> %SystemRoot%\System32\kanji_2.uce ->  [Ver =  | Size = 8484 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
keystone.exe -> %SystemRoot%\System32\keystone.exe ->  [Ver =  | Size = 425984 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
korean.uce -> %SystemRoot%\System32\korean.uce ->  [Ver =  | Size = 12876 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
l3codecx.ax -> %SystemRoot%\System32\l3codecx.ax -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 5, 0, 50 | Size = 83456 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
Lang -> %SystemRoot%\System32\Lang ->  [Folder | Created Date = 3/1/2008 2:00:00 PM | Attr =	]
LogFiles -> %SystemRoot%\System32\LogFiles ->  [Folder | Created Date = 3/21/2008 2:11:09 PM | Attr =	]
logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest ->  [Ver =  | Size = 488 bytes | Created Date = 3/1/2008 1:30:14 PM | Attr = RH ]
LoopyMusic.wav -> %SystemRoot%\System32\LoopyMusic.wav ->  [Ver =  | Size = 940794 bytes | Created Date = 3/1/2008 2:00:00 PM | Attr =	]
Macromed -> %SystemRoot%\System32\Macromed ->  [Folder | Created Date = 3/1/2008 1:29:01 PM | Attr =	]
mciqtz32.dll -> %SystemRoot%\System32\mciqtz32.dll ->  [Ver =  | Size = 35328 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
Microsoft -> %SystemRoot%\System32\Microsoft ->  [Folder | Created Date = 3/1/2008 1:38:18 PM | Attr =   S]
mpeg2data.ax -> %SystemRoot%\System32\mpeg2data.ax ->  [Ver =  | Size = 118272 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
mpg2splt.ax -> %SystemRoot%\System32\mpg2splt.ax ->  [Ver =  | Size = 148992 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
msdmo.dll -> %SystemRoot%\System32\msdmo.dll ->  [Ver =  | Size = 14336 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
MsDtc -> %SystemRoot%\System32\MsDtc ->  [Folder | Created Date = 3/1/2008 1:27:40 PM | Attr =	]
msdtcprf.h -> %SystemRoot%\System32\msdtcprf.h ->  [Ver =  | Size = 768 bytes | Created Date = 3/1/2008 1:28:00 PM | Attr =	]
msdtcprf.ini -> %SystemRoot%\System32\msdtcprf.ini ->  [Ver =  | Size = 1931 bytes | Created Date = 3/1/2008 1:28:00 PM | Attr =	]
msdvbnp.ax -> %SystemRoot%\System32\msdvbnp.ax ->  [Ver =  | Size = 56832 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
mui -> %SystemRoot%\System32\mui ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
npp -> %SystemRoot%\System32\npp ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb ->  [Ver =  | Size = 23392 bytes | Created Date = 3/1/2008 1:30:40 PM | Attr =	]
nv4_disp.dll -> %SystemRoot%\System32\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 5773568 bytes | Created Date = 3/1/2008 1:36:49 PM | Attr =	]
nvapi.dll -> %SystemRoot%\System32\nvapi.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 385024 bytes | Created Date = 3/1/2008 1:36:58 PM | Attr =	]
nvappbar.exe -> %SystemRoot%\System32\nvappbar.exe ->  [Ver =  | Size = 442368 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvapps.xml -> %SystemRoot%\System32\nvapps.xml ->  [Ver =  | Size = 159661 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvcod.dll -> %SystemRoot%\System32\nvcod.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35  | Size = 35328 bytes | Created Date = 3/1/2008 1:36:59 PM | Attr =	]
nvcodins.dll -> %SystemRoot%\System32\nvcodins.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35  | Size = 35328 bytes | Created Date = 3/1/2008 1:36:59 PM | Attr =	]
nvcolor.exe -> %SystemRoot%\System32\nvcolor.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 147456 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvconrm.dll -> %SystemRoot%\System32\nvconrm.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35  | Size = 35840 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
nvcpl.cpl -> %SystemRoot%\System32\nvcpl.cpl -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 413696 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvcpl.dll -> %SystemRoot%\System32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 8523776 bytes | Created Date = 3/1/2008 1:37:00 PM | Attr =	]
nvcplui.exe -> %SystemRoot%\System32\nvcplui.exe -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 753664 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvcpluir.dll -> %SystemRoot%\System32\nvcpluir.dll -> NVIDIA Corporation [Ver = 1.4.6.18 | Size = 1073152 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu ->  [Ver =  | Size = 17737 bytes | Created Date = 3/1/2008 1:37:29 PM | Attr =	]
nvdisps.dll -> %SystemRoot%\System32\nvdisps.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 6549504 bytes | Created Date = 3/1/2008 1:37:03 PM | Attr =	]
nvdispsr.dll -> %SystemRoot%\System32\nvdispsr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 5439488 bytes | Created Date = 3/1/2008 1:37:05 PM | Attr =	]
nvdspsch.exe -> %SystemRoot%\System32\nvdspsch.exe ->  [Ver =  | Size = 1339392 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvexpbar.dll -> %SystemRoot%\System32\nvexpbar.dll -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 307200 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvgames.dll -> %SystemRoot%\System32\nvgames.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 3420160 bytes | Created Date = 3/1/2008 1:37:06 PM | Attr =	]
nvgamesr.dll -> %SystemRoot%\System32\nvgamesr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 3231744 bytes | Created Date = 3/1/2008 1:37:07 PM | Attr =	]
nview.dll -> %SystemRoot%\System32\nview.dll ->  [Ver =  | Size = 1474560 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvmccs.dll -> %SystemRoot%\System32\nvmccs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 229376 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmccsrs.dll -> %SystemRoot%\System32\nvmccsrs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 45056 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvmccss.dll -> %SystemRoot%\System32\nvmccss.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 188416 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmccssr.dll -> %SystemRoot%\System32\nvmccssr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 458752 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmctray.dll -> %SystemRoot%\System32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmobls.dll -> %SystemRoot%\System32\nvmobls.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 1228800 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmoblsr.dll -> %SystemRoot%\System32\nvmoblsr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 2854912 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvnrm.nvu -> %SystemRoot%\System32\nvnrm.nvu ->  [Ver =  | Size = 3903 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
nvnt4cpl.dll -> %SystemRoot%\System32\nvnt4cpl.dll ->  [Ver =  | Size = 286720 bytes | Created Date = 3/1/2008 1:37:09 PM | Attr =	]
nvoglnt.dll -> %SystemRoot%\System32\nvoglnt.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 6901760 bytes | Created Date = 3/1/2008 1:37:09 PM | Attr =	]
nvraidapp.nvu -> %SystemRoot%\System32\nvraidapp.nvu ->  [Ver =  | Size = 6874 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidar.dll -> %SystemRoot%\System32\NvRaidar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20480 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidcs.dll -> %SystemRoot%\System32\NvRaidcs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidda.dll -> %SystemRoot%\System32\NvRaidda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20992 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidde.dll -> %SystemRoot%\System32\NvRaidde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidel.dll -> %SystemRoot%\System32\NvRaidel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22528 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaideng.dll -> %SystemRoot%\System32\NvRaideng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20480 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidEnu.dll -> %SystemRoot%\System32\NvRaidEnu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22528 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaides.dll -> %SystemRoot%\System32\NvRaides.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidfi.dll -> %SystemRoot%\System32\NvRaidfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidfr.dll -> %SystemRoot%\System32\NvRaidfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidhe.dll -> %SystemRoot%\System32\NvRaidhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20992 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidhu.dll -> %SystemRoot%\System32\NvRaidhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidit.dll -> %SystemRoot%\System32\NvRaidit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidja.dll -> %SystemRoot%\System32\NvRaidja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 19968 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidko.dll -> %SystemRoot%\System32\NvRaidko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 19968 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidnl.dll -> %SystemRoot%\System32\NvRaidnl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidno.dll -> %SystemRoot%\System32\NvRaidno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidpl.dll -> %SystemRoot%\System32\NvRaidpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidpt.dll -> %SystemRoot%\System32\NvRaidpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidptb.dll -> %SystemRoot%\System32\NvRaidptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidru.dll -> %SystemRoot%\System32\NvRaidru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidServer.dll -> %SystemRoot%\System32\NvRaidServer.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 544768 bytes | Created Date = 3/1/2008 5:25:52 PM | Attr =	]
NvRaidServerar.dll -> %SystemRoot%\System32\NvRaidServerar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148480 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServercs.dll -> %SystemRoot%\System32\NvRaidServercs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerda.dll -> %SystemRoot%\System32\NvRaidServerda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerde.dll -> %SystemRoot%\System32\NvRaidServerde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerel.dll -> %SystemRoot%\System32\NvRaidServerel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServereng.dll -> %SystemRoot%\System32\NvRaidServereng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerenu.dll -> %SystemRoot%\System32\NvRaidServerenu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServeres.dll -> %SystemRoot%\System32\NvRaidServeres.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerfi.dll -> %SystemRoot%\System32\NvRaidServerfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerfr.dll -> %SystemRoot%\System32\NvRaidServerfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerhe.dll -> %SystemRoot%\System32\NvRaidServerhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148480 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerhu.dll -> %SystemRoot%\System32\NvRaidServerhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerit.dll -> %SystemRoot%\System32\NvRaidServerit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerja.dll -> %SystemRoot%\System32\NvRaidServerja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 147968 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerko.dll -> %SystemRoot%\System32\NvRaidServerko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 147968 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServernl.dll -> %SystemRoot%\System32\NvRaidServernl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerno.dll -> %SystemRoot%\System32\NvRaidServerno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerpl.dll -> %SystemRoot%\System32\NvRaidServerpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerpt.dll -> %SystemRoot%\System32\NvRaidServerpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerptb.dll -> %SystemRoot%\System32\NvRaidServerptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerru.dll -> %SystemRoot%\System32\NvRaidServerru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServersk.dll -> %SystemRoot%\System32\NvRaidServersk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServersl.dll -> %SystemRoot%\System32\NvRaidServersl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServersv.dll -> %SystemRoot%\System32\NvRaidServersv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerth.dll -> %SystemRoot%\System32\NvRaidServerth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServertr.dll -> %SystemRoot%\System32\NvRaidServertr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerzhc.dll -> %SystemRoot%\System32\NvRaidServerzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 147456 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerzht.dll -> %SystemRoot%\System32\NvRaidServerzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 147456 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
nvraidservice.exe -> %SystemRoot%\System32\nvraidservice.exe -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 137216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidsk.dll -> %SystemRoot%\System32\NvRaidsk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidsl.dll -> %SystemRoot%\System32\NvRaidsl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidsv.dll -> %SystemRoot%\System32\NvRaidsv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20992 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvar.dll -> %SystemRoot%\System32\NvRaidSvar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 8704 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvcs.dll -> %SystemRoot%\System32\NvRaidSvcs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvda.dll -> %SystemRoot%\System32\NvRaidSvda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvde.dll -> %SystemRoot%\System32\NvRaidSvde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvel.dll -> %SystemRoot%\System32\NvRaidSvel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSveng.dll -> %SystemRoot%\System32\NvRaidSveng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvEnu.dll -> %SystemRoot%\System32\NvRaidSvEnu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSves.dll -> %SystemRoot%\System32\NvRaidSves.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvfi.dll -> %SystemRoot%\System32\NvRaidSvfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvfr.dll -> %SystemRoot%\System32\NvRaidSvfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvhe.dll -> %SystemRoot%\System32\NvRaidSvhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvhu.dll -> %SystemRoot%\System32\NvRaidSvhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvit.dll -> %SystemRoot%\System32\NvRaidSvit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvja.dll -> %SystemRoot%\System32\NvRaidSvja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 8192 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvko.dll -> %SystemRoot%\System32\NvRaidSvko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 7680 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvnl.dll -> %SystemRoot%\System32\NvRaidSvnl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvno.dll -> %SystemRoot%\System32\NvRaidSvno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvpl.dll -> %SystemRoot%\System32\NvRaidSvpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvpt.dll -> %SystemRoot%\System32\NvRaidSvpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvptb.dll -> %SystemRoot%\System32\NvRaidSvptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvru.dll -> %SystemRoot%\System32\NvRaidSvru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvsk.dll -> %SystemRoot%\System32\NvRaidSvsk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvsl.dll -> %SystemRoot%\System32\NvRaidSvsl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvsv.dll -> %SystemRoot%\System32\NvRaidSvsv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvth.dll -> %SystemRoot%\System32\NvRaidSvth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvtr.dll -> %SystemRoot%\System32\NvRaidSvtr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvzhc.dll -> %SystemRoot%\System32\NvRaidSvzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 6656 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvzht.dll -> %SystemRoot%\System32\NvRaidSvzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 7168 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidth.dll -> %SystemRoot%\System32\NvRaidth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidtr.dll -> %SystemRoot%\System32\NvRaidtr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizard.dll -> %SystemRoot%\System32\NvRaidWizard.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 501248 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardar.dll -> %SystemRoot%\System32\NvRaidWizardar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 120832 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardcs.dll -> %SystemRoot%\System32\NvRaidWizardcs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 128512 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardda.dll -> %SystemRoot%\System32\NvRaidWizardda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 125952 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardde.dll -> %SystemRoot%\System32\NvRaidWizardde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 135168 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardel.dll -> %SystemRoot%\System32\NvRaidWizardel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 132608 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardeng.dll -> %SystemRoot%\System32\NvRaidWizardeng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 124416 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardEnu.dll -> %SystemRoot%\System32\NvRaidWizardEnu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 124416 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardes.dll -> %SystemRoot%\System32\NvRaidWizardes.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 132096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardfi.dll -> %SystemRoot%\System32\NvRaidWizardfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 126464 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardfr.dll -> %SystemRoot%\System32\NvRaidWizardfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 132096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardhe.dll -> %SystemRoot%\System32\NvRaidWizardhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 123392 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardhu.dll -> %SystemRoot%\System32\NvRaidWizardhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 128000 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardit.dll -> %SystemRoot%\System32\NvRaidWizardit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 131584 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardja.dll -> %SystemRoot%\System32\NvRaidWizardja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 111616 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardko.dll -> %SystemRoot%\System32\NvRaidWizardko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 111616 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardnl.dll -> %SystemRoot%\System32\NvRaidWizardnl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 129536 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardno.dll -> %SystemRoot%\System32\NvRaidWizardno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 128000 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardpl.dll -> %SystemRoot%\System32\NvRaidWizardpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 127488 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardpt.dll -> %SystemRoot%\System32\NvRaidWizardpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 133632 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardptb.dll -> %SystemRoot%\System32\NvRaidWizardptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 130048 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardru.dll -> %SystemRoot%\System32\NvRaidWizardru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 129024 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardsk.dll -> %SystemRoot%\System32\NvRaidWizardsk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 127488 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardsl.dll -> %SystemRoot%\System32\NvRaidWizardsl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 130048 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardsv.dll -> %SystemRoot%\System32\NvRaidWizardsv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 126976 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardth.dll -> %SystemRoot%\System32\NvRaidWizardth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 126976 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardtr.dll -> %SystemRoot%\System32\NvRaidWizardtr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 128000 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardzhc.dll -> %SystemRoot%\System32\NvRaidWizardzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 107008 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardzht.dll -> %SystemRoot%\System32\NvRaidWizardzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 108032 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidzhc.dll -> %SystemRoot%\System32\NvRaidzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 19456 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidzht.dll -> %SystemRoot%\System32\NvRaidzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 19456 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
nvrsar.dll -> %SystemRoot%\System32\nvrsar.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 327680 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrscs.dll -> %SystemRoot%\System32\nvrscs.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 245760 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsda.dll -> %SystemRoot%\System32\nvrsda.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsde.dll -> %SystemRoot%\System32\nvrsde.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 274432 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsel.dll -> %SystemRoot%\System32\nvrsel.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 282624 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrseng.dll -> %SystemRoot%\System32\nvrseng.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 245760 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrses.dll -> %SystemRoot%\System32\nvrses.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 282624 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsesm.dll -> %SystemRoot%\System32\nvrsesm.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 274432 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsfi.dll -> %SystemRoot%\System32\nvrsfi.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 245760 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsfr.dll -> %SystemRoot%\System32\nvrsfr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 282624 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrshe.dll -> %SystemRoot%\System32\nvrshe.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 327680 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrshu.dll -> %SystemRoot%\System32\nvrshu.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 258048 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsit.dll -> %SystemRoot%\System32\nvrsit.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 278528 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsja.dll -> %SystemRoot%\System32\nvrsja.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 266240 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsko.dll -> %SystemRoot%\System32\nvrsko.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 258048 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsnl.dll -> %SystemRoot%\System32\nvrsnl.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 274432 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsno.dll -> %SystemRoot%\System32\nvrsno.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrspl.dll -> %SystemRoot%\System32\nvrspl.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrspt.dll -> %SystemRoot%\System32\nvrspt.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 270336 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsptb.dll -> %SystemRoot%\System32\nvrsptb.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 266240 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsru.dll -> %SystemRoot%\System32\nvrsru.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 266240 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrssk.dll -> %SystemRoot%\System32\nvrssk.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 258048 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrssl.dll -> %SystemRoot%\System32\nvrssl.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrssv.dll -> %SystemRoot%\System32\nvrssv.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrstr.dll -> %SystemRoot%\System32\nvrstr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvrszhc.dll -> %SystemRoot%\System32\nvrszhc.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 225280 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvrszht.dll -> %SystemRoot%\System32\nvrszht.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 122880 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvsataconnection.exe -> %SystemRoot%\System32\nvsataconnection.exe -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 208896 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionar.dll -> %SystemRoot%\System32\NvSataConnectionar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectioncs.dll -> %SystemRoot%\System32\NvSataConnectioncs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionda.dll -> %SystemRoot%\System32\NvSataConnectionda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionde.dll -> %SystemRoot%\System32\NvSataConnectionde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionel.dll -> %SystemRoot%\System32\NvSataConnectionel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectioneng.dll -> %SystemRoot%\System32\NvSataConnectioneng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionEnu.dll -> %SystemRoot%\System32\NvSataConnectionEnu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectiones.dll -> %SystemRoot%\System32\NvSataConnectiones.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionfi.dll -> %SystemRoot%\System32\NvSataConnectionfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionfr.dll -> %SystemRoot%\System32\NvSataConnectionfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionhe.dll -> %SystemRoot%\System32\NvSataConnectionhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionhu.dll -> %SystemRoot%\System32\NvSataConnectionhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionit.dll -> %SystemRoot%\System32\NvSataConnectionit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionja.dll -> %SystemRoot%\System32\NvSataConnectionja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionko.dll -> %SystemRoot%\System32\NvSataConnectionko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionnl.dll -> %SystemRoot%\System32\NvSataConnectionnl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionno.dll -> %SystemRoot%\System32\NvSataConnectionno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionpl.dll -> %SystemRoot%\System32\NvSataConnectionpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionpt.dll -> %SystemRoot%\System32\NvSataConnectionpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionptb.dll -> %SystemRoot%\System32\NvSataConnectionptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionru.dll -> %SystemRoot%\System32\NvSataConnectionru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionsk.dll -> %SystemRoot%\System32\NvSataConnectionsk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionsl.dll -> %SystemRoot%\System32\NvSataConnectionsl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionsv.dll -> %SystemRoot%\System32\NvSataConnectionsv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionth.dll -> %SystemRoot%\System32\NvSataConnectionth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectiontr.dll -> %SystemRoot%\System32\NvSataConnectiontr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionzhc.dll -> %SystemRoot%\System32\NvSataConnectionzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionzht.dll -> %SystemRoot%\System32\NvSataConnectionzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
nvshell.dll -> %SystemRoot%\System32\nvshell.dll ->  [Ver =  | Size = 466944 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvsmb.nvu -> %SystemRoot%\System32\nvsmb.nvu ->  [Ver =  | Size = 1864 bytes | Created Date = 3/1/2008 5:25:28 PM | Attr =	]
nvsvc32.exe -> %SystemRoot%\System32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Created Date = 3/1/2008 1:37:13 PM | Attr =	]
nvtuicpl.cpl -> %SystemRoot%\System32\nvtuicpl.cpl ->  [Ver =  | Size = 73728 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvucode.bin -> %SystemRoot%\System32\nvucode.bin ->  [Ver =  | Size = 1018748 bytes | Created Date = 3/1/2008 1:37:13 PM | Attr =	]
nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 1 , 1 , 0  | Size = 356352 bytes | Created Date = 3/1/2008 1:37:29 PM | Attr =	]
NVUNINST.EXE -> %SystemRoot%\System32\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 1 , 1 , 0  | Size = 356352 bytes | Created Date = 3/1/2008 1:54:14 PM | Attr =	]
nvunrm.exe -> %SystemRoot%\System32\nvunrm.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 56  | Size = 356352 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
nvusmb.exe -> %SystemRoot%\System32\nvusmb.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 56  | Size = 208896 bytes | Created Date = 3/1/2008 5:25:28 PM | Attr =	]
nvvitvs.dll -> %SystemRoot%\System32\nvvitvs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 3710976 bytes | Created Date = 3/1/2008 1:37:13 PM | Attr =	]
nvvitvsr.dll -> %SystemRoot%\System32\nvvitvsr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 3645440 bytes | Created Date = 3/1/2008 1:37:14 PM | Attr =	]
nvwddi.dll -> %SystemRoot%\System32\nvwddi.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Created Date = 3/1/2008 1:37:15 PM | Attr =	]
