Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Smitfraud-c That Is Not Getting Cured.


  • Please log in to reply
15 replies to this topic

#1 aditya349

aditya349

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 21 March 2007 - 07:27 PM

Hi,

My PC is infected with Smitfraud-C.Toolbar and Spybot reports it each time even after cleaning. I tried SmitfraudFix in Safe Mode and it did not help. With this infection I get random popups.

I am enclosing the log from HijackThis. I will appreciate any help and suggestions.

Thanks.

Aditya
-------------------------


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 8:12:20 PM, on 3/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Compuware\PCShared\NCS.EXE
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Trayit\trayit!.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\system32\logon.scr
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\F\Downloads\Antispyware\HiJackThis_v2.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {3f4c1ae6-fe10-4354-8bcf-58e1d6b4970a} - C:\WINDOWS\system32\iuensec.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NMIEHelper Class - {CE92F0E4-87AD-11D3-B713-00C04F8F6C86} - C:\Program Files\Compuware\PCShared\NMIEHELP.dll
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\System32\tmp2.tmp.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Lexmark_X79-55] C:\WINDOWS\System32\lsasss.exe
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\pmlige.dll",setvm
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: TrayIt!.lnk = C:\Program Files\Trayit\trayit!.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0814DE28-AB38-48D3-A4C6-D5740ADDD721} (IWorks Control) - http://192.168.0.100/iWorks.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3C63E58F-715F-4B88-9F1F-5C3C9F07976B} (Upgrade Control) - http://192.168.000.100/iWorks.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1174501304187
O16 - DPF: {69565A48-8A92-11D9-8BDE-F66BAD1E3F3A} (BridgeChannel v3.2) - http://channel.bridge.com/bc/java/rbc33_i.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174507015109
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab
O16 - DPF: {9E5B3E8E-5F5B-437D-86D7-E2BCF1EEF678} (IHistoryLog Control) - http://192.168.0.100/iWorks.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{46DE913A-65A4-488B-8795-89C7C8B95372}: NameServer = 192.94.228.111,192.94.228.15,192.94.228.201,12.127.16.67,12.127.17.71
O20 - Winlogon Notify: iuensec - C:\WINDOWS\SYSTEM32\iuensec.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Numega Control Service (NCS) - Compuware Numega Lab - C:\Program Files\Compuware\PCShared\NCS.EXE
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe

--
End of file - 6054 bytes

BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:07:48 PM

Posted 22 March 2007 - 06:01 PM

Hello aditya349 and welcome to the BC HijackThis forum. The TM version of HijackThis is still a beta version and as such is not supported at this time. Go ahead and uninstall it and delete any files folders it created.

Let's try a different scanner and see what we find.

Download WinPFind3u.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 aditya349

aditya349
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 23 March 2007 - 09:44 AM

Hi OT,

Thank you for your attention. I ran WinPFind3U and the log is enclosed. For last couple of days I have also noticed some wierd stuff. I use my Office Desktop from Home using Remote Desktop and last two days when I come back to work, my desktop has no ICONs just text which is kind of blinking. Hope it helps.

Thank you,

Aditya

WinPFind3 logfile created on: 3/23/2007 10:28:28 AM
WinPFind3U by OldTimer - Version 1.0.28 Folder = C:\Documents and Settings\amrit\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

1023 Mb Total Physical Memory | 632 Mb Available Physical Memory | 61.82% Memory free
1 Gb Paging File | 1 Gb Available in Paging File | 84.67% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1534;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76 Gb Total Space | 24 Gb Free Space | 31.65% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: BLUE78
Current User Name: amrit
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
defwatch.exe -> %ProgramFiles%\NavNT\defwatch.exe -> Symantec Corporation [Ver = 7, 51, 0, 1 | Size = 32768 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.3: 2007030919 | Size = 7633008 bytes | Modified Date = 3/22/2007 11:57:06 AM | Attr = ]
ghoststartservice.exe -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartService.exe -> Symantec Corporation [Ver = 2003.775 | Size = 200704 bytes | Modified Date = 8/14/2002 3:21:16 PM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 12/15/2006 3:23:28 AM | Attr = ]
msgsys.exe -> %System32%\MSGSYS.EXE -> Intel Corporation [Ver = 6.0.201.0940 E | Size = 14336 bytes | Modified Date = 9/18/2000 5:12:40 PM | Attr = ]
ncs.exe -> %ProgramFiles%\Compuware\PCShared\NCS.exe -> Compuware Numega Lab [Ver = 1, 0, 0, 1 | Size = 45110 bytes | Modified Date = 9/25/2000 11:30:20 AM | Attr = ]
rtvscan.exe -> %ProgramFiles%\NavNT\rtvscan.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 430080 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
trayit!.exe -> %ProgramFiles%\Trayit\trayit!.exe -> Igor Nys [Ver = 2, 9, 1, 1 | Size = 61952 bytes | Modified Date = 9/7/2000 2:10:34 PM | Attr = R ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.28.0 | Size = 316416 bytes | Modified Date = 3/22/2007 7:01:30 AM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Modified Date = 8/22/2006 8:05:00 PM | Attr = ]
(DefWatch) DefWatch [Win32_Own | Auto | Running] -> %ProgramFiles%\NavNT\defwatch.exe -> Symantec Corporation [Ver = 7, 51, 0, 1 | Size = 32768 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:50 AM | Attr = ]
(GhostStartService) GhostStartService [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartService.exe -> Symantec Corporation [Ver = 2003.775 | Size = 200704 bytes | Modified Date = 8/14/2002 3:21:16 PM | Attr = ]
(NCS) Numega Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Compuware\PCShared\NCS.exe -> Compuware Numega Lab [Ver = 1, 0, 0, 1 | Size = 45110 bytes | Modified Date = 9/25/2000 11:30:20 AM | Attr = ]
(Norton AntiVirus Server) Norton AntiVirus Client [Win32_Own | Auto | Running] -> %ProgramFiles%\NavNT\rtvscan.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 430080 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ATICCC -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLIStart.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
GhostStartTrayApp -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
RoxioAudioCentral -> %ProgramFiles%\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
RoxioEngineUtility -> %CommonProgramFiles%\Roxio Shared\System\EngUtil.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 12/15/2006 3:23:28 AM | Attr = ]
vptray -> %ProgramFiles%\NavNT\vptray.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< User Startup > -> C:\Documents and Settings\amrit\Start Menu\Programs\Startup
%UserStartup%\TrayIt!.lnk -> %ProgramFiles%\Trayit\trayit!.exe -> Igor Nys [Ver = 2, 9, 1, 1 | Size = 61952 bytes | Modified Date = 9/7/2000 2:10:34 PM | Attr = R ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 86016 bytes | Modified Date = 8/22/2006 8:46:30 PM | Attr = ]
iuensec -> %System32%\iuensec.dll -> [Ver = | Size = 19828 bytes | Modified Date = 3/19/2007 2:51:02 PM | Attr = ]
NavLogon -> %System32%\NavLogon.dll -> [Ver = | Size = 28672 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
< HOSTS File > (0 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Local Page -> C:\windows\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 12:02:04 PM | Attr = ]
{3f4c1ae6-fe10-4354-8bcf-58e1d6b4970a} [HKLM] -> %System32%\iuensec.dll [Reg Data - Value does not exist] -> [Ver = | Size = 19828 bytes | Modified Date = 3/19/2007 2:51:02 PM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Data - Value does not exist] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 12/15/2006 3:23:24 AM | Attr = ]
{CE92F0E4-87AD-11D3-B713-00C04F8F6C86} [HKLM] -> %ProgramFiles%\Compuware\PCShared\NMIEHELP.dll [NMIEHelper Class] -> [Ver = 1, 0, 0, 1 | Size = 61497 bytes | Modified Date = 5/3/2000 2:41:02 AM | Attr = ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 12/15/2006 3:23:26 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 12/15/2006 3:23:24 AM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&xport to Microsoft Excel -> -> File not found
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\
.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 1:56:24 PM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{44556415-7559-4F50-A091-12CFD3069AD5} -> (Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45) ->
{46DE913A-65A4-488B-8795-89C7C8B95372} -> 192.94.228.111,192.94.228.15,192.94.228.201,12.127.16.67,12.127.17.71 (Broadcom NetXtreme Gigabit Ethernet) ->
{6D732098-7696-458B-B1DB-62C0B96AFF43} -> (1394 Net Adapter) ->
{84F19A83-B165-4CE8-BB4D-44B19D4D9EDA} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{0000000A-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/8/B...42/wmsp9dmo.cab ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -> QuickTime Object - CodeBase = http://www.apple.com/qtactivex/qtplugin.cab ->
{0814DE28-AB38-48D3-A4C6-D5740ADDD721} -> IWorks Control - CodeBase = http://192.168.0.100/iWorks.CAB ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 ->
{33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab ->
{3C63E58F-715F-4B88-9F1F-5C3C9F07976B} -> Upgrade Control - CodeBase = http://192.168.000.100/iWorks.CAB ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/...b?1174501304187 ->
{69565A48-8A92-11D9-8BDE-F66BAD1E3F3A} -> BridgeChannel v3.2 - CodeBase = http://channel.bridge.com/bc/java/rbc33_i.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdat...b?1174507015109 ->
{82774781-8F4E-11D1-AB1C-0000F8773BF0} -> DLC Class - CodeBase = https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{9E5B3E8E-5F5B-437D-86D7-E2BCF1EEF678} -> IHistoryLog Control - CodeBase = http://192.168.0.100/iWorks.CAB ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> Shockwave Flash Object - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab ->
Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