nvwdmcpl.dll -> %SystemRoot%\System32\nvwdmcpl.dll ->  [Ver =  | Size = 1703936 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvwimg.dll -> %SystemRoot%\System32\nvwimg.dll ->  [Ver =  | Size = 1019904 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvwrsar.dll -> %SystemRoot%\System32\nvwrsar.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 282624 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrscs.dll -> %SystemRoot%\System32\nvwrscs.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 286720 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsda.dll -> %SystemRoot%\System32\nvwrsda.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 294912 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsde.dll -> %SystemRoot%\System32\nvwrsde.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 311296 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsel.dll -> %SystemRoot%\System32\nvwrsel.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 335872 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrseng.dll -> %SystemRoot%\System32\nvwrseng.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 286720 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrses.dll -> %SystemRoot%\System32\nvwrses.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 335872 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsesm.dll -> %SystemRoot%\System32\nvwrsesm.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 327680 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsfi.dll -> %SystemRoot%\System32\nvwrsfi.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 303104 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsfr.dll -> %SystemRoot%\System32\nvwrsfr.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 327680 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrshe.dll -> %SystemRoot%\System32\nvwrshe.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 278528 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrshu.dll -> %SystemRoot%\System32\nvwrshu.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 315392 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsit.dll -> %SystemRoot%\System32\nvwrsit.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 323584 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsja.dll -> %SystemRoot%\System32\nvwrsja.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 212992 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsko.dll -> %SystemRoot%\System32\nvwrsko.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 196608 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsnl.dll -> %SystemRoot%\System32\nvwrsnl.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 319488 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsno.dll -> %SystemRoot%\System32\nvwrsno.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 299008 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrspl.dll -> %SystemRoot%\System32\nvwrspl.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 294912 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrspt.dll -> %SystemRoot%\System32\nvwrspt.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 323584 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsptb.dll -> %SystemRoot%\System32\nvwrsptb.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 319488 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsru.dll -> %SystemRoot%\System32\nvwrsru.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 315392 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrssk.dll -> %SystemRoot%\System32\nvwrssk.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 299008 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrssl.dll -> %SystemRoot%\System32\nvwrssl.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 303104 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrssv.dll -> %SystemRoot%\System32\nvwrssv.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 294912 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrstr.dll -> %SystemRoot%\System32\nvwrstr.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 303104 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvwrszhc.dll -> %SystemRoot%\System32\nvwrszhc.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 163840 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvwrszht.dll -> %SystemRoot%\System32\nvwrszht.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 167936 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvwss.dll -> %SystemRoot%\System32\nvwss.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 2498560 bytes | Created Date = 3/1/2008 1:37:18 PM | Attr =	]
nvwssr.dll -> %SystemRoot%\System32\nvwssr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 2387968 bytes | Created Date = 3/1/2008 1:37:18 PM | Attr =	]
nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
nwiz.exe -> %SystemRoot%\System32\nwiz.exe ->  [Ver =  | Size = 1626112 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
oobe -> %SystemRoot%\System32\oobe ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI ->  [Ver =  | Size = 356738 bytes | Created Date = 3/1/2008 8:24:50 AM | Attr =	]
PhotoImpression Slideshow -> %SystemRoot%\System32\PhotoImpression Slideshow ->  [Folder | Created Date = 3/22/2008 4:11:39 PM | Attr =	]
PhotoImpression Slideshow.scr -> %SystemRoot%\System32\PhotoImpression Slideshow.scr -> ArcSoft Inc. [Ver = 1, 0, 0, 4 | Size = 126976 bytes | Created Date = 3/22/2008 4:11:51 PM | Attr =	]
PICEntry.dll -> %SystemRoot%\System32\PICEntry.dll -> SEIKO EPSON CORPORATION [Ver = 3.0.0.2 | Size = 108704 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
PICSDK.dll -> %SystemRoot%\System32\PICSDK.dll -> SEIKO EPSON CORPORATION [Ver = 3.0.0.1 | Size = 80024 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
PICSDK.ini -> %SystemRoot%\System32\PICSDK.ini ->  [Ver =  | Size = 97 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
PICSDK2.dll -> %SystemRoot%\System32\PICSDK2.dll -> SEIKO EPSON CORPORATION [Ver = 3.0.1.3 | Size = 501912 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
PreInstall -> %SystemRoot%\System32\PreInstall ->  [Folder | Created Date = 3/1/2008 2:26:56 PM | Attr =	]
Process.exe -> %SystemRoot%\System32\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 3/16/2008 11:51:50 PM | Attr =	]
psisdecd.dll -> %SystemRoot%\System32\psisdecd.dll ->  [Ver =  | Size = 363520 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
psisrndr.ax -> %SystemRoot%\System32\psisrndr.ax ->  [Ver =  | Size = 33280 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qcap.dll -> %SystemRoot%\System32\qcap.dll ->  [Ver =  | Size = 192512 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qdv.dll -> %SystemRoot%\System32\qdv.dll ->  [Ver =  | Size = 279040 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qdvd.dll -> %SystemRoot%\System32\qdvd.dll ->  [Ver =  | Size = 385024 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qedit.dll -> %SystemRoot%\System32\qedit.dll ->  [Ver =  | Size = 562176 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qedwipes.dll -> %SystemRoot%\System32\qedwipes.dll ->  [Ver =  | Size = 733696 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
ras -> %SystemRoot%\System32\ras ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups ->  [Folder | Created Date = 3/1/2008 3:18:15 PM | Attr =	]
Restore -> %SystemRoot%\System32\Restore ->  [Folder | Created Date = 3/1/2008 1:28:54 PM | Attr =	]
RTCOM -> %SystemRoot%\System32\RTCOM ->  [Folder | Created Date = 3/1/2008 1:57:23 PM | Attr =	]
RTSndMgr.Cpl -> %SystemRoot%\System32\RTSndMgr.Cpl -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 9 | Size = 282624 bytes | Created Date = 3/1/2008 1:57:16 PM | Attr = R  ]
sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
secupd.dat -> %SystemRoot%\System32\secupd.dat ->  [Ver =  | Size = 4569 bytes | Created Date = 3/1/2008 3:04:04 PM | Attr =	]
secupd.sig -> %SystemRoot%\System32\secupd.sig ->  [Ver =  | Size = 7208 bytes | Created Date = 3/1/2008 3:04:04 PM | Attr =	]
sed.exe -> %SystemRoot%\System32\sed.exe ->  [Ver =  | Size = 98816 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
Setup -> %SystemRoot%\System32\Setup ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ShellExt -> %SystemRoot%\System32\ShellExt ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
shiftjis.uce -> %SystemRoot%\System32\shiftjis.uce ->  [Ver =  | Size = 16740 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
spool -> %SystemRoot%\System32\spool ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
spxcoins.dll -> %SystemRoot%\System32\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
SrchSTS.exe -> %SystemRoot%\System32\SrchSTS.exe -> S!Ri [Ver =  | Size = 288417 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
subrange.uce -> %SystemRoot%\System32\subrange.uce ->  [Ver =  | Size = 93702 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
swsc.exe -> %SystemRoot%\System32\swsc.exe ->  [Ver =  | Size = 40960 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
tmp.reg -> %SystemRoot%\System32\tmp.reg ->  [Ver =  | Size = 2742 bytes | Created Date = 3/10/2008 3:13:07 AM | Attr =	]
tslabels.h -> %SystemRoot%\System32\tslabels.h ->  [Ver =  | Size = 3286 bytes | Created Date = 3/1/2008 1:28:02 PM | Attr =	]
tslabels.ini -> %SystemRoot%\System32\tslabels.ini ->  [Ver =  | Size = 13223 bytes | Created Date = 3/1/2008 1:28:02 PM | Attr =	]
Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico ->  [Ver =  | Size = 2550 bytes | Created Date = 3/10/2008 3:29:58 AM | Attr =	]
usmt -> %SystemRoot%\System32\usmt ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
usrlogon.cmd -> %SystemRoot%\System32\usrlogon.cmd ->  [Ver =  | Size = 1161 bytes | Created Date = 3/1/2008 1:28:03 PM | Attr =	]
VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver =  | Size = 86528 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
VCCLSID.exe -> %SystemRoot%\System32\VCCLSID.exe -> S!Ri [Ver =  | Size = 289144 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
VFind.exe -> %SystemRoot%\System32\VFind.exe ->  [Ver =  | Size = 49152 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
wbem -> %SystemRoot%\System32\wbem ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest ->  [Ver =  | Size = 488 bytes | Created Date = 3/1/2008 1:30:14 PM | Attr = RH ]
wins -> %SystemRoot%\System32\wins ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
wmimgmt.msc -> %SystemRoot%\System32\wmimgmt.msc ->  [Ver =  | Size = 63488 bytes | Created Date = 3/1/2008 1:27:51 PM | Attr =	]
wmpscheme.xml -> %SystemRoot%\System32\wmpscheme.xml ->  [Ver =  | Size = 25065 bytes | Created Date = 3/1/2008 1:30:40 PM | Attr =	]
wpa.bak -> %SystemRoot%\System32\wpa.bak ->  [Ver =  | Size = 2422 bytes | Created Date = 3/1/2008 3:16:09 PM | Attr =	]
WS2Fix.exe -> %SystemRoot%\System32\WS2Fix.exe ->  [Ver =  | Size = 25600 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
xircom -> %SystemRoot%\System32\xircom ->  [Folder | Created Date = 3/1/2008 1:30:42 PM | Attr =	]
zip.exe -> %SystemRoot%\System32\zip.exe ->  [Ver =  | Size = 68096 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
zonedoff.reg -> %SystemRoot%\System32\zonedoff.reg ->  [Ver =  | Size = 113 bytes | Created Date = 3/1/2008 2:50:11 PM | Attr =	]
zonedon.reg -> %SystemRoot%\System32\zonedon.reg ->  [Ver =  | Size = 113 bytes | Created Date = 3/1/2008 2:50:11 PM | Attr =	]
$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Created Date = 3/1/2008 2:26:54 PM | Attr =  H ]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ ->  [Folder | Created Date = 3/1/2008 2:26:49 PM | Attr =  H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ ->  [Folder | Created Date = 3/1/2008 3:17:48 PM | Attr =  H ]
$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ ->  [Folder | Created Date = 3/2/2008 12:29:12 PM | Attr =  H ]
$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ ->  [Folder | Created Date = 3/2/2008 12:29:04 PM | Attr =  H ]
addins -> %SystemRoot%\addins ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Alcmtr.exe -> %SystemRoot%\Alcmtr.exe -> Realtek Semiconductor Corp. [Ver = 1.6.0.2 | Size = 69632 bytes | Created Date = 3/1/2008 1:56:59 PM | Attr = R  ]
alcwzrd.exe -> %SystemRoot%\alcwzrd.exe -> RealTek Semicoductor Corp. [Ver = 1.1.0.36 | Size = 2808832 bytes | Created Date = 3/1/2008 1:56:57 PM | Attr = R  ]
AppPatch -> %SystemRoot%\AppPatch ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Blue Lace 16.bmp -> %SystemRoot%\Blue Lace 16.bmp ->  [Ver =  | Size = 1272 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Created Date = 3/1/2008 1:31:38 PM | Attr =   S]
Coffee Bean.bmp -> %SystemRoot%\Coffee Bean.bmp ->  [Ver =  | Size = 17062 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Config -> %SystemRoot%\Config ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Connection Wizard -> %SystemRoot%\Connection Wizard ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
control.ini -> %SystemRoot%\control.ini ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr =	]
Cursors -> %SystemRoot%\Cursors ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Debug -> %SystemRoot%\Debug ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
desktop.ini -> %SystemRoot%\desktop.ini ->  [Ver =  | Size = 2 bytes | Created Date = 3/1/2008 1:29:25 PM | Attr =	]
doom3.ini -> %SystemRoot%\doom3.ini ->  [Ver =  | Size = 331 bytes | Created Date = 3/2/2008 10:45:51 AM | Attr =	]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Created Date = 3/1/2008 1:30:14 PM | Attr =   S]
Driver Cache -> %SystemRoot%\Driver Cache ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
EHome -> %SystemRoot%\EHome ->  [Folder | Created Date = 3/1/2008 3:17:47 PM | Attr =	]
EPCX8400.ini -> %SystemRoot%\EPCX8400.ini ->  [Ver =  | Size = 44 bytes | Created Date = 3/22/2008 3:58:19 PM | Attr =	]
erdnt -> %SystemRoot%\erdnt ->  [Folder | Created Date = 3/17/2008 12:41:02 AM | Attr =	]
FeatherTexture.bmp -> %SystemRoot%\FeatherTexture.bmp ->  [Ver =  | Size = 16730 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Fonts -> %SystemRoot%\Fonts ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr = R S]
ftpcache -> %SystemRoot%\ftpcache ->  [Folder | Created Date = 3/7/2008 11:10:30 AM | Attr =  HS]
gdrv.sys -> %SystemRoot%\gdrv.sys -> Windows (R) Codename Longhorn DDK provider [Ver = 6.0.5744.16384 built by: WinDDK | Size = 14656 bytes | Created Date = 3/1/2008 1:51:58 PM | Attr =	]
Gone Fishing.bmp -> %SystemRoot%\Gone Fishing.bmp ->  [Ver =  | Size = 17336 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Greenstone.bmp -> %SystemRoot%\Greenstone.bmp ->  [Ver =  | Size = 26582 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Help -> %SystemRoot%\Help ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ie7 -> %SystemRoot%\ie7 ->  [Folder | Created Date = 3/2/2008 12:29:16 PM | Attr =  H ]
ie7updates -> %SystemRoot%\ie7updates ->  [Folder | Created Date = 3/4/2008 4:00:17 AM | Attr =	]
ime -> %SystemRoot%\ime ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Created Date = 3/1/2008 8:24:52 AM | Attr =	]
inf -> %SystemRoot%\inf ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Created Date = 3/1/2008 1:34:49 PM | Attr =  HS]
jautoexp.dat -> %SystemRoot%\jautoexp.dat ->  [Ver =  | Size = 6550 bytes | Created Date = 3/1/2008 2:50:13 PM | Attr =	]
java -> %SystemRoot%\java ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
LastGood -> %SystemRoot%\LastGood ->  [Folder | Created Date = 3/23/2008 3:00:34 AM | Attr =	]
lexstat.ini -> %SystemRoot%\lexstat.ini ->  [Ver =  | Size = 389 bytes | Created Date = 3/1/2008 4:32:36 PM | Attr =	]
Media -> %SystemRoot%\Media ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
MicCal.exe -> %SystemRoot%\MicCal.exe -> Realtek Semiconductor Corp. [Ver = 1.1.1.6 | Size = 2157568 bytes | Created Date = 3/1/2008 1:57:03 PM | Attr = R  ]
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 1158 bytes | Created Date = 3/10/2008 6:11:01 PM | Attr =	]
msagent -> %SystemRoot%\msagent ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
msapps -> %SystemRoot%\msapps ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
mui -> %SystemRoot%\mui ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 69 bytes | Created Date = 3/1/2008 4:59:15 PM | Attr =	]
Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
nsreg.dat -> %SystemRoot%\nsreg.dat ->  [Ver =  | Size = 0 bytes | Created Date = 3/10/2008 1:24:35 PM | Attr =	]
nview -> %SystemRoot%\nview ->  [Folder | Created Date = 3/1/2008 1:37:29 PM | Attr =	]
ODBCINST.INI -> %SystemRoot%\ODBCINST.INI ->  [Ver =  | Size = 4161 bytes | Created Date = 3/1/2008 8:24:50 AM | Attr =	]
Offline Web Pages -> %SystemRoot%\Offline Web Pages ->  [Folder | Created Date = 3/1/2008 1:30:14 PM | Attr = R  ]
PCDLIB32.DLL -> %SystemRoot%\PCDLIB32.DLL -> Eastman Kodak [Ver = 3, 0, 0, 0 | Size = 212480 bytes | Created Date = 3/22/2008 4:11:54 PM | Attr =	]
PCHealth -> %SystemRoot%\PCHealth ->  [Folder | Created Date = 3/1/2008 1:28:55 PM | Attr =	]
peernet -> %SystemRoot%\peernet ->  [Folder | Created Date = 3/1/2008 3:19:36 PM | Attr =	]
Prairie Wind.bmp -> %SystemRoot%\Prairie Wind.bmp ->  [Ver =  | Size = 65954 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Created Date = 3/1/2008 4:21:10 PM | Attr =	]
provisioning -> %SystemRoot%\provisioning ->  [Folder | Created Date = 3/1/2008 3:19:36 PM | Attr =	]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Created Date = 3/1/2008 5:02:16 PM | Attr =	]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Created Date = 3/1/2008 5:02:16 PM | Attr =  H ]
RegisteredPackages -> %SystemRoot%\RegisteredPackages ->  [Folder | Created Date = 3/1/2008 2:11:52 PM | Attr =	]
Registration -> %SystemRoot%\Registration ->  [Folder | Created Date = 3/1/2008 1:28:37 PM | Attr =	]
REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD ->  [Ver =  | Size = 8192 bytes | Created Date = 3/1/2008 1:33:52 PM | Attr =	]
repair -> %SystemRoot%\repair ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Resources -> %SystemRoot%\Resources ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp ->  [Ver =  | Size = 17362 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
River Sumida.bmp -> %SystemRoot%\River Sumida.bmp ->  [Ver =  | Size = 26680 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
RTHDCPL.exe -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.1.0.8 | Size = 16269312 bytes | Created Date = 3/1/2008 1:57:06 PM | Attr = R  ]
RTLCPL.exe -> %SystemRoot%\RTLCPL.exe -> Realtek Semiconductor Corp. [Ver = 1.0.1.64 | Size = 9709568 bytes | Created Date = 3/1/2008 1:57:14 PM | Attr = R  ]
RtlExUpd.dll -> %SystemRoot%\RtlExUpd.dll -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 4 | Size = 499712 bytes | Created Date = 3/1/2008 1:56:53 PM | Attr = R  ]
RtlUpd.exe -> %SystemRoot%\RtlUpd.exe -> Realtek Semiconductor Corp. [Ver = 2, 7, 0, 1 | Size = 1183744 bytes | Created Date = 3/1/2008 1:57:18 PM | Attr = R  ]
Santa Fe Stucco.bmp -> %SystemRoot%\Santa Fe Stucco.bmp ->  [Ver =  | Size = 65832 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
security -> %SystemRoot%\security ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ServicePackFiles -> %SystemRoot%\ServicePackFiles ->  [Folder | Created Date = 3/1/2008 3:19:11 PM | Attr =	]
SHELLNEW -> %SystemRoot%\SHELLNEW ->  [Folder | Created Date = 3/1/2008 4:34:18 PM | Attr =	]
SkyTel.exe -> %SystemRoot%\SkyTel.exe -> Realtek Semiconductor Corp. [Ver = 1.0.0.0 | Size = 2879488 bytes | Created Date = 3/1/2008 1:57:18 PM | Attr = R  ]
Soap Bubbles.bmp -> %SystemRoot%\Soap Bubbles.bmp ->  [Ver =  | Size = 65978 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution ->  [Folder | Created Date = 3/1/2008 2:21:31 PM | Attr =	]
SoundMan.exe -> %SystemRoot%\SoundMan.exe -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 30 | Size = 86016 bytes | Created Date = 3/1/2008 1:57:19 PM | Attr = R  ]
srchasst -> %SystemRoot%\srchasst ->  [Folder | Created Date = 3/1/2008 1:29:01 PM | Attr =	]
system -> %SystemRoot%\system ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
system32 -> %SystemRoot%\system32 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Created Date = 3/1/2008 1:29:10 PM | Attr =   S]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Created Date = 3/17/2008 12:45:18 AM | Attr =	]
twain_32 -> %SystemRoot%\twain_32 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
uninst.exe -> %SystemRoot%\uninst.exe -> InstallShield Corporation, Inc. [Ver = 2.20.926.0 | Size = 299520 bytes | Created Date = 3/1/2008 4:31:59 PM | Attr =	]
vb.ini -> %SystemRoot%\vb.ini ->  [Ver =  | Size = 36 bytes | Created Date = 3/1/2008 1:28:38 PM | Attr =	]
vbaddin.ini -> %SystemRoot%\vbaddin.ini ->  [Ver =  | Size = 37 bytes | Created Date = 3/1/2008 1:28:38 PM | Attr =	]
WBEM -> %SystemRoot%\WBEM ->  [Folder | Created Date = 3/2/2008 12:29:26 PM | Attr =	]
Web -> %SystemRoot%\Web ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr = R  ]
WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
winnt.bmp -> %SystemRoot%\winnt.bmp ->  [Ver =  | Size = 48680 bytes | Created Date = 3/1/2008 1:29:25 PM | Attr =  HS]
winnt256.bmp -> %SystemRoot%\winnt256.bmp ->  [Ver =  | Size = 48680 bytes | Created Date = 3/1/2008 1:29:25 PM | Attr =  HS]
WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx ->  [Ver =  | Size = 316640 bytes | Created Date = 3/1/2008 3:19:50 PM | Attr =	]
WMSysPrx.prx -> %SystemRoot%\WMSysPrx.prx ->  [Ver =  | Size = 299552 bytes | Created Date = 3/1/2008 1:30:39 PM | Attr =	]
Zapotec.bmp -> %SystemRoot%\Zapotec.bmp ->  [Ver =  | Size = 9522 bytes | Created Date = 3/1/2008 1:28:07 PM | Attr =	]
desktop.ini -> %SystemRoot%\tasks\desktop.ini ->  [Ver =  | Size = 65 bytes | Created Date = 3/1/2008 1:29:10 PM | Attr = RH ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Created Date = 3/1/2008 1:30:38 PM | Attr =  H ]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
Adobe -> %AllUsersProfile%\Application Data\Adobe ->  [Folder | Created Date = 3/2/2008 3:57:11 PM | Attr =	]
Apple Computer -> %AllUsersProfile%\Application Data\Apple Computer ->  [Folder | Created Date = 3/1/2008 5:02:02 PM | Attr =	]
avg7 -> %AllUsersProfile%\Application Data\avg7 ->  [Folder | Created Date = 3/17/2008 1:07:20 AM | Attr =	]
desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini ->  [Ver =  | Size = 62 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =  HS]
EPSON -> %AllUsersProfile%\Application Data\EPSON ->  [Folder | Created Date = 3/22/2008 6:02:46 PM | Attr =	]
Grisoft -> %AllUsersProfile%\Application Data\Grisoft ->  [Folder | Created Date = 3/17/2008 1:07:20 AM | Attr =	]
Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft ->  [Folder | Created Date = 3/10/2008 12:31:26 AM | Attr =	]
LightScribe -> %AllUsersProfile%\Application Data\LightScribe ->  [Folder | Created Date = 3/1/2008 4:29:15 PM | Attr =	]
Microsoft -> %AllUsersProfile%\Application Data\Microsoft ->  [Folder | Created Date = 3/1/2008 8:24:13 AM | Attr =   S]
Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help ->  [Folder | Created Date = 3/1/2008 4:34:02 PM | Attr =	]
Nero -> %AllUsersProfile%\Application Data\Nero ->  [Folder | Created Date = 3/1/2008 4:25:51 PM | Attr =	]
nView_Profiles -> %AllUsersProfile%\Application Data\nView_Profiles ->  [Folder | Created Date = 3/1/2008 1:39:06 PM | Attr =	]
QTSBandwidthCache -> %AllUsersProfile%\Application Data\QTSBandwidthCache ->  [Ver =  | Size = 1755 bytes | Created Date = 3/1/2008 5:03:08 PM | Attr =	]
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy ->  [Folder | Created Date = 3/16/2008 5:59:30 PM | Attr =	]
Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage ->  [Folder | Created Date = 3/1/2008 2:40:13 PM | Attr =	]
Adobe -> %AppData%\Adobe ->  [Folder | Created Date = 3/1/2008 4:52:24 PM | Attr =	]
Ahead -> %AppData%\Ahead ->  [Folder | Created Date = 3/1/2008 4:27:47 PM | Attr =	]
ArcSoft -> %AppData%\ArcSoft ->  [Folder | Created Date = 3/22/2008 4:11:56 PM | Attr =	]
AVG7 -> %AppData%\AVG7 ->  [Folder | Created Date = 3/17/2008 1:07:37 AM | Attr =	]
desktop.ini -> %AppData%\desktop.ini ->  [Ver =  | Size = 62 bytes | Created Date = 3/1/2008 1:34:45 PM | Attr =  HS]
dvdcss -> %AppData%\dvdcss ->  [Folder | Created Date = 3/10/2008 12:10:26 AM | Attr =	]
Identities -> %AppData%\Identities ->  [Folder | Created Date = 3/1/2008 1:34:48 PM | Attr =	]
InstallShield -> %AppData%\InstallShield ->  [Folder | Created Date = 3/22/2008 3:59:20 PM | Attr =	]
Leadertech -> %AppData%\Leadertech ->  [Folder | Created Date = 3/22/2008 6:06:56 PM | Attr =	]
Macromedia -> %AppData%\Macromedia ->  [Folder | Created Date = 3/1/2008 4:58:01 PM | Attr =	]
Microsoft -> %AppData%\Microsoft ->  [Folder | Created Date = 3/1/2008 1:34:45 PM | Attr =   S]
Mozilla -> %AppData%\Mozilla ->  [Folder | Created Date = 3/10/2008 1:24:28 PM | Attr =	]
Sun -> %AppData%\Sun ->  [Folder | Created Date = 3/17/2008 12:30:44 AM | Attr =	]
TAIT3 -> %AppData%\TAIT3 ->  [Folder | Created Date = 3/7/2008 5:07:57 PM | Attr =	]
Adobe -> %UserProfile%\Local Settings\Application Data\Adobe ->  [Folder | Created Date = 3/2/2008 3:57:22 PM | Attr =	]
Ahead -> %UserProfile%\Local Settings\Application Data\Ahead ->  [Folder | Created Date = 3/1/2008 4:28:20 PM | Attr =	]
Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer ->  [Folder | Created Date = 3/1/2008 5:02:58 PM | Attr =	]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ->  [Ver =  | Size = 15360 bytes | Created Date = 3/1/2008 2:23:43 PM | Attr =	]
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT ->  [Ver =  | Size = 69232 bytes | Created Date = 3/1/2008 1:39:27 PM | Attr =	]
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db ->  [Ver =  | Size = 4833226 bytes | Created Date = 3/1/2008 1:38:16 PM | Attr =  H ]
Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft ->  [Folder | Created Date = 3/1/2008 1:34:45 PM | Attr =	]
Microsoft Help -> %UserProfile%\Local Settings\Application Data\Microsoft Help ->  [Folder | Created Date = 3/1/2008 4:34:06 PM | Attr =	]
Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla ->  [Folder | Created Date = 3/10/2008 1:24:28 PM | Attr =	]
Yahoo -> %UserProfile%\Local Settings\Application Data\Yahoo ->  [Folder | Created Date = 3/2/2008 3:56:09 PM | Attr =	]
desktop.ini -> %AllUsersProfile%\Documents\desktop.ini ->  [Ver =  | Size = 62 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =  HS]
Monolith Productions -> %AllUsersProfile%\Documents\Monolith Productions ->  [Folder | Created Date = 3/1/2008 4:42:22 PM | Attr =	]
My Music -> %AllUsersProfile%\Documents\My Music ->  [Folder | Created Date = 3/1/2008 1:28:40 PM | Attr = R  ]
My Pictures -> %AllUsersProfile%\Documents\My Pictures ->  [Folder | Created Date = 3/1/2008 1:28:40 PM | Attr = R  ]
My Videos -> %AllUsersProfile%\Documents\My Videos ->  [Folder | Created Date = 3/2/2008 12:37:20 PM | Attr = R  ]
desktop.ini -> %UserProfile%\My Documents\desktop.ini ->  [Ver =  | Size = 74 bytes | Created Date = 3/1/2008 1:34:46 PM | Attr =  HS]
Jon's documents -> %UserProfile%\My Documents\Jon's documents ->  [Folder | Created Date = 3/1/2008 4:36:03 PM | Attr =	]
Leanne's documents -> %UserProfile%\My Documents\Leanne's documents ->  [Folder | Created Date = 3/1/2008 4:35:59 PM | Attr =	]
My Music -> %UserProfile%\My Documents\My Music ->  [Folder | Created Date = 3/1/2008 1:34:46 PM | Attr = R  ]
My Pictures -> %UserProfile%\My Documents\My Pictures ->  [Folder | Created Date = 3/1/2008 1:34:46 PM | Attr = R  ]
My Print Creations -> %UserProfile%\My Documents\My Print Creations ->  [Folder | Created Date = 3/22/2008 6:07:21 PM | Attr =	]
My Videos -> %UserProfile%\My Documents\My Videos ->  [Folder | Created Date = 3/2/2008 12:37:20 PM | Attr = R  ]
My Widgets -> %UserProfile%\My Documents\My Widgets ->  [Folder | Created Date = 3/2/2008 3:56:09 PM | Attr =	]
Doom 3.lnk -> %AllUsersProfile%\Desktop\Doom 3.lnk ->  [Ver =  | Size = 1333 bytes | Created Date = 3/2/2008 10:45:53 AM | Attr =	]
Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk ->  [Ver =  | Size = 1606 bytes | Created Date = 3/10/2008 1:24:20 PM | Attr =	]
TFG.lnk -> %AllUsersProfile%\Desktop\TFG.lnk ->  [Ver =  | Size = 562 bytes | Created Date = 3/17/2008 11:12:57 PM | Attr =	]
ATF-Cleaner.exe -> %UserProfile%\Desktop\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Created Date = 3/23/2008 12:24:00 PM | Attr =	]
FEAR.lnk -> %UserProfile%\Desktop\FEAR.lnk ->  [Ver =  | Size = 447 bytes | Created Date = 3/3/2008 6:38:30 PM | Attr =	]
Malware removal -> %UserProfile%\Desktop\Malware removal ->  [Folder | Created Date = 3/16/2008 8:03:06 PM | Attr =	]
OTScanIt -> %UserProfile%\Desktop\OTScanIt ->  [Folder | Created Date = 3/23/2008 12:26:37 PM | Attr =	]
OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe ->  [Ver =  | Size = 482640 bytes | Created Date = 3/23/2008 12:24:57 PM | Attr =	]
vnc-4_1_2-x86_win32_viewer.exe -> %UserProfile%\Desktop\vnc-4_1_2-x86_win32_viewer.exe -> RealVNC Ltd. [Ver = 4.1.2 | Size = 271312 bytes | Created Date = 3/21/2008 10:28:31 PM | Attr =	]
Wow.lnk -> %UserProfile%\Desktop\Wow.lnk ->  [Ver =  | Size = 509 bytes | Created Date = 3/1/2008 4:27:03 PM | Attr =	]
desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini ->  [Ver =  | Size = 84 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =  HS]
desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini ->  [Ver =  | Size = 84 bytes | Created Date = 3/1/2008 1:34:45 PM | Attr =  HS]
Yahoo! Widgets.lnk -> %UserProfile%\Start Menu\Programs\Startup\Yahoo! Widgets.lnk ->  [Ver =  | Size = 738 bytes | Created Date = 3/2/2008 3:56:09 PM | Attr =	]
Adobe -> %CommonProgramFiles%\Adobe ->  [Folder | Created Date = 3/2/2008 3:57:08 PM | Attr =	]
Ahead -> %CommonProgramFiles%\Ahead ->  [Folder | Created Date = 3/1/2008 4:25:51 PM | Attr =	]
ArcSoft -> %CommonProgramFiles%\ArcSoft ->  [Folder | Created Date = 3/22/2008 4:11:54 PM | Attr =	]
DESIGNER -> %CommonProgramFiles%\DESIGNER ->  [Folder | Created Date = 3/1/2008 4:35:46 PM | Attr =	]
InstallShield -> %CommonProgramFiles%\InstallShield ->  [Folder | Created Date = 3/1/2008 1:36:31 PM | Attr =	]
Java -> %CommonProgramFiles%\Java ->  [Folder | Created Date = 3/17/2008 12:30:51 AM | Attr =	]
LightScribe -> %CommonProgramFiles%\LightScribe ->  [Folder | Created Date = 3/1/2008 4:28:30 PM | Attr =	]
Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared ->  [Folder | Created Date = 3/1/2008 8:24:46 AM | Attr =	]
MSSoap -> %CommonProgramFiles%\MSSoap ->  [Folder | Created Date = 3/1/2008 1:29:07 PM | Attr =	]
ODBC -> %CommonProgramFiles%\ODBC ->  [Folder | Created Date = 3/1/2008 8:24:50 AM | Attr =	]
Services -> %CommonProgramFiles%\Services ->  [Folder | Created Date = 3/1/2008 1:29:15 PM | Attr =	]
SpeechEngines -> %CommonProgramFiles%\SpeechEngines ->  [Folder | Created Date = 3/1/2008 8:24:47 AM | Attr =	]
System -> %CommonProgramFiles%\System ->  [Folder | Created Date = 3/1/2008 1:28:41 PM | Attr =	]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard ->  [Folder | Created Date = 3/10/2008 6:19:48 PM | Attr =	]

[Files/Folders - Modified Within 30 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG ->  [Folder | Modified Date = 3/18/2008 11:16:15 AM | Attr = RH ]
AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =	]
b4a7bb7186989f2e54977486e3 -> %SystemDrive%\b4a7bb7186989f2e54977486e3 ->  [Folder | Modified Date = 3/21/2008 2:12:07 PM | Attr =	]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 281 bytes | Modified Date = 3/17/2008 12:41:15 AM | Attr = RHS]
c867271164e46ed2a6 -> %SystemDrive%\c867271164e46ed2a6 ->  [Folder | Modified Date = 3/21/2008 2:11:10 PM | Attr =	]
Config.Msi -> %SystemDrive%\Config.Msi ->  [Folder | Modified Date = 3/17/2008 12:31:04 AM | Attr =  HS]
CONFIG.SYS -> %SystemDrive%\CONFIG.SYS ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =	]
Documents and Settings -> %SystemDrive%\Documents and Settings ->  [Folder | Modified Date = 3/10/2008 1:47:08 AM | Attr =	]
EPSONREG -> %SystemDrive%\EPSONREG ->  [Folder | Modified Date = 3/22/2008 6:06:47 PM | Attr =	]
IO.SYS -> %SystemDrive%\IO.SYS ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr = RHS]
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr = RHS]
MSOCache -> %SystemDrive%\MSOCache ->  [Folder | Modified Date = 3/1/2008 4:33:50 PM | Attr = RH ]
NTDETECT.COM -> %SystemDrive%\NTDETECT.COM ->  [Ver =  | Size = 47564 bytes | Modified Date = 3/1/2008 3:18:26 PM | Attr = RHS]
ntldr -> %SystemDrive%\ntldr ->  [Ver =  | Size = 250032 bytes | Modified Date = 3/1/2008 3:18:26 PM | Attr = RHS]
NVIDIA -> %SystemDrive%\NVIDIA ->  [Folder | Modified Date = 3/1/2008 5:33:58 PM | Attr =	]
Office 07 -> %SystemDrive%\Office 07 ->  [Folder | Modified Date = 3/1/2008 4:34:29 PM | Attr =	]
Program Files -> %ProgramFiles% ->  [Folder | Modified Date = 3/22/2008 6:18:57 PM | Attr = R  ]
RECYCLER -> %SystemDrive%\RECYCLER ->  [Folder | Modified Date = 3/10/2008 3:13:48 AM | Attr =  HS]
System Volume Information -> %SystemDrive%\System Volume Information ->  [Folder | Modified Date = 3/17/2008 12:43:44 AM | Attr =  HS]
User Programs -> %SystemDrive%\User Programs ->  [Folder | Modified Date = 3/10/2008 2:12:39 AM | Attr =	]
WINDOWS -> %SystemRoot% ->  [Folder | Modified Date = 3/23/2008 3:01:04 AM | Attr =	]
WUTemp -> %SystemDrive%\WUTemp ->  [Folder | Modified Date = 3/1/2008 1:54:42 PM | Attr =	]
avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Modified Date = 3/17/2008 1:07:23 AM | Attr =	]
avg7rsw.sys -> %SystemRoot%\System32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
avg7rsxp.sys -> %SystemRoot%\System32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 26952 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
disdn -> %SystemRoot%\System32\drivers\disdn ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
etc -> %SystemRoot%\System32\drivers\etc ->  [Folder | Modified Date = 3/17/2008 12:43:39 AM | Attr =	]
hosts -> %SystemRoot%\System32\drivers\etc\hosts ->  [Ver =  | Size = 27 bytes | Modified Date = 3/17/2008 12:43:39 AM | Attr =	]
hosts.20080316-180057.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080316-180057.backup ->  [Ver =  | Size = 734 bytes | Modified Date = 3/10/2008 3:13:05 AM | Attr =	]
UMDF -> %SystemRoot%\System32\drivers\UMDF ->  [Folder | Modified Date = 3/21/2008 2:11:49 PM | Attr =	]
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf ->  [Ver =  | Size = 0 bytes | Modified Date = 3/21/2008 2:11:10 PM | Attr =  H ]
$winnt$.inf -> %SystemRoot%\System32\$winnt$.inf ->  [Ver =  | Size = 261 bytes | Modified Date = 3/1/2008 1:31:38 PM | Attr =	]
1025 -> %SystemRoot%\System32\1025 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
1028 -> %SystemRoot%\System32\1028 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1031 -> %SystemRoot%\System32\1031 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1033 -> %SystemRoot%\System32\1033 ->  [Folder | Modified Date = 3/1/2008 8:21:47 AM | Attr =	]
1037 -> %SystemRoot%\System32\1037 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1041 -> %SystemRoot%\System32\1041 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1042 -> %SystemRoot%\System32\1042 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1054 -> %SystemRoot%\System32\1054 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
2052 -> %SystemRoot%\System32\2052 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
3076 -> %SystemRoot%\System32\3076 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
3com_dmi -> %SystemRoot%\System32\3com_dmi ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb ->  [Ver =  | Size = 16832 bytes | Modified Date = 3/21/2008 2:12:57 PM | Attr =	]
apvvlrgu.ini -> %SystemRoot%\System32\apvvlrgu.ini ->  [Ver =  | Size = 1313885 bytes | Modified Date = 3/13/2008 1:31:09 PM | Attr =  HS]
atvtpoya.ini -> %SystemRoot%\System32\atvtpoya.ini ->  [Ver =  | Size = 1315230 bytes | Modified Date = 3/11/2008 1:22:52 PM | Attr =  HS]
bits -> %SystemRoot%\System32\bits ->  [Folder | Modified Date = 3/1/2008 2:26:33 PM | Attr =	]
BuzzingBee.wav -> %SystemRoot%\System32\BuzzingBee.wav ->  [Ver =  | Size = 146650 bytes | Modified Date = 3/1/2008 2:00:00 PM | Attr =	]
CatRoot -> %SystemRoot%\System32\CatRoot ->  [Folder | Modified Date = 3/23/2008 3:02:34 AM | Attr =	]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 ->  [Folder | Modified Date = 3/23/2008 3:00:34 AM | Attr =	]
cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
Com -> %SystemRoot%\System32\Com ->  [Folder | Modified Date = 3/1/2008 3:22:57 PM | Attr =	]
config -> %SystemRoot%\System32\config ->  [Folder | Modified Date = 3/17/2008 12:42:19 AM | Attr =	]
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT ->  [Ver =  | Size = 2577 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =	]
dhcp -> %SystemRoot%\System32\dhcp ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
DirectX -> %SystemRoot%\System32\DirectX ->  [Folder | Modified Date = 3/1/2008 2:11:17 PM | Attr =	]
dllcache -> %SystemRoot%\System32\dllcache ->  [Folder | Modified Date = 3/23/2008 3:01:04 AM | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers ->  [Folder | Modified Date = 3/23/2008 11:04:01 AM | Attr =	]
dtfnmviu.ini -> %SystemRoot%\System32\dtfnmviu.ini ->  [Ver =  | Size = 1320215 bytes | Modified Date = 3/12/2008 1:25:20 PM | Attr =  HS]
emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat ->  [Ver =  | Size = 21640 bytes | Modified Date = 3/1/2008 1:28:39 PM | Attr =	]
en-US -> %SystemRoot%\System32\en-US ->  [Folder | Modified Date = 3/4/2008 4:00:26 AM | Attr =	]
EVGA -> %SystemRoot%\System32\EVGA ->  [Folder | Modified Date = 3/1/2008 1:36:48 PM | Attr =	]
export -> %SystemRoot%\System32\export ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT ->  [Ver =  | Size = 264616 bytes | Modified Date = 3/2/2008 12:31:04 PM | Attr =	]
ggseguyo.ini -> %SystemRoot%\System32\ggseguyo.ini ->  [Ver =  | Size = 1348343 bytes | Modified Date = 3/13/2008 1:28:31 PM | Attr =  HS]
Help.ico -> %SystemRoot%\System32\Help.ico ->  [Ver =  | Size = 1406 bytes | Modified Date = 3/10/2008 3:39:11 AM | Attr =	]
ias -> %SystemRoot%\System32\ias ->  [Folder | Modified Date = 3/1/2008 8:21:50 AM | Attr =	]
icsxml -> %SystemRoot%\System32\icsxml ->  [Folder | Modified Date = 3/1/2008 8:22:03 AM | Attr =	]
IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver =  | Size = 82432 bytes | Modified Date = 3/5/2008 10:29:16 PM | Attr =	]
IME -> %SystemRoot%\System32\IME ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
inetsrv -> %SystemRoot%\System32\inetsrv ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
jevudgco.ini -> %SystemRoot%\System32\jevudgco.ini ->  [Ver =  | Size = 1313945 bytes | Modified Date = 3/13/2008 2:31:24 PM | Attr =  HS]
Lang -> %SystemRoot%\System32\Lang ->  [Folder | Modified Date = 3/1/2008 2:00:00 PM | Attr =	]
LogFiles -> %SystemRoot%\System32\LogFiles ->  [Folder | Modified Date = 3/21/2008 2:11:09 PM | Attr =	]
logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest ->  [Ver =  | Size = 488 bytes | Modified Date = 3/1/2008 1:30:14 PM | Attr = RH ]
LoopyMusic.wav -> %SystemRoot%\System32\LoopyMusic.wav ->  [Ver =  | Size = 940794 bytes | Modified Date = 3/1/2008 2:00:00 PM | Attr =	]
Macromed -> %SystemRoot%\System32\Macromed ->  [Folder | Modified Date = 3/4/2008 4:06:28 AM | Attr =	]
Microsoft -> %SystemRoot%\System32\Microsoft ->  [Folder | Modified Date = 3/1/2008 1:38:18 PM | Attr =   S]
MsDtc -> %SystemRoot%\System32\MsDtc ->  [Folder | Modified Date = 3/1/2008 1:28:37 PM | Attr =	]
mui -> %SystemRoot%\System32\mui ->  [Folder | Modified Date = 3/1/2008 3:19:39 PM | Attr =	]
ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
npp -> %SystemRoot%\System32\npp ->  [Folder | Modified Date = 3/1/2008 3:19:09 PM | Attr =	]
nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb ->  [Ver =  | Size = 23392 bytes | Modified Date = 3/21/2008 2:12:57 PM | Attr =	]
nvapps.xml -> %SystemRoot%\System32\nvapps.xml ->  [Ver =  | Size = 159661 bytes | Modified Date = 3/17/2008 2:12:25 AM | Attr =	]
nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
oobe -> %SystemRoot%\System32\oobe ->  [Folder | Modified Date = 3/1/2008 3:19:39 PM | Attr =	]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat ->  [Ver =  | Size = 40836 bytes | Modified Date = 3/17/2008 11:13:35 PM | Attr =	]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat ->  [Ver =  | Size = 314508 bytes | Modified Date = 3/17/2008 11:13:35 PM | Attr =	]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI ->  [Ver =  | Size = 356738 bytes | Modified Date = 3/17/2008 11:13:35 PM | Attr =	]
PhotoImpression Slideshow -> %SystemRoot%\System32\PhotoImpression Slideshow ->  [Folder | Modified Date = 3/22/2008 4:11:54 PM | Attr =	]
PreInstall -> %SystemRoot%\System32\PreInstall ->  [Folder | Modified Date = 3/1/2008 2:26:56 PM | Attr =	]
ras -> %SystemRoot%\System32\ras ->  [Folder | Modified Date = 3/1/2008 8:22:06 AM | Attr =	]
ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups ->  [Folder | Modified Date = 3/1/2008 4:54:19 PM | Attr =	]
Restore -> %SystemRoot%\System32\Restore ->  [Folder | Modified Date = 3/17/2008 12:43:44 AM | Attr =	]
RTCOM -> %SystemRoot%\System32\RTCOM ->  [Folder | Modified Date = 3/1/2008 1:57:40 PM | Attr =	]
sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
Setup -> %SystemRoot%\System32\Setup ->  [Folder | Modified Date = 3/1/2008 3:19:39 PM | Attr =	]
ShellExt -> %SystemRoot%\System32\ShellExt ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
spool -> %SystemRoot%\System32\spool ->  [Folder | Modified Date = 3/1/2008 1:27:25 PM | Attr =	]
tmp.reg -> %SystemRoot%\System32\tmp.reg ->  [Ver =  | Size = 2742 bytes | Modified Date = 3/16/2008 11:52:25 PM | Attr =	]
Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico ->  [Ver =  | Size = 2550 bytes | Modified Date = 3/10/2008 3:39:11 AM | Attr =	]
usmt -> %SystemRoot%\System32\usmt ->  [Folder | Modified Date = 3/1/2008 3:19:01 PM | Attr =	]
VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver =  | Size = 86528 bytes | Modified Date = 3/9/2008 1:15:33 AM | Attr =	]
wbem -> %SystemRoot%\System32\wbem ->  [Folder | Modified Date = 3/17/2008 11:13:35 PM | Attr =	]
WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest ->  [Ver =  | Size = 488 bytes | Modified Date = 3/1/2008 1:30:14 PM | Attr = RH ]
wins -> %SystemRoot%\System32\wins ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
wmpscheme.xml -> %SystemRoot%\System32\wmpscheme.xml ->  [Ver =  | Size = 25065 bytes | Modified Date = 3/1/2008 1:34:49 PM | Attr =	]
wpa.bak -> %SystemRoot%\System32\wpa.bak ->  [Ver =  | Size = 2422 bytes | Modified Date = 3/1/2008 3:16:09 PM | Attr =	]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl ->  [Ver =  | Size = 2422 bytes | Modified Date = 3/21/2008 2:28:33 PM | Attr =	]
wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
xircom -> %SystemRoot%\System32\xircom ->  [Folder | Modified Date = 3/1/2008 1:30:42 PM | Attr =	]
$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Modified Date = 3/3/2008 7:09:20 AM | Attr =  H ]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ ->  [Folder | Modified Date = 3/1/2008 2:26:50 PM | Attr =  H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ ->  [Folder | Modified Date = 3/1/2008 3:18:07 PM | Attr =  H ]
$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ ->  [Folder | Modified Date = 3/2/2008 12:29:12 PM | Attr =  H ]
$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ ->  [Folder | Modified Date = 3/2/2008 12:29:04 PM | Attr =  H ]
addins -> %SystemRoot%\addins ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
AppPatch -> %SystemRoot%\AppPatch ->  [Folder | Modified Date = 3/21/2008 2:24:54 PM | Attr =	]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 3/22/2008 6:19:01 PM | Attr =   S]
Config -> %SystemRoot%\Config ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
Connection Wizard -> %SystemRoot%\Connection Wizard ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
control.ini -> %SystemRoot%\control.ini ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =	]
Cursors -> %SystemRoot%\Cursors ->  [Folder | Modified Date = 3/1/2008 1:28:18 PM | Attr =	]
Debug -> %SystemRoot%\Debug ->  [Folder | Modified Date = 3/1/2008 4:25:44 PM | Attr =	]
doom3.ini -> %SystemRoot%\doom3.ini ->  [Ver =  | Size = 331 bytes | Modified Date = 3/2/2008 10:45:51 AM | Attr =	]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Modified Date = 3/10/2008 4:13:39 AM | Attr =   S]
Driver Cache -> %SystemRoot%\Driver Cache ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
EHome -> %SystemRoot%\EHome ->  [Folder | Modified Date = 3/1/2008 3:17:47 PM | Attr =	]
EPCX8400.ini -> %SystemRoot%\EPCX8400.ini ->  [Ver =  | Size = 44 bytes | Modified Date = 3/22/2008 6:06:44 PM | Attr =	]
erdnt -> %SystemRoot%\erdnt ->  [Folder | Modified Date = 3/17/2008 12:42:15 AM | Attr =	]
Fonts -> %SystemRoot%\Fonts ->  [Folder | Modified Date = 3/1/2008 4:35:34 PM | Attr = R S]
ftpcache -> %SystemRoot%\ftpcache ->  [Folder | Modified Date = 3/7/2008 11:10:30 AM | Attr =  HS]
gdrv.sys -> %SystemRoot%\gdrv.sys -> Windows (R) Codename Longhorn DDK provider [Ver = 6.0.5744.16384 built by: WinDDK | Size = 14656 bytes | Modified Date = 3/1/2008 2:02:05 PM | Attr =	]
Help -> %SystemRoot%\Help ->  [Folder | Modified Date = 3/21/2008 2:12:38 PM | Attr =	]
ie7 -> %SystemRoot%\ie7 ->  [Folder | Modified Date = 3/2/2008 12:29:23 PM | Attr =  H ]
ie7updates -> %SystemRoot%\ie7updates ->  [Folder | Modified Date = 3/4/2008 4:00:17 AM | Attr =	]
ime -> %SystemRoot%\ime ->  [Folder | Modified Date = 3/1/2008 3:19:39 PM | Attr =	]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Modified Date = 3/23/2008 3:00:57 AM | Attr =	]
inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 3/23/2008 3:01:04 AM | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 3/22/2008 3:24:49 PM | Attr =  HS]
java -> %SystemRoot%\java ->  [Folder | Modified Date = 3/1/2008 1:30:35 PM | Attr =	]
LastGood -> %SystemRoot%\LastGood ->  [Folder | Modified Date = 3/23/2008 3:00:34 AM | Attr =	]
lexstat.ini -> %SystemRoot%\lexstat.ini ->  [Ver =  | Size = 389 bytes | Modified Date = 3/21/2008 10:22:04 PM | Attr =	]
Media -> %SystemRoot%\Media ->  [Folder | Modified Date = 3/2/2008 12:29:24 PM | Attr =	]
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 1158 bytes | Modified Date = 3/10/2008 6:11:01 PM | Attr =	]
msagent -> %SystemRoot%\msagent ->  [Folder | Modified Date = 3/2/2008 12:30:55 PM | Attr =	]
msapps -> %SystemRoot%\msapps ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
mui -> %SystemRoot%\mui ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 69 bytes | Modified Date = 3/21/2008 2:35:33 PM | Attr =	]
nsreg.dat -> %SystemRoot%\nsreg.dat ->  [Ver =  | Size = 0 bytes | Modified Date = 3/10/2008 1:24:35 PM | Attr =	]
nview -> %SystemRoot%\nview ->  [Folder | Modified Date = 3/1/2008 5:35:44 PM | Attr =	]
ODBCINST.INI -> %SystemRoot%\ODBCINST.INI ->  [Ver =  | Size = 4161 bytes | Modified Date = 3/1/2008 1:30:35 PM | Attr =	]
Offline Web Pages -> %SystemRoot%\Offline Web Pages ->  [Folder | Modified Date = 3/1/2008 1:30:14 PM | Attr = R  ]
PCHealth -> %SystemRoot%\PCHealth ->  [Folder | Modified Date = 3/1/2008 4:35:26 PM | Attr =	]
peernet -> %SystemRoot%\peernet ->  [Folder | Modified Date = 3/1/2008 3:19:36 PM | Attr =	]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Modified Date = 3/23/2008 12:27:39 PM | Attr =	]
provisioning -> %SystemRoot%\provisioning ->  [Folder | Modified Date = 3/1/2008 3:19:36 PM | Attr =	]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Modified Date = 3/1/2008 5:43:40 PM | Attr =	]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Modified Date = 3/1/2008 5:43:40 PM | Attr =  H ]
RegisteredPackages -> %SystemRoot%\RegisteredPackages ->  [Folder | Modified Date = 3/1/2008 4:54:06 PM | Attr =	]
Registration -> %SystemRoot%\Registration ->  [Folder | Modified Date = 3/10/2008 1:01:57 AM | Attr =	]
REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD ->  [Ver =  | Size = 8192 bytes | Modified Date = 3/1/2008 1:33:52 PM | Attr =	]
repair -> %SystemRoot%\repair ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
Resources -> %SystemRoot%\Resources ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
security -> %SystemRoot%\security ->  [Folder | Modified Date = 3/10/2008 12:55:05 AM | Attr =	]
ServicePackFiles -> %SystemRoot%\ServicePackFiles ->  [Folder | Modified Date = 3/1/2008 3:19:11 PM | Attr =	]
SHELLNEW -> %SystemRoot%\SHELLNEW ->  [Folder | Modified Date = 3/1/2008 4:35:45 PM | Attr =	]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution ->  [Folder | Modified Date = 3/1/2008 2:39:56 PM | Attr =	]
srchasst -> %SystemRoot%\srchasst ->  [Folder | Modified Date = 3/1/2008 3:19:08 PM | Attr =	]
system -> %SystemRoot%\system ->  [Folder | Modified Date = 3/17/2008 1:07:09 AM | Attr =	]
system.ini -> %SystemRoot%\system.ini ->  [Ver =  | Size = 227 bytes | Modified Date = 3/17/2008 12:43:45 AM | Attr =	]
system32 -> %SystemRoot%\system32 ->  [Folder | Modified Date = 3/23/2008 3:01:04 AM | Attr =	]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Modified Date = 3/10/2008 1:40:25 AM | Attr =   S]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Modified Date = 3/23/2008 12:22:00 PM | Attr =	]
twain_32 -> %SystemRoot%\twain_32 ->  [Folder | Modified Date = 3/22/2008 3:58:46 PM | Attr =	]
vb.ini -> %SystemRoot%\vb.ini ->  [Ver =  | Size = 36 bytes | Modified Date = 3/1/2008 1:28:38 PM | Attr =	]
vbaddin.ini -> %SystemRoot%\vbaddin.ini ->  [Ver =  | Size = 37 bytes | Modified Date = 3/1/2008 1:28:38 PM | Attr =	]
WBEM -> %SystemRoot%\WBEM ->  [Folder | Modified Date = 3/2/2008 12:29:26 PM | Attr =	]
Web -> %SystemRoot%\Web ->  [Folder | Modified Date = 3/1/2008 3:18:31 PM | Attr = R  ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 651 bytes | Modified Date = 3/21/2008 2:12:54 PM | Attr =	]
WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Modified Date = 3/2/2008 3:57:11 PM | Attr =	]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx ->  [Ver =  | Size = 316640 bytes | Modified Date = 3/1/2008 4:25:42 PM | Attr =	]
WMSysPrx.prx -> %SystemRoot%\WMSysPrx.prx ->  [Ver =  | Size = 299552 bytes | Modified Date = 3/1/2008 1:30:39 PM | Attr =	]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 3/22/2008 6:19:05 PM | Attr =  H ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat ->  [Ver =  | Size = 11424 bytes | Modified Date = 3/22/2008 6:20:08 PM | Attr =	]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat ->  [Ver =  | Size = 11424 bytes | Modified Date = 3/22/2008 6:20:08 PM | Attr =	]
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat ->  [Ver =  | Size = 8206 bytes | Modified Date = 3/1/2008 4:36:56 PM | Attr =	]
setup_wm.exe -> C:\Documents and Settings\Dad\Local Settings\Temp\setup_wm.exe -> Microsoft Corporation [Ver = 10.00.00.3646 | Size = 819200 bytes | Modified Date = 9/22/2004 7:46:04 PM | Attr =	]
_is116.exe -> C:\Documents and Settings\Dad\Local Settings\Temp\_is116.exe -> Macrovision Corporation [Ver = 12.0.49974 | Size = 455600 bytes | Modified Date = 10/30/2006 8:10:00 PM | Attr = R  ]
_is117.exe -> C:\Documents and Settings\Dad\Local Settings\Temp\_is117.exe -> Macrovision Corporation [Ver = 12.0.49974 | Size = 457472 bytes | Modified Date = 1/19/2007 5:30:56 AM | Attr = R  ]
5 C:\Documents and Settings\Dad\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Dad\Local Settings\Temp\*.tmp -> 
ISSetup.dll -> C:\Documents and Settings\Dad\Local Settings\Temp\{93B9F64B-5F50-4325-9612-B1EB4A61FFCB}\ISSetup.dll -> Macrovision Corporation [Ver = 12.0.49974 | Size = 552214 bytes | Modified Date = 1/19/2007 1:25:12 AM | Attr = R  ]
_Setup.dll -> C:\Documents and Settings\Dad\Local Settings\Temp\{93B9F64B-5F50-4325-9612-B1EB4A61FFCB}\_Setup.dll -> Macrovision Corporation [Ver = 12.0.49974 | Size = 385968 bytes | Modified Date = 10/11/2006 2:20:28 AM | Attr = R  ]
ISSetup.dll -> C:\Documents and Settings\Dad\Local Settings\Temp\{F756D84B-5911-445D-812B-A05616418F34}\ISSetup.dll -> Macrovision Corporation [Ver = 12.0.49974 | Size = 552214 bytes | Modified Date = 10/30/2006 8:10:00 PM | Attr = R  ]
_Setup.dll -> C:\Documents and Settings\Dad\Local Settings\Temp\{F756D84B-5911-445D-812B-A05616418F34}\_Setup.dll -> Macrovision Corporation [Ver = 12.0.49974 | Size = 385968 bytes | Modified Date = 10/30/2006 8:10:00 PM | Attr = R  ]
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
Adobe -> %AllUsersProfile%\Application Data\Adobe ->  [Folder | Modified Date = 3/2/2008 3:57:22 PM | Attr =	]
Apple Computer -> %AllUsersProfile%\Application Data\Apple Computer ->  [Folder | Modified Date = 3/1/2008 5:02:02 PM | Attr =	]
avg7 -> %AllUsersProfile%\Application Data\avg7 ->  [Folder | Modified Date = 3/17/2008 1:08:42 AM | Attr =	]
desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini ->  [Ver =  | Size = 62 bytes | Modified Date = 3/1/2008 8:24:26 AM | Attr =  HS]
EPSON -> %AllUsersProfile%\Application Data\EPSON ->  [Folder | Modified Date = 3/22/2008 6:02:47 PM | Attr =	]
Grisoft -> %AllUsersProfile%\Application Data\Grisoft ->  [Folder | Modified Date = 3/17/2008 1:07:20 AM | Attr =	]
Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft ->  [Folder | Modified Date = 3/10/2008 12:31:42 AM | Attr =	]
LightScribe -> %AllUsersProfile%\Application Data\LightScribe ->  [Folder | Modified Date = 3/1/2008 4:29:15 PM | Attr =	]
Microsoft -> %AllUsersProfile%\Application Data\Microsoft ->  [Folder | Modified Date = 3/1/2008 4:35:26 PM | Attr =   S]
Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help ->  [Folder | Modified Date = 3/12/2008 3:01:41 AM | Attr =	]
Nero -> %AllUsersProfile%\Application Data\Nero ->  [Folder | Modified Date = 3/1/2008 4:25:51 PM | Attr =	]
nView_Profiles -> %AllUsersProfile%\Application Data\nView_Profiles ->  [Folder | Modified Date = 3/1/2008 5:09:18 PM | Attr =	]
QTSBandwidthCache -> %AllUsersProfile%\Application Data\QTSBandwidthCache ->  [Ver =  | Size = 1755 bytes | Modified Date = 3/1/2008 5:03:08 PM | Attr =	]
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy ->  [Folder | Modified Date = 3/16/2008 7:39:05 PM | Attr =	]
Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage ->  [Folder | Modified Date = 3/1/2008 2:40:13 PM | Attr =	]
Adobe -> %AppData%\Adobe ->  [Folder | Modified Date = 3/3/2008 12:52:21 AM | Attr =	]
Ahead -> %AppData%\Ahead ->  [Folder | Modified Date = 3/1/2008 6:19:32 PM | Attr =	]
ArcSoft -> %AppData%\ArcSoft ->  [Folder | Modified Date = 3/22/2008 6:08:29 PM | Attr =	]
AVG7 -> %AppData%\AVG7 ->  [Folder | Modified Date = 3/23/2008 11:04:21 AM | Attr =	]
desktop.ini -> %AppData%\desktop.ini ->  [Ver =  | Size = 62 bytes | Modified Date = 3/1/2008 8:24:26 AM | Attr =  HS]
dvdcss -> %AppData%\dvdcss ->  [Folder | Modified Date = 3/10/2008 12:10:26 AM | Attr =	]
Identities -> %AppData%\Identities ->  [Folder | Modified Date = 3/1/2008 1:34:48 PM | Attr =	]
InstallShield -> %AppData%\InstallShield ->  [Folder | Modified Date = 3/22/2008 3:59:20 PM | Attr =	]
Leadertech -> %AppData%\Leadertech ->  [Folder | Modified Date = 3/22/2008 6:06:56 PM | Attr =	]
Macromedia -> %AppData%\Macromedia ->  [Folder | Modified Date = 3/1/2008 4:58:01 PM | Attr =	]
Microsoft -> %AppData%\Microsoft ->  [Folder | Modified Date = 3/17/2008 11:13:34 PM | Attr =   S]
Mozilla -> %AppData%\Mozilla ->  [Folder | Modified Date = 3/10/2008 1:24:28 PM | Attr =	]
Sun -> %AppData%\Sun ->  [Folder | Modified Date = 3/17/2008 12:30:44 AM | Attr =	]
TAIT3 -> %AppData%\TAIT3 ->  [Folder | Modified Date = 3/7/2008 5:13:47 PM | Attr =	]
Adobe -> %UserProfile%\Local Settings\Application Data\Adobe ->  [Folder | Modified Date = 3/3/2008 12:52:55 AM | Attr =	]
Ahead -> %UserProfile%\Local Settings\Application Data\Ahead ->  [Folder | Modified Date = 3/1/2008 6:18:49 PM | Attr =	]
Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer ->  [Folder | Modified Date = 3/1/2008 5:02:58 PM | Attr =	]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ->  [Ver =  | Size = 15360 bytes | Modified Date = 3/21/2008 2:35:32 PM | Attr =	]
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT ->  [Ver =  | Size = 69232 bytes | Modified Date = 3/1/2008 5:07:11 PM | Attr =	]
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db ->  [Ver =  | Size = 4833226 bytes | Modified Date = 3/22/2008 6:17:51 PM | Attr =  H ]
Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft ->  [Folder | Modified Date = 3/21/2008 2:25:14 PM | Attr =	]
Microsoft Help -> %UserProfile%\Local Settings\Application Data\Microsoft Help ->  [Folder | Modified Date = 3/1/2008 4:34:06 PM | Attr =	]
Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla ->  [Folder | Modified Date = 3/10/2008 1:24:28 PM | Attr =	]
Yahoo -> %UserProfile%\Local Settings\Application Data\Yahoo ->  [Folder | Modified Date = 3/2/2008 3:56:09 PM | Attr =	]
desktop.ini -> %AllUsersProfile%\Documents\desktop.ini ->  [Ver =  | Size = 62 bytes | Modified Date = 3/1/2008 8:24:26 AM | Attr =  HS]
Monolith Productions -> %AllUsersProfile%\Documents\Monolith Productions ->  [Folder | Modified Date = 3/1/2008 4:42:22 PM | Attr =	]
My Music -> %AllUsersProfile%\Documents\My Music ->  [Folder | Modified Date = 3/5/2008 1:10:25 PM | Attr = R  ]
My Pictures -> %AllUsersProfile%\Documents\My Pictures ->  [Folder | Modified Date = 3/1/2008 1:29:25 PM | Attr = R  ]
My Videos -> %AllUsersProfile%\Documents\My Videos ->  [Folder | Modified Date = 3/2/2008 12:37:20 PM | Attr = R  ]
desktop.ini -> %UserProfile%\My Documents\desktop.ini ->  [Ver =  | Size = 74 bytes | Modified Date = 3/2/2008 12:31:20 PM | Attr =  HS]
Jon's documents -> %UserProfile%\My Documents\Jon's documents ->  [Folder | Modified Date = 3/7/2008 11:11:11 AM | Attr =	]
Leanne's documents -> %UserProfile%\My Documents\Leanne's documents ->  [Folder | Modified Date = 3/1/2008 4:37:36 PM | Attr =	]
My Music -> %UserProfile%\My Documents\My Music ->  [Folder | Modified Date = 3/2/2008 12:31:21 PM | Attr = R  ]
My Pictures -> %UserProfile%\My Documents\My Pictures ->  [Folder | Modified Date = 3/2/2008 12:31:20 PM | Attr = R  ]
My Print Creations -> %UserProfile%\My Documents\My Print Creations ->  [Folder | Modified Date = 3/22/2008 6:07:21 PM | Attr =	]
My Videos -> %UserProfile%\My Documents\My Videos ->  [Folder | Modified Date = 3/2/2008 12:37:20 PM | Attr = R  ]
My Widgets -> %UserProfile%\My Documents\My Widgets ->  [Folder | Modified Date = 3/2/2008 4:06:19 PM | Attr =	]
Doom 3.lnk -> %AllUsersProfile%\Desktop\Doom 3.lnk ->  [Ver =  | Size = 1333 bytes | Modified Date = 3/2/2008 10:45:53 AM | Attr =	]
Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk ->  [Ver =  | Size = 1606 bytes | Modified Date = 3/10/2008 1:24:20 PM | Attr =	]
TFG.lnk -> %AllUsersProfile%\Desktop\TFG.lnk ->  [Ver =  | Size = 562 bytes | Modified Date = 3/17/2008 11:12:57 PM | Attr =	]
ATF-Cleaner.exe -> %UserProfile%\Desktop\ATF-Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 3/23/2008 12:23:53 PM | Attr =	]
FEAR.lnk -> %UserProfile%\Desktop\FEAR.lnk ->  [Ver =  | Size = 447 bytes | Modified Date = 3/2/2008 6:13:56 PM | Attr =	]
Malware removal -> %UserProfile%\Desktop\Malware removal ->  [Folder | Modified Date = 3/17/2008 1:09:46 AM | Attr =	]
OTScanIt -> %UserProfile%\Desktop\OTScanIt ->  [Folder | Modified Date = 3/23/2008 12:27:33 PM | Attr =	]
OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe ->  [Ver =  | Size = 482640 bytes | Modified Date = 3/23/2008 12:24:45 PM | Attr =	]
vnc-4_1_2-x86_win32_viewer.exe -> %UserProfile%\Desktop\vnc-4_1_2-x86_win32_viewer.exe -> RealVNC Ltd. [Ver = 4.1.2 | Size = 271312 bytes | Modified Date = 3/21/2008 10:28:22 PM | Attr =	]
Wow.lnk -> %UserProfile%\Desktop\Wow.lnk ->  [Ver =  | Size = 509 bytes | Modified Date = 3/1/2008 4:26:54 PM | Attr =	]
desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini ->  [Ver =  | Size = 84 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =  HS]
desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini ->  [Ver =  | Size = 84 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =  HS]
Yahoo! Widgets.lnk -> %UserProfile%\Start Menu\Programs\Startup\Yahoo! Widgets.lnk ->  [Ver =  | Size = 738 bytes | Modified Date = 3/2/2008 3:56:09 PM | Attr =	]
Adobe -> %CommonProgramFiles%\Adobe ->  [Folder | Modified Date = 3/2/2008 3:57:12 PM | Attr =	]
Ahead -> %CommonProgramFiles%\Ahead ->  [Folder | Modified Date = 3/10/2008 12:58:26 AM | Attr =	]
ArcSoft -> %CommonProgramFiles%\ArcSoft ->  [Folder | Modified Date = 3/22/2008 4:11:54 PM | Attr =	]
DESIGNER -> %CommonProgramFiles%\DESIGNER ->  [Folder | Modified Date = 3/1/2008 4:35:46 PM | Attr =	]
InstallShield -> %CommonProgramFiles%\InstallShield ->  [Folder | Modified Date = 3/22/2008 3:58:51 PM | Attr =	]
Java -> %CommonProgramFiles%\Java ->  [Folder | Modified Date = 3/17/2008 12:30:51 AM | Attr =	]
LightScribe -> %CommonProgramFiles%\LightScribe ->  [Folder | Modified Date = 3/10/2008 3:39:44 AM | Attr =	]
Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared ->  [Folder | Modified Date = 3/1/2008 4:35:58 PM | Attr =	]
MSSoap -> %CommonProgramFiles%\MSSoap ->  [Folder | Modified Date = 3/1/2008 1:29:07 PM | Attr =	]
ODBC -> %CommonProgramFiles%\ODBC ->  [Folder | Modified Date = 3/1/2008 8:24:50 AM | Attr =	]
Services -> %CommonProgramFiles%\Services ->  [Folder | Modified Date = 3/1/2008 1:29:15 PM | Attr =	]
SpeechEngines -> %CommonProgramFiles%\SpeechEngines ->  [Folder | Modified Date = 3/1/2008 8:24:47 AM | Attr =	]
System -> %CommonProgramFiles%\System ->  [Folder | Modified Date = 3/2/2008 12:23:16 PM | Attr =	]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard ->  [Folder | Modified Date = 3/10/2008 6:19:48 PM | Attr =	]