[Files/Folders - Created Within 30 days]
CCStudio_v3.2 -> %SystemDrive%\CCStudio_v3.2 -> [Folder | Created Date = 3/19/2007 12:32:01 PM | Attr = ]
command.exe -> %SystemDrive%\command.exe -> [Ver = | Size = 45056 bytes | Created Date = 3/20/2007 6:57:46 PM | Attr = ]
images -> %SystemDrive%\images -> [Folder | Created Date = 2/23/2007 10:10:16 AM | Attr = ]
iNspect -> %SystemDrive%\iNspect -> [Folder | Created Date = 2/27/2007 10:21:15 AM | Attr = ]
iNspectns2setup -> %SystemDrive%\iNspectns2setup -> [Folder | Created Date = 3/12/2007 5:44:56 PM | Attr = ]
NK.bin -> %SystemDrive%\NK.bin -> [Ver = | Size = 9920019 bytes | Created Date = 3/22/2007 1:20:26 PM | Attr = ]
nk.bin_va20_nodma -> %SystemDrive%\nk.bin_va20_nodma -> [Ver = | Size = 9530011 bytes | Created Date = 3/22/2007 12:53:13 PM | Attr = ]
solution00.bin -> %SystemDrive%\solution00.bin -> [Ver = | Size = 646343 bytes | Created Date = 3/14/2007 11:42:00 AM | Attr = ]
solution01.bin -> %SystemDrive%\solution01.bin -> [Ver = | Size = 315810 bytes | Created Date = 2/28/2007 3:14:00 PM | Attr = ]
solution02.bin -> %SystemDrive%\solution02.bin -> [Ver = | Size = 315068 bytes | Created Date = 2/28/2007 3:14:00 PM | Attr = ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Created Date = 3/21/2007 3:28:34 PM | Attr = H ]
$NtUninstallKB833407$ -> %SystemRoot%\$NtUninstallKB833407$ -> [Folder | Created Date = 3/21/2007 2:21:58 PM | Attr = H ]
$NtUninstallKB835409$ -> %SystemRoot%\$NtUninstallKB835409$ -> [Folder | Created Date = 3/21/2007 2:08:07 PM | Attr = H ]
$NtUninstallKB873333$ -> %SystemRoot%\$NtUninstallKB873333$ -> [Folder | Created Date = 3/21/2007 3:46:11 PM | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Created Date = 3/21/2007 3:47:08 PM | Attr = H ]
$NtUninstallKB885250$ -> %SystemRoot%\$NtUninstallKB885250$ -> [Folder | Created Date = 3/21/2007 3:47:55 PM | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Created Date = 3/21/2007 3:48:43 PM | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Created Date = 3/21/2007 3:49:39 PM | Attr = H ]
$NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Created Date = 3/21/2007 3:50:32 PM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Created Date = 3/21/2007 3:51:19 PM | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Created Date = 3/21/2007 3:52:13 PM | Attr = H ]
$NtUninstallKB890046_0$ -> %SystemRoot%\$NtUninstallKB890046_0$ -> [Folder | Created Date = 3/21/2007 1:54:56 PM | Attr = H ]
$NtUninstallKB890047$ -> %SystemRoot%\$NtUninstallKB890047$ -> [Folder | Created Date = 3/21/2007 3:53:01 PM | Attr = H ]
$NtUninstallKB890175$ -> %SystemRoot%\$NtUninstallKB890175$ -> [Folder | Created Date = 3/21/2007 3:54:26 PM | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Created Date = 3/21/2007 3:55:54 PM | Attr = H ]
$NtUninstallKB890859_0$ -> %SystemRoot%\$NtUninstallKB890859_0$ -> [Folder | Created Date = 3/21/2007 1:56:16 PM | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Created Date = 3/21/2007 3:56:33 PM | Attr = H ]
$NtUninstallKB892944$ -> %SystemRoot%\$NtUninstallKB892944$ -> [Folder | Created Date = 3/21/2007 1:54:28 PM | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Created Date = 3/21/2007 3:57:09 PM | Attr = H ]
$NtUninstallKB893756_0$ -> %SystemRoot%\$NtUninstallKB893756_0$ -> [Folder | Created Date = 3/21/2007 1:57:25 PM | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Created Date = 3/21/2007 3:57:50 PM | Attr = H ]
$NtUninstallKB896358_0$ -> %SystemRoot%\$NtUninstallKB896358_0$ -> [Folder | Created Date = 3/21/2007 1:56:53 PM | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Created Date = 3/21/2007 3:58:30 PM | Attr = H ]
$NtUninstallKB896423_0$ -> %SystemRoot%\$NtUninstallKB896423_0$ -> [Folder | Created Date = 3/21/2007 1:58:56 PM | Attr = H ]
$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Created Date = 3/21/2007 3:59:13 PM | Attr = H ]
$NtUninstallKB896424_0$ -> %SystemRoot%\$NtUninstallKB896424_0$ -> [Folder | Created Date = 3/21/2007 2:07:27 PM | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Created Date = 3/21/2007 3:59:58 PM | Attr = H ]
$NtUninstallKB896428_0$ -> %SystemRoot%\$NtUninstallKB896428_0$ -> [Folder | Created Date = 3/21/2007 1:55:21 PM | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Created Date = 3/21/2007 1:26:44 PM | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Created Date = 3/21/2007 4:00:42 PM | Attr = H ]
$NtUninstallKB899587_0$ -> %SystemRoot%\$NtUninstallKB899587_0$ -> [Folder | Created Date = 3/21/2007 1:58:23 PM | Attr = H ]
$NtUninstallKB899589$ -> %SystemRoot%\$NtUninstallKB899589$ -> [Folder | Created Date = 3/21/2007 4:01:30 PM | Attr = H ]
$NtUninstallKB899589_0$ -> %SystemRoot%\$NtUninstallKB899589_0$ -> [Folder | Created Date = 3/21/2007 2:02:05 PM | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Created Date = 3/21/2007 4:02:12 PM | Attr = H ]
$NtUninstallKB899591_0$ -> %SystemRoot%\$NtUninstallKB899591_0$ -> [Folder | Created Date = 3/21/2007 1:57:53 PM | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Created Date = 3/21/2007 4:03:06 PM | Attr = H ]
$NtUninstallKB900725_0$ -> %SystemRoot%\$NtUninstallKB900725_0$ -> [Folder | Created Date = 3/21/2007 2:06:40 PM | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Created Date = 3/21/2007 4:03:54 PM | Attr = H ]
$NtUninstallKB901017_0$ -> %SystemRoot%\$NtUninstallKB901017_0$ -> [Folder | Created Date = 3/21/2007 2:02:48 PM | Attr = H ]
$NtUninstallKB901190$ -> %SystemRoot%\$NtUninstallKB901190$ -> [Folder | Created Date = 3/21/2007 4:04:48 PM | Attr = H ]
$NtUninstallKB901190_0$ -> %SystemRoot%\$NtUninstallKB901190_0$ -> [Folder | Created Date = 3/21/2007 2:11:27 PM | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Created Date = 3/21/2007 4:05:37 PM | Attr = H ]
$NtUninstallKB901214_0$ -> %SystemRoot%\$NtUninstallKB901214_0$ -> [Folder | Created Date = 3/21/2007 1:55:46 PM | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Created Date = 3/21/2007 4:06:30 PM | Attr = H ]
$NtUninstallKB902400_0$ -> %SystemRoot%\$NtUninstallKB902400_0$ -> [Folder | Created Date = 3/21/2007 2:00:46 PM | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Created Date = 3/21/2007 2:04:36 PM | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Created Date = 3/21/2007 4:07:29 PM | Attr = H ]
$NtUninstallKB905414_0$ -> %SystemRoot%\$NtUninstallKB905414_0$ -> [Folder | Created Date = 3/21/2007 2:03:23 PM | Attr = H ]
$NtUninstallKB905495$ -> %SystemRoot%\$NtUninstallKB905495$ -> [Folder | Created Date = 3/21/2007 2:05:58 PM | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Created Date = 3/21/2007 4:08:23 PM | Attr = H ]
$NtUninstallKB905749_0$ -> %SystemRoot%\$NtUninstallKB905749_0$ -> [Folder | Created Date = 3/21/2007 2:05:19 PM | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Created Date = 3/21/2007 4:09:19 PM | Attr = H ]
$NtUninstallKB908519_0$ -> %SystemRoot%\$NtUninstallKB908519_0$ -> [Folder | Created Date = 3/21/2007 2:09:27 PM | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Created Date = 3/21/2007 4:10:08 PM | Attr = H ]
$NtUninstallKB908531_0$ -> %SystemRoot%\$NtUninstallKB908531_0$ -> [Folder | Created Date = 3/21/2007 2:14:45 PM | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Created Date = 3/21/2007 4:11:15 PM | Attr = H ]
$NtUninstallKB910437_0$ -> %SystemRoot%\$NtUninstallKB910437_0$ -> [Folder | Created Date = 3/21/2007 2:08:46 PM | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Created Date = 3/21/2007 4:12:08 PM | Attr = H ]
$NtUninstallKB911280_0$ -> %SystemRoot%\$NtUninstallKB911280_0$ -> [Folder | Created Date = 3/21/2007 2:22:58 PM | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Created Date = 3/21/2007 4:13:02 PM | Attr = H ]
$NtUninstallKB911562_0$ -> %SystemRoot%\$NtUninstallKB911562_0$ -> [Folder | Created Date = 3/21/2007 2:14:01 PM | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Created Date = 3/21/2007 2:12:43 PM | Attr = H ]
$NtUninstallKB911567-OE6SP1-20060316.165634$ -> %SystemRoot%\$NtUninstallKB911567-OE6SP1-20060316.165634$ -> [Folder | Created Date = 3/21/2007 2:13:12 PM | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Created Date = 3/21/2007 4:13:49 PM | Attr = H ]
$NtUninstallKB911927_0$ -> %SystemRoot%\$NtUninstallKB911927_0$ -> [Folder | Created Date = 3/21/2007 2:10:50 PM | Attr = H ]
$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Created Date = 3/21/2007 4:14:31 PM | Attr = H ]
$NtUninstallKB912919_0$ -> %SystemRoot%\$NtUninstallKB912919_0$ -> [Folder | Created Date = 3/21/2007 2:10:07 PM | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Created Date = 3/21/2007 4:15:13 PM | Attr = H ]
$NtUninstallKB913580_0$ -> %SystemRoot%\$NtUninstallKB913580_0$ -> [Folder | Created Date = 3/21/2007 2:20:19 PM | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Created Date = 3/21/2007 4:15:59 PM | Attr = H ]
$NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Created Date = 3/21/2007 2:27:53 PM | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Created Date = 3/21/2007 4:16:44 PM | Attr = H ]
$NtUninstallKB914389_0$ -> %SystemRoot%\$NtUninstallKB914389_0$ -> [Folder | Created Date = 3/21/2007 2:17:04 PM | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Created Date = 3/21/2007 4:17:26 PM | Attr = H ]
$NtUninstallKB917344_0$ -> %SystemRoot%\$NtUninstallKB917344_0$ -> [Folder | Created Date = 3/21/2007 2:18:41 PM | Attr = H ]
$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Created Date = 3/21/2007 4:18:11 PM | Attr = H ]
$NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Created Date = 3/21/2007 2:30:12 PM | Attr = H ]
$NtUninstallKB917734_WMP8$ -> %SystemRoot%\$NtUninstallKB917734_WMP8$ -> [Folder | Created Date = 3/21/2007 2:16:20 PM | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Created Date = 3/21/2007 4:18:57 PM | Attr = H ]
$NtUninstallKB917953_0$ -> %SystemRoot%\$NtUninstallKB917953_0$ -> [Folder | Created Date = 3/21/2007 2:21:12 PM | Attr = H ]
$NtUninstallKB918439-IE6SP1-20060530.145346$ -> %SystemRoot%\$NtUninstallKB918439-IE6SP1-20060530.145346$ -> [Folder | Created Date = 3/21/2007 2:17:44 PM | Attr = H ]
$NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Created Date = 3/21/2007 2:36:59 PM | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Created Date = 3/21/2007 4:19:43 PM | Attr = H ]
$NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Created Date = 3/21/2007 2:35:05 PM | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Created Date = 3/21/2007 4:20:26 PM | Attr = H ]
$NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Created Date = 3/21/2007 2:31:12 PM | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Created Date = 3/21/2007 4:21:06 PM | Attr = H ]
$NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Created Date = 3/21/2007 2:32:09 PM | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Created Date = 3/21/2007 4:21:51 PM | Attr = H ]
$NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Created Date = 3/21/2007 2:36:20 PM | Attr = H ]
$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Created Date = 3/21/2007 4:22:40 PM | Attr = H ]
$NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Created Date = 3/21/2007 2:33:03 PM | Attr = H ]
$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Created Date = 3/21/2007 4:23:24 PM | Attr = H ]
$NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Created Date = 3/21/2007 2:29:05 PM | Attr = H ]
$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Created Date = 3/21/2007 4:23:59 PM | Attr = H ]
$NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Created Date = 3/21/2007 2:34:13 PM | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Created Date = 3/21/2007 4:24:36 PM | Attr = H ]
$NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Created Date = 3/21/2007 2:43:12 PM | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Created Date = 3/21/2007 4:25:10 PM | Attr = H ]
$NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Created Date = 3/21/2007 2:41:05 PM | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Created Date = 3/21/2007 4:25:43 PM | Attr = H ]
$NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Created Date = 3/21/2007 2:38:56 PM | Attr = H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Created Date = 3/21/2007 4:26:36 PM | Attr = H ]
$NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Created Date = 3/21/2007 2:42:08 PM | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Created Date = 3/21/2007 4:27:40 PM | Attr = H ]
$NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Created Date = 3/21/2007 2:39:55 PM | Attr = H ]
$NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Created Date = 3/21/2007 2:37:49 PM | Attr = H ]
002852_.tmp -> %SystemRoot%\002852_.tmp -> [Ver = | Size = 19528 bytes | Created Date = 3/21/2007 3:32:44 PM | Attr = ]
CSC -> %SystemRoot%\CSC -> [Folder | Created Date = 3/21/2007 5:17:34 PM | Attr = ]
egilmp.ini -> %SystemRoot%\egilmp.ini -> [Ver = | Size = 1176564 bytes | Created Date = 3/20/2007 6:17:45 PM | Attr = HS]
gconf.INI -> %SystemRoot%\gconf.INI -> [Ver = | Size = 0 bytes | Created Date = 3/19/2007 12:59:57 PM | Attr = ]
mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 671 bytes | Created Date = 3/22/2007 10:09:18 AM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 3/19/2007 4:23:54 PM | Attr = ]
peernet -> %SystemRoot%\peernet -> [Folder | Created Date = 3/21/2007 3:40:11 PM | Attr = ]
pmlige.dll -> %SystemRoot%\pmlige.dll -> [Ver = | Size = 105656 bytes | Created Date = 3/20/2007 6:17:44 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 3/21/2007 4:38:05 PM | Attr = ]
provisioning -> %SystemRoot%\provisioning -> [Folder | Created Date = 3/21/2007 3:40:05 PM | Attr = ]
slrundll.exe -> %SystemRoot%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 3/21/2007 3:40:17 PM | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 3/22/2007 10:12:37 AM | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 3/21/2007 3:41:50 PM | Attr = ]
bak -> %System32%\bak -> [Folder | Created Date = 3/19/2007 2:35:38 PM | Attr = ]
CDisplay.dll -> %System32%\CDisplay.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 10:56:00 AM | Attr = ]
cell.dll -> %System32%\cell.dll -> Coreco Imaging Inc. [Ver = 1.4.4.3 | Size = 122880 bytes | Created Date = 3/12/2007 10:54:18 AM | Attr = ]
dumphive.exe -> %System32%\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
hsfcisp2.dll -> %System32%\hsfcisp2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Created Date = 3/21/2007 3:40:29 PM | Attr = ]
iappclient.dll -> %System32%\iappclient.dll -> [Ver = 1.4.4.3 | Size = 450560 bytes | Created Date = 3/12/2007 12:12:00 PM | Attr = ]
iappcontrols.dll -> %System32%\iappcontrols.dll -> [Ver = 1.4.4.3 | Size = 217088 bytes | Created Date = 3/12/2007 11:03:30 AM | Attr = ]
iassistant.exe -> %System32%\iassistant.exe -> [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 10:57:52 AM | Attr = ]
icleanping.exe -> %System32%\icleanping.exe -> [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 12:12:10 PM | Attr = ]
ieencode.dll -> %System32%\ieencode.dll -> [Ver = | Size = 81920 bytes | Created Date = 3/21/2007 3:40:29 PM | Attr = ]
iEtherNetIP.dll -> %System32%\iEtherNetIP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 163840 bytes | Created Date = 3/12/2007 10:59:38 AM | Attr = ]
ihistorylog.ocx -> %System32%\ihistorylog.ocx -> Coreco Imaging [Ver = 1.4.4.3 | Size = 57344 bytes | Created Date = 3/12/2007 12:12:14 PM | Attr = ]
iiNspectC.dll -> %System32%\iiNspectC.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 1495040 bytes | Created Date = 3/12/2007 5:42:58 PM | Attr = ]
iiNspectEN.chm -> %System32%\iiNspectEN.chm -> [Ver = | Size = 221014 bytes | Created Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectJP.chm -> %System32%\iiNspectJP.chm -> [Ver = | Size = 221014 bytes | Created Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectResEN.dll -> %System32%\iiNspectResEN.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 5:43:06 PM | Attr = ]
iiNspectResJP.dll -> %System32%\iiNspectResJP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 5:43:16 PM | Attr = ]
iLabelC.dll -> %System32%\iLabelC.dll -> [Ver = 1.4.4.3 | Size = 1130496 bytes | Created Date = 3/12/2007 12:12:20 PM | Attr = ]
iLabelResEN.dll -> %System32%\iLabelResEN.dll -> [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 12:12:22 PM | Attr = ]
iLabelResJP.dll -> %System32%\iLabelResJP.dll -> [Ver = 1.4.4.3 | Size = 24576 bytes | Created Date = 3/12/2007 12:12:22 PM | Attr = ]
imbslave.dll -> %System32%\imbslave.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 45056 bytes | Created Date = 3/12/2007 12:12:26 PM | Attr = ]
iuensec.dll -> %System32%\iuensec.dll -> [Ver = | Size = 19828 bytes | Created Date = 3/19/2007 2:51:01 PM | Attr = ]
iupgrade.exe -> %System32%\iupgrade.exe -> [Ver = 1.4.4.3 | Size = 69632 bytes | Created Date = 3/12/2007 12:12:54 PM | Attr = ]
iWorks.exe -> %System32%\iWorks.exe -> [Ver = 1.4.4.3 | Size = 667648 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorks.ocx -> %System32%\iWorks.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResEN.dll -> %System32%\iWorksResEN.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResJP.dll -> %System32%\iWorksResJP.dll -> [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 11:04:22 AM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49248 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 53346 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 127078 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
jpicpl32.cpl -> %System32%\jpicpl32.cpl -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49265 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
lsasss.exe -> %System32%\lsasss.exe -> [Ver = | Size = 37662 bytes | Created Date = 3/19/2007 2:35:39 PM | Attr = ]
mdmxsdk.dll -> %System32%\mdmxsdk.dll -> Conexant [Ver = 1.0.2.006 | Size = 86016 bytes | Created Date = 3/21/2007 3:40:28 PM | Attr = ]
mtxparhd.dll -> %System32%\mtxparhd.dll -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 1737856 bytes | Created Date = 3/21/2007 3:40:27 PM | Attr = ]
NetmsgW32.dll -> %System32%\NetmsgW32.dll -> [Ver = 1.4.4.3 | Size = 45056 bytes | Created Date = 3/12/2007 10:53:54 AM | Attr = ]
pathtoolclient.dll -> %System32%\pathtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 61440 bytes | Created Date = 3/12/2007 11:04:30 AM | Attr = ]
pmnnm.exe -> %System32%\pmnnm.exe -> [Ver = | Size = 27134 bytes | Created Date = 3/19/2007 2:51:00 PM | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Created Date = 3/21/2007 1:26:53 PM | Attr = ]
Process.exe -> %System32%\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 3/21/2007 5:54:58 PM | Attr = ]
runvb6.bat -> %System32%\runvb6.bat -> [Ver = | Size = 57 bytes | Created Date = 2/27/2007 10:48:50 AM | Attr = ]
s3gnb.dll -> %System32%\s3gnb.dll -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 397056 bytes | Created Date = 3/21/2007 3:40:25 PM | Attr = ]
slcoinst.dll -> %System32%\slcoinst.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 73832 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slextspk.dll -> %System32%\slextspk.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 286792 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slgen.dll -> %System32%\slgen.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 188508 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slrundll.exe -> %System32%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slserv.exe -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Created Date = 3/21/2007 1:22:17 PM | Attr = ]
SrchSTS.exe -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 3/21/2007 5:54:58 PM | Attr = ]
swsc.exe -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2700 bytes | Created Date = 3/21/2007 11:47:21 AM | Attr = ]
trailtoolclient.dll -> %System32%\trailtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 11:04:50 AM | Attr = ]
upgrade.ocx -> %System32%\upgrade.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 90112 bytes | Created Date = 3/12/2007 12:12:02 PM | Attr = ]
vbicodec.ax -> %System32%\vbicodec.ax -> [Ver = | Size = 53248 bytes | Created Date = 3/21/2007 3:40:41 PM | Attr = ]
VpeMsgw32.dll -> %System32%\VpeMsgw32.dll -> [Ver = 1.4.4.3 | Size = 61440 bytes | Created Date = 3/12/2007 10:53:44 AM | Attr = ]
wstpager.ax -> %System32%\wstpager.ax -> [Ver = | Size = 164352 bytes | Created Date = 3/21/2007 3:40:40 PM | Attr = ]
wstrenderer.ax -> %System32%\wstrenderer.ax -> [Ver = | Size = 239616 bytes | Created Date = 3/21/2007 3:40:40 PM | Attr = ]
adv01nt5.dll -> %System32%\drivers\adv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 4255 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv02nt5.dll -> %System32%\drivers\adv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3967 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv05nt5.dll -> %System32%\drivers\adv05nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3615 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv07nt5.dll -> %System32%\drivers\adv07nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3647 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv08nt5.dll -> %System32%\drivers\adv08nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3135 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv09nt5.dll -> %System32%\drivers\adv09nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3711 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv11nt5.dll -> %System32%\drivers\adv11nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3775 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
amdagp.sys -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1btxx.sys -> %System32%\drivers\ati1btxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 56623 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1mdxx.sys -> %System32%\drivers\ati1mdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 11615 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1pdxx.sys -> %System32%\drivers\ati1pdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 12047 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1raxx.sys -> %System32%\drivers\ati1raxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 30671 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1rvxx.sys -> %System32%\drivers\ati1rvxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 63663 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1snxx.sys -> %System32%\drivers\ati1snxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 26367 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1ttxx.sys -> %System32%\drivers\ati1ttxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 21343 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1tuxx.sys -> %System32%\drivers\ati1tuxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 36463 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1xbxx.sys -> %System32%\drivers\ati1xbxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 29455 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1xsxx.sys -> %System32%\drivers\ati1xsxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 34735 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
atv01nt5.dll -> %System32%\drivers\atv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 21183 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv02nt5.dll -> %System32%\drivers\atv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11359 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv04nt5.dll -> %System32%\drivers\atv04nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv06nt5.dll -> %System32%\drivers\atv06nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 14143 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv10nt5.dll -> %System32%\drivers\atv10nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 17279 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
ch7xxnt5.dll -> %System32%\drivers\ch7xxnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 15423 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
cxthsfs2.cty -> %System32%\drivers\cxthsfs2.cty -> [Ver = | Size = 129045 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
hsfbs2s2.sys -> %System32%\drivers\hsfbs2s2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
hsfcxts2.sys -> %System32%\drivers\hsfcxts2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
hsfdpsp2.sys -> %System32%\drivers\hsfdpsp2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mdmxsdk.sys -> %System32%\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtlmnt5.sys -> %System32%\drivers\mtlmnt5.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 126686 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtlstrm.sys -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtxparhm.sys -> %System32%\drivers\mtxparhm.sys -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 452736 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
ntmtlfax.sys -> %System32%\drivers\ntmtlfax.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 180360 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
recagent.sys -> %System32%\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
s3gnbm.sys -> %System32%\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
siint5.dll -> %System32%\drivers\siint5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3901 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
sisagp.sys -> %System32%\drivers\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slnt7554.sys -> %System32%\drivers\slnt7554.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 129535 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slntamr.sys -> %System32%\drivers\slntamr.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 404990 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slnthal.sys -> %System32%\drivers\slnthal.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 95424 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slwdmsup.sys -> %System32%\drivers\slwdmsup.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13240 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Created Date = 3/22/2007 10:17:36 AM | Attr = ]
vchnt5.dll -> %System32%\drivers\vchnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11325 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
wadv07nt.sys -> %System32%\drivers\wadv07nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11807 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv08nt.sys -> %System32%\drivers\wadv08nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11295 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv09nt.sys -> %System32%\drivers\wadv09nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11871 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv11nt.sys -> %System32%\drivers\wadv11nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11935 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
watv06nt.sys -> %System32%\drivers\watv06nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 22271 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
watv10nt.sys -> %System32%\drivers\watv10nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 3/21/2007 3:42:12 PM | Attr = RHS]
CCStudio_v3.2 -> %SystemDrive%\CCStudio_v3.2 -> [Folder | Modified Date = 3/19/2007 12:56:00 PM | Attr = ]
command.exe -> %SystemDrive%\command.exe -> [Ver = | Size = 45056 bytes | Modified Date = 3/20/2007 6:57:48 PM | Attr = ]
F -> %SystemDrive%\F -> [Folder | Modified Date = 3/19/2007 1:08:20 PM | Attr = ]
images -> %SystemDrive%\images -> [Folder | Modified Date = 2/23/2007 10:11:34 AM | Attr = ]
iNspect -> %SystemDrive%\iNspect -> [Folder | Modified Date = 2/27/2007 10:21:40 AM | Attr = ]
iNspectns2setup -> %SystemDrive%\iNspectns2setup -> [Folder | Modified Date = 3/12/2007 5:45:08 PM | Attr = ]
iworksfw -> %SystemDrive%\iworksfw -> [Folder | Modified Date = 3/21/2007 3:11:34 PM | Attr = ]
mycredentials.spc -> %SystemDrive%\mycredentials.spc -> [Ver = | Size = 6856 bytes | Modified Date = 3/12/2007 5:35:02 PM | Attr = ]
MyDocuments -> %SystemDrive%\MyDocuments -> [Folder | Modified Date = 3/12/2007 2:47:52 PM | Attr = ]
myprivatekey.pvk -> %SystemDrive%\myprivatekey.pvk -> [Ver = | Size = 636 bytes | Modified Date = 3/6/2007 12:11:02 PM | Attr = ]
NetSightIIPackage -> %SystemDrive%\NetSightIIPackage -> [Folder | Modified Date = 3/5/2007 3:34:22 PM | Attr = ]
NK.bin -> %SystemDrive%\NK.bin -> [Ver = | Size = 9920019 bytes | Modified Date = 3/22/2007 2:38:22 PM | Attr = ]
nk.bin_va20_nodma -> %SystemDrive%\nk.bin_va20_nodma -> [Ver = | Size = 9530011 bytes | Modified Date = 3/22/2007 10:38:02 AM | Attr = ]
NTDETECT.COM -> %SystemDrive%\NTDETECT.COM -> [Ver = | Size = 47564 bytes | Modified Date = 3/21/2007 3:34:02 PM | Attr = RHS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/22/2007 10:10:46 AM | Attr = R ]
solution00.bin -> %SystemDrive%\solution00.bin -> [Ver = | Size = 646343 bytes | Modified Date = 3/14/2007 11:42:00 AM | Attr = ]
solution01.bin -> %SystemDrive%\solution01.bin -> [Ver = | Size = 315810 bytes | Modified Date = 2/28/2007 3:14:00 PM | Attr = ]
solution02.bin -> %SystemDrive%\solution02.bin -> [Ver = | Size = 315068 bytes | Modified Date = 2/28/2007 3:14:00 PM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 3/21/2007 4:37:36 PM | Attr = HS]
Verisign -> %SystemDrive%\Verisign -> [Folder | Modified Date = 3/12/2007 5:38:30 PM | Attr = ]
WINCE500 -> %SystemDrive%\WINCE500 -> [Folder | Modified Date = 3/22/2007 3:58:50 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 3/22/2007 4:13:56 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 3/21/2007 5:08:34 PM | Attr = H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 3/21/2007 3:31:04 PM | Attr = H ]
$NtUninstallKB833407$ -> %SystemRoot%\$NtUninstallKB833407$ -> [Folder | Modified Date = 3/21/2007 2:22:00 PM | Attr = H ]
$NtUninstallKB835409$ -> %SystemRoot%\$NtUninstallKB835409$ -> [Folder | Modified Date = 3/21/2007 2:08:10 PM | Attr = H ]
$NtUninstallKB873333$ -> %SystemRoot%\$NtUninstallKB873333$ -> [Folder | Modified Date = 3/21/2007 3:46:14 PM | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Modified Date = 3/21/2007 3:47:10 PM | Attr = H ]
$NtUninstallKB885250$ -> %SystemRoot%\$NtUninstallKB885250$ -> [Folder | Modified Date = 3/21/2007 3:47:56 PM | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Modified Date = 3/21/2007 3:48:44 PM | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Modified Date = 3/21/2007 3:49:40 PM | Attr = H ]
$NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Modified Date = 3/21/2007 3:50:34 PM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 3/21/2007 3:51:20 PM | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 3/21/2007 3:52:16 PM | Attr = H ]
$NtUninstallKB890046_0$ -> %SystemRoot%\$NtUninstallKB890046_0$ -> [Folder | Modified Date = 3/21/2007 1:54:58 PM | Attr = H ]
$NtUninstallKB890047$ -> %SystemRoot%\$NtUninstallKB890047$ -> [Folder | Modified Date = 3/21/2007 3:53:08 PM | Attr = H ]
$NtUninstallKB890175$ -> %SystemRoot%\$NtUninstallKB890175$ -> [Folder | Modified Date = 3/21/2007 3:54:28 PM | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Modified Date = 3/21/2007 3:55:56 PM | Attr = H ]
$NtUninstallKB890859_0$ -> %SystemRoot%\$NtUninstallKB890859_0$ -> [Folder | Modified Date = 3/21/2007 1:56:20 PM | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Modified Date = 3/21/2007 3:56:34 PM | Attr = H ]
$NtUninstallKB892944$ -> %SystemRoot%\$NtUninstallKB892944$ -> [Folder | Modified Date = 3/21/2007 1:54:32 PM | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Modified Date = 3/21/2007 3:57:12 PM | Attr = H ]
$NtUninstallKB893756_0$ -> %SystemRoot%\$NtUninstallKB893756_0$ -> [Folder | Modified Date = 3/21/2007 1:57:28 PM | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Modified Date = 3/21/2007 3:57:52 PM | Attr = H ]
$NtUninstallKB896358_0$ -> %SystemRoot%\$NtUninstallKB896358_0$ -> [Folder | Modified Date = 3/21/2007 1:56:56 PM | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423�

#4 aditya349

aditya349
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 23 March 2007 - 10:32 AM

Part2 of Log:

$ -> [Folder | Created Date = 3/21/2007 3:58:30 PM | Attr = H ]
$NtUninstallKB896423_0$ -> %SystemRoot%\$NtUninstallKB896423_0$ -> [Folder | Created Date = 3/21/2007 1:58:56 PM | Attr = H ]
$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Created Date = 3/21/2007 3:59:13 PM | Attr = H ]
$NtUninstallKB896424_0$ -> %SystemRoot%\$NtUninstallKB896424_0$ -> [Folder | Created Date = 3/21/2007 2:07:27 PM | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Created Date = 3/21/2007 3:59:58 PM | Attr = H ]
$NtUninstallKB896428_0$ -> %SystemRoot%\$NtUninstallKB896428_0$ -> [Folder | Created Date = 3/21/2007 1:55:21 PM | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Created Date = 3/21/2007 1:26:44 PM | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Created Date = 3/21/2007 4:00:42 PM | Attr = H ]
$NtUninstallKB899587_0$ -> %SystemRoot%\$NtUninstallKB899587_0$ -> [Folder | Created Date = 3/21/2007 1:58:23 PM | Attr = H ]
$NtUninstallKB899589$ -> %SystemRoot%\$NtUninstallKB899589$ -> [Folder | Created Date = 3/21/2007 4:01:30 PM | Attr = H ]
$NtUninstallKB899589_0$ -> %SystemRoot%\$NtUninstallKB899589_0$ -> [Folder | Created Date = 3/21/2007 2:02:05 PM | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Created Date = 3/21/2007 4:02:12 PM | Attr = H ]
$NtUninstallKB899591_0$ -> %SystemRoot%\$NtUninstallKB899591_0$ -> [Folder | Created Date = 3/21/2007 1:57:53 PM | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Created Date = 3/21/2007 4:03:06 PM | Attr = H ]
$NtUninstallKB900725_0$ -> %SystemRoot%\$NtUninstallKB900725_0$ -> [Folder | Created Date = 3/21/2007 2:06:40 PM | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Created Date = 3/21/2007 4:03:54 PM | Attr = H ]
$NtUninstallKB901017_0$ -> %SystemRoot%\$NtUninstallKB901017_0$ -> [Folder | Created Date = 3/21/2007 2:02:48 PM | Attr = H ]
$NtUninstallKB901190$ -> %SystemRoot%\$NtUninstallKB901190$ -> [Folder | Created Date = 3/21/2007 4:04:48 PM | Attr = H ]
$NtUninstallKB901190_0$ -> %SystemRoot%\$NtUninstallKB901190_0$ -> [Folder | Created Date = 3/21/2007 2:11:27 PM | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Created Date = 3/21/2007 4:05:37 PM | Attr = H ]
$NtUninstallKB901214_0$ -> %SystemRoot%\$NtUninstallKB901214_0$ -> [Folder | Created Date = 3/21/2007 1:55:46 PM | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Created Date = 3/21/2007 4:06:30 PM | Attr = H ]
$NtUninstallKB902400_0$ -> %SystemRoot%\$NtUninstallKB902400_0$ -> [Folder | Created Date = 3/21/2007 2:00:46 PM | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Created Date = 3/21/2007 2:04:36 PM | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Created Date = 3/21/2007 4:07:29 PM | Attr = H ]
$NtUninstallKB905414_0$ -> %SystemRoot%\$NtUninstallKB905414_0$ -> [Folder | Created Date = 3/21/2007 2:03:23 PM | Attr = H ]
$NtUninstallKB905495$ -> %SystemRoot%\$NtUninstallKB905495$ -> [Folder | Created Date = 3/21/2007 2:05:58 PM | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Created Date = 3/21/2007 4:08:23 PM | Attr = H ]
$NtUninstallKB905749_0$ -> %SystemRoot%\$NtUninstallKB905749_0$ -> [Folder | Created Date = 3/21/2007 2:05:19 PM | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Created Date = 3/21/2007 4:09:19 PM | Attr = H ]
$NtUninstallKB908519_0$ -> %SystemRoot%\$NtUninstallKB908519_0$ -> [Folder | Created Date = 3/21/2007 2:09:27 PM | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Created Date = 3/21/2007 4:10:08 PM | Attr = H ]
$NtUninstallKB908531_0$ -> %SystemRoot%\$NtUninstallKB908531_0$ -> [Folder | Created Date = 3/21/2007 2:14:45 PM | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Created Date = 3/21/2007 4:11:15 PM | Attr = H ]
$NtUninstallKB910437_0$ -> %SystemRoot%\$NtUninstallKB910437_0$ -> [Folder | Created Date = 3/21/2007 2:08:46 PM | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Created Date = 3/21/2007 4:12:08 PM | Attr = H ]
$NtUninstallKB911280_0$ -> %SystemRoot%\$NtUninstallKB911280_0$ -> [Folder | Created Date = 3/21/2007 2:22:58 PM | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Created Date = 3/21/2007 4:13:02 PM | Attr = H ]
$NtUninstallKB911562_0$ -> %SystemRoot%\$NtUninstallKB911562_0$ -> [Folder | Created Date = 3/21/2007 2:14:01 PM | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Created Date = 3/21/2007 2:12:43 PM | Attr = H ]
$NtUninstallKB911567-OE6SP1-20060316.165634$ -> %SystemRoot%\$NtUninstallKB911567-OE6SP1-20060316.165634$ -> [Folder | Created Date = 3/21/2007 2:13:12 PM | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Created Date = 3/21/2007 4:13:49 PM | Attr = H ]
$NtUninstallKB911927_0$ -> %SystemRoot%\$NtUninstallKB911927_0$ -> [Folder | Created Date = 3/21/2007 2:10:50 PM | Attr = H ]
$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Created Date = 3/21/2007 4:14:31 PM | Attr = H ]
$NtUninstallKB912919_0$ -> %SystemRoot%\$NtUninstallKB912919_0$ -> [Folder | Created Date = 3/21/2007 2:10:07 PM | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Created Date = 3/21/2007 4:15:13 PM | Attr = H ]
$NtUninstallKB913580_0$ -> %SystemRoot%\$NtUninstallKB913580_0$ -> [Folder | Created Date = 3/21/2007 2:20:19 PM | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Created Date = 3/21/2007 4:15:59 PM | Attr = H ]
$NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Created Date = 3/21/2007 2:27:53 PM | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Created Date = 3/21/2007 4:16:44 PM | Attr = H ]
$NtUninstallKB914389_0$ -> %SystemRoot%\$NtUninstallKB914389_0$ -> [Folder | Created Date = 3/21/2007 2:17:04 PM | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Created Date = 3/21/2007 4:17:26 PM | Attr = H ]
$NtUninstallKB917344_0$ -> %SystemRoot%\$NtUninstallKB917344_0$ -> [Folder | Created Date = 3/21/2007 2:18:41 PM | Attr = H ]
$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Created Date = 3/21/2007 4:18:11 PM | Attr = H ]
$NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Created Date = 3/21/2007 2:30:12 PM | Attr = H ]
$NtUninstallKB917734_WMP8$ -> %SystemRoot%\$NtUninstallKB917734_WMP8$ -> [Folder | Created Date = 3/21/2007 2:16:20 PM | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Created Date = 3/21/2007 4:18:57 PM | Attr = H ]
$NtUninstallKB917953_0$ -> %SystemRoot%\$NtUninstallKB917953_0$ -> [Folder | Created Date = 3/21/2007 2:21:12 PM | Attr = H ]
$NtUninstallKB918439-IE6SP1-20060530.145346$ -> %SystemRoot%\$NtUninstallKB918439-IE6SP1-20060530.145346$ -> [Folder | Created Date = 3/21/2007 2:17:44 PM | Attr = H ]
$NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Created Date = 3/21/2007 2:36:59 PM | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Created Date = 3/21/2007 4:19:43 PM | Attr = H ]
$NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Created Date = 3/21/2007 2:35:05 PM | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Created Date = 3/21/2007 4:20:26 PM | Attr = H ]
$NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Created Date = 3/21/2007 2:31:12 PM | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Created Date = 3/21/2007 4:21:06 PM | Attr = H ]
$NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Created Date = 3/21/2007 2:32:09 PM | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Created Date = 3/21/2007 4:21:51 PM | Attr = H ]
$NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Created Date = 3/21/2007 2:36:20 PM | Attr = H ]
$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Created Date = 3/21/2007 4:22:40 PM | Attr = H ]
$NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Created Date = 3/21/2007 2:33:03 PM | Attr = H ]
$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Created Date = 3/21/2007 4:23:24 PM | Attr = H ]
$NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Created Date = 3/21/2007 2:29:05 PM | Attr = H ]
$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Created Date = 3/21/2007 4:23:59 PM | Attr = H ]
$NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Created Date = 3/21/2007 2:34:13 PM | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Created Date = 3/21/2007 4:24:36 PM | Attr = H ]
$NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Created Date = 3/21/2007 2:43:12 PM | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Created Date = 3/21/2007 4:25:10 PM | Attr = H ]
$NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Created Date = 3/21/2007 2:41:05 PM | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Created Date = 3/21/2007 4:25:43 PM | Attr = H ]
$NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Created Date = 3/21/2007 2:38:56 PM | Attr = H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Created Date = 3/21/2007 4:26:36 PM | Attr = H ]
$NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Created Date = 3/21/2007 2:42:08 PM | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Created Date = 3/21/2007 4:27:40 PM | Attr = H ]
$NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Created Date = 3/21/2007 2:39:55 PM | Attr = H ]
$NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Created Date = 3/21/2007 2:37:49 PM | Attr = H ]
002852_.tmp -> %SystemRoot%\002852_.tmp -> [Ver = | Size = 19528 bytes | Created Date = 3/21/2007 3:32:44 PM | Attr = ]
CSC -> %SystemRoot%\CSC -> [Folder | Created Date = 3/21/2007 5:17:34 PM | Attr = ]
egilmp.ini -> %SystemRoot%\egilmp.ini -> [Ver = | Size = 1176564 bytes | Created Date = 3/20/2007 6:17:45 PM | Attr = HS]
gconf.INI -> %SystemRoot%\gconf.INI -> [Ver = | Size = 0 bytes | Created Date = 3/19/2007 12:59:57 PM | Attr = ]
mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 671 bytes | Created Date = 3/22/2007 10:09:18 AM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 3/19/2007 4:23:54 PM | Attr = ]
peernet -> %SystemRoot%\peernet -> [Folder | Created Date = 3/21/2007 3:40:11 PM | Attr = ]
pmlige.dll -> %SystemRoot%\pmlige.dll -> [Ver = | Size = 105656 bytes | Created Date = 3/20/2007 6:17:44 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 3/21/2007 4:38:05 PM | Attr = ]
provisioning -> %SystemRoot%\provisioning -> [Folder | Created Date = 3/21/2007 3:40:05 PM | Attr = ]
slrundll.exe -> %SystemRoot%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 3/21/2007 3:40:17 PM | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 3/22/2007 10:12:37 AM | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 3/21/2007 3:41:50 PM | Attr = ]
bak -> %System32%\bak -> [Folder | Created Date = 3/19/2007 2:35:38 PM | Attr = ]
CDisplay.dll -> %System32%\CDisplay.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 10:56:00 AM | Attr = ]
cell.dll -> %System32%\cell.dll -> Coreco Imaging Inc. [Ver = 1.4.4.3 | Size = 122880 bytes | Created Date = 3/12/2007 10:54:18 AM | Attr = ]
dumphive.exe -> %System32%\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
hsfcisp2.dll -> %System32%\hsfcisp2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Created Date = 3/21/2007 3:40:29 PM | Attr = ]
iappclient.dll -> %System32%\iappclient.dll -> [Ver = 1.4.4.3 | Size = 450560 bytes | Created Date = 3/12/2007 12:12:00 PM | Attr = ]
iappcontrols.dll -> %System32%\iappcontrols.dll -> [Ver = 1.4.4.3 | Size = 217088 bytes | Created Date = 3/12/2007 11:03:30 AM | Attr = ]
iassistant.exe -> %System32%\iassistant.exe -> [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 10:57:52 AM | Attr = ]
icleanping.exe -> %System32%\icleanping.exe -> [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 12:12:10 PM | Attr = ]
ieencode.dll -> %System32%\ieencode.dll -> [Ver = | Size = 81920 bytes | Created Date = 3/21/2007 3:40:29 PM | Attr = ]
iEtherNetIP.dll -> %System32%\iEtherNetIP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 163840 bytes | Created Date = 3/12/2007 10:59:38 AM | Attr = ]
ihistorylog.ocx -> %System32%\ihistorylog.ocx -> Coreco Imaging [Ver = 1.4.4.3 | Size = 57344 bytes | Created Date = 3/12/2007 12:12:14 PM | Attr = ]
iiNspectC.dll -> %System32%\iiNspectC.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 1495040 bytes | Created Date = 3/12/2007 5:42:58 PM | Attr = ]
iiNspectEN.chm -> %System32%\iiNspectEN.chm -> [Ver = | Size = 221014 bytes | Created Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectJP.chm -> %System32%\iiNspectJP.chm -> [Ver = | Size = 221014 bytes | Created Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectResEN.dll -> %System32%\iiNspectResEN.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 5:43:06 PM | Attr = ]
iiNspectResJP.dll -> %System32%\iiNspectResJP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 5:43:16 PM | Attr = ]
iLabelC.dll -> %System32%\iLabelC.dll -> [Ver = 1.4.4.3 | Size = 1130496 bytes | Created Date = 3/12/2007 12:12:20 PM | Attr = ]
iLabelResEN.dll -> %System32%\iLabelResEN.dll -> [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 12:12:22 PM | Attr = ]
iLabelResJP.dll -> %System32%\iLabelResJP.dll -> [Ver = 1.4.4.3 | Size = 24576 bytes | Created Date = 3/12/2007 12:12:22 PM | Attr = ]
imbslave.dll -> %System32%\imbslave.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 45056 bytes | Created Date = 3/12/2007 12:12:26 PM | Attr = ]
iuensec.dll -> %System32%\iuensec.dll -> [Ver = | Size = 19828 bytes | Created Date = 3/19/2007 2:51:01 PM | Attr = ]
iupgrade.exe -> %System32%\iupgrade.exe -> [Ver = 1.4.4.3 | Size = 69632 bytes | Created Date = 3/12/2007 12:12:54 PM | Attr = ]
iWorks.exe -> %System32%\iWorks.exe -> [Ver = 1.4.4.3 | Size = 667648 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorks.ocx -> %System32%\iWorks.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResEN.dll -> %System32%\iWorksResEN.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResJP.dll -> %System32%\iWorksResJP.dll -> [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 11:04:22 AM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49248 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 53346 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 127078 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
jpicpl32.cpl -> %System32%\jpicpl32.cpl -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49265 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
lsasss.exe -> %System32%\lsasss.exe -> [Ver = | Size = 37662 bytes | Created Date = 3/19/2007 2:35:39 PM | Attr = ]
mdmxsdk.dll -> %System32%\mdmxsdk.dll -> Conexant [Ver = 1.0.2.006 | Size = 86016 bytes | Created Date = 3/21/2007 3:40:28 PM | Attr = ]
mtxparhd.dll -> %System32%\mtxparhd.dll -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 1737856 bytes | Created Date = 3/21/2007 3:40:27 PM | Attr = ]
NetmsgW32.dll -> %System32%\NetmsgW32.dll -> [Ver = 1.4.4.3 | Size = 45056 bytes | Created Date = 3/12/2007 10:53:54 AM | Attr = ]
pathtoolclient.dll -> %System32%\pathtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 61440 bytes | Created Date = 3/12/2007 11:04:30 AM | Attr = ]
pmnnm.exe -> %System32%\pmnnm.exe -> [Ver = | Size = 27134 bytes | Created Date = 3/19/2007 2:51:00 PM | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Created Date = 3/21/2007 1:26:53 PM | Attr = ]
Process.exe -> %System32%\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 3/21/2007 5:54:58 PM | Attr = ]
runvb6.bat -> %System32%\runvb6.bat -> [Ver = | Size = 57 bytes | Created Date = 2/27/2007 10:48:50 AM | Attr = ]
s3gnb.dll -> %System32%\s3gnb.dll -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 397056 bytes | Created Date = 3/21/2007 3:40:25 PM | Attr = ]
slcoinst.dll -> %System32%\slcoinst.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 73832 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slextspk.dll -> %System32%\slextspk.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 286792 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slgen.dll -> %System32%\slgen.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 188508 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slrundll.exe -> %System32%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slserv.exe -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Created Date = 3/21/2007 1:22:17 PM | Attr = ]
SrchSTS.exe -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 3/21/2007 5:54:58 PM | Attr = ]
swsc.exe -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2700 bytes | Created Date = 3/21/2007 11:47:21 AM | Attr = ]
trailtoolclient.dll -> %System32%\trailtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 11:04:50 AM | Attr = ]
upgrade.ocx -> %System32%\upgrade.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 90112 bytes | Created Date = 3/12/2007 12:12:02 PM | Attr = ]
vbicodec.ax -> %System32%\vbicodec.ax -> [Ver = | Size = 53248 bytes | Created Date = 3/21/2007 3:40:41 PM | Attr = ]
VpeMsgw32.dll -> %System32%\VpeMsgw32.dll -> [Ver = 1.4.4.3 | Size = 61440 bytes | Created Date = 3/12/2007 10:53:44 AM | Attr = ]
wstpager.ax -> %System32%\wstpager.ax -> [Ver = | Size = 164352 bytes | Created Date = 3/21/2007 3:40:40 PM | Attr = ]
wstrenderer.ax -> %System32%\wstrenderer.ax -> [Ver = | Size = 239616 bytes | Created Date = 3/21/2007 3:40:40 PM | Attr = ]
adv01nt5.dll -> %System32%\drivers\adv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 4255 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv02nt5.dll -> %System32%\drivers\adv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3967 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv05nt5.dll -> %System32%\drivers\adv05nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3615 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv07nt5.dll -> %System32%\drivers\adv07nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3647 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv08nt5.dll -> %System32%\drivers\adv08nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3135 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv09nt5.dll -> %System32%\drivers\adv09nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3711 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv11nt5.dll -> %System32%\drivers\adv11nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3775 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
amdagp.sys -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1btxx.sys -> %System32%\drivers\ati1btxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 56623 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1mdxx.sys -> %System32%\drivers\ati1mdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 11615 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1pdxx.sys -> %System32%\drivers\ati1pdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 12047 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1raxx.sys -> %System32%\drivers\ati1raxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 30671 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1rvxx.sys -> %System32%\drivers\ati1rvxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 63663 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1snxx.sys -> %System32%\drivers\ati1snxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 26367 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1ttxx.sys -> %System32%\drivers\ati1ttxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 21343 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1tuxx.sys -> %System32%\drivers\ati1tuxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 36463 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1xbxx.sys -> %System32%\drivers\ati1xbxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 29455 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1xsxx.sys -> %System32%\drivers\ati1xsxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 34735 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
atv01nt5.dll -> %System32%\drivers\atv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 21183 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv02nt5.dll -> %System32%\drivers\atv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11359 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv04nt5.dll -> %System32%\drivers\atv04nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv06nt5.dll -> %System32%\drivers\atv06nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 14143 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv10nt5.dll -> %System32%\drivers\atv10nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 17279 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
ch7xxnt5.dll -> %System32%\drivers\ch7xxnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 15423 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
cxthsfs2.cty -> %System32%\drivers\cxthsfs2.cty -> [Ver = | Size = 129045 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
hsfbs2s2.sys -> %System32%\drivers\hsfbs2s2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
hsfcxts2.sys -> %System32%\drivers\hsfcxts2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
hsfdpsp2.sys -> %System32%\drivers\hsfdpsp2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mdmxsdk.sys -> %System32%\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtlmnt5.sys -> %System32%\drivers\mtlmnt5.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 126686 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtlstrm.sys -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtxparhm.sys -> %System32%\drivers\mtxparhm.sys -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 452736 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
ntmtlfax.sys -> %System32%\drivers\ntmtlfax.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 180360 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
recagent.sys -> %System32%\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
s3gnbm.sys -> %System32%\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
siint5.dll -> %System32%\drivers\siint5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3901 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
sisagp.sys -> %System32%\drivers\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slnt7554.sys -> %System32%\drivers\slnt7554.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 129535 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slntamr.sys -> %System32%\drivers\slntamr.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 404990 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slnthal.sys -> %System32%\drivers\slnthal.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 95424 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slwdmsup.sys -> %System32%\drivers\slwdmsup.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13240 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Created Date = 3/22/2007 10:17:36 AM | Attr = ]
vchnt5.dll -> %System32%\drivers\vchnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11325 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
wadv07nt.sys -> %System32%\drivers\wadv07nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11807 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv08nt.sys -> %System32%\drivers\wadv08nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11295 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv09nt.sys -> %System32%\drivers\wadv09nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11871 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv11nt.sys -> %System32%\drivers\wadv11nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11935 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
watv06nt.sys -> %System32%\drivers\watv06nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 22271 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
watv10nt.sys -> %System32%\drivers\watv10nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 3/21/2007 3:42:12 PM | Attr = RHS]
CCStudio_v3.2 -> %SystemDrive%\CCStudio_v3.2 -> [Folder | Modified Date = 3/19/2007 12:56:00 PM | Attr = ]
command.exe -> %SystemDrive%\command.exe -> [Ver = | Size = 45056 bytes | Modified Date = 3/20/2007 6:57:48 PM | Attr = ]
F -> %SystemDrive%\F -> [Folder | Modified Date = 3/19/2007 1:08:20 PM | Attr = ]
images -> %SystemDrive%\images -> [Folder | Modified Date = 2/23/2007 10:11:34 AM | Attr = ]
iNspect -> %SystemDrive%\iNspect -> [Folder | Modified Date = 2/27/2007 10:21:40 AM | Attr = ]
iNspectns2setup -> %SystemDrive%\iNspectns2setup -> [Folder | Modified Date = 3/12/2007 5:45:08 PM | Attr = ]
iworksfw -> %SystemDrive%\iworksfw -> [Folder | Modified Date = 3/21/2007 3:11:34 PM | Attr = ]
mycredentials.spc -> %SystemDrive%\mycredentials.spc -> [Ver = | Size = 6856 bytes | Modified Date = 3/12/2007 5:35:02 PM | Attr = ]
MyDocuments -> %SystemDrive%\MyDocuments -> [Folder | Modified Date = 3/12/2007 2:47:52 PM | Attr = ]
myprivatekey.pvk -> %SystemDrive%\myprivatekey.pvk -> [Ver = | Size = 636 bytes | Modified Date = 3/6/2007 12:11:02 PM | Attr = ]
NetSightIIPackage -> %SystemDrive%\NetSightIIPackage -> [Folder | Modified Date = 3/5/2007 3:34:22 PM | Attr = ]
NK.bin -> %SystemDrive%\NK.bin -> [Ver = | Size = 9920019 bytes | Modified Date = 3/22/2007 2:38:22 PM | Attr = ]
nk.bin_va20_nodma -> %SystemDrive%\nk.bin_va20_nodma -> [Ver = | Size = 9530011 bytes | Modified Date = 3/22/2007 10:38:02 AM | Attr = ]
NTDETECT.COM -> %SystemDrive%\NTDETECT.COM -> [Ver = | Size = 47564 bytes | Modified Date = 3/21/2007 3:34:02 PM | Attr = RHS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/22/2007 10:10:46 AM | Attr = R ]
solution00.bin -> %SystemDrive%\solution00.bin -> [Ver = | Size = 646343 bytes | Modified Date = 3/14/2007 11:42:00 AM | Attr = ]
solution01.bin -> %SystemDrive%\solution01.bin -> [Ver = | Size = 315810 bytes | Modified Date = 2/28/2007 3:14:00 PM | Attr = ]
solution02.bin -> %SystemDrive%\solution02.bin -> [Ver = | Size = 315068 bytes | Modified Date = 2/28/2007 3:14:00 PM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 3/21/2007 4:37:36 PM | Attr = HS]
Verisign -> %SystemDrive%\Verisign -> [Folder | Modified Date = 3/12/2007 5:38:30 PM | Attr = ]
WINCE500 -> %SystemDrive%\WINCE500 -> [Folder | Modified Date = 3/22/2007 3:58:50 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 3/22/2007 4:13:56 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 3/21/2007 5:08:34 PM | Attr = H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 3/21/2007 3:31:04 PM | Attr = H ]
$NtUninstallKB833407$ -> %SystemRoot%\$NtUninstallKB833407$ -> [Folder | Modified Date = 3/21/2007 2:22:00 PM | Attr = H ]
$NtUninstallKB835409$ -> %SystemRoot%\$NtUninstallKB835409$ -> [Folder | Modified Date = 3/21/2007 2:08:10 PM | Attr = H ]
$NtUninstallKB873333$ -> %SystemRoot%\$NtUninstallKB873333$ -> [Folder | Modified Date = 3/21/2007 3:46:14 PM | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Modified Date = 3/21/2007 3:47:10 PM | Attr = H ]
$NtUninstallKB885250$ -> %SystemRoot%\$NtUninstallKB885250$ -> [Folder | Modified Date = 3/21/2007 3:47:56 PM | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Modified Date = 3/21/2007 3:48:44 PM | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Modified Date = 3/21/2007 3:49:40 PM | Attr = H ]
$NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Modified Date = 3/21/2007 3:50:34 PM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 3/21/2007 3:51:20 PM | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 3/21/2007 3:52:16 PM | Attr = H ]
$NtUninstallKB890046_0$ -> %SystemRoot%\$NtUninstallKB890046_0$ -> [Folder | Modified Date = 3/21/2007 1:54:58 PM | Attr = H ]
$NtUninstallKB890047$ -> %SystemRoot%\$NtUninstallKB890047$ -> [Folder | Modified Date = 3/21/2007 3:53:08 PM | Attr = H ]
$NtUninstallKB890175$ -> %SystemRoot%\$NtUninstallKB890175$ -> [Folder | Modified Date = 3/21/2007 3:54:28 PM | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Modified Date = 3/21/2007 3:55:56 PM | Attr = H ]
$NtUninstallKB890859_0$ -> %SystemRoot%\$NtUninstallKB890859_0$ -> [Folder | Modified Date = 3/21/2007 1:56:20 PM | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Modified Date = 3/21/2007 3:56:34 PM | Attr = H ]
$NtUninstallKB892944$ -> %SystemRoot%\$NtUninstallKB892944$ -> [Folder | Modified Date = 3/21/2007 1:54:32 PM | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Modified Date = 3/21/2007 3:57:12 PM | Attr = H ]
$NtUninstallKB893756_0$ -> %SystemRoot%\$NtUninstallKB893756_0$ -> [Folder | Modified Date = 3/21/2007 1:57:28 PM | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Modified Date = 3/21/2007 3:57:52 PM | Attr = H ]
$NtUninstallKB896358_0$ -> %SystemRoot%\$NtUninstallKB896358_0$ -> [Folder | Modified Date = 3/21/2007 1:56:56 PM | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Modified Date = 3/21/2007 3:58:32 PM | Attr = H ]
$NtUninstallKB896423_0$ -> %SystemRoot%\$NtUninstallKB896423_0$ -> [Folder | Modified Date = 3/21/2007 1:58:58 PM | Attr = H ]
$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Modified Date = 3/21/2007 3:59:16 PM | Attr = H ]
$NtUninstallKB896424_0$ -> %SystemRoot%\$NtUninstallKB896424_0$ -> [Folder | Modified Date = 3/21/2007 2:07:30 PM | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Modified Date = 3/21/2007 4:00:00 PM | Attr = H ]
$NtUninstallKB896428_0$ -> %SystemRoot%\$NtUninstallKB896428_0$ -> [Folder | Modified Date = 3/21/2007 1:55:24 PM | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Modified Date = 3/21/2007 1:26:46 PM | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Modified Date = 3/21/2007 4:00:44 PM | Attr = H ]
$NtUninstallKB899587_0$ -> %SystemRoot%\$NtUninstallKB899587_0$ -> [Folder | Modified Date = 3/21/2007 1:58:26 PM | Attr = H ]
$NtUninstallKB899589$ -> %SystemRoot%\$NtUninstallKB899589$ -> [Folder | Modified Date = 3/21/2007 4:01:32 PM | Attr = H ]
$NtUninstallKB899589_0$ -> %SystemRoot%\$NtUninstallKB899589_0$ -> [Folder | Modified Date = 3/21/2007 2:02:08 PM | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Modified Date = 3/21/2007 4:02:14 PM | Attr = H ]
$NtUninstallKB899591_0$ -> %SystemRoot%\$NtUninstallKB899591_0$ -> [Folder | Modified Date = 3/21/2007 1:57:56 PM | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Modified Date = 3/21/2007 4:03:10 PM | Attr = H ]
$NtUninstallKB900725_0$ -> %SystemRoot%\$NtUninstallKB900725_0$ -> [Folder | Modified Date = 3/21/2007 2:06:44 PM | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Modified Date = 3/21/2007 4:03:56 PM | Attr = H ]
$NtUninstallKB901017_0$ -> %SystemRoot%\$NtUninstallKB901017_0$ -> [Folder | Modified Date = 3/21/2007 2:02:50 PM | Attr = H ]
$NtUninstallKB901190$ -> %SystemRoot%\$NtUninstallKB901190$ -> [Folder | Modified Date = 3/21/2007 4:04:50 PM | Attr = H ]
$NtUninstallKB901190_0$ -> %SystemRoot%\$NtUninstallKB901190_0$ -> [Folder | Modified Date = 3/21/2007 2:11:30 PM | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Modified Date = 3/21/2007 4:05:40 PM | Attr = H ]
$NtUninstallKB901214_0$ -> %SystemRoot%\$NtUninstallKB901214_0$ -> [Folder | Modified Date = 3/21/2007 1:55:50 PM | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Modified Date = 3/21/2007 4:06:32 PM | Attr = H ]
$NtUninstallKB902400_0$ -> %SystemRoot%\$NtUninstallKB902400_0$ -> [Folder | Modified Date = 3/21/2007 2:00:50 PM | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Modified Date = 3/21/2007 2:04:40 PM | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Modified Date = 3/21/2007 4:07:32 PM | Attr = H ]
$NtUninstallKB905414_0$ -> %SystemRoot%\$NtUninstallKB905414_0$ -> [Folder | Modified Date = 3/21/2007 2:03:26 PM | Attr = H ]
$NtUninstallKB905495$ -> %SystemRoot%\$NtUninstallKB905495$ -> [Folder | Modified Date = 3/21/2007 2:06:00 PM | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Modified Date = 3/21/2007 4:08:26 PM | Attr = H ]
$NtUninstallKB905749_0$ -> %SystemRoot%\$NtUninstallKB905749_0$ -> [Folder | Modified Date = 3/21/2007 2:05:22 PM | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Modified Date = 3/21/2007 4:09:22 PM | Attr = H ]
$NtUninstallKB908519_0$ -> %SystemRoot%\$NtUninstallKB908519_0$ -> [Folder | Modified Date = 3/21/2007 2:09:30 PM | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Modified Date = 3/21/2007 4:10:12 PM | Attr = H ]
$NtUninstallKB908531_0$ -> %SystemRoot%\$NtUninstallKB908531_0$ -> [Folder | Modified Date = 3/21/2007 2:14:48 PM | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Modified Date = 3/21/2007 4:11:18 PM | Attr = H ]
$NtUninstallKB910437_0$ -> %SystemRoot%\$NtUninstallKB910437_0$ -> [Folder | Modified Date = 3/21/2007 2:08:48 PM | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Modified Date = 3/21/2007 4:12:10 PM | Attr = H ]
$NtUninstallKB911280_0$ -> %SystemRoot%\$NtUninstallKB911280_0$ -> [Folder | Modified Date = 3/21/2007 2:23:00 PM | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Modified Date = 3/21/2007 4:13:04 PM | Attr = H ]
$NtUninstallKB911562_0$ -> %SystemRoot%\$NtUninstallKB911562_0$ -> [Folder | Modified Date = 3/21/2007 2:14:04 PM | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Modified Date = 3/21/2007 2:12:46 PM | Attr = H ]
$NtUninstallKB911567-OE6SP1-20060316.165634$ -> %SystemRoot%\$NtUninstallKB911567-OE6SP1-20060316.165634$ -> [Folder | Modified Date = 3/21/2007 2:13:16 PM | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Modified Date = 3/21/2007 4:13:52 PM | Attr = H ]
$NtUninstallKB911927_0$ -> %SystemRoot%\$NtUninstallKB911927_0$ -> [Folder | Modified Date = 3/21/2007 2:10:52 PM | Attr = H ]
$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Modified Date = 3/21/2007 4:14:34 PM | Attr = H ]
$NtUninstallKB912919_0$ -> %SystemRoot%\$NtUninstallKB912919_0$ -> [Folder | Modified Date = 3/21/2007 2:10:10 PM | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Modified Date = 3/21/2007 4:15:16 PM | Attr = H ]
$NtUninstallKB913580_0$ -> %SystemRoot%\$NtUninstallKB913580_0$ -> [Folder | Modified Date = 3/21/2007 2:20:22 PM | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Modified Date = 3/21/2007 4:16:02 PM | Attr = H ]
$NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Modified Date = 3/21/2007 2:27:56 PM | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Modified Date = 3/21/2007 4:16:46 PM | Attr = H ]
$NtUninstallKB914389_0$ -> %SystemRoot%\$NtUninstallKB914389_0$ -> [Folder | Modified Date = 3/21/2007 2:17:06 PM | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Modified Date = 3/21/2007 4:17:28 PM | Attr = H ]
$NtUninstallKB917344_0$ -> %SystemRoot%\$NtUninstallKB917344_0$ -> [Folder | Modified Date = 3/21/2007 2:18:44 PM | Attr = H ]
$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Modified Date = 3/21/2007 4:18:14 PM | Attr = H ]
$NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Modified Date = 3/21/2007 2:30:14 PM | Attr = H ]
$NtUninstallKB917734_WMP8$ -> %SystemRoot%\$NtUninstallKB917734_WMP8$ -> [Folder | Modified Date = 3/21/2007 2:16:24 PM | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Modified Date = 3/21/2007 4:19:00 PM | Attr = H ]
$NtUninstallKB917953_0$ -> %SystemRoot%\$NtUninstallKB917953_0$ -> [Folder | Modified Date = 3/21/2007 2:21:14 PM | Attr = H ]
$NtUninstallKB918439-IE6SP1-20060530.145346$ -> %SystemRoot%\$NtUninstallKB918439-IE6SP1-20060530.145346$ -> [Folder | Modified Date = 3/21/2007 2:17:46 PM | Attr = H ]
$NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Modified Date = 3/21/2007 2:37:08 PM | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Modified Date = 3/21/2007 4:19:46 PM | Attr = H ]
$NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Modified Date = 3/21/2007 2:35:08 PM | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Modified Date = 3/21/2007 4:20:28 PM | Attr = H ]
$NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Modified Date = 3/21/2007 2:31:14 PM | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Modified Date = 3/21/2007 4:21:08 PM | Attr = H ]
$NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Modified Date = 3/21/2007 2:32:12 PM | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Modified Date = 3/21/2007 4:21:54 PM | Attr = H ]
$NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Modified Date = 3/21/2007 2:36:22 PM | Attr = H ]
$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Modified Date = 3/21/2007 4:22:44 PM | Attr = H ]
$NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Modified Date = 3/21/2007 2:33:06 PM | Attr = H ]
$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Modified Date = 3/21/2007 4:23:26 PM | Attr = H ]
$NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Modified Date = 3/21/2007 2:29:08 PM | Attr = H ]
$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Modified Date = 3/21/2007 4:24:02 PM | Attr = H ]
$NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Modified Date = 3/21/2007 2:34:16 PM | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Modified Date = 3/21/2007 4:24:38 PM | Attr = H ]
$NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Modified Date = 3/21/2007 2:43:16 PM | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Modified Date = 3/21/2007 4:25:12 PM | Attr = H ]
$NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Modified Date = 3/21/2007 2:41:08 PM | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Modified Date = 3/21/2007 4:25:46 PM | Attr = H ]
$NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Modified Date = 3/21/2007 2:39:00 PM | Attr = H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Modified Date = 3/21/2007 4:26:38 PM | Attr = H ]
$NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Modified Date = 3/21/2007 2:42:10 PM | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Modified Date = 3/21/2007 4:27:42 PM | Attr = H ]
$NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Modified Date = 3/21/2007 2:39:58 PM | Attr = H ]
$NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Modified Date = 3/21/2007 2:37:52 PM | Attr = H ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 3/21/2007 4:37:22 PM | Attr = ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 3/21/2007 4:29:16 PM | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 3/23/2007 9:47:42 AM | Attr = S]
CSC -> %SystemRoot%\CSC -> [Folder | Modified Date = 3/21/2007 5:17:36 PM | Attr = ]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 3/21/2007 4:39:26 PM | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 3/21/2007 2:57:04 PM | Attr = S]
egilmp.ini -> %SystemRoot%\egilmp.ini -> [Ver = | Size = 1176564 bytes | Modified Date = 3/22/2007 3:38:14 PM | Attr = HS]
ehome -> %SystemRoot%\ehome -> [Folder | Modified Date = 3/21/2007 3:37:00 PM | Attr = ]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 3/21/2007 4:37:20 PM | Attr = R S]
gconf.INI -> %SystemRoot%\gconf.INI -> [Ver = | Size = 0 bytes | Modified Date = 3/19/2007 12:59:58 PM | Attr = ]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 3/21/2007 3:40:42 PM | Attr = ]
iAppControls.INI -> %SystemRoot%\iAppControls.INI -> [Ver = | Size = 23 bytes | Modified Date = 3/15/2007 10:02:26 AM | Attr = ]
ime -> %SystemRoot%\ime -> [Folder | Modified Date = 3/21/2007 3:40:42 PM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 3/21/2007 4:35:56 PM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 3/21/2007 5:11:04 PM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/22/2007 10:12:26 AM | Attr = HS]
Media -> %SystemRoot%\Media -> [Folder | Modified Date = 3/21/2007 3:40:06 PM | Attr = ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 3/21/2007 4:28:50 PM | Attr = ]
mkssi.ini -> %SystemRoot%\mkssi.ini -> [Ver = | Size = 1626 bytes | Modified Date = 3/19/2007 3:31:34 PM | Attr = ]
mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 671 bytes | Modified Date = 3/22/2007 10:12:26 AM | Attr = ]
msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 3/21/2007 4:37:22 PM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 3/19/2007 4:23:56 PM | Attr = ]
peernet -> %SystemRoot%\peernet -> [Folder | Modified Date = 3/21/2007 3:40:12 PM | Attr = ]
pmlige.dll -> %SystemRoot%\pmlige.dll -> [Ver = | Size = 105656 bytes | Modified Date = 3/20/2007 6:17:46 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 3/23/2007 10:28:02 AM | Attr = ]
provisioning -> %SystemRoot%\provisioning -> [Folder | Modified Date = 3/21/2007 3:40:06 PM | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2/26/2007 11:22:58 AM | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 3/21/2007 5:15:24 PM | Attr = ]
setupapi.log.2.old -> %SystemRoot%\setupapi.log.2.old -> [Ver = | Size = 1128894 bytes | Modified Date = 3/21/2007 3:44:32 PM | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 3/21/2007 2:57:06 PM | Attr = ]
srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 3/21/2007 3:36:38 PM | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 3/22/2007 10:12:38 AM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 3/21/2007 3:36:02 PM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 3/22/2007 4:36:12 PM | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 3/23/2007 9:49:14 AM | Attr = ]
vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 237 bytes | Modified Date = 2/27/2007 11:50:16 AM | Attr = ]
vdiff.ini -> %SystemRoot%\vdiff.ini -> [Ver = | Size = 356 bytes | Modified Date = 3/13/2007 11:36:22 AM | Attr = ]
Web -> %SystemRoot%\Web -> [Folder | Modified Date = 3/21/2007 3:34:16 PM | Attr = R ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1517 bytes | Modified Date = 3/21/2007 3:42:08 PM | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 3/21/2007 3:40:56 PM | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 3/21/2007 4:39:18 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/23/2007 9:47:44 AM | Attr = H ]
bak -> %System32%\bak -> [Folder | Modified Date = 3/19/2007 2:35:40 PM | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 3/21/2007 4:28:06 PM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 3/21/2007 9:36:58 PM | Attr = ]
CDisplay.dll -> %System32%\CDisplay.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Modified Date = 3/12/2007 10:56:00 AM | Attr = ]
cell.dll -> %System32%\cell.dll -> Coreco Imaging Inc. [Ver = 1.4.4.3 | Size = 122880 bytes | Modified Date = 3/12/2007 10:54:18 AM | Attr = ]
Com -> %System32%\Com -> [Folder | Modified Date = 3/21/2007 4:07:10 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 3/21/2007 9:38:22 PM | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 3/22/2007 10:17:38 AM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 256656 bytes | Modified Date = 3/21/2007 4:37:30 PM | Attr = ]
iappclient.dll -> %System32%\iappclient.dll -> [Ver = 1.4.4.3 | Size = 450560 bytes | Modified Date = 3/12/2007 12:12:00 PM | Attr = ]
iappcontrols.dll -> %System32%\iappcontrols.dll -> [Ver = 1.4.4.3 | Size = 217088 bytes | Modified Date = 3/12/2007 11:03:30 AM | Attr = ]
iassistant.exe -> %System32%\iassistant.exe -> [Ver = 1.4.4.3 | Size = 32768 bytes | Modified Date = 3/12/2007 10:57:52 AM | Attr = ]
icleanping.exe -> %System32%\icleanping.exe -> [Ver = 1.4.4.3 | Size = 28672 bytes | Modified Date = 3/12/2007 12:12:10 PM | Attr = ]
iEtherNetIP.dll -> %System32%\iEtherNetIP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 163840 bytes | Modified Date = 3/12/2007 10:59:38 AM | Attr = ]
ihistorylog.ocx -> %System32%\ihistorylog.ocx -> Coreco Imaging [Ver = 1.4.4.3 | Size = 57344 bytes | Modified Date = 3/12/2007 12:12:14 PM | Attr = ]
iiNspectC.dll -> %System32%\iiNspectC.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 1495040 bytes | Modified Date = 3/12/2007 5:42:58 PM | Attr = ]
iiNspectEN.chm -> %System32%\iiNspectEN.chm -> [Ver = | Size = 221014 bytes | Modified Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectJP.chm -> %System32%\iiNspectJP.chm -> [Ver = | Size = 221014 bytes | Modified Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectResEN.dll -> %System32%\iiNspectResEN.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 40960 bytes | Modified Date = 3/12/2007 5:43:06 PM | Attr = ]
iiNspectResJP.dll -> %System32%\iiNspectResJP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 32768 bytes | Modified Date = 3/12/2007 5:43:16 PM | Attr = ]
iLabelC.dll -> %System32%\iLabelC.dll -> [Ver = 1.4.4.3 | Size = 1130496 bytes | Modified Date = 3/12/2007 12:12:20 PM | Attr = ]
iLabelResEN.dll -> %System32%\iLabelResEN.dll -> [Ver = 1.4.4.3 | Size = 28672 bytes | Modified Date = 3/12/2007 12:12:22 PM | Attr = ]
iLabelResJP.dll -> %System32%\iLabelResJP.dll -> [Ver = 1.4.4.3 | Size = 24576 bytes | Modified Date = 3/12/2007 12:12:22 PM | Attr = ]
imbslave.dll -> %System32%\imbslave.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 45056 bytes | Modified Date = 3/12/2007 12:12:26 PM | Attr = ]
inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 3/21/2007 4:39:12 PM | Attr = ]
iuensec.dll -> %System32%\iuensec.dll -> [Ver = | Size = 19828 bytes | Modified Date = 3/19/2007 2:51:02 PM | Attr = ]
iupgrade.exe -> %System32%\iupgrade.exe -> [Ver = 1.4.4.3 | Size = 69632 bytes | Modified Date = 3/12/2007 12:12:54 PM | Attr = ]
iWorks.exe -> %System32%\iWorks.exe -> [Ver = 1.4.4.3 | Size = 667648 bytes | Modified Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorks.ocx -> %System32%\iWorks.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 40960 bytes | Modified Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResEN.dll -> %System32%\iWorksResEN.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Modified Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResJP.dll -> %System32%\iWorksResJP.dll -> [Ver = 1.4.4.3 | Size = 32768 bytes | Modified Date = 3/12/2007 11:04:22 AM | Attr = ]
lsasss.exe -> %System32%\lsasss.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
NeroCheck.exe -> %System32%\NeroCheck.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
NetmsgW32.dll -> %System32%\NetmsgW32.dll -> [Ver = 1.4.4.3 | Size = 45056 bytes | Modified Date = 3/12/2007 10:53:54 AM | Attr = ]
npp -> %System32%\npp -> [Folder | Modified Date = 3/21/2007 3:36:42 PM | Attr = ]
oobe -> %System32%\oobe -> [Folder | Modified Date = 3/21/2007 3:40:18 PM | Attr = ]
pathtoolclient.dll -> %System32%\pathtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 61440 bytes | Modified Date = 3/12/2007 11:04:30 AM | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 78114 bytes | Modified Date = 3/21/2007 4:43:30 PM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 447488 bytes | Modified Date = 3/21/2007 4:43:30 PM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 535898 bytes | Modified Date = 3/21/2007 4:43:30 PM | Attr = ]
pmnnm.exe -> %System32%\pmnnm.exe -> [Ver = | Size =