< End of report >

On a side note, my Lexmark printer took a dump on me so it got replaced with an Epson so thats the reason for the software change between the two. (change from my last HJT log)

Thanks!

#5 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:08:49 AM

Posted 23 March 2008 - 11:56 AM

Hi lowvoltage. Ok, let's see what we can do. Follow the steps below in order.

Step #1

Download SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Minimize SUPERAntiSpyware, we will come back to it later on.
Step #2

Now start OTScanIt. Copy/Paste the information in the codebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Unregister Dlls]
[Registry - Non-Microsoft Only]
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
YN -> {182C7ED7-E56D-4509-9D9B-AC49318D9895} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. []
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
YN -> winbhh32 -> 
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
YN -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\{2670000A-7350-4f3c-8081-5663EE0C6C49} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
YN -> CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
[Files/Folders - Created Within 30 days]
NY -> 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
NY -> apvvlrgu.ini -> %SystemRoot%\System32\apvvlrgu.ini
NY -> atvtpoya.ini -> %SystemRoot%\System32\atvtpoya.ini
NY -> dtfnmviu.ini -> %SystemRoot%\System32\dtfnmviu.ini
NY -> ggseguyo.ini -> %SystemRoot%\System32\ggseguyo.ini
NY -> jevudgco.ini -> %SystemRoot%\System32\jevudgco.ini
[Files/Folders - Modified Within 30 days]
NY -> apvvlrgu.ini -> %SystemRoot%\System32\apvvlrgu.ini
NY -> atvtpoya.ini -> %SystemRoot%\System32\atvtpoya.ini
NY -> dtfnmviu.ini -> %SystemRoot%\System32\dtfnmviu.ini
NY -> ggseguyo.ini -> %SystemRoot%\System32\ggseguyo.ini
NY -> jevudgco.ini -> %SystemRoot%\System32\jevudgco.ini
[Empty Temp Folders]
[Start Explorer]

The fix should only take a very short time. Your desktop will disappear and then reappear when the fix is complete, this is normal. You might be asked to reboot if any of the files could not be moved during the fix. If so, choose Yes and reboot normally.

Step #3

Now bring up SUPERAntiSpyware again and run a scan by doing the following:
  • On the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
Step #4

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
  • In the Drivers section click on Non-Microsoft (make sure to get this one. It was not included in the first scan).
  • Copy/paste the text in the code box below into the Manual File or Registry Key Scans input area:
    %SystemDrive%\b4a7bb7186989f2e54977486e3\*.* /s
    %SystemDrive%\c867271164e46ed2a6\*.* /s
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Step #5

Post the following back here:
  • the new OTScanIt scan report
  • the SUPERAntiSpyware report
  • the latest .log file from the OTScanIt/MovedFiles folder (it will be a .log file and have a date_time name in the format mmddyyyy_hhmmss.log)
I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#6 lowvoltage

lowvoltage
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 23 March 2008 - 07:15 PM

Thanks again for the quick response.
Here is the OTScanit log:

OTScanIt logfile created on: 3/23/2008 8:08:51 PM
OTScanIt by OldTimer - Version 1.0.6.0	 Folder = C:\Documents and Settings\Dad\Desktop\OTScanIt
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.34% Memory free
3.85 Gb Paging File | 3.54 Gb Available in Paging File | 92.08% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 447.42 Gb Free Space | 96.06% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 18.64 Gb Total Space | 18.49 Gb Free Space | 99.21% Space Free | Partition Type: NTFS
Drive F: | 39.07 Gb Total Space | 25.86 Gb Free Space | 66.20% Space Free | Partition Type: NTFS
Drive G: | 39.07 Gb Total Space | 8.67 Gb Free Space | 22.20% Space Free | Partition Type: NTFS
Drive H: | 33.65 Gb Total Space | 14.06 Gb Free Space | 41.77% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: THISIDEU-XSKPET
Current User Name: Dad
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user

[Processes - Non-Microsoft Only]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 3/17/2008 2:26:58 AM | Attr =	]
rthdcpl.exe -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.1.0.8 | Size = 16269312 bytes | Modified Date = 10/29/2006 11:49:54 PM | Attr = R  ]
nvraidservice.exe -> %SystemRoot%\system32\nvraidservice.exe -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 137216 bytes | Modified Date = 9/21/2006 4:40:48 PM | Attr =	]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 3/17/2008 1:07:21 AM | Attr =	]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 3/17/2008 1:07:22 AM | Attr =	]
lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.8.13.1 | Size = 79136 bytes | Modified Date = 6/28/2007 12:31:38 PM | Attr =	]
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.6.0 | Size = 311808 bytes | Modified Date = 3/19/2008 6:01:26 PM | Attr =	]

[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,7 | Size = 607576 bytes | Modified Date = 3/17/2008 2:26:58 AM | Attr =	]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.496 | Size = 418816 bytes | Modified Date = 3/17/2008 1:07:21 AM | Attr =	]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 3/17/2008 1:07:22 AM | Attr =	]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 3:56:48 AM | Attr =	]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 1:41:10 AM | Attr =	]
(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.8.13.1 | Size = 79136 bytes | Modified Date = 6/28/2007 12:31:38 PM | Attr =	]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 7, 3, 1 | Size = 779560 bytes | Modified Date = 7/4/2007 2:59:24 PM | Attr =	]
(NMIndexingService) NMIndexingService [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 1, 5, 13, 0 | Size = 267560 bytes | Modified Date = 7/4/2007 3:01:52 PM | Attr =	]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] ->  -> File not found
(abp480n5) abp480n5 [Kernel | Disabled | Stopped] ->  -> File not found
(adpu160m) adpu160m [Kernel | Disabled | Stopped] ->  -> File not found
(Afc) PPdus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\afc.sys -> Arcsoft, Inc. [Ver = 1, 0, 0, 2 | Size = 11776 bytes | Modified Date = 2/23/2005 2:58:56 PM | Attr =	]
(Aha154x) Aha154x [Kernel | Disabled | Stopped] ->  -> File not found
(aic78u2) aic78u2 [Kernel | Disabled | Stopped] ->  -> File not found
(aic78xx) aic78xx [Kernel | Disabled | Stopped] ->  -> File not found
(AliIde) AliIde [Kernel | Disabled | Stopped] ->  -> File not found
(AmdPPM) AMD HwPState Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AmdPPM.sys -> Advanced Micro Devices [Ver = 1.0.0 built by: WinDDK | Size = 33792 bytes | Modified Date = 4/16/2007 10:46:00 PM | Attr =	]
(amsint) amsint [Kernel | Disabled | Stopped] ->  -> File not found
(asc) asc [Kernel | Disabled | Stopped] ->  -> File not found
(asc3350p) asc3350p [Kernel | Disabled | Stopped] ->  -> File not found
(asc3550) asc3550 [Kernel | Disabled | Stopped] ->  -> File not found
(Atdisk) Atdisk [Kernel | Disabled | Stopped] ->  -> File not found
(Avg7Core) AVG7 Kernel [Kernel | System | Running] -> %SystemRoot%\system32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Modified Date = 3/17/2008 1:07:23 AM | Attr =	]
(Avg7RsW) AVG7 Wrap Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
(Avg7RsXP) AVG7 Resident Driver XP [Kernel | System | Running] -> %SystemRoot%\system32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
(AvgClean) AVG7 Clean Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
(cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] ->  -> File not found
(Changer) Changer [Kernel | System | Stopped] ->  -> File not found
(CmdIde) CmdIde [Kernel | Disabled | Stopped] ->  -> File not found
(Cpqarray) Cpqarray [Kernel | Disabled | Stopped] ->  -> File not found
(dac960nt) dac960nt [Kernel | Disabled | Stopped] ->  -> File not found
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/4/2004 2:07:17 AM | Attr =	]
(dmio) dmio [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/4/2004 2:07:16 AM | Attr =	]
(dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/29/2002 4:00:00 PM | Attr =	]
(dpti2o) dpti2o [Kernel | Disabled | Stopped] ->  -> File not found
(gdrv) gdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\gdrv.sys -> Windows (R) Codename Longhorn DDK provider [Ver = 6.0.5744.16384 built by: WinDDK | Size = 14656 bytes | Modified Date = 3/1/2008 2:02:05 PM | Attr =	]
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Hdaudbus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 1/7/2005 6:07:18 PM | Attr =	]
(hpn) hpn [Kernel | Disabled | Stopped] ->  -> File not found
(i2omgmt) i2omgmt [Kernel | System | Stopped] ->  -> File not found
(i2omp) i2omp [Kernel | Disabled | Stopped] ->  -> File not found
(ini910u) ini910u [Kernel | Disabled | Stopped] ->  -> File not found
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.Sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5319 built by: WinDDK | Size = 4394496 bytes | Modified Date = 11/2/2006 1:32:30 PM | Attr = R  ]
(IntelIde) IntelIde [Kernel | Disabled | Stopped] ->  -> File not found
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] ->  -> File not found
(mraid35x) mraid35x [Kernel | Disabled | Stopped] ->  -> File not found
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]
(nvatabus) nvatabus [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\nvatabus.sys -> NVIDIA Corporation [Ver = 5.10.2600.0691 built by: WinDDK | Size = 105344 bytes | Modified Date = 9/21/2006 4:39:16 PM | Attr =	]
(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NVENETFD.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 52736 bytes | Modified Date = 8/7/2006 5:39:22 PM | Attr =	]
(nvnetbus) NVIDIA Network Bus Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nvnetbus.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 18944 bytes | Modified Date = 8/7/2006 5:39:24 PM | Attr =	]
(nvraid) NVIDIA nForce(tm) RAID Class Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\nvraid.sys -> NVIDIA Corporation [Ver = 5.10.2600.0691 built by: WinDDK | Size = 89216 bytes | Modified Date = 9/21/2006 4:39:26 PM | Attr =	]
(PCIDump) PCIDump [Kernel | System | Stopped] ->  -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] ->  -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(perc2) perc2 [Kernel | Disabled | Stopped] ->  -> File not found
(perc2hib) perc2hib [Kernel | Disabled | Stopped] ->  -> File not found
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/29/2002 4:00:00 PM | Attr =	]
(ql1080) ql1080 [Kernel | Disabled | Stopped] ->  -> File not found
(Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] ->  -> File not found
(ql12160) ql12160 [Kernel | Disabled | Stopped] ->  -> File not found
(ql1240) ql1240 [Kernel | Disabled | Stopped] ->  -> File not found
(ql1280) ql1280 [Kernel | Disabled | Stopped] ->  -> File not found
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 2/16/2006 4:51:08 PM | Attr = R  ]
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS ->  [Ver = 1, 0, 0, 1050 | Size = 51440 bytes | Modified Date = 2/29/2008 4:03:46 PM | Attr =	]
(SDTHOOK) SDTHOOK [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Modified Date = 6/5/2007 10:56:40 AM | Attr =	]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 11/13/2007 6:25:53 AM | Attr =	]
(Simbad) Simbad [Kernel | Disabled | Stopped] ->  -> File not found
(Sparrow) Sparrow [Kernel | Disabled | Stopped] ->  -> File not found
(symc810) symc810 [Kernel | Disabled | Stopped] ->  -> File not found
(symc8xx) symc8xx [Kernel | Disabled | Stopped] ->  -> File not found
(sym_hi) sym_hi [Kernel | Disabled | Stopped] ->  -> File not found
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] ->  -> File not found
(TosIde) TosIde [Kernel | Disabled | Stopped] ->  -> File not found
(ultra) ultra [Kernel | Disabled | Stopped] ->  -> File not found
(ViaIde) ViaIde [Kernel | Disabled | Stopped] ->  -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] ->  -> File not found
(SASDIFSV) SASDIFSV [Kernel | System | Stopped] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys ->  [Ver = 1, 0, 0, 1006 | Size = 8944 bytes | Modified Date = 2/29/2008 4:03:48 PM | Attr =	]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 1/11/2008 11:16:38 PM | Attr =	]
AVG7_CC -> %ProgramFiles%\Grisoft\AVG7\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.504 | Size = 579072 bytes | Modified Date = 3/17/2008 1:07:21 AM | Attr =	]
NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 8523776 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]
NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]
NVRaidService -> %SystemRoot%\system32\nvraidservice.exe -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 137216 bytes | Modified Date = 9/21/2006 4:40:48 PM | Attr =	]
nwiz -> %SystemRoot%\system32\nwiz.exe ->  [Ver =  | Size = 1626112 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr =	]
RTHDCPL -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.1.0.8 | Size = 16269312 bytes | Modified Date = 10/29/2006 11:49:54 PM | Attr = R  ]
SkyTel -> %SystemRoot%\SkyTel.exe -> Realtek Semiconductor Corp. [Ver = 1.0.0.0 | Size = 2879488 bytes | Modified Date = 5/15/2006 10:04:26 PM | Attr = R  ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> 
IMAIL-> Installed = 1 -> 
MAPI-> Installed = 1 -> 
MSFS-> Installed = 1 -> 
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 4, 0, 0, 1154 | Size = 1481968 bytes | Modified Date = 2/29/2008 4:03:46 PM | Attr =	]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
< Dad Startup Folder > -> C:\Documents and Settings\Dad\Start Menu\Programs\Startup -> 
%UserProfile%\Start Menu\Programs\Startup\Yahoo! Widgets.lnk -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 12/11/2007 6:34:48 PM | Attr =	]
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 12:55:48 PM | Attr =	]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 4/19/2007 12:41:36 PM | Attr =	]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoRecentDocsHistory -> 1 -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> 
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> 
HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> 
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4250 domain(s) found. -> 
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4248 domain(s) found. -> 
31 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr =	]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_05\bin\npjpi160_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 132496 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr =	]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_05\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 509328 bytes | Modified Date = 2/22/2008 4:25:19 AM | Attr =	]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{7F0046B3-8534-40D1-955A-1E24C9D3E01D} ->	(1394 Net Adapter) -> 
{EDFE87CF-B905-40EF-A666-A1236D485B9F} ->	(NVIDIA nForce Networking Controller) -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value  does not exist or could not be read.] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value  does not exist or could not be read.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> 
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll[Installation Support] -> 
{6414512B-B978-451D-A0D8-FCFDF33E833C}[HKEY_LOCAL_MACHINE] -> http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1204395679406[WUWebControl Class] -> 
{74DBCB52-F298-4110-951D-AD2FF67BC8AB}[HKEY_LOCAL_MACHINE] -> http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab[NVIDIA Smart Scan] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> 
{B3E32D88-8E7F-468F-B0E2-3A300FD4A82C}[HKEY_LOCAL_MACHINE] -> http://pegasusauth04.pearsoncmg.com/webwiz/s/stub.cab[Enlite 2.x Simulation Engine Installer] -> 
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
DirectAnimation Java Classes[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\dajava.cab[Reg Error: Key does not exist or could not be opened.] -> 
Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> 



[Files/Folders - Created Within 30 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG ->  [Folder | Created Date = 3/17/2008 1:28:08 AM | Attr = RH ]
AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr =	]
b4a7bb7186989f2e54977486e3 -> %SystemDrive%\b4a7bb7186989f2e54977486e3 ->  [Folder | Created Date = 3/21/2008 2:11:14 PM | Attr =	]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 281 bytes | Created Date = 3/1/2008 8:23:11 AM | Attr = RHS]
c867271164e46ed2a6 -> %SystemDrive%\c867271164e46ed2a6 ->  [Folder | Created Date = 3/21/2008 2:10:39 PM | Attr =	]
Config.Msi -> %SystemDrive%\Config.Msi ->  [Folder | Created Date = 3/10/2008 12:58:21 AM | Attr =  HS]
CONFIG.SYS -> %SystemDrive%\CONFIG.SYS ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr =	]
Documents and Settings -> %SystemDrive%\Documents and Settings ->  [Folder | Created Date = 3/1/2008 8:24:02 AM | Attr =	]
EPSONREG -> %SystemDrive%\EPSONREG ->  [Folder | Created Date = 3/22/2008 6:06:47 PM | Attr =	]
IO.SYS -> %SystemDrive%\IO.SYS ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr = RHS]
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr = RHS]
MSOCache -> %SystemDrive%\MSOCache ->  [Folder | Created Date = 3/1/2008 4:33:50 PM | Attr = RH ]
NVIDIA -> %SystemDrive%\NVIDIA ->  [Folder | Created Date = 3/1/2008 5:25:03 PM | Attr =	]
Office 07 -> %SystemDrive%\Office 07 ->  [Folder | Created Date = 3/1/2008 2:14:51 PM | Attr =	]
Program Files -> %ProgramFiles% ->  [Folder | Created Date = 3/1/2008 8:24:46 AM | Attr = R  ]
RECYCLER -> %SystemDrive%\RECYCLER ->  [Folder | Created Date = 3/1/2008 2:17:41 PM | Attr =  HS]
System Volume Information -> %SystemDrive%\System Volume Information ->  [Folder | Created Date = 3/1/2008 1:34:02 PM | Attr =  HS]
User Programs -> %SystemDrive%\User Programs ->  [Folder | Created Date = 3/1/2008 2:14:42 PM | Attr =	]
WINDOWS -> %SystemRoot% ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
WUTemp -> %SystemDrive%\WUTemp ->  [Folder | Created Date = 3/1/2008 1:54:42 PM | Attr =	]
apphelp.sdb -> %SystemRoot%\System32\dllcache\apphelp.sdb ->  [Ver =  | Size = 217118 bytes | Created Date = 3/21/2008 2:13:14 PM | Attr =	]
apph_sp.sdb -> %SystemRoot%\System32\dllcache\apph_sp.sdb ->  [Ver =  | Size = 764868 bytes | Created Date = 3/21/2008 2:13:14 PM | Attr =	]
cap7146.sys -> %SystemRoot%\System32\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 3/1/2008 1:30:52 PM | Attr =	]
chtskf.dll -> %SystemRoot%\System32\dllcache\chtskf.dll ->  [Ver =  | Size = 173568 bytes | Created Date = 3/1/2008 1:30:54 PM | Attr =	]
CLASSES.CAT -> %SystemRoot%\System32\dllcache\CLASSES.CAT ->  [Ver =  | Size = 657548 bytes | Created Date = 3/1/2008 8:24:25 AM | Attr =	]
DAJAVAC.CAT -> %SystemRoot%\System32\dllcache\DAJAVAC.CAT ->  [Ver =  | Size = 56081 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
dgrpsetu.dll -> %SystemRoot%\System32\dllcache\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
dgsetup.dll -> %SystemRoot%\System32\dllcache\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
DX3.CAT -> %SystemRoot%\System32\dllcache\DX3.CAT ->  [Ver =  | Size = 52311 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
eqnclass.dll -> %SystemRoot%\System32\dllcache\eqnclass.dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
esucmd.dll -> %SystemRoot%\System32\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 3/1/2008 1:30:58 PM | Attr =	]
esuimgd.dll -> %SystemRoot%\System32\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 3/1/2008 1:30:58 PM | Attr =	]
esunid.dll -> %SystemRoot%\System32\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 3/1/2008 1:30:58 PM | Attr =	]
hanja.lex -> %SystemRoot%\System32\dllcache\hanja.lex ->  [Ver =  | Size = 108827 bytes | Created Date = 3/1/2008 1:31:00 PM | Attr =	]
HPCRDP.CAT -> %SystemRoot%\System32\dllcache\HPCRDP.CAT ->  [Ver =  | Size = 13472 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
htrn_jis.dll -> %SystemRoot%\System32\dllcache\htrn_jis.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 13312 bytes | Created Date = 3/1/2008 1:28:12 PM | Attr =	]
hwxjpn.dll -> %SystemRoot%\System32\dllcache\hwxjpn.dll ->  [Ver =  | Size = 13463552 bytes | Created Date = 3/1/2008 1:31:05 PM | Attr =	]
IASNT4.CAT -> %SystemRoot%\System32\dllcache\IASNT4.CAT ->  [Ver =  | Size = 8574 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
imekr.lex -> %SystemRoot%\System32\dllcache\imekr.lex ->  [Ver =  | Size = 134339 bytes | Created Date = 3/1/2008 1:31:12 PM | Attr =	]
imjpinst.exe -> %SystemRoot%\System32\dllcache\imjpinst.exe ->  [Ver =  | Size = 196665 bytes | Created Date = 3/1/2008 1:31:13 PM | Attr =	]
imscinst.exe -> %SystemRoot%\System32\dllcache\imscinst.exe ->  [Ver =  | Size = 59392 bytes | Created Date = 3/1/2008 1:31:14 PM | Attr =	]
korwbrkr.lex -> %SystemRoot%\System32\dllcache\korwbrkr.lex ->  [Ver =  | Size = 1158818 bytes | Created Date = 3/1/2008 1:31:17 PM | Attr =	]
ltts1033.lxa -> %SystemRoot%\System32\dllcache\ltts1033.lxa ->  [Ver =  | Size = 643717 bytes | Created Date = 3/1/2008 8:24:47 AM | Attr =	]
MAPIMIG.CAT -> %SystemRoot%\System32\dllcache\MAPIMIG.CAT ->  [Ver =  | Size = 399645 bytes | Created Date = 3/1/2008 8:24:25 AM | Attr =	]
MSJDBC.CAT -> %SystemRoot%\System32\dllcache\MSJDBC.CAT ->  [Ver =  | Size = 14031 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
MW770.CAT -> %SystemRoot%\System32\dllcache\MW770.CAT ->  [Ver =  | Size = 37484 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
nls302en.lex -> %SystemRoot%\System32\dllcache\nls302en.lex ->  [Ver =  | Size = 4399505 bytes | Created Date = 3/1/2008 1:30:05 PM | Attr =	]
NT5IIS.CAT -> %SystemRoot%\System32\dllcache\NT5IIS.CAT ->  [Ver =  | Size = 797189 bytes | Created Date = 3/1/2008 8:24:25 AM | Attr =	]
nv4_disp.dll -> %SystemRoot%\System32\dllcache\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 5421312 bytes | Created Date = 3/1/2008 1:36:49 PM | Attr =	]
nv4_mini.sys -> %SystemRoot%\System32\dllcache\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Created Date = 3/1/2008 1:36:52 PM | Attr =	]
OEMBIOS.CAT -> %SystemRoot%\System32\dllcache\OEMBIOS.CAT ->  [Ver =  | Size = 7382 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
pintlcsa.dll -> %SystemRoot%\System32\dllcache\pintlcsa.dll ->  [Ver =  | Size = 175104 bytes | Created Date = 3/1/2008 1:31:25 PM | Attr =	]
r1033tts.lxa -> %SystemRoot%\System32\dllcache\r1033tts.lxa ->  [Ver =  | Size = 605050 bytes | Created Date = 3/1/2008 8:24:48 AM | Attr =	]
rw330ext.dll -> %SystemRoot%\System32\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 3/1/2008 1:31:27 PM | Attr =	]
rwia001.dll -> %SystemRoot%\System32\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 3/1/2008 1:31:27 PM | Attr =	]
rwia330.dll -> %SystemRoot%\System32\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 3/1/2008 1:31:27 PM | Attr =	]
sam.sdf -> %SystemRoot%\System32\dllcache\sam.sdf ->  [Ver =  | Size = 888 bytes | Created Date = 3/1/2008 8:24:48 AM | Attr =	]
sam.spd -> %SystemRoot%\System32\dllcache\sam.spd ->  [Ver =  | Size = 1685606 bytes | Created Date = 3/1/2008 8:24:48 AM | Attr =	]
spxcoins.dll -> %SystemRoot%\System32\dllcache\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
srframe.mmf -> %SystemRoot%\System32\dllcache\srframe.mmf ->  [Ver =  | Size = 984 bytes | Created Date = 3/1/2008 1:29:18 PM | Attr =	]
sysmain.sdb -> %SystemRoot%\System32\dllcache\sysmain.sdb ->  [Ver =  | Size = 1197294 bytes | Created Date = 3/21/2008 2:13:14 PM | Attr =	]
TCLASSES.CAT -> %SystemRoot%\System32\dllcache\TCLASSES.CAT ->  [Ver =  | Size = 22151 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
WFC.CAT -> %SystemRoot%\System32\dllcache\WFC.CAT ->  [Ver =  | Size = 390168 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
XMLDSOC.CAT -> %SystemRoot%\System32\dllcache\XMLDSOC.CAT ->  [Ver =  | Size = 21281 bytes | Created Date = 3/1/2008 8:24:26 AM | Attr =	]
afc.sys -> %SystemRoot%\System32\drivers\afc.sys -> Arcsoft, Inc. [Ver = 1, 0, 0, 2 | Size = 11776 bytes | Created Date = 3/22/2008 4:11:54 PM | Attr =	]
avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Created Date = 3/17/2008 1:07:23 AM | Attr =	]
avg7rsw.sys -> %SystemRoot%\System32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Created Date = 3/17/2008 1:07:26 AM | Attr =	]
avg7rsxp.sys -> %SystemRoot%\System32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Created Date = 3/17/2008 1:07:26 AM | Attr =	]
avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Created Date = 3/17/2008 1:07:26 AM | Attr =	]
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 26952 bytes | Created Date = 3/17/2008 1:07:26 AM | Attr =	]
disdn -> %SystemRoot%\System32\drivers\disdn ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
etc -> %SystemRoot%\System32\drivers\etc ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
hosts.20080316-180057.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080316-180057.backup ->  [Ver =  | Size = 734 bytes | Created Date = 3/16/2008 6:00:57 PM | Attr =	]
netwlan5.img -> %SystemRoot%\System32\drivers\netwlan5.img ->  [Ver =  | Size = 67866 bytes | Created Date = 3/1/2008 3:04:04 PM | Attr =	]
nv4_mini.sys -> %SystemRoot%\System32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Created Date = 3/1/2008 1:36:52 PM | Attr =	]
NVENETFD.sys -> %SystemRoot%\System32\drivers\NVENETFD.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 52736 bytes | Created Date = 3/1/2008 1:54:19 PM | Attr =	]
nvnetbus.sys -> %SystemRoot%\System32\drivers\nvnetbus.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 18944 bytes | Created Date = 3/1/2008 1:54:17 PM | Attr =	]
nvnrm.sys -> %SystemRoot%\System32\drivers\nvnrm.sys -> NVIDIA Corporation [Ver = 1.00.02.06024 | Size = 1104896 bytes | Created Date = 3/1/2008 1:54:17 PM | Attr =	]
nvphy.bin -> %SystemRoot%\System32\drivers\nvphy.bin ->  [Ver =  | Size = 1428 bytes | Created Date = 3/1/2008 1:54:19 PM | Attr = R  ]
nvsnpu.sys -> %SystemRoot%\System32\drivers\nvsnpu.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 261120 bytes | Created Date = 3/1/2008 1:54:17 PM | Attr =	]
nvtcp.sys -> %SystemRoot%\System32\drivers\nvtcp.sys -> NVIDIA Corporation [Ver = 1.00.01.06024 | Size = 110080 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
RtkHDAud.Sys -> %SystemRoot%\System32\drivers\RtkHDAud.Sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5319 built by: WinDDK | Size = 4394496 bytes | Created Date = 3/1/2008 1:57:16 PM | Attr = R  ]
SDTHOOK.SYS -> %SystemRoot%\System32\drivers\SDTHOOK.SYS -> Panda Software [Ver = 1.6.0.0 | Size = 44928 bytes | Created Date = 3/10/2008 3:40:42 AM | Attr =	]
UMDF -> %SystemRoot%\System32\drivers\UMDF ->  [Folder | Created Date = 3/21/2008 2:11:09 PM | Attr =	]
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf ->  [Ver =  | Size = 0 bytes | Created Date = 3/21/2008 2:11:10 PM | Attr =  H ]
upiwbmleutdk.sys -> %SystemRoot%\System32\drivers\upiwbmleutdk.sys -> Panda Software International [Ver = 1, 0, 0, 5 | Size = 8576 bytes | Created Date = 3/10/2008 3:40:10 AM | Attr =	]
$winnt$.inf -> %SystemRoot%\System32\$winnt$.inf ->  [Ver =  | Size = 261 bytes | Created Date = 3/1/2008 8:23:11 AM | Attr =	]
1025 -> %SystemRoot%\System32\1025 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1028 -> %SystemRoot%\System32\1028 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1031 -> %SystemRoot%\System32\1031 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1033 -> %SystemRoot%\System32\1033 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1037 -> %SystemRoot%\System32\1037 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1041 -> %SystemRoot%\System32\1041 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1042 -> %SystemRoot%\System32\1042 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
1054 -> %SystemRoot%\System32\1054 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
2052 -> %SystemRoot%\System32\2052 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
3076 -> %SystemRoot%\System32\3076 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
3com_dmi -> %SystemRoot%\System32\3com_dmi ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ALSndMgr.Cpl -> %SystemRoot%\System32\ALSndMgr.Cpl -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 10 | Size = 299008 bytes | Created Date = 3/1/2008 1:56:56 PM | Attr = R  ]
amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb ->  [Ver =  | Size = 16832 bytes | Created Date = 3/1/2008 1:30:40 PM | Attr =	]
amstream.dll -> %SystemRoot%\System32\amstream.dll ->  [Ver =  | Size = 70656 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
asuninst.exe -> %SystemRoot%\System32\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 3/10/2008 3:30:20 AM | Attr =	]
AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT ->  [Ver =  | Size = 1688 bytes | Created Date = 3/1/2008 8:24:30 AM | Attr =	]
bdco1.dll -> %SystemRoot%\System32\bdco1.dll -> NVIDIA Corporation [Ver = 1.0 | Size = 10240 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
bdco1ins.dll -> %SystemRoot%\System32\bdco1ins.dll -> NVIDIA Corporation [Ver = 1.0 | Size = 10240 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
bits -> %SystemRoot%\System32\bits ->  [Folder | Created Date = 3/1/2008 2:26:33 PM | Attr =	]
bopomofo.uce -> %SystemRoot%\System32\bopomofo.uce ->  [Ver =  | Size = 22984 bytes | Created Date = 3/1/2008 1:28:04 PM | Attr =	]
BuzzingBee.wav -> %SystemRoot%\System32\BuzzingBee.wav ->  [Ver =  | Size = 146650 bytes | Created Date = 3/1/2008 2:00:00 PM | Attr =	]
CapabilityTable.exe -> %SystemRoot%\System32\CapabilityTable.exe -> NVIDIA Corporation [Ver = 2, 2, 1, 464 | Size = 446464 bytes | Created Date = 3/1/2008 5:26:03 PM | Attr =	]
CatRoot -> %SystemRoot%\System32\CatRoot ->  [Folder | Created Date = 3/1/2008 8:24:18 AM | Attr =	]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 ->  [Folder | Created Date = 3/1/2008 8:24:18 AM | Attr =	]
cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
ChCfg.exe -> %SystemRoot%\System32\ChCfg.exe ->  [Ver =  | Size = 49152 bytes | Created Date = 3/1/2008 1:57:40 PM | Attr = R  ]
Com -> %SystemRoot%\System32\Com ->  [Folder | Created Date = 3/1/2008 1:27:40 PM | Attr =	]
config -> %SystemRoot%\System32\config ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT ->  [Ver =  | Size = 2577 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr =	]
c_10006.nls -> %SystemRoot%\System32\c_10006.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
c_10007.nls -> %SystemRoot%\System32\c_10007.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:41 AM | Attr =	]
c_10010.nls -> %SystemRoot%\System32\c_10010.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:35 AM | Attr =	]
c_10017.nls -> %SystemRoot%\System32\c_10017.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:41 AM | Attr =	]
c_10029.nls -> %SystemRoot%\System32\c_10029.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:35 AM | Attr =	]
c_10081.nls -> %SystemRoot%\System32\c_10081.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:44 AM | Attr =	]
c_10082.nls -> %SystemRoot%\System32\c_10082.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:35 AM | Attr =	]
c_20127.nls -> %SystemRoot%\System32\c_20127.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:34 AM | Attr =	]
C_28594.NLS -> %SystemRoot%\System32\C_28594.NLS ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:37 AM | Attr =	]
C_28595.NLS -> %SystemRoot%\System32\C_28595.NLS ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:41 AM | Attr =	]
C_28597.NLS -> %SystemRoot%\System32\C_28597.NLS ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
c_28599.nls -> %SystemRoot%\System32\c_28599.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:44 AM | Attr =	]
c_28603.nls -> %SystemRoot%\System32\c_28603.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:46 AM | Attr =	]
c_737.nls -> %SystemRoot%\System32\c_737.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
c_852.nls -> %SystemRoot%\System32\c_852.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:35 AM | Attr =	]
c_855.nls -> %SystemRoot%\System32\c_855.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:37 AM | Attr =	]
c_857.nls -> %SystemRoot%\System32\c_857.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:44 AM | Attr =	]
c_866.nls -> %SystemRoot%\System32\c_866.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:37 AM | Attr =	]
c_869.nls -> %SystemRoot%\System32\c_869.nls ->  [Ver =  | Size = 66594 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
c_875.nls -> %SystemRoot%\System32\c_875.nls ->  [Ver =  | Size = 66082 bytes | Created Date = 3/1/2008 8:24:39 AM | Attr =	]
desktop.ini -> %SystemRoot%\System32\desktop.ini ->  [Ver =  | Size = 2 bytes | Created Date = 3/1/2008 1:29:25 PM | Attr =	]
devenum.dll -> %SystemRoot%\System32\devenum.dll ->  [Ver =  | Size = 59904 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
dgrpsetu.dll -> %SystemRoot%\System32\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
dgsetup.dll -> %SystemRoot%\System32\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
dhcp -> %SystemRoot%\System32\dhcp ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
DirectX -> %SystemRoot%\System32\DirectX ->  [Folder | Created Date = 3/1/2008 1:29:58 PM | Attr =	]
dllcache -> %SystemRoot%\System32\dllcache ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
dumphive.exe -> %SystemRoot%\System32\dumphive.exe ->  [Ver =  | Size = 51200 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat ->  [Ver =  | Size = 21640 bytes | Created Date = 3/1/2008 1:28:39 PM | Attr =	]
en-US -> %SystemRoot%\System32\en-US ->  [Folder | Created Date = 3/2/2008 12:29:26 PM | Attr =	]
EPPICLocal_BP.cfg -> %SystemRoot%\System32\EPPICLocal_BP.cfg ->  [Ver =  | Size = 6478 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_CF.cfg -> %SystemRoot%\System32\EPPICLocal_CF.cfg ->  [Ver =  | Size = 6366 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_EN.cfg -> %SystemRoot%\System32\EPPICLocal_EN.cfg ->  [Ver =  | Size = 12669 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_ES.cfg -> %SystemRoot%\System32\EPPICLocal_ES.cfg ->  [Ver =  | Size = 6226 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_FR.cfg -> %SystemRoot%\System32\EPPICLocal_FR.cfg ->  [Ver =  | Size = 6366 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICLocal_PT.cfg -> %SystemRoot%\System32\EPPICLocal_PT.cfg ->  [Ver =  | Size = 6478 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EpPicMgr.dll -> %SystemRoot%\System32\EpPicMgr.dll -> SEIKO EPSON CORPORATION [Ver = 1, 1, 0, 1 | Size = 51360 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern1.dat -> %SystemRoot%\System32\EPPICPattern1.dat ->  [Ver =  | Size = 29114 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern121.dat -> %SystemRoot%\System32\EPPICPattern121.dat ->  [Ver =  | Size = 27417 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern131.dat -> %SystemRoot%\System32\EPPICPattern131.dat ->  [Ver =  | Size = 31053 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern2.dat -> %SystemRoot%\System32\EPPICPattern2.dat ->  [Ver =  | Size = 13280 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern3.dat -> %SystemRoot%\System32\EPPICPattern3.dat ->  [Ver =  | Size = 21021 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern4.dat -> %SystemRoot%\System32\EPPICPattern4.dat ->  [Ver =  | Size = 10673 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern5.dat -> %SystemRoot%\System32\EPPICPattern5.dat ->  [Ver =  | Size = 15670 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPattern6.dat -> %SystemRoot%\System32\EPPICPattern6.dat ->  [Ver =  | Size = 4943 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_BP.dat -> %SystemRoot%\System32\EPPICPresetData_BP.dat ->  [Ver =  | Size = 1140 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_CF.dat -> %SystemRoot%\System32\EPPICPresetData_CF.dat ->  [Ver =  | Size = 1130 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_EN.dat -> %SystemRoot%\System32\EPPICPresetData_EN.dat ->  [Ver =  | Size = 1104 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_ES.dat -> %SystemRoot%\System32\EPPICPresetData_ES.dat ->  [Ver =  | Size = 1137 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_FR.dat -> %SystemRoot%\System32\EPPICPresetData_FR.dat ->  [Ver =  | Size = 1130 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPresetData_PT.dat -> %SystemRoot%\System32\EPPICPresetData_PT.dat ->  [Ver =  | Size = 1140 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EPPICPrinterDB.dat -> %SystemRoot%\System32\EPPICPrinterDB.dat ->  [Ver =  | Size = 73220 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EpPicPrt.dll -> %SystemRoot%\System32\EpPicPrt.dll -> SEIKO EPSON CORPORATION [Ver = 1, 1, 0, 1 | Size = 51360 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
EqnClass.Dll -> %SystemRoot%\System32\EqnClass.Dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
escwiad.dll -> %SystemRoot%\System32\escwiad.dll -> SEIKO EPSON CORP. [Ver = 1.72 | Size = 67072 bytes | Created Date = 3/22/2008 3:58:46 PM | Attr =	]
EVGA -> %SystemRoot%\System32\EVGA ->  [Folder | Created Date = 3/1/2008 1:36:48 PM | Attr =	]
evga.ico -> %SystemRoot%\System32\evga.ico ->  [Ver =  | Size = 16958 bytes | Created Date = 3/1/2008 1:37:24 PM | Attr =	]
export -> %SystemRoot%\System32\export ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
fdco1.dll -> %SystemRoot%\System32\fdco1.dll -> NVIDIA Corporation [Ver = 1.1 | Size = 202240 bytes | Created Date = 3/1/2008 1:54:19 PM | Attr =	]
fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT ->  [Ver =  | Size = 264616 bytes | Created Date = 3/1/2008 8:24:01 AM | Attr =	]
gb2312.uce -> %SystemRoot%\System32\gb2312.uce ->  [Ver =  | Size = 24006 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
grep.exe -> %SystemRoot%\System32\grep.exe ->  [Ver =  | Size = 80412 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
Help.ico -> %SystemRoot%\System32\Help.ico ->  [Ver =  | Size = 1406 bytes | Created Date = 3/10/2008 3:29:58 AM | Attr =	]
hticons.dll -> %SystemRoot%\System32\hticons.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Created Date = 3/1/2008 1:28:12 PM | Attr =	]
ias -> %SystemRoot%\System32\ias ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
icsxml -> %SystemRoot%\System32\icsxml ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ideograf.uce -> %SystemRoot%\System32\ideograf.uce ->  [Ver =  | Size = 60458 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver =  | Size = 82432 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
imagX7.dll -> %SystemRoot%\System32\imagX7.dll -> Pegasus Imaging Corp. [Ver = 7.0.46.0 | Size = 1568768 bytes | Created Date = 3/10/2008 12:58:24 AM | Attr =	]
imagXpr7.dll -> %SystemRoot%\System32\imagXpr7.dll -> Pegasus Imaging Corp. [Ver = 7.0.46.0 | Size = 476320 bytes | Created Date = 3/10/2008 12:58:24 AM | Attr =	]
IME -> %SystemRoot%\System32\IME ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
inetsrv -> %SystemRoot%\System32\inetsrv ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
isrdbg32.dll -> %SystemRoot%\System32\isrdbg32.dll -> Intel Corporation [Ver = 0.0 | Size = 32768 bytes | Created Date = 3/1/2008 1:29:17 PM | Attr =	]
java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/17/2008 12:31:03 AM | Attr =	]
javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 69632 bytes | Created Date = 3/17/2008 12:31:03 AM | Attr =	]
javasup.vxd -> %SystemRoot%\System32\javasup.vxd ->  [Ver =  | Size = 7315 bytes | Created Date = 3/1/2008 2:50:13 PM | Attr =	]
javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 135168 bytes | Created Date = 3/17/2008 12:31:03 AM | Attr =	]
javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.50.13 | Size = 139264 bytes | Created Date = 3/17/2008 12:31:03 AM | Attr =	]
kanji_1.uce -> %SystemRoot%\System32\kanji_1.uce ->  [Ver =  | Size = 6948 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
kanji_2.uce -> %SystemRoot%\System32\kanji_2.uce ->  [Ver =  | Size = 8484 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
keystone.exe -> %SystemRoot%\System32\keystone.exe ->  [Ver =  | Size = 425984 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
korean.uce -> %SystemRoot%\System32\korean.uce ->  [Ver =  | Size = 12876 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
l3codecx.ax -> %SystemRoot%\System32\l3codecx.ax -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 5, 0, 50 | Size = 83456 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
Lang -> %SystemRoot%\System32\Lang ->  [Folder | Created Date = 3/1/2008 2:00:00 PM | Attr =	]
LogFiles -> %SystemRoot%\System32\LogFiles ->  [Folder | Created Date = 3/21/2008 2:11:09 PM | Attr =	]
logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest ->  [Ver =  | Size = 488 bytes | Created Date = 3/1/2008 1:30:14 PM | Attr = RH ]
LoopyMusic.wav -> %SystemRoot%\System32\LoopyMusic.wav ->  [Ver =  | Size = 940794 bytes | Created Date = 3/1/2008 2:00:00 PM | Attr =	]
Macromed -> %SystemRoot%\System32\Macromed ->  [Folder | Created Date = 3/1/2008 1:29:01 PM | Attr =	]
mciqtz32.dll -> %SystemRoot%\System32\mciqtz32.dll ->  [Ver =  | Size = 35328 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
Microsoft -> %SystemRoot%\System32\Microsoft ->  [Folder | Created Date = 3/1/2008 1:38:18 PM | Attr =   S]
mpeg2data.ax -> %SystemRoot%\System32\mpeg2data.ax ->  [Ver =  | Size = 118272 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
mpg2splt.ax -> %SystemRoot%\System32\mpg2splt.ax ->  [Ver =  | Size = 148992 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
msdmo.dll -> %SystemRoot%\System32\msdmo.dll ->  [Ver =  | Size = 14336 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
MsDtc -> %SystemRoot%\System32\MsDtc ->  [Folder | Created Date = 3/1/2008 1:27:40 PM | Attr =	]
msdtcprf.h -> %SystemRoot%\System32\msdtcprf.h ->  [Ver =  | Size = 768 bytes | Created Date = 3/1/2008 1:28:00 PM | Attr =	]
msdtcprf.ini -> %SystemRoot%\System32\msdtcprf.ini ->  [Ver =  | Size = 1931 bytes | Created Date = 3/1/2008 1:28:00 PM | Attr =	]
msdvbnp.ax -> %SystemRoot%\System32\msdvbnp.ax ->  [Ver =  | Size = 56832 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
mui -> %SystemRoot%\System32\mui ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
npp -> %SystemRoot%\System32\npp ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb ->  [Ver =  | Size = 23392 bytes | Created Date = 3/1/2008 1:30:40 PM | Attr =	]
nv4_disp.dll -> %SystemRoot%\System32\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 5773568 bytes | Created Date = 3/1/2008 1:36:49 PM | Attr =	]
nvapi.dll -> %SystemRoot%\System32\nvapi.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 385024 bytes | Created Date = 3/1/2008 1:36:58 PM | Attr =	]
nvappbar.exe -> %SystemRoot%\System32\nvappbar.exe ->  [Ver =  | Size = 442368 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvapps.xml -> %SystemRoot%\System32\nvapps.xml ->  [Ver =  | Size = 159661 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvcod.dll -> %SystemRoot%\System32\nvcod.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35  | Size = 35328 bytes | Created Date = 3/1/2008 1:36:59 PM | Attr =	]
nvcodins.dll -> %SystemRoot%\System32\nvcodins.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35  | Size = 35328 bytes | Created Date = 3/1/2008 1:36:59 PM | Attr =	]
nvcolor.exe -> %SystemRoot%\System32\nvcolor.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 147456 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvconrm.dll -> %SystemRoot%\System32\nvconrm.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35  | Size = 35840 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
nvcpl.cpl -> %SystemRoot%\System32\nvcpl.cpl -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 413696 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvcpl.dll -> %SystemRoot%\System32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 8523776 bytes | Created Date = 3/1/2008 1:37:00 PM | Attr =	]
nvcplui.exe -> %SystemRoot%\System32\nvcplui.exe -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 753664 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvcpluir.dll -> %SystemRoot%\System32\nvcpluir.dll -> NVIDIA Corporation [Ver = 1.4.6.18 | Size = 1073152 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu ->  [Ver =  | Size = 17737 bytes | Created Date = 3/1/2008 1:37:29 PM | Attr =	]
nvdisps.dll -> %SystemRoot%\System32\nvdisps.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 6549504 bytes | Created Date = 3/1/2008 1:37:03 PM | Attr =	]
nvdispsr.dll -> %SystemRoot%\System32\nvdispsr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 5439488 bytes | Created Date = 3/1/2008 1:37:05 PM | Attr =	]
nvdspsch.exe -> %SystemRoot%\System32\nvdspsch.exe ->  [Ver =  | Size = 1339392 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvexpbar.dll -> %SystemRoot%\System32\nvexpbar.dll -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 307200 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvgames.dll -> %SystemRoot%\System32\nvgames.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 3420160 bytes | Created Date = 3/1/2008 1:37:06 PM | Attr =	]
nvgamesr.dll -> %SystemRoot%\System32\nvgamesr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 3231744 bytes | Created Date = 3/1/2008 1:37:07 PM | Attr =	]
nview.dll -> %SystemRoot%\System32\nview.dll ->  [Ver =  | Size = 1474560 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvmccs.dll -> %SystemRoot%\System32\nvmccs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 229376 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmccsrs.dll -> %SystemRoot%\System32\nvmccsrs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 45056 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvmccss.dll -> %SystemRoot%\System32\nvmccss.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 188416 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmccssr.dll -> %SystemRoot%\System32\nvmccssr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 458752 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmctray.dll -> %SystemRoot%\System32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmobls.dll -> %SystemRoot%\System32\nvmobls.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 1228800 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvmoblsr.dll -> %SystemRoot%\System32\nvmoblsr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 2854912 bytes | Created Date = 3/1/2008 1:37:08 PM | Attr =	]
nvnrm.nvu -> %SystemRoot%\System32\nvnrm.nvu ->  [Ver =  | Size = 3903 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
nvnt4cpl.dll -> %SystemRoot%\System32\nvnt4cpl.dll ->  [Ver =  | Size = 286720 bytes | Created Date = 3/1/2008 1:37:09 PM | Attr =	]
nvoglnt.dll -> %SystemRoot%\System32\nvoglnt.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 6901760 bytes | Created Date = 3/1/2008 1:37:09 PM | Attr =	]
nvraidapp.nvu -> %SystemRoot%\System32\nvraidapp.nvu ->  [Ver =  | Size = 6874 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidar.dll -> %SystemRoot%\System32\NvRaidar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20480 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidcs.dll -> %SystemRoot%\System32\NvRaidcs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidda.dll -> %SystemRoot%\System32\NvRaidda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20992 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidde.dll -> %SystemRoot%\System32\NvRaidde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidel.dll -> %SystemRoot%\System32\NvRaidel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22528 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaideng.dll -> %SystemRoot%\System32\NvRaideng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20480 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidEnu.dll -> %SystemRoot%\System32\NvRaidEnu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22528 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaides.dll -> %SystemRoot%\System32\NvRaides.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidfi.dll -> %SystemRoot%\System32\NvRaidfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidfr.dll -> %SystemRoot%\System32\NvRaidfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidhe.dll -> %SystemRoot%\System32\NvRaidhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20992 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidhu.dll -> %SystemRoot%\System32\NvRaidhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidit.dll -> %SystemRoot%\System32\NvRaidit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidja.dll -> %SystemRoot%\System32\NvRaidja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 19968 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidko.dll -> %SystemRoot%\System32\NvRaidko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 19968 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidnl.dll -> %SystemRoot%\System32\NvRaidnl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidno.dll -> %SystemRoot%\System32\NvRaidno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidpl.dll -> %SystemRoot%\System32\NvRaidpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidpt.dll -> %SystemRoot%\System32\NvRaidpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidptb.dll -> %SystemRoot%\System32\NvRaidptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidru.dll -> %SystemRoot%\System32\NvRaidru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidServer.dll -> %SystemRoot%\System32\NvRaidServer.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 544768 bytes | Created Date = 3/1/2008 5:25:52 PM | Attr =	]
NvRaidServerar.dll -> %SystemRoot%\System32\NvRaidServerar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148480 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServercs.dll -> %SystemRoot%\System32\NvRaidServercs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerda.dll -> %SystemRoot%\System32\NvRaidServerda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerde.dll -> %SystemRoot%\System32\NvRaidServerde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerel.dll -> %SystemRoot%\System32\NvRaidServerel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServereng.dll -> %SystemRoot%\System32\NvRaidServereng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerenu.dll -> %SystemRoot%\System32\NvRaidServerenu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServeres.dll -> %SystemRoot%\System32\NvRaidServeres.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerfi.dll -> %SystemRoot%\System32\NvRaidServerfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerfr.dll -> %SystemRoot%\System32\NvRaidServerfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerhe.dll -> %SystemRoot%\System32\NvRaidServerhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148480 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerhu.dll -> %SystemRoot%\System32\NvRaidServerhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerit.dll -> %SystemRoot%\System32\NvRaidServerit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerja.dll -> %SystemRoot%\System32\NvRaidServerja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 147968 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerko.dll -> %SystemRoot%\System32\NvRaidServerko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 147968 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServernl.dll -> %SystemRoot%\System32\NvRaidServernl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerno.dll -> %SystemRoot%\System32\NvRaidServerno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerpl.dll -> %SystemRoot%\System32\NvRaidServerpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerpt.dll -> %SystemRoot%\System32\NvRaidServerpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerptb.dll -> %SystemRoot%\System32\NvRaidServerptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerru.dll -> %SystemRoot%\System32\NvRaidServerru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServersk.dll -> %SystemRoot%\System32\NvRaidServersk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServersl.dll -> %SystemRoot%\System32\NvRaidServersl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 149504 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServersv.dll -> %SystemRoot%\System32\NvRaidServersv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerth.dll -> %SystemRoot%\System32\NvRaidServerth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServertr.dll -> %SystemRoot%\System32\NvRaidServertr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 148992 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerzhc.dll -> %SystemRoot%\System32\NvRaidServerzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 147456 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
NvRaidServerzht.dll -> %SystemRoot%\System32\NvRaidServerzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 147456 bytes | Created Date = 3/1/2008 5:25:53 PM | Attr =	]