#5 aditya349

aditya349
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 23 March 2007 - 10:45 AM

Part3 (Last)

PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 535898 bytes | Modified Date = 3/21/2007 4:43:30 PM | Attr = ]
pmnnm.exe -> %System32%\pmnnm.exe -> [Ver = | Size = 27134 bytes | Modified Date = 3/19/2007 2:51:02 PM | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Modified Date = 3/21/2007 1:26:54 PM | Attr = ]
ReinstallBackups -> %System32%\ReinstallBackups -> [Folder | Modified Date = 3/21/2007 3:32:44 PM | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 3/21/2007 3:36:42 PM | Attr = ]
Setup -> %System32%\Setup -> [Folder | Modified Date = 3/21/2007 3:40:44 PM | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Modified Date = 3/21/2007 1:22:18 PM | Attr = ]
tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2700 bytes | Modified Date = 3/21/2007 11:47:22 AM | Attr = ]
trailtoolclient.dll -> %System32%\trailtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 28672 bytes | Modified Date = 3/12/2007 11:04:50 AM | Attr = ]
upgrade.ocx -> %System32%\upgrade.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 90112 bytes | Modified Date = 3/12/2007 12:12:02 PM | Attr = ]
usmt -> %System32%\usmt -> [Folder | Modified Date = 3/21/2007 3:36:04 PM | Attr = ]
VpeMsgw32.dll -> %System32%\VpeMsgw32.dll -> [Ver = 1.4.4.3 | Size = 61440 bytes | Modified Date = 3/12/2007 10:53:44 AM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 3/21/2007 4:38:34 PM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 3/23/2007 9:48:38 AM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Modified Date = 3/22/2007 10:14:54 AM | Attr = ]

[File String Scan - Non-Microsoft Only]
UpackByDwing , MZKERNEL32.DLL , -> %SystemRoot%\pmlige.dll -> [Ver = | Size = 105656 bytes | Modified Date = 3/20/2007 6:17:46 PM | Attr = ]
PEC2 , -> %System32%\atl71.pdb -> [Ver = | Size = 2052096 bytes | Modified Date = 3/18/2003 10:05:48 PM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
UPX! , UPX0 , -> %System32%\lsasss.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
PEC2 , -> %System32%\MFC42.PDB -> [Ver = | Size = 8392704 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFC42D.PDB -> [Ver = | Size = 4280320 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFC42U.PDB -> [Ver = | Size = 8351744 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFC42UD.PDB -> [Ver = | Size = 4280320 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\mfc71.pdb -> [Ver = | Size = 10357760 bytes | Modified Date = 3/19/2003 12:20:00 AM | Attr = ]
PEC2 , -> %System32%\MFC71d.pdb -> [Ver = | Size = 8252416 bytes | Modified Date = 3/18/2003 11:28:40 PM | Attr = ]
PEC2 , -> %System32%\mfc71u.pdb -> [Ver = | Size = 10333184 bytes | Modified Date = 3/19/2003 12:12:12 AM | Attr = ]
PEC2 , -> %System32%\mfc71ud.pdb -> [Ver = | Size = 8293376 bytes | Modified Date = 3/18/2003 11:31:58 PM | Attr = ]
PEC2 , -> %System32%\MFCD42D.PDB -> [Ver = | Size = 2379776 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCD42UD.PDB -> [Ver = | Size = 2396160 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCN42D.PDB -> [Ver = | Size = 1781760 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCN42UD.PDB -> [Ver = | Size = 1789952 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCO42D.PDB -> [Ver = | Size = 4722688 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCO42UD.PDB -> [Ver = | Size = 4763648 bytes | Modified Date = 2/27/2004 | Attr = ]
UPX! , UPX0 , -> %System32%\NeroCheck.exe -> [Ver = | Size = 37662 bytes | Modified Date = 3/19/2007 2:34:30 PM | Attr = ]
MZKERNEL32.DLL , -> %System32%\pmnnm.exe -> [Ver = | Size = 27134 bytes | Modified Date = 3/19/2007 2:51:02 PM | Attr = ]
UPX! , UPX0 , -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Modified Date = 4/27/2006 4:49:30 PM | Attr = ]
UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Modified Date = 8/29/2006 6:43:54 PM | Attr = ]
UPX! , UPX0 , -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Modified Date = 1/9/2006 9:36:06 AM | Attr = ]
UPX! , UPX0 , -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Modified Date = 12/1/2006 5:20:34 AM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/23/2001 7:00:00 AM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/3/2004 10:41:38 PM | Attr = ]

< End of report >

#6 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:07:48 PM

Posted 23 March 2007 - 03:14 PM

Hi aditya349. Ok, let's get started. First, please print these directions so they will be available to you (we will be rebooting into Safe Mode during the fix).

Next, Please follow the steps below in order:

Step #1

Download AVG anti-spyware from HERE and save that file to your desktop.
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need to run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen, under "How to act" select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.

Step #2

Now start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Registry - Non-Microsoft Only]
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
YY -> iuensec -> %System32%\iuensec.dll
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YY -> {3f4c1ae6-fe10-4354-8bcf-58e1d6b4970a} [HKLM] -> %System32%\iuensec.dll [Reg Data - Value does not exist]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
YN -> {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
[Files/Folders - Created Within 30 days]
NY -> command.exe -> %SystemDrive%\command.exe
NY -> 002852_.tmp -> %SystemRoot%\002852_.tmp
NY -> pmlige.dll -> %SystemRoot%\pmlige.dll
NY -> iuensec.dll -> %System32%\iuensec.dll
NY -> lsasss.exe -> %System32%\lsasss.exe
NY -> pmnnm.exe -> %System32%\pmnnm.exe
[Files/Folders - Modified Within 30 days]
NY -> command.exe -> %SystemDrive%\command.exe
NY -> 002852_.tmp -> %SystemRoot%\002852_.tmp
NY -> pmlige.dll -> %SystemRoot%\pmlige.dll
NY -> pmnnm.exe -> %System32%\pmnnm.exe
[File String Scan - Non-Microsoft Only]
NY -> MZKERNEL32.DLL , -> %System32%\pmnnm.exe
[Empty Temp Folders]


The fix should only take a very short time You might be asked to reboot if any of the files could not be moved during the fix. If so, choose Yes and reboot into Safe Mode as shown below. If you are not asked to reboot then reboot manually into Safe Mode.

Reboot into Safe Mode by doing the following:
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Step #3

Launch AVG Anti-Spyware by double-clicking the icon on your desktop.

IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
    • IMake sure that Set all elements to: shows Quarantine, if not click on the link and choose Quarantine from the popup menu.
    • At the bottom of the window click on the "Apply all actions" button
    Note: Don't save the report before you hit the Apply action button.
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.
Step #4

Post the following back here:
  • a new WinPFind3U report
  • the AVG Anti-Spyware report
  • the latest .log file from the WinPFind3u folder (it will be a .log file and have a date_time name in the format mmddyyyy_hhmmss.log)
I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#7 aditya349

aditya349
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 26 March 2007 - 08:37 AM

Hi OT,

Thanks for your continued and quick response.

Just one small thing I noticed while following your instructions:

In Step#3, item 3, you say select the Reports icon at the top. If I do this then the "Save Report As" is grayed out.
So I click on Save Report, that brings me to the Reports screen and also the "Save Report As" is now available.

Here are the various reports and logs as requested:

1. WinPFind3U Report:

WinPFind3 logfile created on: 3/26/2007 9:20:48 AM
WinPFind3U by OldTimer - Version 1.0.28 Folder = C:\Documents and Settings\amrit\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

1023 Mb Total Physical Memory | 615 Mb Available Physical Memory | 60.18% Memory free
1 Gb Paging File | 1 Gb Available in Paging File | 85.80% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1534;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76 Gb Total Space | 24 Gb Free Space | 31.71% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: BLUE78
Current User Name: amrit
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
defwatch.exe -> %ProgramFiles%\NavNT\defwatch.exe -> Symantec Corporation [Ver = 7, 51, 0, 1 | Size = 32768 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
ghoststartservice.exe -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartService.exe -> Symantec Corporation [Ver = 2003.775 | Size = 200704 bytes | Modified Date = 8/14/2002 3:21:16 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 12/15/2006 3:23:28 AM | Attr = ]
msgsys.exe -> %System32%\MSGSYS.EXE -> Intel Corporation [Ver = 6.0.201.0940 E | Size = 14336 bytes | Modified Date = 9/18/2000 5:12:40 PM | Attr = ]
ncs.exe -> %ProgramFiles%\Compuware\PCShared\NCS.exe -> Compuware Numega Lab [Ver = 1, 0, 0, 1 | Size = 45110 bytes | Modified Date = 9/25/2000 11:30:20 AM | Attr = ]
rtvscan.exe -> %ProgramFiles%\NavNT\rtvscan.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 430080 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
trayit!.exe -> %ProgramFiles%\Trayit\trayit!.exe -> Igor Nys [Ver = 2, 9, 1, 1 | Size = 61952 bytes | Modified Date = 9/7/2000 2:10:34 PM | Attr = R ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.28.0 | Size = 316416 bytes | Modified Date = 3/22/2007 7:01:30 AM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Modified Date = 8/22/2006 8:05:00 PM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
(DefWatch) DefWatch [Win32_Own | Auto | Running] -> %ProgramFiles%\NavNT\defwatch.exe -> Symantec Corporation [Ver = 7, 51, 0, 1 | Size = 32768 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:50 AM | Attr = ]
(GhostStartService) GhostStartService [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartService.exe -> Symantec Corporation [Ver = 2003.775 | Size = 200704 bytes | Modified Date = 8/14/2002 3:21:16 PM | Attr = ]
(NCS) Numega Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Compuware\PCShared\NCS.exe -> Compuware Numega Lab [Ver = 1, 0, 0, 1 | Size = 45110 bytes | Modified Date = 9/25/2000 11:30:20 AM | Attr = ]
(Norton AntiVirus Server) Norton AntiVirus Client [Win32_Own | Auto | Running] -> %ProgramFiles%\NavNT\rtvscan.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 430080 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> File not found
GhostStartTrayApp -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 12/15/2006 3:23:28 AM | Attr = ]
vptray -> %ProgramFiles%\NavNT\vptray.exe -> File not found
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< User Startup > -> C:\Documents and Settings\amrit\Start Menu\Programs\Startup
%UserStartup%\TrayIt!.lnk -> %ProgramFiles%\Trayit\trayit!.exe -> Igor Nys [Ver = 2, 9, 1, 1 | Size = 61952 bytes | Modified Date = 9/7/2000 2:10:34 PM | Attr = R ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 9/28/2006 9:13:28 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 86016 bytes | Modified Date = 8/22/2006 8:46:30 PM | Attr = ]
iuensec -> iuensec.dll -> File not found
NavLogon -> %System32%\NavLogon.dll -> [Ver = | Size = 28672 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1 localhost -> ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Local Page -> C:\windows\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 12:02:04 PM | Attr = ]
{3f4c1ae6-fe10-4354-8bcf-58e1d6b4970a} [HKLM] -> %System32%\iuensec.dll [Reg Data - Value does not exist] -> File not found
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Data - Value does not exist] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 12/15/2006 3:23:24 AM | Attr = ]
{CE92F0E4-87AD-11D3-B713-00C04F8F6C86} [HKLM] -> %ProgramFiles%\Compuware\PCShared\NMIEHELP.dll [NMIEHelper Class] -> [Ver = 1, 0, 0, 1 | Size = 61497 bytes | Modified Date = 5/3/2000 2:41:02 AM | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 12/15/2006 3:23:26 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 12/15/2006 3:23:24 AM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&xport to Microsoft Excel -> -> File not found
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\
.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 1:56:24 PM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{44556415-7559-4F50-A091-12CFD3069AD5} -> (Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45) ->
{46DE913A-65A4-488B-8795-89C7C8B95372} -> 192.94.228.111,192.94.228.15,192.94.228.201,12.127.16.67,12.127.17.71 (Broadcom NetXtreme Gigabit Ethernet) ->
{6D732098-7696-458B-B1DB-62C0B96AFF43} -> (1394 Net Adapter) ->
{84F19A83-B165-4CE8-BB4D-44B19D4D9EDA} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{0000000A-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/8/B...42/wmsp9dmo.cab ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -> QuickTime Object - CodeBase = http://www.apple.com/qtactivex/qtplugin.cab ->
{0814DE28-AB38-48D3-A4C6-D5740ADDD721} -> IWorks Control - CodeBase = http://192.168.0.100/iWorks.CAB ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 ->
{33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab ->
{3C63E58F-715F-4B88-9F1F-5C3C9F07976B} -> Upgrade Control - CodeBase = http://192.168.000.100/iWorks.CAB ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/...b?1174501304187 ->
{69565A48-8A92-11D9-8BDE-F66BAD1E3F3A} -> BridgeChannel v3.2 - CodeBase = http://channel.bridge.com/bc/java/rbc33_i.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdat...b?1174507015109 ->
{82774781-8F4E-11D1-AB1C-0000F8773BF0} -> DLC Class - CodeBase = https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{9E5B3E8E-5F5B-437D-86D7-E2BCF1EEF678} -> IHistoryLog Control - CodeBase = http://192.168.0.100/iWorks.CAB ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> Shockwave Flash Object - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab ->
Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