nvraidservice.exe -> %SystemRoot%\System32\nvraidservice.exe -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 137216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidsk.dll -> %SystemRoot%\System32\NvRaidsk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidsl.dll -> %SystemRoot%\System32\NvRaidsl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 22016 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidsv.dll -> %SystemRoot%\System32\NvRaidsv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 20992 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvar.dll -> %SystemRoot%\System32\NvRaidSvar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 8704 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvcs.dll -> %SystemRoot%\System32\NvRaidSvcs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvda.dll -> %SystemRoot%\System32\NvRaidSvda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvde.dll -> %SystemRoot%\System32\NvRaidSvde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvel.dll -> %SystemRoot%\System32\NvRaidSvel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSveng.dll -> %SystemRoot%\System32\NvRaidSveng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvEnu.dll -> %SystemRoot%\System32\NvRaidSvEnu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSves.dll -> %SystemRoot%\System32\NvRaidSves.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvfi.dll -> %SystemRoot%\System32\NvRaidSvfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvfr.dll -> %SystemRoot%\System32\NvRaidSvfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvhe.dll -> %SystemRoot%\System32\NvRaidSvhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvhu.dll -> %SystemRoot%\System32\NvRaidSvhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvit.dll -> %SystemRoot%\System32\NvRaidSvit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvja.dll -> %SystemRoot%\System32\NvRaidSvja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 8192 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvko.dll -> %SystemRoot%\System32\NvRaidSvko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 7680 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvnl.dll -> %SystemRoot%\System32\NvRaidSvnl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvno.dll -> %SystemRoot%\System32\NvRaidSvno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvpl.dll -> %SystemRoot%\System32\NvRaidSvpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvpt.dll -> %SystemRoot%\System32\NvRaidSvpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 10240 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvptb.dll -> %SystemRoot%\System32\NvRaidSvptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvru.dll -> %SystemRoot%\System32\NvRaidSvru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvsk.dll -> %SystemRoot%\System32\NvRaidSvsk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvsl.dll -> %SystemRoot%\System32\NvRaidSvsl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvsv.dll -> %SystemRoot%\System32\NvRaidSvsv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9216 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvth.dll -> %SystemRoot%\System32\NvRaidSvth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvtr.dll -> %SystemRoot%\System32\NvRaidSvtr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 9728 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvzhc.dll -> %SystemRoot%\System32\NvRaidSvzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 6656 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidSvzht.dll -> %SystemRoot%\System32\NvRaidSvzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 7168 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidth.dll -> %SystemRoot%\System32\NvRaidth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidtr.dll -> %SystemRoot%\System32\NvRaidtr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 21504 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizard.dll -> %SystemRoot%\System32\NvRaidWizard.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 501248 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardar.dll -> %SystemRoot%\System32\NvRaidWizardar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 120832 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardcs.dll -> %SystemRoot%\System32\NvRaidWizardcs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 128512 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardda.dll -> %SystemRoot%\System32\NvRaidWizardda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 125952 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardde.dll -> %SystemRoot%\System32\NvRaidWizardde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 135168 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardel.dll -> %SystemRoot%\System32\NvRaidWizardel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 132608 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardeng.dll -> %SystemRoot%\System32\NvRaidWizardeng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 124416 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardEnu.dll -> %SystemRoot%\System32\NvRaidWizardEnu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 124416 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardes.dll -> %SystemRoot%\System32\NvRaidWizardes.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 132096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardfi.dll -> %SystemRoot%\System32\NvRaidWizardfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 126464 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardfr.dll -> %SystemRoot%\System32\NvRaidWizardfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 132096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardhe.dll -> %SystemRoot%\System32\NvRaidWizardhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 123392 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardhu.dll -> %SystemRoot%\System32\NvRaidWizardhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 128000 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardit.dll -> %SystemRoot%\System32\NvRaidWizardit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 131584 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardja.dll -> %SystemRoot%\System32\NvRaidWizardja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 111616 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardko.dll -> %SystemRoot%\System32\NvRaidWizardko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 111616 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardnl.dll -> %SystemRoot%\System32\NvRaidWizardnl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 129536 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardno.dll -> %SystemRoot%\System32\NvRaidWizardno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 128000 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardpl.dll -> %SystemRoot%\System32\NvRaidWizardpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 127488 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardpt.dll -> %SystemRoot%\System32\NvRaidWizardpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 133632 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardptb.dll -> %SystemRoot%\System32\NvRaidWizardptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 130048 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardru.dll -> %SystemRoot%\System32\NvRaidWizardru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 129024 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardsk.dll -> %SystemRoot%\System32\NvRaidWizardsk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 127488 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardsl.dll -> %SystemRoot%\System32\NvRaidWizardsl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 130048 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardsv.dll -> %SystemRoot%\System32\NvRaidWizardsv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 126976 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardth.dll -> %SystemRoot%\System32\NvRaidWizardth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 126976 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardtr.dll -> %SystemRoot%\System32\NvRaidWizardtr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 128000 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardzhc.dll -> %SystemRoot%\System32\NvRaidWizardzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 107008 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidWizardzht.dll -> %SystemRoot%\System32\NvRaidWizardzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 108032 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidzhc.dll -> %SystemRoot%\System32\NvRaidzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 19456 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvRaidzht.dll -> %SystemRoot%\System32\NvRaidzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0678 | Size = 19456 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
nvrsar.dll -> %SystemRoot%\System32\nvrsar.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 327680 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrscs.dll -> %SystemRoot%\System32\nvrscs.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 245760 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsda.dll -> %SystemRoot%\System32\nvrsda.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsde.dll -> %SystemRoot%\System32\nvrsde.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 274432 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsel.dll -> %SystemRoot%\System32\nvrsel.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 282624 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrseng.dll -> %SystemRoot%\System32\nvrseng.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 245760 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrses.dll -> %SystemRoot%\System32\nvrses.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 282624 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsesm.dll -> %SystemRoot%\System32\nvrsesm.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 274432 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsfi.dll -> %SystemRoot%\System32\nvrsfi.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 245760 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsfr.dll -> %SystemRoot%\System32\nvrsfr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 282624 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrshe.dll -> %SystemRoot%\System32\nvrshe.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 327680 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrshu.dll -> %SystemRoot%\System32\nvrshu.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 258048 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsit.dll -> %SystemRoot%\System32\nvrsit.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 278528 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsja.dll -> %SystemRoot%\System32\nvrsja.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 266240 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsko.dll -> %SystemRoot%\System32\nvrsko.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 258048 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsnl.dll -> %SystemRoot%\System32\nvrsnl.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 274432 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsno.dll -> %SystemRoot%\System32\nvrsno.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrspl.dll -> %SystemRoot%\System32\nvrspl.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrspt.dll -> %SystemRoot%\System32\nvrspt.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 270336 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsptb.dll -> %SystemRoot%\System32\nvrsptb.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 266240 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrsru.dll -> %SystemRoot%\System32\nvrsru.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 266240 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrssk.dll -> %SystemRoot%\System32\nvrssk.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 258048 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrssl.dll -> %SystemRoot%\System32\nvrssl.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrssv.dll -> %SystemRoot%\System32\nvrssv.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvrstr.dll -> %SystemRoot%\System32\nvrstr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 253952 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvrszhc.dll -> %SystemRoot%\System32\nvrszhc.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 225280 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvrszht.dll -> %SystemRoot%\System32\nvrszht.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 122880 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvsataconnection.exe -> %SystemRoot%\System32\nvsataconnection.exe -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 208896 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionar.dll -> %SystemRoot%\System32\NvSataConnectionar.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectioncs.dll -> %SystemRoot%\System32\NvSataConnectioncs.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionda.dll -> %SystemRoot%\System32\NvSataConnectionda.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionde.dll -> %SystemRoot%\System32\NvSataConnectionde.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionel.dll -> %SystemRoot%\System32\NvSataConnectionel.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectioneng.dll -> %SystemRoot%\System32\NvSataConnectioneng.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionEnu.dll -> %SystemRoot%\System32\NvSataConnectionEnu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectiones.dll -> %SystemRoot%\System32\NvSataConnectiones.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionfi.dll -> %SystemRoot%\System32\NvSataConnectionfi.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionfr.dll -> %SystemRoot%\System32\NvSataConnectionfr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionhe.dll -> %SystemRoot%\System32\NvSataConnectionhe.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionhu.dll -> %SystemRoot%\System32\NvSataConnectionhu.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionit.dll -> %SystemRoot%\System32\NvSataConnectionit.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionja.dll -> %SystemRoot%\System32\NvSataConnectionja.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionko.dll -> %SystemRoot%\System32\NvSataConnectionko.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionnl.dll -> %SystemRoot%\System32\NvSataConnectionnl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionno.dll -> %SystemRoot%\System32\NvSataConnectionno.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionpl.dll -> %SystemRoot%\System32\NvSataConnectionpl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionpt.dll -> %SystemRoot%\System32\NvSataConnectionpt.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionptb.dll -> %SystemRoot%\System32\NvSataConnectionptb.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionru.dll -> %SystemRoot%\System32\NvSataConnectionru.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionsk.dll -> %SystemRoot%\System32\NvSataConnectionsk.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionsl.dll -> %SystemRoot%\System32\NvSataConnectionsl.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionsv.dll -> %SystemRoot%\System32\NvSataConnectionsv.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionth.dll -> %SystemRoot%\System32\NvSataConnectionth.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectiontr.dll -> %SystemRoot%\System32\NvSataConnectiontr.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionzhc.dll -> %SystemRoot%\System32\NvSataConnectionzhc.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
NvSataConnectionzht.dll -> %SystemRoot%\System32\NvSataConnectionzht.dll -> NVIDIA Corporation [Ver = 5.10.2600.0691 | Size = 4096 bytes | Created Date = 3/1/2008 2:00:51 PM | Attr =	]
nvshell.dll -> %SystemRoot%\System32\nvshell.dll ->  [Ver =  | Size = 466944 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvsmb.nvu -> %SystemRoot%\System32\nvsmb.nvu ->  [Ver =  | Size = 1864 bytes | Created Date = 3/1/2008 5:25:28 PM | Attr =	]
nvsvc32.exe -> %SystemRoot%\System32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Created Date = 3/1/2008 1:37:13 PM | Attr =	]
nvtuicpl.cpl -> %SystemRoot%\System32\nvtuicpl.cpl ->  [Ver =  | Size = 73728 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvucode.bin -> %SystemRoot%\System32\nvucode.bin ->  [Ver =  | Size = 1018748 bytes | Created Date = 3/1/2008 1:37:13 PM | Attr =	]
nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 1 , 1 , 0  | Size = 356352 bytes | Created Date = 3/1/2008 1:37:29 PM | Attr =	]
NVUNINST.EXE -> %SystemRoot%\System32\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 1 , 1 , 0  | Size = 356352 bytes | Created Date = 3/1/2008 1:54:14 PM | Attr =	]
nvunrm.exe -> %SystemRoot%\System32\nvunrm.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 56  | Size = 356352 bytes | Created Date = 3/1/2008 1:54:18 PM | Attr =	]
nvusmb.exe -> %SystemRoot%\System32\nvusmb.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 56  | Size = 208896 bytes | Created Date = 3/1/2008 5:25:28 PM | Attr =	]
nvvitvs.dll -> %SystemRoot%\System32\nvvitvs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 3710976 bytes | Created Date = 3/1/2008 1:37:13 PM | Attr =	]
nvvitvsr.dll -> %SystemRoot%\System32\nvvitvsr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 3645440 bytes | Created Date = 3/1/2008 1:37:14 PM | Attr =	]
nvwddi.dll -> %SystemRoot%\System32\nvwddi.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Created Date = 3/1/2008 1:37:15 PM | Attr =	]
nvwdmcpl.dll -> %SystemRoot%\System32\nvwdmcpl.dll ->  [Ver =  | Size = 1703936 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvwimg.dll -> %SystemRoot%\System32\nvwimg.dll ->  [Ver =  | Size = 1019904 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
nvwrsar.dll -> %SystemRoot%\System32\nvwrsar.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 282624 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrscs.dll -> %SystemRoot%\System32\nvwrscs.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 286720 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsda.dll -> %SystemRoot%\System32\nvwrsda.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 294912 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsde.dll -> %SystemRoot%\System32\nvwrsde.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 311296 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsel.dll -> %SystemRoot%\System32\nvwrsel.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 335872 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrseng.dll -> %SystemRoot%\System32\nvwrseng.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 286720 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrses.dll -> %SystemRoot%\System32\nvwrses.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 335872 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsesm.dll -> %SystemRoot%\System32\nvwrsesm.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 327680 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsfi.dll -> %SystemRoot%\System32\nvwrsfi.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 303104 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsfr.dll -> %SystemRoot%\System32\nvwrsfr.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 327680 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrshe.dll -> %SystemRoot%\System32\nvwrshe.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 278528 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrshu.dll -> %SystemRoot%\System32\nvwrshu.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 315392 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsit.dll -> %SystemRoot%\System32\nvwrsit.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 323584 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsja.dll -> %SystemRoot%\System32\nvwrsja.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 212992 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsko.dll -> %SystemRoot%\System32\nvwrsko.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 196608 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsnl.dll -> %SystemRoot%\System32\nvwrsnl.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 319488 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsno.dll -> %SystemRoot%\System32\nvwrsno.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 299008 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrspl.dll -> %SystemRoot%\System32\nvwrspl.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 294912 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrspt.dll -> %SystemRoot%\System32\nvwrspt.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 323584 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsptb.dll -> %SystemRoot%\System32\nvwrsptb.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 319488 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrsru.dll -> %SystemRoot%\System32\nvwrsru.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 315392 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrssk.dll -> %SystemRoot%\System32\nvwrssk.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 299008 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrssl.dll -> %SystemRoot%\System32\nvwrssl.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 303104 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrssv.dll -> %SystemRoot%\System32\nvwrssv.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 294912 bytes | Created Date = 3/1/2008 1:37:30 PM | Attr =	]
nvwrstr.dll -> %SystemRoot%\System32\nvwrstr.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 303104 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvwrszhc.dll -> %SystemRoot%\System32\nvwrszhc.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 163840 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvwrszht.dll -> %SystemRoot%\System32\nvwrszht.dll -> NVIDIA Corporation [Ver = 6.14.10.11092 | Size = 167936 bytes | Created Date = 3/1/2008 1:37:31 PM | Attr =	]
nvwss.dll -> %SystemRoot%\System32\nvwss.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 2498560 bytes | Created Date = 3/1/2008 1:37:18 PM | Attr =	]
nvwssr.dll -> %SystemRoot%\System32\nvwssr.dll -> NVIDIA Corporation [Ver = 6.14.11.5827 | Size = 2387968 bytes | Created Date = 3/1/2008 1:37:18 PM | Attr =	]
nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
nwiz.exe -> %SystemRoot%\System32\nwiz.exe ->  [Ver =  | Size = 1626112 bytes | Created Date = 3/1/2008 1:37:38 PM | Attr =	]
oobe -> %SystemRoot%\System32\oobe ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI ->  [Ver =  | Size = 356738 bytes | Created Date = 3/1/2008 8:24:50 AM | Attr =	]
PhotoImpression Slideshow -> %SystemRoot%\System32\PhotoImpression Slideshow ->  [Folder | Created Date = 3/22/2008 4:11:39 PM | Attr =	]
PhotoImpression Slideshow.scr -> %SystemRoot%\System32\PhotoImpression Slideshow.scr -> ArcSoft Inc. [Ver = 1, 0, 0, 4 | Size = 126976 bytes | Created Date = 3/22/2008 4:11:51 PM | Attr =	]
PICEntry.dll -> %SystemRoot%\System32\PICEntry.dll -> SEIKO EPSON CORPORATION [Ver = 3.0.0.2 | Size = 108704 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
PICSDK.dll -> %SystemRoot%\System32\PICSDK.dll -> SEIKO EPSON CORPORATION [Ver = 3.0.0.1 | Size = 80024 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
PICSDK.ini -> %SystemRoot%\System32\PICSDK.ini ->  [Ver =  | Size = 97 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
PICSDK2.dll -> %SystemRoot%\System32\PICSDK2.dll -> SEIKO EPSON CORPORATION [Ver = 3.0.1.3 | Size = 501912 bytes | Created Date = 3/22/2008 3:59:22 PM | Attr =	]
PreInstall -> %SystemRoot%\System32\PreInstall ->  [Folder | Created Date = 3/1/2008 2:26:56 PM | Attr =	]
Process.exe -> %SystemRoot%\System32\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 3/16/2008 11:51:50 PM | Attr =	]
psisdecd.dll -> %SystemRoot%\System32\psisdecd.dll ->  [Ver =  | Size = 363520 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
psisrndr.ax -> %SystemRoot%\System32\psisrndr.ax ->  [Ver =  | Size = 33280 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qcap.dll -> %SystemRoot%\System32\qcap.dll ->  [Ver =  | Size = 192512 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qdv.dll -> %SystemRoot%\System32\qdv.dll ->  [Ver =  | Size = 279040 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qdvd.dll -> %SystemRoot%\System32\qdvd.dll ->  [Ver =  | Size = 385024 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qedit.dll -> %SystemRoot%\System32\qedit.dll ->  [Ver =  | Size = 562176 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
qedwipes.dll -> %SystemRoot%\System32\qedwipes.dll ->  [Ver =  | Size = 733696 bytes | Created Date = 3/1/2008 2:11:38 PM | Attr =	]
ras -> %SystemRoot%\System32\ras ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups ->  [Folder | Created Date = 3/1/2008 3:18:15 PM | Attr =	]
Restore -> %SystemRoot%\System32\Restore ->  [Folder | Created Date = 3/1/2008 1:28:54 PM | Attr =	]
RTCOM -> %SystemRoot%\System32\RTCOM ->  [Folder | Created Date = 3/1/2008 1:57:23 PM | Attr =	]
RTSndMgr.Cpl -> %SystemRoot%\System32\RTSndMgr.Cpl -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 9 | Size = 282624 bytes | Created Date = 3/1/2008 1:57:16 PM | Attr = R  ]
sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
secupd.dat -> %SystemRoot%\System32\secupd.dat ->  [Ver =  | Size = 4569 bytes | Created Date = 3/1/2008 3:04:04 PM | Attr =	]
secupd.sig -> %SystemRoot%\System32\secupd.sig ->  [Ver =  | Size = 7208 bytes | Created Date = 3/1/2008 3:04:04 PM | Attr =	]
sed.exe -> %SystemRoot%\System32\sed.exe ->  [Ver =  | Size = 98816 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
Setup -> %SystemRoot%\System32\Setup ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ShellExt -> %SystemRoot%\System32\ShellExt ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
shiftjis.uce -> %SystemRoot%\System32\shiftjis.uce ->  [Ver =  | Size = 16740 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
spool -> %SystemRoot%\System32\spool ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
spxcoins.dll -> %SystemRoot%\System32\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Created Date = 3/1/2008 8:24:33 AM | Attr =	]
SrchSTS.exe -> %SystemRoot%\System32\SrchSTS.exe -> S!Ri [Ver =  | Size = 288417 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
subrange.uce -> %SystemRoot%\System32\subrange.uce ->  [Ver =  | Size = 93702 bytes | Created Date = 3/1/2008 1:28:05 PM | Attr =	]
swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
swsc.exe -> %SystemRoot%\System32\swsc.exe ->  [Ver =  | Size = 40960 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
tmp.reg -> %SystemRoot%\System32\tmp.reg ->  [Ver =  | Size = 2742 bytes | Created Date = 3/10/2008 3:13:07 AM | Attr =	]
tslabels.h -> %SystemRoot%\System32\tslabels.h ->  [Ver =  | Size = 3286 bytes | Created Date = 3/1/2008 1:28:02 PM | Attr =	]
tslabels.ini -> %SystemRoot%\System32\tslabels.ini ->  [Ver =  | Size = 13223 bytes | Created Date = 3/1/2008 1:28:02 PM | Attr =	]
Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico ->  [Ver =  | Size = 2550 bytes | Created Date = 3/10/2008 3:29:58 AM | Attr =	]
usmt -> %SystemRoot%\System32\usmt ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
usrlogon.cmd -> %SystemRoot%\System32\usrlogon.cmd ->  [Ver =  | Size = 1161 bytes | Created Date = 3/1/2008 1:28:03 PM | Attr =	]
VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver =  | Size = 86528 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
VCCLSID.exe -> %SystemRoot%\System32\VCCLSID.exe -> S!Ri [Ver =  | Size = 289144 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
VFind.exe -> %SystemRoot%\System32\VFind.exe ->  [Ver =  | Size = 49152 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
wbem -> %SystemRoot%\System32\wbem ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest ->  [Ver =  | Size = 488 bytes | Created Date = 3/1/2008 1:30:14 PM | Attr = RH ]
wins -> %SystemRoot%\System32\wins ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
wmimgmt.msc -> %SystemRoot%\System32\wmimgmt.msc ->  [Ver =  | Size = 63488 bytes | Created Date = 3/1/2008 1:27:51 PM | Attr =	]
wmpscheme.xml -> %SystemRoot%\System32\wmpscheme.xml ->  [Ver =  | Size = 25065 bytes | Created Date = 3/1/2008 1:30:40 PM | Attr =	]
wpa.bak -> %SystemRoot%\System32\wpa.bak ->  [Ver =  | Size = 2422 bytes | Created Date = 3/1/2008 3:16:09 PM | Attr =	]
WS2Fix.exe -> %SystemRoot%\System32\WS2Fix.exe ->  [Ver =  | Size = 25600 bytes | Created Date = 3/10/2008 3:15:49 AM | Attr =	]
wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
xircom -> %SystemRoot%\System32\xircom ->  [Folder | Created Date = 3/1/2008 1:30:42 PM | Attr =	]
zip.exe -> %SystemRoot%\System32\zip.exe ->  [Ver =  | Size = 68096 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
zonedoff.reg -> %SystemRoot%\System32\zonedoff.reg ->  [Ver =  | Size = 113 bytes | Created Date = 3/1/2008 2:50:11 PM | Attr =	]
zonedon.reg -> %SystemRoot%\System32\zonedon.reg ->  [Ver =  | Size = 113 bytes | Created Date = 3/1/2008 2:50:11 PM | Attr =	]
$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Created Date = 3/1/2008 2:26:54 PM | Attr =  H ]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ ->  [Folder | Created Date = 3/1/2008 2:26:49 PM | Attr =  H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ ->  [Folder | Created Date = 3/1/2008 3:17:48 PM | Attr =  H ]
$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ ->  [Folder | Created Date = 3/2/2008 12:29:12 PM | Attr =  H ]
$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ ->  [Folder | Created Date = 3/2/2008 12:29:04 PM | Attr =  H ]
addins -> %SystemRoot%\addins ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Alcmtr.exe -> %SystemRoot%\Alcmtr.exe -> Realtek Semiconductor Corp. [Ver = 1.6.0.2 | Size = 69632 bytes | Created Date = 3/1/2008 1:56:59 PM | Attr = R  ]
alcwzrd.exe -> %SystemRoot%\alcwzrd.exe -> RealTek Semicoductor Corp. [Ver = 1.1.0.36 | Size = 2808832 bytes | Created Date = 3/1/2008 1:56:57 PM | Attr = R  ]
AppPatch -> %SystemRoot%\AppPatch ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Blue Lace 16.bmp -> %SystemRoot%\Blue Lace 16.bmp ->  [Ver =  | Size = 1272 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Created Date = 3/1/2008 1:31:38 PM | Attr =   S]
Coffee Bean.bmp -> %SystemRoot%\Coffee Bean.bmp ->  [Ver =  | Size = 17062 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Config -> %SystemRoot%\Config ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Connection Wizard -> %SystemRoot%\Connection Wizard ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
control.ini -> %SystemRoot%\control.ini ->  [Ver =  | Size = 0 bytes | Created Date = 3/1/2008 1:30:41 PM | Attr =	]
Cursors -> %SystemRoot%\Cursors ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Debug -> %SystemRoot%\Debug ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
desktop.ini -> %SystemRoot%\desktop.ini ->  [Ver =  | Size = 2 bytes | Created Date = 3/1/2008 1:29:25 PM | Attr =	]
doom3.ini -> %SystemRoot%\doom3.ini ->  [Ver =  | Size = 331 bytes | Created Date = 3/2/2008 10:45:51 AM | Attr =	]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Created Date = 3/1/2008 1:30:14 PM | Attr =   S]
Driver Cache -> %SystemRoot%\Driver Cache ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
EHome -> %SystemRoot%\EHome ->  [Folder | Created Date = 3/1/2008 3:17:47 PM | Attr =	]
EPCX8400.ini -> %SystemRoot%\EPCX8400.ini ->  [Ver =  | Size = 44 bytes | Created Date = 3/22/2008 3:58:19 PM | Attr =	]
erdnt -> %SystemRoot%\erdnt ->  [Folder | Created Date = 3/17/2008 12:41:02 AM | Attr =	]
FeatherTexture.bmp -> %SystemRoot%\FeatherTexture.bmp ->  [Ver =  | Size = 16730 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Fonts -> %SystemRoot%\Fonts ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr = R S]
ftpcache -> %SystemRoot%\ftpcache ->  [Folder | Created Date = 3/7/2008 11:10:30 AM | Attr =  HS]
gdrv.sys -> %SystemRoot%\gdrv.sys -> Windows (R) Codename Longhorn DDK provider [Ver = 6.0.5744.16384 built by: WinDDK | Size = 14656 bytes | Created Date = 3/1/2008 1:51:58 PM | Attr =	]
Gone Fishing.bmp -> %SystemRoot%\Gone Fishing.bmp ->  [Ver =  | Size = 17336 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Greenstone.bmp -> %SystemRoot%\Greenstone.bmp ->  [Ver =  | Size = 26582 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Help -> %SystemRoot%\Help ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ie7 -> %SystemRoot%\ie7 ->  [Folder | Created Date = 3/2/2008 12:29:16 PM | Attr =  H ]
ie7updates -> %SystemRoot%\ie7updates ->  [Folder | Created Date = 3/4/2008 4:00:17 AM | Attr =	]
ime -> %SystemRoot%\ime ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Created Date = 3/1/2008 8:24:52 AM | Attr =	]
inf -> %SystemRoot%\inf ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Created Date = 3/1/2008 1:34:49 PM | Attr =  HS]
jautoexp.dat -> %SystemRoot%\jautoexp.dat ->  [Ver =  | Size = 6550 bytes | Created Date = 3/1/2008 2:50:13 PM | Attr =	]
java -> %SystemRoot%\java ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
lexstat.ini -> %SystemRoot%\lexstat.ini ->  [Ver =  | Size = 389 bytes | Created Date = 3/1/2008 4:32:36 PM | Attr =	]
Media -> %SystemRoot%\Media ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
MicCal.exe -> %SystemRoot%\MicCal.exe -> Realtek Semiconductor Corp. [Ver = 1.1.1.6 | Size = 2157568 bytes | Created Date = 3/1/2008 1:57:03 PM | Attr = R  ]
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 1158 bytes | Created Date = 3/10/2008 6:11:01 PM | Attr =	]
msagent -> %SystemRoot%\msagent ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
msapps -> %SystemRoot%\msapps ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
mui -> %SystemRoot%\mui ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 69 bytes | Created Date = 3/1/2008 4:59:15 PM | Attr =	]
Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 3/17/2008 12:40:22 AM | Attr =	]
nsreg.dat -> %SystemRoot%\nsreg.dat ->  [Ver =  | Size = 0 bytes | Created Date = 3/10/2008 1:24:35 PM | Attr =	]
nview -> %SystemRoot%\nview ->  [Folder | Created Date = 3/1/2008 1:37:29 PM | Attr =	]
ODBCINST.INI -> %SystemRoot%\ODBCINST.INI ->  [Ver =  | Size = 4161 bytes | Created Date = 3/1/2008 8:24:50 AM | Attr =	]
Offline Web Pages -> %SystemRoot%\Offline Web Pages ->  [Folder | Created Date = 3/1/2008 1:30:14 PM | Attr = R  ]
PCDLIB32.DLL -> %SystemRoot%\PCDLIB32.DLL -> Eastman Kodak [Ver = 3, 0, 0, 0 | Size = 212480 bytes | Created Date = 3/22/2008 4:11:54 PM | Attr =	]
PCHealth -> %SystemRoot%\PCHealth ->  [Folder | Created Date = 3/1/2008 1:28:55 PM | Attr =	]
peernet -> %SystemRoot%\peernet ->  [Folder | Created Date = 3/1/2008 3:19:36 PM | Attr =	]
Prairie Wind.bmp -> %SystemRoot%\Prairie Wind.bmp ->  [Ver =  | Size = 65954 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Created Date = 3/1/2008 4:21:10 PM | Attr =	]
provisioning -> %SystemRoot%\provisioning ->  [Folder | Created Date = 3/1/2008 3:19:36 PM | Attr =	]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Created Date = 3/1/2008 5:02:16 PM | Attr =	]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Created Date = 3/1/2008 5:02:16 PM | Attr =  H ]
RegisteredPackages -> %SystemRoot%\RegisteredPackages ->  [Folder | Created Date = 3/1/2008 2:11:52 PM | Attr =	]
Registration -> %SystemRoot%\Registration ->  [Folder | Created Date = 3/1/2008 1:28:37 PM | Attr =	]
REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD ->  [Ver =  | Size = 8192 bytes | Created Date = 3/1/2008 1:33:52 PM | Attr =	]
repair -> %SystemRoot%\repair ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Resources -> %SystemRoot%\Resources ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp ->  [Ver =  | Size = 17362 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
River Sumida.bmp -> %SystemRoot%\River Sumida.bmp ->  [Ver =  | Size = 26680 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
RTHDCPL.exe -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.1.0.8 | Size = 16269312 bytes | Created Date = 3/1/2008 1:57:06 PM | Attr = R  ]
RTLCPL.exe -> %SystemRoot%\RTLCPL.exe -> Realtek Semiconductor Corp. [Ver = 1.0.1.64 | Size = 9709568 bytes | Created Date = 3/1/2008 1:57:14 PM | Attr = R  ]
RtlExUpd.dll -> %SystemRoot%\RtlExUpd.dll -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 4 | Size = 499712 bytes | Created Date = 3/1/2008 1:56:53 PM | Attr = R  ]
RtlUpd.exe -> %SystemRoot%\RtlUpd.exe -> Realtek Semiconductor Corp. [Ver = 2, 7, 0, 1 | Size = 1183744 bytes | Created Date = 3/1/2008 1:57:18 PM | Attr = R  ]
Santa Fe Stucco.bmp -> %SystemRoot%\Santa Fe Stucco.bmp ->  [Ver =  | Size = 65832 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
security -> %SystemRoot%\security ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
ServicePackFiles -> %SystemRoot%\ServicePackFiles ->  [Folder | Created Date = 3/1/2008 3:19:11 PM | Attr =	]
SHELLNEW -> %SystemRoot%\SHELLNEW ->  [Folder | Created Date = 3/1/2008 4:34:18 PM | Attr =	]
SkyTel.exe -> %SystemRoot%\SkyTel.exe -> Realtek Semiconductor Corp. [Ver = 1.0.0.0 | Size = 2879488 bytes | Created Date = 3/1/2008 1:57:18 PM | Attr = R  ]
Soap Bubbles.bmp -> %SystemRoot%\Soap Bubbles.bmp ->  [Ver =  | Size = 65978 bytes | Created Date = 3/1/2008 1:28:06 PM | Attr =	]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution ->  [Folder | Created Date = 3/1/2008 2:21:31 PM | Attr =	]
SoundMan.exe -> %SystemRoot%\SoundMan.exe -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 30 | Size = 86016 bytes | Created Date = 3/1/2008 1:57:19 PM | Attr = R  ]
srchasst -> %SystemRoot%\srchasst ->  [Folder | Created Date = 3/1/2008 1:29:01 PM | Attr =	]
system -> %SystemRoot%\system ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
system32 -> %SystemRoot%\system32 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Created Date = 3/1/2008 1:29:10 PM | Attr =   S]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Created Date = 3/17/2008 12:45:18 AM | Attr =	]
twain_32 -> %SystemRoot%\twain_32 ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
uninst.exe -> %SystemRoot%\uninst.exe -> InstallShield Corporation, Inc. [Ver = 2.20.926.0 | Size = 299520 bytes | Created Date = 3/1/2008 4:31:59 PM | Attr =	]
vb.ini -> %SystemRoot%\vb.ini ->  [Ver =  | Size = 36 bytes | Created Date = 3/1/2008 1:28:38 PM | Attr =	]
vbaddin.ini -> %SystemRoot%\vbaddin.ini ->  [Ver =  | Size = 37 bytes | Created Date = 3/1/2008 1:28:38 PM | Attr =	]
WBEM -> %SystemRoot%\WBEM ->  [Folder | Created Date = 3/2/2008 12:29:26 PM | Attr =	]
Web -> %SystemRoot%\Web ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr = R  ]
WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest ->  [Ver =  | Size = 749 bytes | Created Date = 3/1/2008 1:30:12 PM | Attr = RH ]
winnt.bmp -> %SystemRoot%\winnt.bmp ->  [Ver =  | Size = 48680 bytes | Created Date = 3/1/2008 1:29:25 PM | Attr =  HS]
winnt256.bmp -> %SystemRoot%\winnt256.bmp ->  [Ver =  | Size = 48680 bytes | Created Date = 3/1/2008 1:29:25 PM | Attr =  HS]
WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Created Date = 3/1/2008 8:20:54 AM | Attr =	]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx ->  [Ver =  | Size = 316640 bytes | Created Date = 3/1/2008 3:19:50 PM | Attr =	]
WMSysPrx.prx -> %SystemRoot%\WMSysPrx.prx ->  [Ver =  | Size = 299552 bytes | Created Date = 3/1/2008 1:30:39 PM | Attr =	]
Zapotec.bmp -> %SystemRoot%\Zapotec.bmp ->  [Ver =  | Size = 9522 bytes | Created Date = 3/1/2008 1:28:07 PM | Attr =	]
desktop.ini -> %SystemRoot%\tasks\desktop.ini ->  [Ver =  | Size = 65 bytes | Created Date = 3/1/2008 1:29:10 PM | Attr = RH ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Created Date = 3/1/2008 1:30:38 PM | Attr =  H ]

[Files/Folders - Modified Within 30 days]
$VAULT$.AVG -> %SystemDrive%\$VAULT$.AVG ->  [Folder | Modified Date = 3/18/2008 11:16:15 AM | Attr = RH ]
AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =	]
b4a7bb7186989f2e54977486e3 -> %SystemDrive%\b4a7bb7186989f2e54977486e3 ->  [Folder | Modified Date = 3/21/2008 2:12:07 PM | Attr =	]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 281 bytes | Modified Date = 3/17/2008 12:41:15 AM | Attr = RHS]
c867271164e46ed2a6 -> %SystemDrive%\c867271164e46ed2a6 ->  [Folder | Modified Date = 3/21/2008 2:11:10 PM | Attr =	]
Config.Msi -> %SystemDrive%\Config.Msi ->  [Folder | Modified Date = 3/23/2008 3:48:20 PM | Attr =  HS]
CONFIG.SYS -> %SystemDrive%\CONFIG.SYS ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =	]
Documents and Settings -> %SystemDrive%\Documents and Settings ->  [Folder | Modified Date = 3/10/2008 1:47:08 AM | Attr =	]
EPSONREG -> %SystemDrive%\EPSONREG ->  [Folder | Modified Date = 3/22/2008 6:06:47 PM | Attr =	]
IO.SYS -> %SystemDrive%\IO.SYS ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr = RHS]
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr = RHS]
MSOCache -> %SystemDrive%\MSOCache ->  [Folder | Modified Date = 3/1/2008 4:33:50 PM | Attr = RH ]
NTDETECT.COM -> %SystemDrive%\NTDETECT.COM ->  [Ver =  | Size = 47564 bytes | Modified Date = 3/1/2008 3:18:26 PM | Attr = RHS]
ntldr -> %SystemDrive%\ntldr ->  [Ver =  | Size = 250032 bytes | Modified Date = 3/1/2008 3:18:26 PM | Attr = RHS]
NVIDIA -> %SystemDrive%\NVIDIA ->  [Folder | Modified Date = 3/1/2008 5:33:58 PM | Attr =	]
Office 07 -> %SystemDrive%\Office 07 ->  [Folder | Modified Date = 3/1/2008 4:34:29 PM | Attr =	]
Program Files -> %ProgramFiles% ->  [Folder | Modified Date = 3/23/2008 3:48:19 PM | Attr = R  ]
RECYCLER -> %SystemDrive%\RECYCLER ->  [Folder | Modified Date = 3/10/2008 3:13:48 AM | Attr =  HS]
System Volume Information -> %SystemDrive%\System Volume Information ->  [Folder | Modified Date = 3/17/2008 12:43:44 AM | Attr =  HS]
User Programs -> %SystemDrive%\User Programs ->  [Folder | Modified Date = 3/10/2008 2:12:39 AM | Attr =	]
WINDOWS -> %SystemRoot% ->  [Folder | Modified Date = 3/23/2008 3:52:53 PM | Attr =	]
WUTemp -> %SystemDrive%\WUTemp ->  [Folder | Modified Date = 3/1/2008 1:54:42 PM | Attr =	]
avg7core.sys -> %SystemRoot%\System32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Modified Date = 3/17/2008 1:07:23 AM | Attr =	]
avg7rsw.sys -> %SystemRoot%\System32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
avg7rsxp.sys -> %SystemRoot%\System32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
avgclean.sys -> %SystemRoot%\System32\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10760 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.510 | Size = 26952 bytes | Modified Date = 3/17/2008 1:07:26 AM | Attr =	]
disdn -> %SystemRoot%\System32\drivers\disdn ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
etc -> %SystemRoot%\System32\drivers\etc ->  [Folder | Modified Date = 3/17/2008 12:43:39 AM | Attr =	]
hosts -> %SystemRoot%\System32\drivers\etc\hosts ->  [Ver =  | Size = 27 bytes | Modified Date = 3/17/2008 12:43:39 AM | Attr =	]
hosts.20080316-180057.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080316-180057.backup ->  [Ver =  | Size = 734 bytes | Modified Date = 3/10/2008 3:13:05 AM | Attr =	]
UMDF -> %SystemRoot%\System32\drivers\UMDF ->  [Folder | Modified Date = 3/21/2008 2:11:49 PM | Attr =	]
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf ->  [Ver =  | Size = 0 bytes | Modified Date = 3/21/2008 2:11:10 PM | Attr =  H ]
$winnt$.inf -> %SystemRoot%\System32\$winnt$.inf ->  [Ver =  | Size = 261 bytes | Modified Date = 3/1/2008 1:31:38 PM | Attr =	]
1025 -> %SystemRoot%\System32\1025 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1028 -> %SystemRoot%\System32\1028 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1031 -> %SystemRoot%\System32\1031 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1033 -> %SystemRoot%\System32\1033 ->  [Folder | Modified Date = 3/1/2008 8:21:47 AM | Attr =	]
1037 -> %SystemRoot%\System32\1037 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1041 -> %SystemRoot%\System32\1041 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1042 -> %SystemRoot%\System32\1042 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
1054 -> %SystemRoot%\System32\1054 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
2052 -> %SystemRoot%\System32\2052 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
3076 -> %SystemRoot%\System32\3076 ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
3com_dmi -> %SystemRoot%\System32\3com_dmi ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb ->  [Ver =  | Size = 16832 bytes | Modified Date = 3/21/2008 2:12:57 PM | Attr =	]
bits -> %SystemRoot%\System32\bits ->  [Folder | Modified Date = 3/1/2008 2:26:33 PM | Attr =	]
BuzzingBee.wav -> %SystemRoot%\System32\BuzzingBee.wav ->  [Ver =  | Size = 146650 bytes | Modified Date = 3/1/2008 2:00:00 PM | Attr =	]
CatRoot -> %SystemRoot%\System32\CatRoot ->  [Folder | Modified Date = 3/23/2008 3:02:34 AM | Attr =	]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 ->  [Folder | Modified Date = 3/23/2008 3:59:33 PM | Attr =	]
cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
Com -> %SystemRoot%\System32\Com ->  [Folder | Modified Date = 3/1/2008 3:22:57 PM | Attr =	]
config -> %SystemRoot%\System32\config ->  [Folder | Modified Date = 3/17/2008 12:42:19 AM | Attr =	]
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT ->  [Ver =  | Size = 2577 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =	]
dhcp -> %SystemRoot%\System32\dhcp ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
DirectX -> %SystemRoot%\System32\DirectX ->  [Folder | Modified Date = 3/1/2008 2:11:17 PM | Attr =	]
dllcache -> %SystemRoot%\System32\dllcache ->  [Folder | Modified Date = 3/23/2008 3:01:04 AM | Attr = RHS]
drivers -> %SystemRoot%\System32\drivers ->  [Folder | Modified Date = 3/23/2008 11:04:01 AM | Attr =	]
emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat ->  [Ver =  | Size = 21640 bytes | Modified Date = 3/1/2008 1:28:39 PM | Attr =	]
en-US -> %SystemRoot%\System32\en-US ->  [Folder | Modified Date = 3/4/2008 4:00:26 AM | Attr =	]
EVGA -> %SystemRoot%\System32\EVGA ->  [Folder | Modified Date = 3/1/2008 1:36:48 PM | Attr =	]
export -> %SystemRoot%\System32\export ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT ->  [Ver =  | Size = 264616 bytes | Modified Date = 3/2/2008 12:31:04 PM | Attr =	]
Help.ico -> %SystemRoot%\System32\Help.ico ->  [Ver =  | Size = 1406 bytes | Modified Date = 3/10/2008 3:39:11 AM | Attr =	]
ias -> %SystemRoot%\System32\ias ->  [Folder | Modified Date = 3/1/2008 8:21:50 AM | Attr =	]
icsxml -> %SystemRoot%\System32\icsxml ->  [Folder | Modified Date = 3/1/2008 8:22:03 AM | Attr =	]
IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver =  | Size = 82432 bytes | Modified Date = 3/5/2008 10:29:16 PM | Attr =	]
IME -> %SystemRoot%\System32\IME ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
inetsrv -> %SystemRoot%\System32\inetsrv ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
Lang -> %SystemRoot%\System32\Lang ->  [Folder | Modified Date = 3/1/2008 2:00:00 PM | Attr =	]
LogFiles -> %SystemRoot%\System32\LogFiles ->  [Folder | Modified Date = 3/21/2008 2:11:09 PM | Attr =	]
logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest ->  [Ver =  | Size = 488 bytes | Modified Date = 3/1/2008 1:30:14 PM | Attr = RH ]
LoopyMusic.wav -> %SystemRoot%\System32\LoopyMusic.wav ->  [Ver =  | Size = 940794 bytes | Modified Date = 3/1/2008 2:00:00 PM | Attr =	]
Macromed -> %SystemRoot%\System32\Macromed ->  [Folder | Modified Date = 3/4/2008 4:06:28 AM | Attr =	]
Microsoft -> %SystemRoot%\System32\Microsoft ->  [Folder | Modified Date = 3/1/2008 1:38:18 PM | Attr =   S]
MsDtc -> %SystemRoot%\System32\MsDtc ->  [Folder | Modified Date = 3/1/2008 1:28:37 PM | Attr =	]
mui -> %SystemRoot%\System32\mui ->  [Folder | Modified Date = 3/1/2008 3:19:39 PM | Attr =	]
ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
npp -> %SystemRoot%\System32\npp ->  [Folder | Modified Date = 3/1/2008 3:19:09 PM | Attr =	]
nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb ->  [Ver =  | Size = 23392 bytes | Modified Date = 3/21/2008 2:12:57 PM | Attr =	]
nvapps.xml -> %SystemRoot%\System32\nvapps.xml ->  [Ver =  | Size = 159661 bytes | Modified Date = 3/17/2008 2:12:25 AM | Attr =	]
nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
oobe -> %SystemRoot%\System32\oobe ->  [Folder | Modified Date = 3/1/2008 3:19:39 PM | Attr =	]
perfc009.dat -> %SystemRoot%\System32\perfc009.dat ->  [Ver =  | Size = 40836 bytes | Modified Date = 3/17/2008 11:13:35 PM | Attr =	]
perfh009.dat -> %SystemRoot%\System32\perfh009.dat ->  [Ver =  | Size = 314508 bytes | Modified Date = 3/17/2008 11:13:35 PM | Attr =	]
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI ->  [Ver =  | Size = 356738 bytes | Modified Date = 3/17/2008 11:13:35 PM | Attr =	]
PhotoImpression Slideshow -> %SystemRoot%\System32\PhotoImpression Slideshow ->  [Folder | Modified Date = 3/22/2008 4:11:54 PM | Attr =	]
PreInstall -> %SystemRoot%\System32\PreInstall ->  [Folder | Modified Date = 3/1/2008 2:26:56 PM | Attr =	]
ras -> %SystemRoot%\System32\ras ->  [Folder | Modified Date = 3/1/2008 8:22:06 AM | Attr =	]
ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups ->  [Folder | Modified Date = 3/1/2008 4:54:19 PM | Attr =	]
Restore -> %SystemRoot%\System32\Restore ->  [Folder | Modified Date = 3/17/2008 12:43:44 AM | Attr =	]
RTCOM -> %SystemRoot%\System32\RTCOM ->  [Folder | Modified Date = 3/1/2008 1:57:40 PM | Attr =	]
sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
Setup -> %SystemRoot%\System32\Setup ->  [Folder | Modified Date = 3/1/2008 3:19:39 PM | Attr =	]
ShellExt -> %SystemRoot%\System32\ShellExt ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
spool -> %SystemRoot%\System32\spool ->  [Folder | Modified Date = 3/1/2008 1:27:25 PM | Attr =	]
tmp.reg -> %SystemRoot%\System32\tmp.reg ->  [Ver =  | Size = 2742 bytes | Modified Date = 3/16/2008 11:52:25 PM | Attr =	]
Uninstall.ico -> %SystemRoot%\System32\Uninstall.ico ->  [Ver =  | Size = 2550 bytes | Modified Date = 3/10/2008 3:39:11 AM | Attr =	]
usmt -> %SystemRoot%\System32\usmt ->  [Folder | Modified Date = 3/1/2008 3:19:01 PM | Attr =	]
VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver =  | Size = 86528 bytes | Modified Date = 3/9/2008 1:15:33 AM | Attr =	]
wbem -> %SystemRoot%\System32\wbem ->  [Folder | Modified Date = 3/17/2008 11:13:35 PM | Attr =	]
WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest ->  [Ver =  | Size = 488 bytes | Modified Date = 3/1/2008 1:30:14 PM | Attr = RH ]
wins -> %SystemRoot%\System32\wins ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
wmpscheme.xml -> %SystemRoot%\System32\wmpscheme.xml ->  [Ver =  | Size = 25065 bytes | Modified Date = 3/1/2008 1:34:49 PM | Attr =	]
wpa.bak -> %SystemRoot%\System32\wpa.bak ->  [Ver =  | Size = 2422 bytes | Modified Date = 3/1/2008 3:16:09 PM | Attr =	]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl ->  [Ver =  | Size = 2422 bytes | Modified Date = 3/21/2008 2:28:33 PM | Attr =	]
wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
xircom -> %SystemRoot%\System32\xircom ->  [Folder | Modified Date = 3/1/2008 1:30:42 PM | Attr =	]
$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Modified Date = 3/3/2008 7:09:20 AM | Attr =  H ]
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ ->  [Folder | Modified Date = 3/1/2008 2:26:50 PM | Attr =  H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ ->  [Folder | Modified Date = 3/1/2008 3:18:07 PM | Attr =  H ]
$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ ->  [Folder | Modified Date = 3/2/2008 12:29:12 PM | Attr =  H ]
$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ ->  [Folder | Modified Date = 3/2/2008 12:29:04 PM | Attr =  H ]
addins -> %SystemRoot%\addins ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
AppPatch -> %SystemRoot%\AppPatch ->  [Folder | Modified Date = 3/21/2008 2:24:54 PM | Attr =	]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 3/23/2008 3:52:30 PM | Attr =   S]
Config -> %SystemRoot%\Config ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
Connection Wizard -> %SystemRoot%\Connection Wizard ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
control.ini -> %SystemRoot%\control.ini ->  [Ver =  | Size = 0 bytes | Modified Date = 3/1/2008 1:30:41 PM | Attr =	]
Cursors -> %SystemRoot%\Cursors ->  [Folder | Modified Date = 3/1/2008 1:28:18 PM | Attr =	]
Debug -> %SystemRoot%\Debug ->  [Folder | Modified Date = 3/1/2008 4:25:44 PM | Attr =	]
doom3.ini -> %SystemRoot%\doom3.ini ->  [Ver =  | Size = 331 bytes | Modified Date = 3/2/2008 10:45:51 AM | Attr =	]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Modified Date = 3/10/2008 4:13:39 AM | Attr =   S]
Driver Cache -> %SystemRoot%\Driver Cache ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
EHome -> %SystemRoot%\EHome ->  [Folder | Modified Date = 3/1/2008 3:17:47 PM | Attr =	]
EPCX8400.ini -> %SystemRoot%\EPCX8400.ini ->  [Ver =  | Size = 44 bytes | Modified Date = 3/22/2008 6:06:44 PM | Attr =	]
erdnt -> %SystemRoot%\erdnt ->  [Folder | Modified Date = 3/17/2008 12:42:15 AM | Attr =	]
Fonts -> %SystemRoot%\Fonts ->  [Folder | Modified Date = 3/1/2008 4:35:34 PM | Attr = R S]
ftpcache -> %SystemRoot%\ftpcache ->  [Folder | Modified Date = 3/7/2008 11:10:30 AM | Attr =  HS]
gdrv.sys -> %SystemRoot%\gdrv.sys -> Windows (R) Codename Longhorn DDK provider [Ver = 6.0.5744.16384 built by: WinDDK | Size = 14656 bytes | Modified Date = 3/1/2008 2:02:05 PM | Attr =	]
Help -> %SystemRoot%\Help ->  [Folder | Modified Date = 3/21/2008 2:12:38 PM | Attr =	]
ie7 -> %SystemRoot%\ie7 ->  [Folder | Modified Date = 3/2/2008 12:29:23 PM | Attr =  H ]
ie7updates -> %SystemRoot%\ie7updates ->  [Folder | Modified Date = 3/4/2008 4:00:17 AM | Attr =	]
ime -> %SystemRoot%\ime ->  [Folder | Modified Date = 3/1/2008 3:19:39 PM | Attr =	]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Modified Date = 3/23/2008 3:00:57 AM | Attr =	]
inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 3/23/2008 3:01:04 AM | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 3/23/2008 3:48:20 PM | Attr =  HS]
java -> %SystemRoot%\java ->  [Folder | Modified Date = 3/1/2008 1:30:35 PM | Attr =	]
lexstat.ini -> %SystemRoot%\lexstat.ini ->  [Ver =  | Size = 389 bytes | Modified Date = 3/21/2008 10:22:04 PM | Attr =	]
Media -> %SystemRoot%\Media ->  [Folder | Modified Date = 3/2/2008 12:29:24 PM | Attr =	]
mozver.dat -> %SystemRoot%\mozver.dat ->  [Ver =  | Size = 1158 bytes | Modified Date = 3/10/2008 6:11:01 PM | Attr =	]
msagent -> %SystemRoot%\msagent ->  [Folder | Modified Date = 3/2/2008 12:30:55 PM | Attr =	]
msapps -> %SystemRoot%\msapps ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
mui -> %SystemRoot%\mui ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 69 bytes | Modified Date = 3/21/2008 2:35:33 PM | Attr =	]
nsreg.dat -> %SystemRoot%\nsreg.dat ->  [Ver =  | Size = 0 bytes | Modified Date = 3/10/2008 1:24:35 PM | Attr =	]
nview -> %SystemRoot%\nview ->  [Folder | Modified Date = 3/1/2008 5:35:44 PM | Attr =	]
ODBCINST.INI -> %SystemRoot%\ODBCINST.INI ->  [Ver =  | Size = 4161 bytes | Modified Date = 3/1/2008 1:30:35 PM | Attr =	]
Offline Web Pages -> %SystemRoot%\Offline Web Pages ->  [Folder | Modified Date = 3/1/2008 1:30:14 PM | Attr = R  ]
PCHealth -> %SystemRoot%\PCHealth ->  [Folder | Modified Date = 3/1/2008 4:35:26 PM | Attr =	]
peernet -> %SystemRoot%\peernet ->  [Folder | Modified Date = 3/1/2008 3:19:36 PM | Attr =	]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Modified Date = 3/23/2008 5:07:46 PM | Attr =	]
provisioning -> %SystemRoot%\provisioning ->  [Folder | Modified Date = 3/1/2008 3:19:36 PM | Attr =	]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Modified Date = 3/1/2008 5:43:40 PM | Attr =	]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Modified Date = 3/1/2008 5:43:40 PM | Attr =  H ]
RegisteredPackages -> %SystemRoot%\RegisteredPackages ->  [Folder | Modified Date = 3/1/2008 4:54:06 PM | Attr =	]
Registration -> %SystemRoot%\Registration ->  [Folder | Modified Date = 3/10/2008 1:01:57 AM | Attr =	]
REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD ->  [Ver =  | Size = 8192 bytes | Modified Date = 3/1/2008 1:33:52 PM | Attr =	]
repair -> %SystemRoot%\repair ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
Resources -> %SystemRoot%\Resources ->  [Folder | Modified Date = 3/1/2008 8:20:54 AM | Attr =	]
security -> %SystemRoot%\security ->  [Folder | Modified Date = 3/10/2008 12:55:05 AM | Attr =	]
ServicePackFiles -> %SystemRoot%\ServicePackFiles ->  [Folder | Modified Date = 3/1/2008 3:19:11 PM | Attr =	]
SHELLNEW -> %SystemRoot%\SHELLNEW ->  [Folder | Modified Date = 3/1/2008 4:35:45 PM | Attr =	]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution ->  [Folder | Modified Date = 3/1/2008 2:39:56 PM | Attr =	]
srchasst -> %SystemRoot%\srchasst ->  [Folder | Modified Date = 3/1/2008 3:19:08 PM | Attr =	]
system -> %SystemRoot%\system ->  [Folder | Modified Date = 3/17/2008 1:07:09 AM | Attr =	]
system.ini -> %SystemRoot%\system.ini ->  [Ver =  | Size = 227 bytes | Modified Date = 3/17/2008 12:43:45 AM | Attr =	]
system32 -> %SystemRoot%\system32 ->  [Folder | Modified Date = 3/23/2008 3:50:58 PM | Attr =	]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Modified Date = 3/10/2008 1:40:25 AM | Attr =   S]
TEMP -> %SystemRoot%\TEMP ->  [Folder | Modified Date = 3/23/2008 3:52:53 PM | Attr =	]
twain_32 -> %SystemRoot%\twain_32 ->  [Folder | Modified Date = 3/22/2008 3:58:46 PM | Attr =	]
vb.ini -> %SystemRoot%\vb.ini ->  [Ver =  | Size = 36 bytes | Modified Date = 3/1/2008 1:28:38 PM | Attr =	]
vbaddin.ini -> %SystemRoot%\vbaddin.ini ->  [Ver =  | Size = 37 bytes | Modified Date = 3/1/2008 1:28:38 PM | Attr =	]
WBEM -> %SystemRoot%\WBEM ->  [Folder | Modified Date = 3/2/2008 12:29:26 PM | Attr =	]
Web -> %SystemRoot%\Web ->  [Folder | Modified Date = 3/1/2008 3:18:31 PM | Attr = R  ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 651 bytes | Modified Date = 3/21/2008 2:12:54 PM | Attr =	]
WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest ->  [Ver =  | Size = 749 bytes | Modified Date = 3/1/2008 1:30:12 PM | Attr = RH ]
WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Modified Date = 3/2/2008 3:57:11 PM | Attr =	]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx ->  [Ver =  | Size = 316640 bytes | Modified Date = 3/1/2008 4:25:42 PM | Attr =	]
WMSysPrx.prx -> %SystemRoot%\WMSysPrx.prx ->  [Ver =  | Size = 299552 bytes | Modified Date = 3/1/2008 1:30:39 PM | Attr =	]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 3/23/2008 3:52:34 PM | Attr =  H ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat ->  [Ver =  | Size = 11424 bytes | Modified Date = 3/23/2008 3:53:38 PM | Attr =	]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat ->  [Ver =  | Size = 11424 bytes | Modified Date = 3/23/2008 3:53:38 PM | Attr =	]
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat ->  [Ver =  | Size = 8206 bytes | Modified Date = 3/1/2008 4:36:56 PM | Attr =	]
SSUPDATE.EXE -> C:\Documents and Settings\Dad\Local Settings\Temp\SSUPDATE.EXE -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 146672 bytes | Modified Date = 2/29/2008 4:03:44 PM | Attr =	]