[Files/Folders - Created Within 30 days]
CCStudio_v3.2 -> %SystemDrive%\CCStudio_v3.2 -> [Folder | Created Date = 3/19/2007 12:32:01 PM | Attr = ]
iNspect -> %SystemDrive%\iNspect -> [Folder | Created Date = 2/27/2007 10:21:15 AM | Attr = ]
iNspectns2setup -> %SystemDrive%\iNspectns2setup -> [Folder | Created Date = 3/12/2007 5:44:56 PM | Attr = ]
NK.bin -> %SystemDrive%\NK.bin -> [Ver = | Size = 9920019 bytes | Created Date = 3/22/2007 1:20:26 PM | Attr = ]
nk.bin_va20_nodma -> %SystemDrive%\nk.bin_va20_nodma -> [Ver = | Size = 9530011 bytes | Created Date = 3/22/2007 12:53:13 PM | Attr = ]
solution00.bin -> %SystemDrive%\solution00.bin -> [Ver = | Size = 646343 bytes | Created Date = 3/14/2007 11:42:00 AM | Attr = ]
solution01.bin -> %SystemDrive%\solution01.bin -> [Ver = | Size = 315810 bytes | Created Date = 2/28/2007 3:14:00 PM | Attr = ]
solution02.bin -> %SystemDrive%\solution02.bin -> [Ver = | Size = 315068 bytes | Created Date = 2/28/2007 3:14:00 PM | Attr = ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Created Date = 3/21/2007 3:28:34 PM | Attr = H ]
$NtUninstallKB833407$ -> %SystemRoot%\$NtUninstallKB833407$ -> [Folder | Created Date = 3/21/2007 2:21:58 PM | Attr = H ]
$NtUninstallKB835409$ -> %SystemRoot%\$NtUninstallKB835409$ -> [Folder | Created Date = 3/21/2007 2:08:07 PM | Attr = H ]
$NtUninstallKB873333$ -> %SystemRoot%\$NtUninstallKB873333$ -> [Folder | Created Date = 3/21/2007 3:46:11 PM | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Created Date = 3/21/2007 3:47:08 PM | Attr = H ]
$NtUninstallKB885250$ -> %SystemRoot%\$NtUninstallKB885250$ -> [Folder | Created Date = 3/21/2007 3:47:55 PM | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Created Date = 3/21/2007 3:48:43 PM | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Created Date = 3/21/2007 3:49:39 PM | Attr = H ]
$NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Created Date = 3/21/2007 3:50:32 PM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Created Date = 3/21/2007 3:51:19 PM | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Created Date = 3/21/2007 3:52:13 PM | Attr = H ]
$NtUninstallKB890046_0$ -> %SystemRoot%\$NtUninstallKB890046_0$ -> [Folder | Created Date = 3/21/2007 1:54:56 PM | Attr = H ]
$NtUninstallKB890047$ -> %SystemRoot%\$NtUninstallKB890047$ -> [Folder | Created Date = 3/21/2007 3:53:01 PM | Attr = H ]
$NtUninstallKB890175$ -> %SystemRoot%\$NtUninstallKB890175$ -> [Folder | Created Date = 3/21/2007 3:54:26 PM | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Created Date = 3/21/2007 3:55:54 PM | Attr = H ]
$NtUninstallKB890859_0$ -> %SystemRoot%\$NtUninstallKB890859_0$ -> [Folder | Created Date = 3/21/2007 1:56:16 PM | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Created Date = 3/21/2007 3:56:33 PM | Attr = H ]
$NtUninstallKB892944$ -> %SystemRoot%\$NtUninstallKB892944$ -> [Folder | Created Date = 3/21/2007 1:54:28 PM | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Created Date = 3/21/2007 3:57:09 PM | Attr = H ]
$NtUninstallKB893756_0$ -> %SystemRoot%\$NtUninstallKB893756_0$ -> [Folder | Created Date = 3/21/2007 1:57:25 PM | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Created Date = 3/21/2007 3:57:50 PM | Attr = H ]
$NtUninstallKB896358_0$ -> %SystemRoot%\$NtUninstallKB896358_0$ -> [Folder | Created Date = 3/21/2007 1:56:53 PM | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Created Date = 3/21/2007 3:58:30 PM | Attr = H ]
$NtUninstallKB896423_0$ -> %SystemRoot%\$NtUninstallKB896423_0$ -> [Folder | Created Date = 3/21/2007 1:58:56 PM | Attr = H ]
$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Created Date = 3/21/2007 3:59:13 PM | Attr = H ]
$NtUninstallKB896424_0$ -> %SystemRoot%\$NtUninstallKB896424_0$ -> [Folder | Created Date = 3/21/2007 2:07:27 PM | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Created Date = 3/21/2007 3:59:58 PM | Attr = H ]
$NtUninstallKB896428_0$ -> %SystemRoot%\$NtUninstallKB896428_0$ -> [Folder | Created Date = 3/21/2007 1:55:21 PM | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Created Date = 3/21/2007 1:26:44 PM | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Created Date = 3/21/2007 4:00:42 PM | Attr = H ]
$NtUninstallKB899587_0$ -> %SystemRoot%\$NtUninstallKB899587_0$ -> [Folder | Created Date = 3/21/2007 1:58:23 PM | Attr = H ]
$NtUninstallKB899589$ -> %SystemRoot%\$NtUninstallKB899589$ -> [Folder | Created Date = 3/21/2007 4:01:30 PM | Attr = H ]
$NtUninstallKB899589_0$ -> %SystemRoot%\$NtUninstallKB899589_0$ -> [Folder | Created Date = 3/21/2007 2:02:05 PM | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Created Date = 3/21/2007 4:02:12 PM | Attr = H ]
$NtUninstallKB899591_0$ -> %SystemRoot%\$NtUninstallKB899591_0$ -> [Folder | Created Date = 3/21/2007 1:57:53 PM | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Created Date = 3/21/2007 4:03:06 PM | Attr = H ]
$NtUninstallKB900725_0$ -> %SystemRoot%\$NtUninstallKB900725_0$ -> [Folder | Created Date = 3/21/2007 2:06:40 PM | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Created Date = 3/21/2007 4:03:54 PM | Attr = H ]
$NtUninstallKB901017_0$ -> %SystemRoot%\$NtUninstallKB901017_0$ -> [Folder | Created Date = 3/21/2007 2:02:48 PM | Attr = H ]
$NtUninstallKB901190$ -> %SystemRoot%\$NtUninstallKB901190$ -> [Folder | Created Date = 3/21/2007 4:04:48 PM | Attr = H ]
$NtUninstallKB901190_0$ -> %SystemRoot%\$NtUninstallKB901190_0$ -> [Folder | Created Date = 3/21/2007 2:11:27 PM | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Created Date = 3/21/2007 4:05:37 PM | Attr = H ]
$NtUninstallKB901214_0$ -> %SystemRoot%\$NtUninstallKB901214_0$ -> [Folder | Created Date = 3/21/2007 1:55:46 PM | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Created Date = 3/21/2007 4:06:30 PM | Attr = H ]
$NtUninstallKB902400_0$ -> %SystemRoot%\$NtUninstallKB902400_0$ -> [Folder | Created Date = 3/21/2007 2:00:46 PM | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Created Date = 3/21/2007 2:04:36 PM | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Created Date = 3/21/2007 4:07:29 PM | Attr = H ]
$NtUninstallKB905414_0$ -> %SystemRoot%\$NtUninstallKB905414_0$ -> [Folder | Created Date = 3/21/2007 2:03:23 PM | Attr = H ]
$NtUninstallKB905495$ -> %SystemRoot%\$NtUninstallKB905495$ -> [Folder | Created Date = 3/21/2007 2:05:58 PM | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Created Date = 3/21/2007 4:08:23 PM | Attr = H ]
$NtUninstallKB905749_0$ -> %SystemRoot%\$NtUninstallKB905749_0$ -> [Folder | Created Date = 3/21/2007 2:05:19 PM | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Created Date = 3/21/2007 4:09:19 PM | Attr = H ]
$NtUninstallKB908519_0$ -> %SystemRoot%\$NtUninstallKB908519_0$ -> [Folder | Created Date = 3/21/2007 2:09:27 PM | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Created Date = 3/21/2007 4:10:08 PM | Attr = H ]
$NtUninstallKB908531_0$ -> %SystemRoot%\$NtUninstallKB908531_0$ -> [Folder | Created Date = 3/21/2007 2:14:45 PM | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Created Date = 3/21/2007 4:11:15 PM | Attr = H ]
$NtUninstallKB910437_0$ -> %SystemRoot%\$NtUninstallKB910437_0$ -> [Folder | Created Date = 3/21/2007 2:08:46 PM | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Created Date = 3/21/2007 4:12:08 PM | Attr = H ]
$NtUninstallKB911280_0$ -> %SystemRoot%\$NtUninstallKB911280_0$ -> [Folder | Created Date = 3/21/2007 2:22:58 PM | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Created Date = 3/21/2007 4:13:02 PM | Attr = H ]
$NtUninstallKB911562_0$ -> %SystemRoot%\$NtUninstallKB911562_0$ -> [Folder | Created Date = 3/21/2007 2:14:01 PM | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Created Date = 3/21/2007 2:12:43 PM | Attr = H ]
$NtUninstallKB911567-OE6SP1-20060316.165634$ -> %SystemRoot%\$NtUninstallKB911567-OE6SP1-20060316.165634$ -> [Folder | Created Date = 3/21/2007 2:13:12 PM | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Created Date = 3/21/2007 4:13:49 PM | Attr = H ]
$NtUninstallKB911927_0$ -> %SystemRoot%\$NtUninstallKB911927_0$ -> [Folder | Created Date = 3/21/2007 2:10:50 PM | Attr = H ]
$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Created Date = 3/21/2007 4:14:31 PM | Attr = H ]
$NtUninstallKB912919_0$ -> %SystemRoot%\$NtUninstallKB912919_0$ -> [Folder | Created Date = 3/21/2007 2:10:07 PM | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Created Date = 3/21/2007 4:15:13 PM | Attr = H ]
$NtUninstallKB913580_0$ -> %SystemRoot%\$NtUninstallKB913580_0$ -> [Folder | Created Date = 3/21/2007 2:20:19 PM | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Created Date = 3/21/2007 4:15:59 PM | Attr = H ]
$NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Created Date = 3/21/2007 2:27:53 PM | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Created Date = 3/21/2007 4:16:44 PM | Attr = H ]
$NtUninstallKB914389_0$ -> %SystemRoot%\$NtUninstallKB914389_0$ -> [Folder | Created Date = 3/21/2007 2:17:04 PM | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Created Date = 3/21/2007 4:17:26 PM | Attr = H ]
$NtUninstallKB917344_0$ -> %SystemRoot%\$NtUninstallKB917344_0$ -> [Folder | Created Date = 3/21/2007 2:18:41 PM | Attr = H ]
$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Created Date = 3/21/2007 4:18:11 PM | Attr = H ]
$NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Created Date = 3/21/2007 2:30:12 PM | Attr = H ]
$NtUninstallKB917734_WMP8$ -> %SystemRoot%\$NtUninstallKB917734_WMP8$ -> [Folder | Created Date = 3/21/2007 2:16:20 PM | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Created Date = 3/21/2007 4:18:57 PM | Attr = H ]
$NtUninstallKB917953_0$ -> %SystemRoot%\$NtUninstallKB917953_0$ -> [Folder | Created Date = 3/21/2007 2:21:12 PM | Attr = H ]
$NtUninstallKB918439-IE6SP1-20060530.145346$ -> %SystemRoot%\$NtUninstallKB918439-IE6SP1-20060530.145346$ -> [Folder | Created Date = 3/21/2007 2:17:44 PM | Attr = H ]
$NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Created Date = 3/21/2007 2:36:59 PM | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Created Date = 3/21/2007 4:19:43 PM | Attr = H ]
$NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Created Date = 3/21/2007 2:35:05 PM | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Created Date = 3/21/2007 4:20:26 PM | Attr = H ]
$NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Created Date = 3/21/2007 2:31:12 PM | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Created Date = 3/21/2007 4:21:06 PM | Attr = H ]
$NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Created Date = 3/21/2007 2:32:09 PM | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Created Date = 3/21/2007 4:21:51 PM | Attr = H ]
$NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Created Date = 3/21/2007 2:36:20 PM | Attr = H ]
$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Created Date = 3/21/2007 4:22:40 PM | Attr = H ]
$NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Created Date = 3/21/2007 2:33:03 PM | Attr = H ]
$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Created Date = 3/21/2007 4:23:24 PM | Attr = H ]
$NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Created Date = 3/21/2007 2:29:05 PM | Attr = H ]
$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Created Date = 3/21/2007 4:23:59 PM | Attr = H ]
$NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Created Date = 3/21/2007 2:34:13 PM | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Created Date = 3/21/2007 4:24:36 PM | Attr = H ]
$NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Created Date = 3/21/2007 2:43:12 PM | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Created Date = 3/21/2007 4:25:10 PM | Attr = H ]
$NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Created Date = 3/21/2007 2:41:05 PM | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Created Date = 3/21/2007 4:25:43 PM | Attr = H ]
$NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Created Date = 3/21/2007 2:38:56 PM | Attr = H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Created Date = 3/21/2007 4:26:36 PM | Attr = H ]
$NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Created Date = 3/21/2007 2:42:08 PM | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Created Date = 3/21/2007 4:27:40 PM | Attr = H ]
$NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Created Date = 3/21/2007 2:39:55 PM | Attr = H ]
$NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Created Date = 3/21/2007 2:37:49 PM | Attr = H ]
CSC -> %SystemRoot%\CSC -> [Folder | Created Date = 3/21/2007 5:17:34 PM | Attr = HS]
egilmp.ini -> %SystemRoot%\egilmp.ini -> [Ver = | Size = 1176564 bytes | Created Date = 3/20/2007 6:17:45 PM | Attr = HS]
gconf.INI -> %SystemRoot%\gconf.INI -> [Ver = | Size = 0 bytes | Created Date = 3/19/2007 12:59:57 PM | Attr = ]
mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 671 bytes | Created Date = 3/22/2007 10:09:18 AM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 3/19/2007 4:23:54 PM | Attr = ]
peernet -> %SystemRoot%\peernet -> [Folder | Created Date = 3/21/2007 3:40:11 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 3/21/2007 4:38:05 PM | Attr = ]
provisioning -> %SystemRoot%\provisioning -> [Folder | Created Date = 3/21/2007 3:40:05 PM | Attr = ]
slrundll.exe -> %SystemRoot%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 3/21/2007 3:40:17 PM | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 3/22/2007 10:12:37 AM | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 3/21/2007 3:41:50 PM | Attr = ]
bak -> %System32%\bak -> [Folder | Created Date = 3/19/2007 2:35:38 PM | Attr = ]
CDisplay.dll -> %System32%\CDisplay.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 10:56:00 AM | Attr = ]
cell.dll -> %System32%\cell.dll -> Coreco Imaging Inc. [Ver = 1.4.4.3 | Size = 122880 bytes | Created Date = 3/12/2007 10:54:18 AM | Attr = ]
dumphive.exe -> %System32%\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
hsfcisp2.dll -> %System32%\hsfcisp2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Created Date = 3/21/2007 3:40:29 PM | Attr = ]
iappclient.dll -> %System32%\iappclient.dll -> [Ver = 1.4.4.3 | Size = 450560 bytes | Created Date = 3/12/2007 12:12:00 PM | Attr = ]
iappcontrols.dll -> %System32%\iappcontrols.dll -> [Ver = 1.4.4.3 | Size = 217088 bytes | Created Date = 3/12/2007 11:03:30 AM | Attr = ]
iassistant.exe -> %System32%\iassistant.exe -> [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 10:57:52 AM | Attr = ]
icleanping.exe -> %System32%\icleanping.exe -> [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 12:12:10 PM | Attr = ]
ieencode.dll -> %System32%\ieencode.dll -> [Ver = | Size = 81920 bytes | Created Date = 3/21/2007 3:40:29 PM | Attr = ]
iEtherNetIP.dll -> %System32%\iEtherNetIP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 163840 bytes | Created Date = 3/12/2007 10:59:38 AM | Attr = ]
ihistorylog.ocx -> %System32%\ihistorylog.ocx -> Coreco Imaging [Ver = 1.4.4.3 | Size = 57344 bytes | Created Date = 3/12/2007 12:12:14 PM | Attr = ]
iiNspectC.dll -> %System32%\iiNspectC.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 1495040 bytes | Created Date = 3/12/2007 5:42:58 PM | Attr = ]
iiNspectEN.chm -> %System32%\iiNspectEN.chm -> [Ver = | Size = 221014 bytes | Created Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectJP.chm -> %System32%\iiNspectJP.chm -> [Ver = | Size = 221014 bytes | Created Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectResEN.dll -> %System32%\iiNspectResEN.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 5:43:06 PM | Attr = ]
iiNspectResJP.dll -> %System32%\iiNspectResJP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 5:43:16 PM | Attr = ]
iLabelC.dll -> %System32%\iLabelC.dll -> [Ver = 1.4.4.3 | Size = 1130496 bytes | Created Date = 3/12/2007 12:12:20 PM | Attr = ]
iLabelResEN.dll -> %System32%\iLabelResEN.dll -> [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 12:12:22 PM | Attr = ]
iLabelResJP.dll -> %System32%\iLabelResJP.dll -> [Ver = 1.4.4.3 | Size = 24576 bytes | Created Date = 3/12/2007 12:12:22 PM | Attr = ]
imbslave.dll -> %System32%\imbslave.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 45056 bytes | Created Date = 3/12/2007 12:12:26 PM | Attr = ]
iupgrade.exe -> %System32%\iupgrade.exe -> [Ver = 1.4.4.3 | Size = 69632 bytes | Created Date = 3/12/2007 12:12:54 PM | Attr = ]
iWorks.exe -> %System32%\iWorks.exe -> [Ver = 1.4.4.3 | Size = 667648 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorks.ocx -> %System32%\iWorks.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResEN.dll -> %System32%\iWorksResEN.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResJP.dll -> %System32%\iWorksResJP.dll -> [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 11:04:22 AM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49248 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 53346 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 127078 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
jpicpl32.cpl -> %System32%\jpicpl32.cpl -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49265 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
mdmxsdk.dll -> %System32%\mdmxsdk.dll -> Conexant [Ver = 1.0.2.006 | Size = 86016 bytes | Created Date = 3/21/2007 3:40:28 PM | Attr = ]
mtxparhd.dll -> %System32%\mtxparhd.dll -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 1737856 bytes | Created Date = 3/21/2007 3:40:27 PM | Attr = ]
NetmsgW32.dll -> %System32%\NetmsgW32.dll -> [Ver = 1.4.4.3 | Size = 45056 bytes | Created Date = 3/12/2007 10:53:54 AM | Attr = ]
pathtoolclient.dll -> %System32%\pathtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 61440 bytes | Created Date = 3/12/2007 11:04:30 AM | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Created Date = 3/21/2007 1:26:53 PM | Attr = ]
Process.exe -> %System32%\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 3/21/2007 5:54:58 PM | Attr = ]
runvb6.bat -> %System32%\runvb6.bat -> [Ver = | Size = 57 bytes | Created Date = 2/27/2007 10:48:50 AM | Attr = ]
s3gnb.dll -> %System32%\s3gnb.dll -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 397056 bytes | Created Date = 3/21/2007 3:40:25 PM | Attr = ]
slcoinst.dll -> %System32%\slcoinst.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 73832 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slextspk.dll -> %System32%\slextspk.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 286792 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slgen.dll -> %System32%\slgen.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 188508 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slrundll.exe -> %System32%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slserv.exe -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Created Date = 3/21/2007 1:22:17 PM | Attr = ]
SrchSTS.exe -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 3/21/2007 5:54:58 PM | Attr = ]
swsc.exe -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2700 bytes | Created Date = 3/21/2007 11:47:21 AM | Attr = ]
trailtoolclient.dll -> %System32%\trailtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 11:04:50 AM | Attr = ]
upgrade.ocx -> %System32%\upgrade.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 90112 bytes | Created Date = 3/12/2007 12:12:02 PM | Attr = ]
vbicodec.ax -> %System32%\vbicodec.ax -> [Ver = | Size = 53248 bytes | Created Date = 3/21/2007 3:40:41 PM | Attr = ]
VpeMsgw32.dll -> %System32%\VpeMsgw32.dll -> [Ver = 1.4.4.3 | Size = 61440 bytes | Created Date = 3/12/2007 10:53:44 AM | Attr = ]
wstpager.ax -> %System32%\wstpager.ax -> [Ver = | Size = 164352 bytes | Created Date = 3/21/2007 3:40:40 PM | Attr = ]
wstrenderer.ax -> %System32%\wstrenderer.ax -> [Ver = | Size = 239616 bytes | Created Date = 3/21/2007 3:40:40 PM | Attr = ]
adv01nt5.dll -> %System32%\drivers\adv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 4255 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv02nt5.dll -> %System32%\drivers\adv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3967 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv05nt5.dll -> %System32%\drivers\adv05nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3615 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv07nt5.dll -> %System32%\drivers\adv07nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3647 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv08nt5.dll -> %System32%\drivers\adv08nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3135 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv09nt5.dll -> %System32%\drivers\adv09nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3711 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv11nt5.dll -> %System32%\drivers\adv11nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3775 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
amdagp.sys -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1btxx.sys -> %System32%\drivers\ati1btxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 56623 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1mdxx.sys -> %System32%\drivers\ati1mdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 11615 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1pdxx.sys -> %System32%\drivers\ati1pdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 12047 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1raxx.sys -> %System32%\drivers\ati1raxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 30671 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1rvxx.sys -> %System32%\drivers\ati1rvxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 63663 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1snxx.sys -> %System32%\drivers\ati1snxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 26367 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1ttxx.sys -> %System32%\drivers\ati1ttxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 21343 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1tuxx.sys -> %System32%\drivers\ati1tuxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 36463 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1xbxx.sys -> %System32%\drivers\ati1xbxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 29455 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1xsxx.sys -> %System32%\drivers\ati1xsxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 34735 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
atv01nt5.dll -> %System32%\drivers\atv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 21183 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv02nt5.dll -> %System32%\drivers\atv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11359 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv04nt5.dll -> %System32%\drivers\atv04nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv06nt5.dll -> %System32%\drivers\atv06nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 14143 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv10nt5.dll -> %System32%\drivers\atv10nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 17279 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 3/23/2007 5:30:30 PM | Attr = ]
ch7xxnt5.dll -> %System32%\drivers\ch7xxnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 15423 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
cxthsfs2.cty -> %System32%\drivers\cxthsfs2.cty -> [Ver = | Size = 129045 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
hsfbs2s2.sys -> %System32%\drivers\hsfbs2s2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
hsfcxts2.sys -> %System32%\drivers\hsfcxts2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
hsfdpsp2.sys -> %System32%\drivers\hsfdpsp2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mdmxsdk.sys -> %System32%\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtlmnt5.sys -> %System32%\drivers\mtlmnt5.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 126686 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtlstrm.sys -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtxparhm.sys -> %System32%\drivers\mtxparhm.sys -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 452736 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
ntmtlfax.sys -> %System32%\drivers\ntmtlfax.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 180360 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
recagent.sys -> %System32%\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
s3gnbm.sys -> %System32%\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
siint5.dll -> %System32%\drivers\siint5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3901 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
sisagp.sys -> %System32%\drivers\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slnt7554.sys -> %System32%\drivers\slnt7554.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 129535 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slntamr.sys -> %System32%\drivers\slntamr.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 404990 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slnthal.sys -> %System32%\drivers\slnthal.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 95424 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slwdmsup.sys -> %System32%\drivers\slwdmsup.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13240 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Created Date = 3/22/2007 10:17:36 AM | Attr = ]
vchnt5.dll -> %System32%\drivers\vchnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11325 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
wadv07nt.sys -> %System32%\drivers\wadv07nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11807 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv08nt.sys -> %System32%\drivers\wadv08nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11295 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv09nt.sys -> %System32%\drivers\wadv09nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11871 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv11nt.sys -> %System32%\drivers\wadv11nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11935 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
watv06nt.sys -> %System32%\drivers\watv06nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 22271 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
watv10nt.sys -> %System32%\drivers\watv10nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 3/21/2007 3:42:12 PM | Attr = RHS]
CCStudio_v3.2 -> %SystemDrive%\CCStudio_v3.2 -> [Folder | Modified Date = 3/19/2007 12:56:00 PM | Attr = ]
F -> %SystemDrive%\F -> [Folder | Modified Date = 3/19/2007 1:08:20 PM | Attr = ]
iNspect -> %SystemDrive%\iNspect -> [Folder | Modified Date = 2/27/2007 10:21:40 AM | Attr = ]
iNspectns2setup -> %SystemDrive%\iNspectns2setup -> [Folder | Modified Date = 3/12/2007 5:45:08 PM | Attr = ]
iworksfw -> %SystemDrive%\iworksfw -> [Folder | Modified Date = 3/23/2007 5:33:26 PM | Attr = ]
mycredentials.spc -> %SystemDrive%\mycredentials.spc -> [Ver = | Size = 6856 bytes | Modified Date = 3/12/2007 5:35:02 PM | Attr = ]
MyDocuments -> %SystemDrive%\MyDocuments -> [Folder | Modified Date = 3/12/2007 2:47:52 PM | Attr = ]
myprivatekey.pvk -> %SystemDrive%\myprivatekey.pvk -> [Ver = | Size = 636 bytes | Modified Date = 3/6/2007 12:11:02 PM | Attr = ]
NetSightIIPackage -> %SystemDrive%\NetSightIIPackage -> [Folder | Modified Date = 3/5/2007 3:34:22 PM | Attr = ]
NK.bin -> %SystemDrive%\NK.bin -> [Ver = | Size = 9920019 bytes | Modified Date = 3/22/2007 2:38:22 PM | Attr = ]
nk.bin_va20_nodma -> %SystemDrive%\nk.bin_va20_nodma -> [Ver = | Size = 9530011 bytes | Modified Date = 3/22/2007 10:38:02 AM | Attr = ]
NTDETECT.COM -> %SystemDrive%\NTDETECT.COM -> [Ver = | Size = 47564 bytes | Modified Date = 3/21/2007 3:34:02 PM | Attr = RHS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/23/2007 5:30:24 PM | Attr = R ]
solution00.bin -> %SystemDrive%\solution00.bin -> [Ver = | Size = 646343 bytes | Modified Date = 3/14/2007 11:42:00 AM | Attr = ]
solution01.bin -> %SystemDrive%\solution01.bin -> [Ver = | Size = 315810 bytes | Modified Date = 2/28/2007 3:14:00 PM | Attr = ]
solution02.bin -> %SystemDrive%\solution02.bin -> [Ver = | Size = 315068 bytes | Modified Date = 2/28/2007 3:14:00 PM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 3/21/2007 4:37:36 PM | Attr = HS]
Verisign -> %SystemDrive%\Verisign -> [Folder | Modified Date = 3/12/2007 5:38:30 PM | Attr = ]
WINCE500 -> %SystemDrive%\WINCE500 -> [Folder | Modified Date = 3/23/2007 5:20:16 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 3/23/2007 5:38:06 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 3/21/2007 5:08:34 PM | Attr = H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 3/21/2007 3:31:04 PM | Attr = H ]
$NtUninstallKB833407$ -> %SystemRoot%\$NtUninstallKB833407$ -> [Folder | Modified Date = 3/21/2007 2:22:00 PM | Attr = H ]
$NtUninstallKB835409$ -> %SystemRoot%\$NtUninstallKB835409$ -> [Folder | Modified Date = 3/21/2007 2:08:10 PM | Attr = H ]
$NtUninstallKB873333$ -> %SystemRoot%\$NtUninstallKB873333$ -> [Folder | Modified Date = 3/21/2007 3:46:14 PM | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Modified Date = 3/21/2007 3:47:10 PM | Attr = H ]
$NtUninstallKB885250$ -> %SystemRoot%\$NtUninstallKB885250$ -> [Folder | Modified Date = 3/21/2007 3:47:56 PM | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Modified Date = 3/21/2007 3:48:44 PM | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Modified Date = 3/21/2007 3:49:40 PM | Attr = H ]
$NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Modified Date = 3/21/2007 3:50:34 PM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 3/21/2007 3:51:20 PM | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 3/21/2007 3:52:16 PM | Attr = H ]
$NtUninstallKB890046_0$ -> %SystemRoot%\$NtUninstallKB890046_0$ -> [Folder | Modified Date = 3/21/2007 1:54:58 PM | Attr = H ]
$NtUninstallKB890047$ -> %SystemRoot%\$NtUninstallKB890047$ -> [Folder | Modified Date = 3/21/2007 3:53:08 PM | Attr = H ]
$NtUninstallKB890175$ -> %SystemRoot%\$NtUninstallKB890175$ -> [Folder | Modified Date = 3/21/2007 3:54:28 PM | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Modified Date = 3/21/2007 3:55:56 PM | Attr = H ]
$NtUninstallKB890859_0$ -> %SystemRoot%\$NtUninstallKB890859_0$ -> [Folder | Modified Date = 3/21/2007 1:56:20 PM | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Modified Date = 3/21/2007 3:56:34 PM | Attr = H ]
$NtUninstallKB892944$ -> %SystemRoot%\$NtUninstallKB892944$ -> [Folder | Modified Date = 3/21/2007 1:54:32 PM | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Modified Date = 3/21/2007 3:57:12 PM | Attr = H ]
$NtUninstallKB893756_0$ -> %SystemRoot%\$NtUninstallKB893756_0$ -> [Folder | Modified Date = 3/21/2007 1:57:28 PM | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Modified Date = 3/21/2007 3:57:52 PM | Attr = H ]
$NtUninstallKB896358_0$ -> %SystemRoot%\$NtUninstallKB896358_0$ -> [Folder | Modified Date = 3/21/2007 1:56:56 PM | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Modified Date = 3/21/2007 3:58:32 PM | Attr = H ]
$NtUninstallKB896423_0$ -> %SystemRoot%\$NtUninstallKB896423_0$ -> [Folder | Modified Date = 3/21/2007 1:58:58 PM | Attr = H ]
$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Modified Date = 3/21/2007 3:59:16 PM | Attr = H ]
$NtUninstallKB896424_0$ -> %SystemRoot%\$NtUninstallKB896424_0$ -> [Folder | Modified Date = 3/21/2007 2:07:30 PM | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Modified Date = 3/21/2007 4:00:00 PM | Attr = H ]
$NtUninstallKB896428_0$ -> %SystemRoot%\$NtUninstallKB896428_0$ -> [Folder | Modified Date = 3/21/2007 1:55:24 PM | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Modified Date = 3/21/2007 1:26:46 PM | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Modified Date = 3/21/200

#8 aditya349

aditya349
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 26 March 2007 - 08:41 AM

Part 2:

$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Created Date = 3/21/2007 4:00:42 PM | Attr = H ]
$NtUninstallKB899587_0$ -> %SystemRoot%\$NtUninstallKB899587_0$ -> [Folder | Created Date = 3/21/2007 1:58:23 PM | Attr = H ]
$NtUninstallKB899589$ -> %SystemRoot%\$NtUninstallKB899589$ -> [Folder | Created Date = 3/21/2007 4:01:30 PM | Attr = H ]
$NtUninstallKB899589_0$ -> %SystemRoot%\$NtUninstallKB899589_0$ -> [Folder | Created Date = 3/21/2007 2:02:05 PM | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Created Date = 3/21/2007 4:02:12 PM | Attr = H ]
$NtUninstallKB899591_0$ -> %SystemRoot%\$NtUninstallKB899591_0$ -> [Folder | Created Date = 3/21/2007 1:57:53 PM | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Created Date = 3/21/2007 4:03:06 PM | Attr = H ]
$NtUninstallKB900725_0$ -> %SystemRoot%\$NtUninstallKB900725_0$ -> [Folder | Created Date = 3/21/2007 2:06:40 PM | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Created Date = 3/21/2007 4:03:54 PM | Attr = H ]
$NtUninstallKB901017_0$ -> %SystemRoot%\$NtUninstallKB901017_0$ -> [Folder | Created Date = 3/21/2007 2:02:48 PM | Attr = H ]
$NtUninstallKB901190$ -> %SystemRoot%\$NtUninstallKB901190$ -> [Folder | Created Date = 3/21/2007 4:04:48 PM | Attr = H ]
$NtUninstallKB901190_0$ -> %SystemRoot%\$NtUninstallKB901190_0$ -> [Folder | Created Date = 3/21/2007 2:11:27 PM | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Created Date = 3/21/2007 4:05:37 PM | Attr = H ]
$NtUninstallKB901214_0$ -> %SystemRoot%\$NtUninstallKB901214_0$ -> [Folder | Created Date = 3/21/2007 1:55:46 PM | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Created Date = 3/21/2007 4:06:30 PM | Attr = H ]
$NtUninstallKB902400_0$ -> %SystemRoot%\$NtUninstallKB902400_0$ -> [Folder | Created Date = 3/21/2007 2:00:46 PM | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Created Date = 3/21/2007 2:04:36 PM | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Created Date = 3/21/2007 4:07:29 PM | Attr = H ]
$NtUninstallKB905414_0$ -> %SystemRoot%\$NtUninstallKB905414_0$ -> [Folder | Created Date = 3/21/2007 2:03:23 PM | Attr = H ]
$NtUninstallKB905495$ -> %SystemRoot%\$NtUninstallKB905495$ -> [Folder | Created Date = 3/21/2007 2:05:58 PM | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Created Date = 3/21/2007 4:08:23 PM | Attr = H ]
$NtUninstallKB905749_0$ -> %SystemRoot%\$NtUninstallKB905749_0$ -> [Folder | Created Date = 3/21/2007 2:05:19 PM | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Created Date = 3/21/2007 4:09:19 PM | Attr = H ]
$NtUninstallKB908519_0$ -> %SystemRoot%\$NtUninstallKB908519_0$ -> [Folder | Created Date = 3/21/2007 2:09:27 PM | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Created Date = 3/21/2007 4:10:08 PM | Attr = H ]
$NtUninstallKB908531_0$ -> %SystemRoot%\$NtUninstallKB908531_0$ -> [Folder | Created Date = 3/21/2007 2:14:45 PM | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Created Date = 3/21/2007 4:11:15 PM | Attr = H ]
$NtUninstallKB910437_0$ -> %SystemRoot%\$NtUninstallKB910437_0$ -> [Folder | Created Date = 3/21/2007 2:08:46 PM | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Created Date = 3/21/2007 4:12:08 PM | Attr = H ]
$NtUninstallKB911280_0$ -> %SystemRoot%\$NtUninstallKB911280_0$ -> [Folder | Created Date = 3/21/2007 2:22:58 PM | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Created Date = 3/21/2007 4:13:02 PM | Attr = H ]
$NtUninstallKB911562_0$ -> %SystemRoot%\$NtUninstallKB911562_0$ -> [Folder | Created Date = 3/21/2007 2:14:01 PM | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Created Date = 3/21/2007 2:12:43 PM | Attr = H ]
$NtUninstallKB911567-OE6SP1-20060316.165634$ -> %SystemRoot%\$NtUninstallKB911567-OE6SP1-20060316.165634$ -> [Folder | Created Date = 3/21/2007 2:13:12 PM | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Created Date = 3/21/2007 4:13:49 PM | Attr = H ]
$NtUninstallKB911927_0$ -> %SystemRoot%\$NtUninstallKB911927_0$ -> [Folder | Created Date = 3/21/2007 2:10:50 PM | Attr = H ]
$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Created Date = 3/21/2007 4:14:31 PM | Attr = H ]
$NtUninstallKB912919_0$ -> %SystemRoot%\$NtUninstallKB912919_0$ -> [Folder | Created Date = 3/21/2007 2:10:07 PM | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Created Date = 3/21/2007 4:15:13 PM | Attr = H ]
$NtUninstallKB913580_0$ -> %SystemRoot%\$NtUninstallKB913580_0$ -> [Folder | Created Date = 3/21/2007 2:20:19 PM | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Created Date = 3/21/2007 4:15:59 PM | Attr = H ]
$NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Created Date = 3/21/2007 2:27:53 PM | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Created Date = 3/21/2007 4:16:44 PM | Attr = H ]
$NtUninstallKB914389_0$ -> %SystemRoot%\$NtUninstallKB914389_0$ -> [Folder | Created Date = 3/21/2007 2:17:04 PM | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Created Date = 3/21/2007 4:17:26 PM | Attr = H ]
$NtUninstallKB917344_0$ -> %SystemRoot%\$NtUninstallKB917344_0$ -> [Folder | Created Date = 3/21/2007 2:18:41 PM | Attr = H ]
$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Created Date = 3/21/2007 4:18:11 PM | Attr = H ]
$NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Created Date = 3/21/2007 2:30:12 PM | Attr = H ]
$NtUninstallKB917734_WMP8$ -> %SystemRoot%\$NtUninstallKB917734_WMP8$ -> [Folder | Created Date = 3/21/2007 2:16:20 PM | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Created Date = 3/21/2007 4:18:57 PM | Attr = H ]
$NtUninstallKB917953_0$ -> %SystemRoot%\$NtUninstallKB917953_0$ -> [Folder | Created Date = 3/21/2007 2:21:12 PM | Attr = H ]
$NtUninstallKB918439-IE6SP1-20060530.145346$ -> %SystemRoot%\$NtUninstallKB918439-IE6SP1-20060530.145346$ -> [Folder | Created Date = 3/21/2007 2:17:44 PM | Attr = H ]
$NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Created Date = 3/21/2007 2:36:59 PM | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Created Date = 3/21/2007 4:19:43 PM | Attr = H ]
$NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Created Date = 3/21/2007 2:35:05 PM | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Created Date = 3/21/2007 4:20:26 PM | Attr = H ]
$NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Created Date = 3/21/2007 2:31:12 PM | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Created Date = 3/21/2007 4:21:06 PM | Attr = H ]
$NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Created Date = 3/21/2007 2:32:09 PM | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Created Date = 3/21/2007 4:21:51 PM | Attr = H ]
$NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Created Date = 3/21/2007 2:36:20 PM | Attr = H ]
$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Created Date = 3/21/2007 4:22:40 PM | Attr = H ]
$NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Created Date = 3/21/2007 2:33:03 PM | Attr = H ]
$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Created Date = 3/21/2007 4:23:24 PM | Attr = H ]
$NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Created Date = 3/21/2007 2:29:05 PM | Attr = H ]
$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Created Date = 3/21/2007 4:23:59 PM | Attr = H ]
$NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Created Date = 3/21/2007 2:34:13 PM | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Created Date = 3/21/2007 4:24:36 PM | Attr = H ]
$NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Created Date = 3/21/2007 2:43:12 PM | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Created Date = 3/21/2007 4:25:10 PM | Attr = H ]
$NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Created Date = 3/21/2007 2:41:05 PM | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Created Date = 3/21/2007 4:25:43 PM | Attr = H ]
$NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Created Date = 3/21/2007 2:38:56 PM | Attr = H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Created Date = 3/21/2007 4:26:36 PM | Attr = H ]
$NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Created Date = 3/21/2007 2:42:08 PM | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Created Date = 3/21/2007 4:27:40 PM | Attr = H ]
$NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Created Date = 3/21/2007 2:39:55 PM | Attr = H ]
$NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Created Date = 3/21/2007 2:37:49 PM | Attr = H ]
CSC -> %SystemRoot%\CSC -> [Folder | Created Date = 3/21/2007 5:17:34 PM | Attr = HS]
egilmp.ini -> %SystemRoot%\egilmp.ini -> [Ver = | Size = 1176564 bytes | Created Date = 3/20/2007 6:17:45 PM | Attr = HS]
gconf.INI -> %SystemRoot%\gconf.INI -> [Ver = | Size = 0 bytes | Created Date = 3/19/2007 12:59:57 PM | Attr = ]
mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 671 bytes | Created Date = 3/22/2007 10:09:18 AM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 3/19/2007 4:23:54 PM | Attr = ]
peernet -> %SystemRoot%\peernet -> [Folder | Created Date = 3/21/2007 3:40:11 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 3/21/2007 4:38:05 PM | Attr = ]
provisioning -> %SystemRoot%\provisioning -> [Folder | Created Date = 3/21/2007 3:40:05 PM | Attr = ]
slrundll.exe -> %SystemRoot%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 3/21/2007 3:40:17 PM | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 3/22/2007 10:12:37 AM | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 3/21/2007 3:41:50 PM | Attr = ]
bak -> %System32%\bak -> [Folder | Created Date = 3/19/2007 2:35:38 PM | Attr = ]
CDisplay.dll -> %System32%\CDisplay.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 10:56:00 AM | Attr = ]
cell.dll -> %System32%\cell.dll -> Coreco Imaging Inc. [Ver = 1.4.4.3 | Size = 122880 bytes | Created Date = 3/12/2007 10:54:18 AM | Attr = ]
dumphive.exe -> %System32%\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
hsfcisp2.dll -> %System32%\hsfcisp2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Created Date = 3/21/2007 3:40:29 PM | Attr = ]
iappclient.dll -> %System32%\iappclient.dll -> [Ver = 1.4.4.3 | Size = 450560 bytes | Created Date = 3/12/2007 12:12:00 PM | Attr = ]
iappcontrols.dll -> %System32%\iappcontrols.dll -> [Ver = 1.4.4.3 | Size = 217088 bytes | Created Date = 3/12/2007 11:03:30 AM | Attr = ]
iassistant.exe -> %System32%\iassistant.exe -> [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 10:57:52 AM | Attr = ]
icleanping.exe -> %System32%\icleanping.exe -> [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 12:12:10 PM | Attr = ]
ieencode.dll -> %System32%\ieencode.dll -> [Ver = | Size = 81920 bytes | Created Date = 3/21/2007 3:40:29 PM | Attr = ]
iEtherNetIP.dll -> %System32%\iEtherNetIP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 163840 bytes | Created Date = 3/12/2007 10:59:38 AM | Attr = ]
ihistorylog.ocx -> %System32%\ihistorylog.ocx -> Coreco Imaging [Ver = 1.4.4.3 | Size = 57344 bytes | Created Date = 3/12/2007 12:12:14 PM | Attr = ]
iiNspectC.dll -> %System32%\iiNspectC.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 1495040 bytes | Created Date = 3/12/2007 5:42:58 PM | Attr = ]
iiNspectEN.chm -> %System32%\iiNspectEN.chm -> [Ver = | Size = 221014 bytes | Created Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectJP.chm -> %System32%\iiNspectJP.chm -> [Ver = | Size = 221014 bytes | Created Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectResEN.dll -> %System32%\iiNspectResEN.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 5:43:06 PM | Attr = ]
iiNspectResJP.dll -> %System32%\iiNspectResJP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 5:43:16 PM | Attr = ]
iLabelC.dll -> %System32%\iLabelC.dll -> [Ver = 1.4.4.3 | Size = 1130496 bytes | Created Date = 3/12/2007 12:12:20 PM | Attr = ]
iLabelResEN.dll -> %System32%\iLabelResEN.dll -> [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 12:12:22 PM | Attr = ]
iLabelResJP.dll -> %System32%\iLabelResJP.dll -> [Ver = 1.4.4.3 | Size = 24576 bytes | Created Date = 3/12/2007 12:12:22 PM | Attr = ]
imbslave.dll -> %System32%\imbslave.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 45056 bytes | Created Date = 3/12/2007 12:12:26 PM | Attr = ]
iupgrade.exe -> %System32%\iupgrade.exe -> [Ver = 1.4.4.3 | Size = 69632 bytes | Created Date = 3/12/2007 12:12:54 PM | Attr = ]
iWorks.exe -> %System32%\iWorks.exe -> [Ver = 1.4.4.3 | Size = 667648 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorks.ocx -> %System32%\iWorks.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResEN.dll -> %System32%\iWorksResEN.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Created Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResJP.dll -> %System32%\iWorksResJP.dll -> [Ver = 1.4.4.3 | Size = 32768 bytes | Created Date = 3/12/2007 11:04:22 AM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49248 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 53346 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 127078 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
jpicpl32.cpl -> %System32%\jpicpl32.cpl -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49265 bytes | Created Date = 3/22/2007 10:11:15 AM | Attr = ]
mdmxsdk.dll -> %System32%\mdmxsdk.dll -> Conexant [Ver = 1.0.2.006 | Size = 86016 bytes | Created Date = 3/21/2007 3:40:28 PM | Attr = ]
mtxparhd.dll -> %System32%\mtxparhd.dll -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 1737856 bytes | Created Date = 3/21/2007 3:40:27 PM | Attr = ]
NetmsgW32.dll -> %System32%\NetmsgW32.dll -> [Ver = 1.4.4.3 | Size = 45056 bytes | Created Date = 3/12/2007 10:53:54 AM | Attr = ]
pathtoolclient.dll -> %System32%\pathtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 61440 bytes | Created Date = 3/12/2007 11:04:30 AM | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Created Date = 3/21/2007 1:26:53 PM | Attr = ]
Process.exe -> %System32%\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 3/21/2007 5:54:58 PM | Attr = ]
runvb6.bat -> %System32%\runvb6.bat -> [Ver = | Size = 57 bytes | Created Date = 2/27/2007 10:48:50 AM | Attr = ]
s3gnb.dll -> %System32%\s3gnb.dll -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 397056 bytes | Created Date = 3/21/2007 3:40:25 PM | Attr = ]
slcoinst.dll -> %System32%\slcoinst.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 73832 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slextspk.dll -> %System32%\slextspk.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 286792 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slgen.dll -> %System32%\slgen.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 188508 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slrundll.exe -> %System32%\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
slserv.exe -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Created Date = 3/21/2007 3:40:24 PM | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Created Date = 3/21/2007 1:22:17 PM | Attr = ]
SrchSTS.exe -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 3/21/2007 5:54:58 PM | Attr = ]
swsc.exe -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 3/21/2007 5:54:59 PM | Attr = ]
tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2700 bytes | Created Date = 3/21/2007 11:47:21 AM | Attr = ]
trailtoolclient.dll -> %System32%\trailtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 28672 bytes | Created Date = 3/12/2007 11:04:50 AM | Attr = ]
upgrade.ocx -> %System32%\upgrade.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 90112 bytes | Created Date = 3/12/2007 12:12:02 PM | Attr = ]
vbicodec.ax -> %System32%\vbicodec.ax -> [Ver = | Size = 53248 bytes | Created Date = 3/21/2007 3:40:41 PM | Attr = ]
VpeMsgw32.dll -> %System32%\VpeMsgw32.dll -> [Ver = 1.4.4.3 | Size = 61440 bytes | Created Date = 3/12/2007 10:53:44 AM | Attr = ]
wstpager.ax -> %System32%\wstpager.ax -> [Ver = | Size = 164352 bytes | Created Date = 3/21/2007 3:40:40 PM | Attr = ]
wstrenderer.ax -> %System32%\wstrenderer.ax -> [Ver = | Size = 239616 bytes | Created Date = 3/21/2007 3:40:40 PM | Attr = ]
adv01nt5.dll -> %System32%\drivers\adv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 4255 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv02nt5.dll -> %System32%\drivers\adv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3967 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv05nt5.dll -> %System32%\drivers\adv05nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3615 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv07nt5.dll -> %System32%\drivers\adv07nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3647 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv08nt5.dll -> %System32%\drivers\adv08nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3135 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv09nt5.dll -> %System32%\drivers\adv09nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3711 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
adv11nt5.dll -> %System32%\drivers\adv11nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3775 bytes | Created Date = 3/21/2007 3:40:36 PM | Attr = ]
amdagp.sys -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1btxx.sys -> %System32%\drivers\ati1btxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 56623 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1mdxx.sys -> %System32%\drivers\ati1mdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 11615 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1pdxx.sys -> %System32%\drivers\ati1pdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 12047 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1raxx.sys -> %System32%\drivers\ati1raxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 30671 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1rvxx.sys -> %System32%\drivers\ati1rvxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 63663 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1snxx.sys -> %System32%\drivers\ati1snxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 26367 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1ttxx.sys -> %System32%\drivers\ati1ttxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 21343 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1tuxx.sys -> %System32%\drivers\ati1tuxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 36463 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1xbxx.sys -> %System32%\drivers\ati1xbxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 29455 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
ati1xsxx.sys -> %System32%\drivers\ati1xsxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 34735 bytes | Created Date = 3/21/2007 3:40:35 PM | Attr = ]
atv01nt5.dll -> %System32%\drivers\atv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 21183 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv02nt5.dll -> %System32%\drivers\atv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11359 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv04nt5.dll -> %System32%\drivers\atv04nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv06nt5.dll -> %System32%\drivers\atv06nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 14143 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
atv10nt5.dll -> %System32%\drivers\atv10nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 17279 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 3/23/2007 5:30:30 PM | Attr = ]
ch7xxnt5.dll -> %System32%\drivers\ch7xxnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 15423 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
cxthsfs2.cty -> %System32%\drivers\cxthsfs2.cty -> [Ver = | Size = 129045 bytes | Created Date = 3/21/2007 3:40:34 PM | Attr = ]
hsfbs2s2.sys -> %System32%\drivers\hsfbs2s2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
hsfcxts2.sys -> %System32%\drivers\hsfcxts2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
hsfdpsp2.sys -> %System32%\drivers\hsfdpsp2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mdmxsdk.sys -> %System32%\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 11868 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtlmnt5.sys -> %System32%\drivers\mtlmnt5.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 126686 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtlstrm.sys -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
mtxparhm.sys -> %System32%\drivers\mtxparhm.sys -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 452736 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
ntmtlfax.sys -> %System32%\drivers\ntmtlfax.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 180360 bytes | Created Date = 3/21/2007 3:40:33 PM | Attr = ]
recagent.sys -> %System32%\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
s3gnbm.sys -> %System32%\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
siint5.dll -> %System32%\drivers\siint5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 3901 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
sisagp.sys -> %System32%\drivers\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slnt7554.sys -> %System32%\drivers\slnt7554.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 129535 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slntamr.sys -> %System32%\drivers\slntamr.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 404990 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slnthal.sys -> %System32%\drivers\slnthal.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 95424 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
slwdmsup.sys -> %System32%\drivers\slwdmsup.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13240 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Created Date = 3/22/2007 10:17:36 AM | Attr = ]
vchnt5.dll -> %System32%\drivers\vchnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11325 bytes | Created Date = 3/21/2007 3:40:32 PM | Attr = ]
wadv07nt.sys -> %System32%\drivers\wadv07nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11807 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv08nt.sys -> %System32%\drivers\wadv08nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11295 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv09nt.sys -> %System32%\drivers\wadv09nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11871 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
wadv11nt.sys -> %System32%\drivers\wadv11nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11935 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
watv06nt.sys -> %System32%\drivers\watv06nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 22271 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]
watv10nt.sys -> %System32%\drivers\watv10nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 25471 bytes | Created Date = 3/21/2007 3:40:31 PM | Attr = ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 3/21/2007 3:42:12 PM | Attr = RHS]
CCStudio_v3.2 -> %SystemDrive%\CCStudio_v3.2 -> [Folder | Modified Date = 3/19/2007 12:56:00 PM | Attr = ]
F -> %SystemDrive%\F -> [Folder | Modified Date = 3/19/2007 1:08:20 PM | Attr = ]