< End of report >

Here is the Super log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/23/2008 at 04:26 PM

Application Version : 4.0.1154

Core Rules Database Version : 3423
Trace Rules Database Version: 1415

Scan type	   : Complete Scan
Total Scan Time : 00:31:07

Memory items scanned	  : 341
Memory threats detected   : 0
Registry items scanned	: 5451
Registry threats detected : 0
File items scanned		: 54252
File threats detected	 : 16

Adware.Tracking Cookie
	C:\Documents and Settings\Dad\Cookies\dad@208.122.40[1].txt
	C:\Documents and Settings\Dad\Cookies\dad@208.122.40[3].txt
	C:\Documents and Settings\Dad\Cookies\dad@adknowledge[2].txt
	C:\Documents and Settings\Dad\Cookies\dad@adlegend[2].txt
	C:\Documents and Settings\Dad\Cookies\dad@adopt.euroclick[1].txt
	C:\Documents and Settings\Dad\Cookies\dad@ads.as4x.tmcs[1].txt
	C:\Documents and Settings\Dad\Cookies\dad@enhance[2].txt
	C:\Documents and Settings\Dad\Cookies\dad@imrworldwide[2].txt
	C:\Documents and Settings\Dad\Cookies\dad@indextools[2].txt
	C:\Documents and Settings\Dad\Cookies\dad@overture[2].txt
	C:\Documents and Settings\Dad\Cookies\dad@specificclick[1].txt
	C:\Documents and Settings\Dad\Cookies\dad@statsgod[2].txt
	C:\Documents and Settings\Dad\Cookies\dad@tacoda[1].txt
	C:\Documents and Settings\Dad\Cookies\dad@tagiq.clickforensics[1].txt
	C:\Documents and Settings\Dad\Cookies\dad@toseeka[1].txt
	C:\Documents and Settings\Dad\Cookies\dad@tracking.dsmmadvantage[1].txt

And here is the .log file:

Explorer killed successfully
[Registry - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{182C7ED7-E56D-4509-9D9B-AC49318D9895} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{182C7ED7-E56D-4509-9D9B-AC49318D9895}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbhh32\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32683183-48a0-441b-a342-7c2a440a9478}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{2670000A-7350-4f3c-8081-5663EE0C6C49} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
[Files/Folders - Created Within 30 days]
C:\WINDOWS\System32\apvvlrgu.ini moved successfully.
C:\WINDOWS\System32\atvtpoya.ini moved successfully.
C:\WINDOWS\System32\dtfnmviu.ini moved successfully.
C:\WINDOWS\System32\ggseguyo.ini moved successfully.
C:\WINDOWS\System32\jevudgco.ini moved successfully.
[Files/Folders - Modified Within 30 days]
File C:\WINDOWS\System32\apvvlrgu.ini not found!
File C:\WINDOWS\System32\atvtpoya.ini not found!
File C:\WINDOWS\System32\dtfnmviu.ini not found!
File C:\WINDOWS\System32\ggseguyo.ini not found!
File C:\WINDOWS\System32\jevudgco.ini not found!
[Empty Temp Folders]
File delete failed. C:\Documents and Settings\Dad\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User temp folders emptied.
SystemRoot temp folder emptied.
IE temp folders emptied
RecycleBin -> emptied.
Explorer started successfully
< End of fix log >
OTScanIt by OldTimer - Version 1.0.6.0 fix logfile created on 03232008_155058

I did have one issue. When I tried to paste the last section of code to the Manual File or Registry Key Scans, the only place that it would allow me to paste anything is in the "paste fix here" section...

Thanks again!

#7 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:08:49 AM

Posted 24 March 2008 - 12:12 AM

Hi lowvoltage. That looks good except for the custom scans. Is there no editbox on the bottom of the left-hand side to paste the custom scan data? If you don't see it, maximize the program look again. I want to see what is in those two folders.

This time, select None in all of the groups in the Basic Scans areas, copy/paste the test from the code box below into the Custom Scans are on the bottom left-hand of the screen and then click the Run Scan button. Copy/paste the results back here.

%SystemDrive%\b4a7bb7186989f2e54977486e3\*.* /s
%SystemDrive%\c867271164e46ed2a6\*.* /s

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#8 lowvoltage

lowvoltage
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 24 March 2008 - 10:27 AM

Hi OldTimer. That is correct, there is no editbox on the bottom of the left-hand side to paste the custom scan data. It doesnt matter if the program is maximized, resized, etc. No matter how I stretch it there is no editbox to paste the code.

#9 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:08:49 AM

Posted 24 March 2008 - 11:47 AM

Hi lowvoltage. Very strange. I've never heard of that before. It could be the screen resolution and settings. The program adjusts it's scale for various settings. Try it in Safe Mode and see what happens.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#10 lowvoltage

lowvoltage
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 24 March 2008 - 12:57 PM

Resolution was the problem. I lowered my desktop setting and the editbox appeared.
Here is the OTScanIt log:

OTScanIt logfile created on: 3/24/2008 1:55:25 PM
OTScanIt by OldTimer - Version 1.0.6.0	 Folder = C:\Documents and Settings\Dad\Desktop\OTScanIt
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.59% Memory free
3.85 Gb Paging File | 3.45 Gb Available in Paging File | 89.53% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 447.41 Gb Free Space | 96.06% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 18.64 Gb Total Space | 18.49 Gb Free Space | 99.21% Space Free | Partition Type: NTFS
Drive F: | 39.07 Gb Total Space | 25.86 Gb Free Space | 66.20% Space Free | Partition Type: NTFS
Drive G: | 39.07 Gb Total Space | 8.67 Gb Free Space | 22.20% Space Free | Partition Type: NTFS
Drive H: | 33.65 Gb Total Space | 14.06 Gb Free Space | 41.77% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: THISIDEU-XSKPET
Current User Name: Dad
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user


[Manual Scans]
< %SystemDrive%\b4a7bb7186989f2e54977486e3\*.* /s >
C:\b4a7bb7186989f2e54977486e3\ -> C:\b4a7bb7186989f2e54977486e3 ->  [Folder | Modified Date = 3/21/2008 2:12:07 PM | Attr =	]
C:\b4a7bb7186989f2e54977486e3\update\ -> C:\b4a7bb7186989f2e54977486e3\update ->  [Folder | Modified Date = 3/21/2008 2:12:07 PM | Attr =	]
update.exe -> C:\b4a7bb7186989f2e54977486e3\update\update.exe -> Microsoft Corporation [Ver = 6.2.0029.0 (SRV03_QFE.031113-0918) | Size = 716000 bytes | Modified Date = 5/16/2006 6:11:54 PM | Attr =	]
updspapi.dll -> C:\b4a7bb7186989f2e54977486e3\update\updspapi.dll -> Microsoft Corporation [Ver = 6.2.0029.0 (SRV03_QFE.031113-0918) | Size = 371424 bytes | Modified Date = 5/16/2006 6:11:54 PM | Attr =	]
wpdinstallutil.dll -> C:\b4a7bb7186989f2e54977486e3\update\wpdinstallutil.dll ->  [Ver =  | Size = 13312 bytes | Modified Date = 11/2/2006 11:46:52 AM | Attr =	]
< %SystemDrive%\c867271164e46ed2a6\*.* /s >
C:\c867271164e46ed2a6\ -> C:\c867271164e46ed2a6 ->  [Folder | Modified Date = 3/21/2008 2:11:10 PM | Attr =	]
C:\c867271164e46ed2a6\update\ -> C:\c867271164e46ed2a6\update ->  [Folder | Modified Date = 3/21/2008 2:11:10 PM | Attr =	]
update.exe -> C:\c867271164e46ed2a6\update\update.exe -> Microsoft Corporation [Ver = 6.3.0003.0 built by: dnsrv | Size = 742192 bytes | Modified Date = 9/16/2006 1:05:22 AM | Attr =	]
wudfcustom.dll -> C:\c867271164e46ed2a6\update\wudfcustom.dll -> Microsoft Corporation [Ver = 6.0.5716.32 (winmain(wmbla).060928-1756) | Size = 58368 bytes | Modified Date = 9/28/2006 7:01:52 PM | Attr =	]
< End of report >


#11 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:08:49 AM

Posted 24 March 2008 - 05:38 PM

Hi lowvoltage. I have no idea what created those folders but they appear to be related to some Microsoft update so there should be no problem with them.

How are things running now? Any more issues? If not, then run the system for a cuple of days to make sure nothing pops up and hten get back to me so we can do some final cleanup.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#12 lowvoltage

lowvoltage
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 24 March 2008 - 06:54 PM

Hey OldTimer. Everything seems to be running fine. I havent had any further issues over the past few days. I did notice one thing that has started popping up in my AVG log every day. I've attached a copy of the report with this post. Not sure if its just another program that is causing a false report, or if its something I should worry about.
The warning is for: "Trojan horse Dropper.Generic.VZP"
I attached the history log (xml format)

Thanks again for the help!

Edit: Forgot to add, when I do a full scan with AVG after the warning, nothing is found. Spyhunter/Adaware do not find anything either.

Attached Files


Edited by lowvoltage, 24 March 2008 - 06:56 PM.


#13 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:08:49 AM

Posted 24 March 2008 - 07:53 PM

Hi lowvoltage. Most of the entries deal with the System Restore points and we have not cleaned those out yet. Unless a System Restore is performed, they can do no harm. The bigger issue is the original files that were backed up. They appear to be from the installation from some program. An observation is that the program came from questionable sources. Ths file, G:\FEAR\F.E.A.R.Keygen.REPACK-RELOADED\rld-fearkg.exe, is a key generator and these usually come from sources used to bypass legitimate protections on copyrighted material. I would get rid of that entire folder and any installations made from it as soon as possible.

Now, let's do some final cleanup to reset the System Restore points and remove all of the tools we used during the fix and then you are all set.

Step #1

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.

3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.

Step #2

To remove all of the tools we used and the files and folders they created do the following:
  • Start OTScanIt
    Click the CleanUp button
  • OTScanIt will download a small file from the Internet. If a security program or firewall warns you of this allow it to download.
  • OTScanIt will delete any tools downloaded and files/folders created and then ask you to reboot so it can remove itself. Click Yes.
After that you are good to go.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#14 lowvoltage

lowvoltage
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 24 March 2008 - 10:28 PM

OldTimer, thanks so much for the help! I deleted the folder you mentioned above and reset the system restore points. Everything looks good here on this end.

Thanks!!

#15 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:08:49 AM

Posted 24 March 2008 - 11:06 PM

You are very welcome lowvoltage, I'm glad that we could help.

I will now close this topic. If you have any new malware related questions or issues in the future please start a new topic.

Cheers and Happy Computing !

OT :thumbsup:
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users