iNspect -> %SystemDrive%\iNspect -> [Folder | Modified Date = 2/27/2007 10:21:40 AM | Attr = ]
iNspectns2setup -> %SystemDrive%\iNspectns2setup -> [Folder | Modified Date = 3/12/2007 5:45:08 PM | Attr = ]
iworksfw -> %SystemDrive%\iworksfw -> [Folder | Modified Date = 3/23/2007 5:33:26 PM | Attr = ]
mycredentials.spc -> %SystemDrive%\mycredentials.spc -> [Ver = | Size = 6856 bytes | Modified Date = 3/12/2007 5:35:02 PM | Attr = ]
MyDocuments -> %SystemDrive%\MyDocuments -> [Folder | Modified Date = 3/12/2007 2:47:52 PM | Attr = ]
myprivatekey.pvk -> %SystemDrive%\myprivatekey.pvk -> [Ver = | Size = 636 bytes | Modified Date = 3/6/2007 12:11:02 PM | Attr = ]
NetSightIIPackage -> %SystemDrive%\NetSightIIPackage -> [Folder | Modified Date = 3/5/2007 3:34:22 PM | Attr = ]
NK.bin -> %SystemDrive%\NK.bin -> [Ver = | Size = 9920019 bytes | Modified Date = 3/22/2007 2:38:22 PM | Attr = ]
nk.bin_va20_nodma -> %SystemDrive%\nk.bin_va20_nodma -> [Ver = | Size = 9530011 bytes | Modified Date = 3/22/2007 10:38:02 AM | Attr = ]
NTDETECT.COM -> %SystemDrive%\NTDETECT.COM -> [Ver = | Size = 47564 bytes | Modified Date = 3/21/2007 3:34:02 PM | Attr = RHS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 3/23/2007 5:30:24 PM | Attr = R ]
solution00.bin -> %SystemDrive%\solution00.bin -> [Ver = | Size = 646343 bytes | Modified Date = 3/14/2007 11:42:00 AM | Attr = ]
solution01.bin -> %SystemDrive%\solution01.bin -> [Ver = | Size = 315810 bytes | Modified Date = 2/28/2007 3:14:00 PM | Attr = ]
solution02.bin -> %SystemDrive%\solution02.bin -> [Ver = | Size = 315068 bytes | Modified Date = 2/28/2007 3:14:00 PM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 3/21/2007 4:37:36 PM | Attr = HS]
Verisign -> %SystemDrive%\Verisign -> [Folder | Modified Date = 3/12/2007 5:38:30 PM | Attr = ]
WINCE500 -> %SystemDrive%\WINCE500 -> [Folder | Modified Date = 3/23/2007 5:20:16 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 3/23/2007 5:38:06 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 3/21/2007 5:08:34 PM | Attr = H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 3/21/2007 3:31:04 PM | Attr = H ]
$NtUninstallKB833407$ -> %SystemRoot%\$NtUninstallKB833407$ -> [Folder | Modified Date = 3/21/2007 2:22:00 PM | Attr = H ]
$NtUninstallKB835409$ -> %SystemRoot%\$NtUninstallKB835409$ -> [Folder | Modified Date = 3/21/2007 2:08:10 PM | Attr = H ]
$NtUninstallKB873333$ -> %SystemRoot%\$NtUninstallKB873333$ -> [Folder | Modified Date = 3/21/2007 3:46:14 PM | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Modified Date = 3/21/2007 3:47:10 PM | Attr = H ]
$NtUninstallKB885250$ -> %SystemRoot%\$NtUninstallKB885250$ -> [Folder | Modified Date = 3/21/2007 3:47:56 PM | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Modified Date = 3/21/2007 3:48:44 PM | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Modified Date = 3/21/2007 3:49:40 PM | Attr = H ]
$NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Modified Date = 3/21/2007 3:50:34 PM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 3/21/2007 3:51:20 PM | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 3/21/2007 3:52:16 PM | Attr = H ]
$NtUninstallKB890046_0$ -> %SystemRoot%\$NtUninstallKB890046_0$ -> [Folder | Modified Date = 3/21/2007 1:54:58 PM | Attr = H ]
$NtUninstallKB890047$ -> %SystemRoot%\$NtUninstallKB890047$ -> [Folder | Modified Date = 3/21/2007 3:53:08 PM | Attr = H ]
$NtUninstallKB890175$ -> %SystemRoot%\$NtUninstallKB890175$ -> [Folder | Modified Date = 3/21/2007 3:54:28 PM | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Modified Date = 3/21/2007 3:55:56 PM | Attr = H ]
$NtUninstallKB890859_0$ -> %SystemRoot%\$NtUninstallKB890859_0$ -> [Folder | Modified Date = 3/21/2007 1:56:20 PM | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Modified Date = 3/21/2007 3:56:34 PM | Attr = H ]
$NtUninstallKB892944$ -> %SystemRoot%\$NtUninstallKB892944$ -> [Folder | Modified Date = 3/21/2007 1:54:32 PM | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Modified Date = 3/21/2007 3:57:12 PM | Attr = H ]
$NtUninstallKB893756_0$ -> %SystemRoot%\$NtUninstallKB893756_0$ -> [Folder | Modified Date = 3/21/2007 1:57:28 PM | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Modified Date = 3/21/2007 3:57:52 PM | Attr = H ]
$NtUninstallKB896358_0$ -> %SystemRoot%\$NtUninstallKB896358_0$ -> [Folder | Modified Date = 3/21/2007 1:56:56 PM | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Modified Date = 3/21/2007 3:58:32 PM | Attr = H ]
$NtUninstallKB896423_0$ -> %SystemRoot%\$NtUninstallKB896423_0$ -> [Folder | Modified Date = 3/21/2007 1:58:58 PM | Attr = H ]
$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Modified Date = 3/21/2007 3:59:16 PM | Attr = H ]
$NtUninstallKB896424_0$ -> %SystemRoot%\$NtUninstallKB896424_0$ -> [Folder | Modified Date = 3/21/2007 2:07:30 PM | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Modified Date = 3/21/2007 4:00:00 PM | Attr = H ]
$NtUninstallKB896428_0$ -> %SystemRoot%\$NtUninstallKB896428_0$ -> [Folder | Modified Date = 3/21/2007 1:55:24 PM | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Modified Date = 3/21/2007 1:26:46 PM | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Modified Date = 3/21/2007 4:00:44 PM | Attr = H ]
$NtUninstallKB899587_0$ -> %SystemRoot%\$NtUninstallKB899587_0$ -> [Folder | Modified Date = 3/21/2007 1:58:26 PM | Attr = H ]
$NtUninstallKB899589$ -> %SystemRoot%\$NtUninstallKB899589$ -> [Folder | Modified Date = 3/21/2007 4:01:32 PM | Attr = H ]
$NtUninstallKB899589_0$ -> %SystemRoot%\$NtUninstallKB899589_0$ -> [Folder | Modified Date = 3/21/2007 2:02:08 PM | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Modified Date = 3/21/2007 4:02:14 PM | Attr = H ]
$NtUninstallKB899591_0$ -> %SystemRoot%\$NtUninstallKB899591_0$ -> [Folder | Modified Date = 3/21/2007 1:57:56 PM | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Modified Date = 3/21/2007 4:03:10 PM | Attr = H ]
$NtUninstallKB900725_0$ -> %SystemRoot%\$NtUninstallKB900725_0$ -> [Folder | Modified Date = 3/21/2007 2:06:44 PM | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Modified Date = 3/21/2007 4:03:56 PM | Attr = H ]
$NtUninstallKB901017_0$ -> %SystemRoot%\$NtUninstallKB901017_0$ -> [Folder | Modified Date = 3/21/2007 2:02:50 PM | Attr = H ]
$NtUninstallKB901190$ -> %SystemRoot%\$NtUninstallKB901190$ -> [Folder | Modified Date = 3/21/2007 4:04:50 PM | Attr = H ]
$NtUninstallKB901190_0$ -> %SystemRoot%\$NtUninstallKB901190_0$ -> [Folder | Modified Date = 3/21/2007 2:11:30 PM | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Modified Date = 3/21/2007 4:05:40 PM | Attr = H ]
$NtUninstallKB901214_0$ -> %SystemRoot%\$NtUninstallKB901214_0$ -> [Folder | Modified Date = 3/21/2007 1:55:50 PM | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Modified Date = 3/21/2007 4:06:32 PM | Attr = H ]
$NtUninstallKB902400_0$ -> %SystemRoot%\$NtUninstallKB902400_0$ -> [Folder | Modified Date = 3/21/2007 2:00:50 PM | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Modified Date = 3/21/2007 2:04:40 PM | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Modified Date = 3/21/2007 4:07:32 PM | Attr = H ]
$NtUninstallKB905414_0$ -> %SystemRoot%\$NtUninstallKB905414_0$ -> [Folder | Modified Date = 3/21/2007 2:03:26 PM | Attr = H ]
$NtUninstallKB905495$ -> %SystemRoot%\$NtUninstallKB905495$ -> [Folder | Modified Date = 3/21/2007 2:06:00 PM | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Modified Date = 3/21/2007 4:08:26 PM | Attr = H ]
$NtUninstallKB905749_0$ -> %SystemRoot%\$NtUninstallKB905749_0$ -> [Folder | Modified Date = 3/21/2007 2:05:22 PM | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Modified Date = 3/21/2007 4:09:22 PM | Attr = H ]
$NtUninstallKB908519_0$ -> %SystemRoot%\$NtUninstallKB908519_0$ -> [Folder | Modified Date = 3/21/2007 2:09:30 PM | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Modified Date = 3/21/2007 4:10:12 PM | Attr = H ]
$NtUninstallKB908531_0$ -> %SystemRoot%\$NtUninstallKB908531_0$ -> [Folder | Modified Date = 3/21/2007 2:14:48 PM | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Modified Date = 3/21/2007 4:11:18 PM | Attr = H ]
$NtUninstallKB910437_0$ -> %SystemRoot%\$NtUninstallKB910437_0$ -> [Folder | Modified Date = 3/21/2007 2:08:48 PM | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Modified Date = 3/21/2007 4:12:10 PM | Attr = H ]
$NtUninstallKB911280_0$ -> %SystemRoot%\$NtUninstallKB911280_0$ -> [Folder | Modified Date = 3/21/2007 2:23:00 PM | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Modified Date = 3/21/2007 4:13:04 PM | Attr = H ]
$NtUninstallKB911562_0$ -> %SystemRoot%\$NtUninstallKB911562_0$ -> [Folder | Modified Date = 3/21/2007 2:14:04 PM | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Modified Date = 3/21/2007 2:12:46 PM | Attr = H ]
$NtUninstallKB911567-OE6SP1-20060316.165634$ -> %SystemRoot%\$NtUninstallKB911567-OE6SP1-20060316.165634$ -> [Folder | Modified Date = 3/21/2007 2:13:16 PM | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Modified Date = 3/21/2007 4:13:52 PM | Attr = H ]
$NtUninstallKB911927_0$ -> %SystemRoot%\$NtUninstallKB911927_0$ -> [Folder | Modified Date = 3/21/2007 2:10:52 PM | Attr = H ]
$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Modified Date = 3/21/2007 4:14:34 PM | Attr = H ]
$NtUninstallKB912919_0$ -> %SystemRoot%\$NtUninstallKB912919_0$ -> [Folder | Modified Date = 3/21/2007 2:10:10 PM | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Modified Date = 3/21/2007 4:15:16 PM | Attr = H ]
$NtUninstallKB913580_0$ -> %SystemRoot%\$NtUninstallKB913580_0$ -> [Folder | Modified Date = 3/21/2007 2:20:22 PM | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Modified Date = 3/21/2007 4:16:02 PM | Attr = H ]
$NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Modified Date = 3/21/2007 2:27:56 PM | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Modified Date = 3/21/2007 4:16:46 PM | Attr = H ]
$NtUninstallKB914389_0$ -> %SystemRoot%\$NtUninstallKB914389_0$ -> [Folder | Modified Date = 3/21/2007 2:17:06 PM | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Modified Date = 3/21/2007 4:17:28 PM | Attr = H ]
$NtUninstallKB917344_0$ -> %SystemRoot%\$NtUninstallKB917344_0$ -> [Folder | Modified Date = 3/21/2007 2:18:44 PM | Attr = H ]
$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Modified Date = 3/21/2007 4:18:14 PM | Attr = H ]
$NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Modified Date = 3/21/2007 2:30:14 PM | Attr = H ]
$NtUninstallKB917734_WMP8$ -> %SystemRoot%\$NtUninstallKB917734_WMP8$ -> [Folder | Modified Date = 3/21/2007 2:16:24 PM | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Modified Date = 3/21/2007 4:19:00 PM | Attr = H ]
$NtUninstallKB917953_0$ -> %SystemRoot%\$NtUninstallKB917953_0$ -> [Folder | Modified Date = 3/21/2007 2:21:14 PM | Attr = H ]
$NtUninstallKB918439-IE6SP1-20060530.145346$ -> %SystemRoot%\$NtUninstallKB918439-IE6SP1-20060530.145346$ -> [Folder | Modified Date = 3/21/2007 2:17:46 PM | Attr = H ]
$NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Modified Date = 3/21/2007 2:37:08 PM | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Modified Date = 3/21/2007 4:19:46 PM | Attr = H ]
$NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Modified Date = 3/21/2007 2:35:08 PM | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Modified Date = 3/21/2007 4:20:28 PM | Attr = H ]
$NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Modified Date = 3/21/2007 2:31:14 PM | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Modified Date = 3/21/2007 4:21:08 PM | Attr = H ]
$NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Modified Date = 3/21/2007 2:32:12 PM | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Modified Date = 3/21/2007 4:21:54 PM | Attr = H ]
$NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Modified Date = 3/21/2007 2:36:22 PM | Attr = H ]
$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Modified Date = 3/21/2007 4:22:44 PM | Attr = H ]
$NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Modified Date = 3/21/2007 2:33:06 PM | Attr = H ]
$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Modified Date = 3/21/2007 4:23:26 PM | Attr = H ]
$NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Modified Date = 3/21/2007 2:29:08 PM | Attr = H ]
$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Modified Date = 3/21/2007 4:24:02 PM | Attr = H ]
$NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Modified Date = 3/21/2007 2:34:16 PM | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Modified Date = 3/21/2007 4:24:38 PM | Attr = H ]
$NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Modified Date = 3/21/2007 2:43:16 PM | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Modified Date = 3/21/2007 4:25:12 PM | Attr = H ]
$NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Modified Date = 3/21/2007 2:41:08 PM | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Modified Date = 3/21/2007 4:25:46 PM | Attr = H ]
$NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Modified Date = 3/21/2007 2:39:00 PM | Attr = H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Modified Date = 3/21/2007 4:26:38 PM | Attr = H ]
$NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Modified Date = 3/21/2007 2:42:10 PM | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Modified Date = 3/21/2007 4:27:42 PM | Attr = H ]
$NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Modified Date = 3/21/2007 2:39:58 PM | Attr = H ]
$NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Modified Date = 3/21/2007 2:37:52 PM | Attr = H ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 3/21/2007 4:37:22 PM | Attr = ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 3/21/2007 4:29:16 PM | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 3/26/2007 9:17:58 AM | Attr = S]
CSC -> %SystemRoot%\CSC -> [Folder | Modified Date = 3/21/2007 5:17:36 PM | Attr = HS]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 3/21/2007 4:39:26 PM | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 3/21/2007 2:57:04 PM | Attr = S]
egilmp.ini -> %SystemRoot%\egilmp.ini -> [Ver = | Size = 1176564 bytes | Modified Date = 3/22/2007 3:38:14 PM | Attr = HS]
ehome -> %SystemRoot%\ehome -> [Folder | Modified Date = 3/21/2007 3:37:00 PM | Attr = ]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 3/21/2007 4:37:20 PM | Attr = R S]
gconf.INI -> %SystemRoot%\gconf.INI -> [Ver = | Size = 0 bytes | Modified Date = 3/19/2007 12:59:58 PM | Attr = ]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 3/21/2007 3:40:42 PM | Attr = ]
iAppControls.INI -> %SystemRoot%\iAppControls.INI -> [Ver = | Size = 23 bytes | Modified Date = 3/15/2007 10:02:26 AM | Attr = ]
ime -> %SystemRoot%\ime -> [Folder | Modified Date = 3/21/2007 3:40:42 PM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 3/21/2007 4:35:56 PM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 3/21/2007 5:11:04 PM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/22/2007 10:12:26 AM | Attr = HS]
Media -> %SystemRoot%\Media -> [Folder | Modified Date = 3/21/2007 3:40:06 PM | Attr = ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 3/21/2007 4:28:50 PM | Attr = ]
mkssi.ini -> %SystemRoot%\mkssi.ini -> [Ver = | Size = 1626 bytes | Modified Date = 3/19/2007 3:31:34 PM | Attr = ]
mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 671 bytes | Modified Date = 3/22/2007 10:12:26 AM | Attr = ]
msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 3/21/2007 4:37:22 PM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 3/19/2007 4:23:56 PM | Attr = ]
peernet -> %SystemRoot%\peernet -> [Folder | Modified Date = 3/21/2007 3:40:12 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 3/26/2007 9:20:26 AM | Attr = ]
provisioning -> %SystemRoot%\provisioning -> [Folder | Modified Date = 3/21/2007 3:40:06 PM | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2/26/2007 11:22:58 AM | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 3/21/2007 5:15:24 PM | Attr = ]
setupapi.log.2.old -> %SystemRoot%\setupapi.log.2.old -> [Ver = | Size = 1128894 bytes | Modified Date = 3/21/2007 3:44:32 PM | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 3/21/2007 2:57:06 PM | Attr = ]
srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 3/21/2007 3:36:38 PM | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 3/22/2007 10:12:38 AM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 3/21/2007 3:36:02 PM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 3/26/2007 9:12:34 AM | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 3/26/2007 9:19:50 AM | Attr = ]
vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 237 bytes | Modified Date = 2/27/2007 11:50:16 AM | Attr = ]
vdiff.ini -> %SystemRoot%\vdiff.ini -> [Ver = | Size = 356 bytes | Modified Date = 3/13/2007 11:36:22 AM | Attr = ]
Web -> %SystemRoot%\Web -> [Folder | Modified Date = 3/21/2007 3:34:16 PM | Attr = R ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1517 bytes | Modified Date = 3/21/2007 3:42:08 PM | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 3/21/2007 3:40:56 PM | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 3/21/2007 4:39:18 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/26/2007 9:18:00 AM | Attr = H ]
bak -> %System32%\bak -> [Folder | Modified Date = 3/19/2007 2:35:40 PM | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 3/21/2007 4:28:06 PM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 3/21/2007 9:36:58 PM | Attr = ]
CDisplay.dll -> %System32%\CDisplay.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Modified Date = 3/12/2007 10:56:00 AM | Attr = ]
cell.dll -> %System32%\cell.dll -> Coreco Imaging Inc. [Ver = 1.4.4.3 | Size = 122880 bytes | Modified Date = 3/12/2007 10:54:18 AM | Attr = ]
Com -> %System32%\Com -> [Folder | Modified Date = 3/21/2007 4:07:10 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 3/21/2007 9:38:22 PM | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 3/23/2007 5:30:32 PM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 256656 bytes | Modified Date = 3/21/2007 4:37:30 PM | Attr = ]
iappclient.dll -> %System32%\iappclient.dll -> [Ver = 1.4.4.3 | Size = 450560 bytes | Modified Date = 3/12/2007 12:12:00 PM | Attr = ]
iappcontrols.dll -> %System32%\iappcontrols.dll -> [Ver = 1.4.4.3 | Size = 217088 bytes | Modified Date = 3/12/2007 11:03:30 AM | Attr = ]
iassistant.exe -> %System32%\iassistant.exe -> [Ver = 1.4.4.3 | Size = 32768 bytes | Modified Date = 3/12/2007 10:57:52 AM | Attr = ]
icleanping.exe -> %System32%\icleanping.exe -> [Ver = 1.4.4.3 | Size = 28672 bytes | Modified Date = 3/12/2007 12:12:10 PM | Attr = ]
iEtherNetIP.dll -> %System32%\iEtherNetIP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 163840 bytes | Modified Date = 3/12/2007 10:59:38 AM | Attr = ]
ihistorylog.ocx -> %System32%\ihistorylog.ocx -> Coreco Imaging [Ver = 1.4.4.3 | Size = 57344 bytes | Modified Date = 3/12/2007 12:12:14 PM | Attr = ]
iiNspectC.dll -> %System32%\iiNspectC.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 1495040 bytes | Modified Date = 3/12/2007 5:42:58 PM | Attr = ]
iiNspectEN.chm -> %System32%\iiNspectEN.chm -> [Ver = | Size = 221014 bytes | Modified Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectJP.chm -> %System32%\iiNspectJP.chm -> [Ver = | Size = 221014 bytes | Modified Date = 3/12/2007 10:19:56 AM | Attr = ]
iiNspectResEN.dll -> %System32%\iiNspectResEN.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 40960 bytes | Modified Date = 3/12/2007 5:43:06 PM | Attr = ]
iiNspectResJP.dll -> %System32%\iiNspectResJP.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 32768 bytes | Modified Date = 3/12/2007 5:43:16 PM | Attr = ]
iLabelC.dll -> %System32%\iLabelC.dll -> [Ver = 1.4.4.3 | Size = 1130496 bytes | Modified Date = 3/12/2007 12:12:20 PM | Attr = ]
iLabelResEN.dll -> %System32%\iLabelResEN.dll -> [Ver = 1.4.4.3 | Size = 28672 bytes | Modified Date = 3/12/2007 12:12:22 PM | Attr = ]
iLabelResJP.dll -> %System32%\iLabelResJP.dll -> [Ver = 1.4.4.3 | Size = 24576 bytes | Modified Date = 3/12/2007 12:12:22 PM | Attr = ]
imbslave.dll -> %System32%\imbslave.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 45056 bytes | Modified Date = 3/12/2007 12:12:26 PM | Attr = ]
inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 3/21/2007 4:39:12 PM | Attr = ]
iupgrade.exe -> %System32%\iupgrade.exe -> [Ver = 1.4.4.3 | Size = 69632 bytes | Modified Date = 3/12/2007 12:12:54 PM | Attr = ]
iWorks.exe -> %System32%\iWorks.exe -> [Ver = 1.4.4.3 | Size = 667648 bytes | Modified Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorks.ocx -> %System32%\iWorks.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 40960 bytes | Modified Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResEN.dll -> %System32%\iWorksResEN.dll -> [Ver = 1.4.4.3 | Size = 40960 bytes | Modified Date = 3/12/2007 12:12:58 PM | Attr = ]
iWorksResJP.dll -> %System32%\iWorksResJP.dll -> [Ver = 1.4.4.3 | Size = 32768 bytes | Modified Date = 3/12/2007 11:04:22 AM | Attr = ]
NetmsgW32.dll -> %System32%\NetmsgW32.dll -> [Ver = 1.4.4.3 | Size = 45056 bytes | Modified Date = 3/12/2007 10:53:54 AM | Attr = ]
npp -> %System32%\npp -> [Folder | Modified Date = 3/21/2007 3:36:42 PM | Attr = ]
oobe -> %System32%\oobe -> [Folder | Modified Date = 3/21/2007 3:40:18 PM | Attr = ]
pathtoolclient.dll -> %System32%\pathtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 61440 bytes | Modified Date = 3/12/2007 11:04:30 AM | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 78114 bytes | Modified Date = 3/21/2007 4:43:30 PM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 447488 bytes | Modified Date = 3/21/2007 4:43:30 PM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 535898 bytes | Modified Date = 3/21/2007 4:43:30 PM | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Modified Date = 3/21/2007 1:26:54 PM | Attr = ]
ReinstallBackups -> %System32%\ReinstallBackups -> [Folder | Modified Date = 3/21/2007 3:32:44 PM | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 3/21/2007 3:36:42 PM | Attr = ]
Setup -> %System32%\Setup -> [Folder | Modified Date = 3/21/2007 3:40:44 PM | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Modified Date = 3/21/2007 1:22:18 PM | Attr = ]
tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 2700 bytes | Modified Date = 3/21/2007 11:47:22 AM | Attr = ]
trailtoolclient.dll -> %System32%\trailtoolclient.dll -> Coreco Imaging [Ver = 1.4.4.3 | Size = 28672 bytes | Modified Date = 3/12/2007 11:04:50 AM | Attr = ]
upgrade.ocx -> %System32%\upgrade.ocx -> Coreco Imaging, Inc. [Ver = 1.4.4.3 | Size = 90112 bytes | Modified Date = 3/12/2007 12:12:02 PM | Attr = ]
usmt -> %System32%\usmt -> [Folder | Modified Date = 3/21/2007 3:36:04 PM | Attr = ]
VpeMsgw32.dll -> %System32%\VpeMsgw32.dll -> [Ver = 1.4.4.3 | Size = 61440 bytes | Modified Date = 3/12/2007 10:53:44 AM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 3/21/2007 4:38:34 PM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 3/26/2007 9:19:30 AM | Attr = ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Modified Date = 3/22/2007 10:14:54 AM | Attr = ]

[File String Scan - Non-Microsoft Only]
PEC2 , -> %System32%\atl71.pdb -> [Ver = | Size = 2052096 bytes | Modified Date = 3/18/2003 10:05:48 PM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
PEC2 , -> %System32%\MFC42.PDB -> [Ver = | Size = 8392704 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFC42D.PDB -> [Ver = | Size = 4280320 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFC42U.PDB -> [Ver = | Size = 8351744 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -&g

#9 aditya349

aditya349
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 26 March 2007 - 08:43 AM

Part 3:

PEC2 , -> %System32%\MFC42UD.PDB -> [Ver = | Size = 4280320 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\mfc71.pdb -> [Ver = | Size = 10357760 bytes | Modified Date = 3/19/2003 12:20:00 AM | Attr = ]
PEC2 , -> %System32%\MFC71d.pdb -> [Ver = | Size = 8252416 bytes | Modified Date = 3/18/2003 11:28:40 PM | Attr = ]
PEC2 , -> %System32%\mfc71u.pdb -> [Ver = | Size = 10333184 bytes | Modified Date = 3/19/2003 12:12:12 AM | Attr = ]
PEC2 , -> %System32%\mfc71ud.pdb -> [Ver = | Size = 8293376 bytes | Modified Date = 3/18/2003 11:31:58 PM | Attr = ]
PEC2 , -> %System32%\MFCD42D.PDB -> [Ver = | Size = 2379776 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCD42UD.PDB -> [Ver = | Size = 2396160 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCN42D.PDB -> [Ver = | Size = 1781760 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCN42UD.PDB -> [Ver = | Size = 1789952 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCO42D.PDB -> [Ver = | Size = 4722688 bytes | Modified Date = 2/27/2004 | Attr = ]
PEC2 , -> %System32%\MFCO42UD.PDB -> [Ver = | Size = 4763648 bytes | Modified Date = 2/27/2004 | Attr = ]
UPX! , UPX0 , -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Modified Date = 4/27/2006 4:49:30 PM | Attr = ]
UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Modified Date = 8/29/2006 6:43:54 PM | Attr = ]
UPX! , UPX0 , -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Modified Date = 1/9/2006 9:36:06 AM | Attr = ]
UPX! , UPX0 , -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Modified Date = 12/1/2006 5:20:34 AM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/23/2001 7:00:00 AM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/3/2004 10:41:38 PM | Attr = ]

< End of report >

2. AVG Anti-Spyware Report

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:15:26 AM 3/26/2007

+ Scan result:



C:\System Volume Information\_restore{3AB3999D-EC85-4A19-90D9-54295342A901}\RP1002\A0538752.exe -> Adware.BargainBuddy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Interface\{02863981-5C1A-11D4-812E-0050DA92BD5A} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
C:\Documents and Settings\amrit\Desktop\WinPFind3u\MovedFiles\WINDOWS\SYSTEM32\lsasss.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\NavNT\vptray.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\QuickTime\qttask.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe.000 -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\WINDOWS\system32\NeroCheck.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\F\ftp\Utilities\network\coopersniff01.zip/CooperSniffer_01/sniffer.exe -> Not-A-Virus.NetTool.Win32.Butt.08 : Cleaned with backup (quarantined).
C:\F\ftp\Utilities\network\coopersniff01\CooperSniffer_01\sniffer.exe -> Not-A-Virus.NetTool.Win32.Butt.08 : Cleaned with backup (quarantined).
C:\F\ftp\Utilities\network\sniffer01.zip/Sniffer/sniffer.exe -> Not-A-Virus.NetTool.Win32.Butt.08 : Cleaned with backup (quarantined).
:mozilla.42:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.165:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.189:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.212:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.244:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.387:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.422:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.474:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.522:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.714:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.364:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.365:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.366:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.367:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.368:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.369:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.370:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.86:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@grouplotto.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.91:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.92:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.93:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.574:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.575:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Embedded\XPEImages\VA21_1405\Documents and Settings\VA20User\Cookies\va20user@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Embedded\XPEImages\VA21_1420\Documents and Settings\VA20User\Cookies\va20user@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.106:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.107:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.36:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.37:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.38:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.39:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.35:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.745:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.182:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.183:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Embedded\XPEImages\VA21_1405\Documents and Settings\VA20User\Cookies\va20user@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Embedded\XPEImages\VA21_1420\Documents and Settings\VA20User\Cookies\va20user@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.90:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.100:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cnn : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@ads.cnn[2].txt -> TrackingCookie.Cnn : Cleaned.
:mozilla.155:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.222:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@bestbuy-cnet.com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Embedded\XPEImages\VA21_1405\Documents and Settings\VA20User\Cookies\va20user@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Embedded\XPEImages\VA21_1420\Documents and Settings\VA20User\Cookies\va20user@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@com[1].txt -> TrackingCookie.Com : Cleaned.
H:\M1\Documents and Settings\amrit\Cookies\amrit@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.225:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.226:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.227:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.228:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.17:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.261:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.262:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.263:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.264:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.265:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.266:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.267:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.128:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.129:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.130:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.326:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
:mozilla.327:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
:mozilla.771:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.398:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.399:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.585:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.586:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.587:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@search.live[1].txt -> TrackingCookie.Live : Cleaned.
:mozilla.595:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.608:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.609:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.610:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.611:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@sec1.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.34:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.588:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.589:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.590:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.591:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.592:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.593:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
:mozilla.7:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
H:\M1\Documents and Settings\amrit\Cookies\amrit@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.643:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.644:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.645:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.521:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.527:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.102:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.103:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.104:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.105:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.538:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.539:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.542:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.543:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/wesp@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.555:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.556:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.557:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.566:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.567:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.568:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.569:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.570:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.571:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.572:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.276:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.277:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.278:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.28:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.29:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.30:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.31:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.32:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.33:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.828:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.829:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.830:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.635:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.97:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.98:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.99:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.374:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.375:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.376:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.686:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@try.starware[1].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.118:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.655:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.656:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.657:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.658:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.678:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.679:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.680:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.681:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.682:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.683:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.684:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.685:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.558:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.559:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.560:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.561:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.562:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.434:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.882:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\amrit\Desktop\WinPFind3u\MovedFiles\WINDOWS\pmlige.dll -> Trojan.Agent.agv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{3AB3999D-EC85-4A19-90D9-54295342A901}\RP1002\A0538753.dll -> Trojan.Agent.agv : Cleaned with backup (quarantined).


::Report end

3. Log file from WinPFind3U folder

Registry - Non-Microsoft Only]
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iuensec deleted successfully.
File move failed. C:\WINDOWS\SYSTEM32\iuensec.dll scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3f4c1ae6-fe10-4354-8bcf-58e1d6b4970a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f4c1ae6-fe10-4354-8bcf-58e1d6b4970a} deleted successfully.
File move failed. C:\WINDOWS\SYSTEM32\iuensec.dll scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully.
[Files/Folders - Created Within 30 days]
C:\command.exe moved successfully.
C:\WINDOWS\002852_.tmp moved successfully.
C:\WINDOWS\pmlige.dll moved successfully.
File move failed. C:\WINDOWS\SYSTEM32\iuensec.dll scheduled to be moved on reboot.
C:\WINDOWS\SYSTEM32\lsasss.exe moved successfully.
C:\WINDOWS\SYSTEM32\pmnnm.exe moved successfully.
[Files/Folders - Modified Within 30 days]
File C:\command.exe not found!
File C:\WINDOWS\002852_.tmp not found!
File C:\WINDOWS\pmlige.dll not found!
File C:\WINDOWS\SYSTEM32\pmnnm.exe not found!
[File String Scan - Non-Microsoft Only]
File C:\WINDOWS\SYSTEM32\pmnnm.exe not found!
[Empty Temp Folders]
C:\DOCUME~1\amrit\LOCALS~1\Temp\ -> emptied.
C:\Documents and Settings\amrit\Local Settings\Temporary Internet Files\Content.IE5\ -> emptied
RecycleBin -> emptied.
< End of log >
Created on 03/23/2007 17:38:13

Thanks for all the help and I will wait for your reply.

Aditya

#10 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:07:48 PM

Posted 26 March 2007 - 05:01 PM

Hi aditya349. That looks much better. How are things running?

There are a couple of leftover items to clean up and then I want to run another scanner to check for something called AWF. It appears that some of the legitimate startup items were infected and AVG AS quarantined them. This can point to AWF and the scan will tell us if it was present.

Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Registry - Non-Microsoft Only]
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
YN -> iuensec -> iuensec.dll
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {3f4c1ae6-fe10-4354-8bcf-58e1d6b4970a} [HKLM] -> %System32%\iuensec.dll [Reg Data - Value does not exist]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new WinPFind3u scan. This time, select the None option for the following items:
  • Files/Folders Created Within
  • Files/Folders Modified Within
  • File String Search
Next, download FindAWF.exe to your desktop and run it. It will produce a log that you can post back here.

Post back the following:
  • The latest fix log from WinPFind3u
  • The log from FindAWF
  • The new WinPFind3 scan (this one should be much shorter)
Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#11 aditya349

aditya349
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 27 March 2007 - 08:36 AM

Hi OT,

Things are much better since the last fix you suggested. I have not seen any random popups showing up. Here are the latest logs.

1. Fix log from WinPFind3U

[Registry - Non-Microsoft Only]
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iuensec deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3f4c1ae6-fe10-4354-8bcf-58e1d6b4970a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f4c1ae6-fe10-4354-8bcf-58e1d6b4970a} deleted successfully.
< End of log >
Created on 03/27/2007 09:21:13


2. FindAWF

For some reason this application will not run on my system. It goes through bunch of messages quickly and then in the command prompt clears the screen (so I can't capture what it said) and then the following are the lines on the command prompt.

Sorry! This tool will not run on your system.


Press any key to continue . . .


3. The new WinPFind3U scan comes with the following output:

WinPFind3 logfile created on: 3/27/2007 9:23:09 AM
WinPFind3U by OldTimer - Version 1.0.28 Folder = C:\Documents and Settings\amrit\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

1023 Mb Total Physical Memory | 464 Mb Available Physical Memory | 45.37% Memory free
1 Gb Paging File | 1 Gb Available in Paging File | 71.67% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1534;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76 Gb Total Space | 23 Gb Free Space | 30.74% Space Free
D: Drive not present or media not loaded
Drive E: | 121 Mb Total Space | 36 Mb Free Space | 29.65% Space Free
F: Drive not present or media not loaded

Computer Name: BLUE78
Current User Name: amrit
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
defwatch.exe -> %ProgramFiles%\NavNT\defwatch.exe -> Symantec Corporation [Ver = 7, 51, 0, 1 | Size = 32768 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.3: 2007030919 | Size = 7633008 bytes | Modified Date = 3/22/2007 11:57:06 AM | Attr = ]
ghoststartservice.exe -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartService.exe -> Symantec Corporation [Ver = 2003.775 | Size = 200704 bytes | Modified Date = 8/14/2002 3:21:16 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 12/15/2006 3:23:28 AM | Attr = ]
msgsys.exe -> %System32%\MSGSYS.EXE -> Intel Corporation [Ver = 6.0.201.0940 E | Size = 14336 bytes | Modified Date = 9/18/2000 5:12:40 PM | Attr = ]
ncs.exe -> %ProgramFiles%\Compuware\PCShared\NCS.exe -> Compuware Numega Lab [Ver = 1, 0, 0, 1 | Size = 45110 bytes | Modified Date = 9/25/2000 11:30:20 AM | Attr = ]
rtvscan.exe -> %ProgramFiles%\NavNT\rtvscan.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 430080 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
ssexp.exe -> %ProgramFiles%\Microsoft Visual Studio\Common\VSS\win32\SSEXP.EXE -> [Ver = 06.00.31222 | Size = 27648 bytes | Modified Date = 12/22/2003 | Attr = ]
trayit!.exe -> %ProgramFiles%\Trayit\trayit!.exe -> Igor Nys [Ver = 2, 9, 1, 1 | Size = 61952 bytes | Modified Date = 9/7/2000 2:10:34 PM | Attr = R ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.28.0 | Size = 316416 bytes | Modified Date = 3/22/2007 7:01:30 AM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Modified Date = 8/22/2006 8:05:00 PM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
(DefWatch) DefWatch [Win32_Own | Auto | Running] -> %ProgramFiles%\NavNT\defwatch.exe -> Symantec Corporation [Ver = 7, 51, 0, 1 | Size = 32768 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:50 AM | Attr = ]
(GhostStartService) GhostStartService [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartService.exe -> Symantec Corporation [Ver = 2003.775 | Size = 200704 bytes | Modified Date = 8/14/2002 3:21:16 PM | Attr = ]
(NCS) Numega Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Compuware\PCShared\NCS.exe -> Compuware Numega Lab [Ver = 1, 0, 0, 1 | Size = 45110 bytes | Modified Date = 9/25/2000 11:30:20 AM | Attr = ]
(Norton AntiVirus Server) Norton AntiVirus Client [Win32_Own | Auto | Running] -> %ProgramFiles%\NavNT\rtvscan.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 430080 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> File not found
GhostStartTrayApp -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 12/15/2006 3:23:28 AM | Attr = ]
vptray -> %ProgramFiles%\NavNT\vptray.exe -> File not found
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< User Startup > -> C:\Documents and Settings\amrit\Start Menu\Programs\Startup
%UserStartup%\TrayIt!.lnk -> %ProgramFiles%\Trayit\trayit!.exe -> Igor Nys [Ver = 2, 9, 1, 1 | Size = 61952 bytes | Modified Date = 9/7/2000 2:10:34 PM | Attr = R ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 9/28/2006 9:13:28 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 86016 bytes | Modified Date = 8/22/2006 8:46:30 PM | Attr = ]
NavLogon -> %System32%\NavLogon.dll -> [Ver = | Size = 28672 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1 localhost -> ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Local Page -> C:\windows\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Start Page -> http://www.google.com/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 12:02:04 PM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Data - Value does not exist] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 12/15/2006 3:23:24 AM | Attr = ]
{CE92F0E4-87AD-11D3-B713-00C04F8F6C86} [HKLM] -> %ProgramFiles%\Compuware\PCShared\NMIEHELP.dll [NMIEHelper Class] -> [Ver = 1, 0, 0, 1 | Size = 61497 bytes | Modified Date = 5/3/2000 2:41:02 AM | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 12/15/2006 3:23:26 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 12/15/2006 3:23:24 AM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&xport to Microsoft Excel -> -> File not found
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\
.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 1:56:24 PM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{44556415-7559-4F50-A091-12CFD3069AD5} -> (Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45) ->
{46DE913A-65A4-488B-8795-89C7C8B95372} -> 192.94.228.111,192.94.228.15,192.94.228.201,12.127.16.67,12.127.17.71 (Broadcom NetXtreme Gigabit Ethernet) ->
{6D732098-7696-458B-B1DB-62C0B96AFF43} -> (1394 Net Adapter) ->
{84F19A83-B165-4CE8-BB4D-44B19D4D9EDA} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{0000000A-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/8/B...42/wmsp9dmo.cab ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -> QuickTime Object - CodeBase = http://www.apple.com/qtactivex/qtplugin.cab ->
{0814DE28-AB38-48D3-A4C6-D5740ADDD721} -> IWorks Control - CodeBase = http://192.168.0.100/iWorks.CAB ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 ->
{33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab ->
{3C63E58F-715F-4B88-9F1F-5C3C9F07976B} -> Upgrade Control - CodeBase = http://192.168.000.100/iWorks.CAB ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/...b?1174501304187 ->
{69565A48-8A92-11D9-8BDE-F66BAD1E3F3A} -> BridgeChannel v3.2 - CodeBase = http://channel.bridge.com/bc/java/rbc33_i.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdat...b?1174507015109 ->
{82774781-8F4E-11D1-AB1C-0000F8773BF0} -> DLC Class - CodeBase = https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{9E5B3E8E-5F5B-437D-86D7-E2BCF1EEF678} -> IHistoryLog Control - CodeBase = http://192.168.0.100/iWorks.CAB ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> Shockwave Flash Object - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab ->
Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


< End of report >

Let me know if there is another way to run FindAWF. But things seem fine and my SpyBot is clean except for some tracking cookies.

Thanks for all the help.

Aditya

#12 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:07:48 PM

Posted 27 March 2007 - 05:12 PM

Hi aditya349. Glad to hear things are running better. The log looks pretty good. Just a couple of left-overs to clean up.

Let's look for the AWF manually. If it was present it would have created bak folders in the following locations:C:\Program Files\ATI Technologies\ATI Control Panel\
C:\Program Files\Symantec\Norton Ghost 2003\
C:\Program Files\NavNT\
Let's check and see if there are any bak folders present.

We need to make sure all hidden files are showing so please:
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck the Hide file extensions for known types option.
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
Now open Explorer and look in the 3 folders listed above. Let me know if there is a folder named bak in any of those folders.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#13 aditya349

aditya349
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 28 March 2007 - 09:04 AM

Hi OT,

Yes 3 bak folders are present in these.

C:\Program Files\ATI Technologies\ATI Control Panel\
C:\Program Files\Symantec\Norton Ghost 2003\
C:\Program Files\NavNT\

Let me know what else to do.

Thanks.

Aditya

#14 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:07:48 PM

Posted 28 March 2007 - 02:48 PM

Hi aditya349. There are probably more files present but without a FindAWF report we will have to go with what we know. Please print these directions and then proceed with the following steps in order.

Step #1

Open Notepad and copy/paste the text in the quotebox below into the new document:

If exist "C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe" copy "C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe" "C:\Program Files\ATI Technologies\ATI Control Panel"
If exist "C:\Program Files\ATI Technologies\ATI.ACE\bak\CLIStart.exe" copy "C:\Program Files\ATI Technologies\ATI.ACE\bak\CLIStart.exe" "C:\Program Files\ATI Technologies\ATI.ACE"
If exist "C:\Program Files\Common Files\Roxio Shared\System\bak\EngUtil.exe" copy "C:\Program Files\Common Files\Roxio Shared\System\bak\EngUtil.exe" "C:\Program Files\Common Files\Roxio Shared\System"
If exist "C:\Program Files\NavNT\bak\vptray.exe" copy "C:\Program Files\NavNT\bak\vptray.exe" "C:\Program Files\NavNT"
If exist "C:\Program Files\QuickTime\bak\qttask.exe" copy "C:\Program Files\QuickTime\bak\qttask.exe" "C:\Program Files\QuickTime"
If exist "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\bak\RxMon.exe" copy "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\bak\RxMon.exe" "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral"
If exist "C:\Program Files\Symantec\Norton Ghost 2003\bak\GhostStartTrayApp.exe" copy "C:\Program Files\Symantec\Norton Ghost 2003\bak\GhostStartTrayApp.exe" "C:\Program Files\Symantec\Norton Ghost 2003"
If exist "C:\WINDOWS\system32\bak\NeroCheck.exe" copy "C:\WINDOWS\system32\bak\NeroCheck.exe" "C:\WINDOWS\system32"


Save the document to your desktop as fix.bat and close Notepad.

Step #2

Start in Safe Mode Using the F8 method:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Step #3

Locate the fix.bat file we just created and double-click it to run it. A dos window should pop-up then vanish, this is normal.

Step #4

While still in Safe Mode run a new AVG Anti-Spyware report. When finished, reboot into Normal Mode.

Step #5

Run a new WinPFind3u scan. You can select None for the following items:
  • Files/Folders Created Within
  • Files/Folders Modified Within
  • File String Search
Step #6

Post the following back here:
  • The latest AVG Anti-Spyware report
  • The latest WinPFind3u log
I will review the information when it comes in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#15 aditya349

aditya349
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 29 March 2007 - 08:21 AM

Hi OT,

Here are the reports after the last scan.

1. AVG report

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:15:26 AM 3/26/2007

+ Scan result:



C:\System Volume Information\_restore{3AB3999D-EC85-4A19-90D9-54295342A901}\RP1002\A0538752.exe -> Adware.BargainBuddy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Interface\{02863981-5C1A-11D4-812E-0050DA92BD5A} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
C:\Documents and Settings\amrit\Desktop\WinPFind3u\MovedFiles\WINDOWS\SYSTEM32\lsasss.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\NavNT\vptray.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\QuickTime\qttask.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe.000 -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\WINDOWS\system32\NeroCheck.exe -> Hijacker.Agent.jh : Cleaned with backup (quarantined).
C:\F\ftp\Utilities\network\coopersniff01.zip/CooperSniffer_01/sniffer.exe -> Not-A-Virus.NetTool.Win32.Butt.08 : Cleaned with backup (quarantined).
C:\F\ftp\Utilities\network\coopersniff01\CooperSniffer_01\sniffer.exe -> Not-A-Virus.NetTool.Win32.Butt.08 : Cleaned with backup (quarantined).
C:\F\ftp\Utilities\network\sniffer01.zip/Sniffer/sniffer.exe -> Not-A-Virus.NetTool.Win32.Butt.08 : Cleaned with backup (quarantined).
:mozilla.42:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.165:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.189:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.212:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.244:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.387:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.422:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.474:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.48:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.49:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.50:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.51:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.522:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.52:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.58:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.59:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.60:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.61:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.714:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.364:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.365:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.366:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.367:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.368:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.369:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.370:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.86:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@grouplotto.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.91:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.92:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.93:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.574:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.575:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Embedded\XPEImages\VA21_1405\Documents and Settings\VA20User\Cookies\va20user@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Embedded\XPEImages\VA21_1420\Documents and Settings\VA20User\Cookies\va20user@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.106:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.107:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.36:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.37:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.38:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.39:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.35:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.745:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.182:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.183:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Embedded\XPEImages\VA21_1405\Documents and Settings\VA20User\Cookies\va20user@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Embedded\XPEImages\VA21_1420\Documents and Settings\VA20User\Cookies\va20user@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.90:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.100:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cnn : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@ads.cnn[2].txt -> TrackingCookie.Cnn : Cleaned.
:mozilla.155:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.222:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@bestbuy-cnet.com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Embedded\XPEImages\VA21_1405\Documents and Settings\VA20User\Cookies\va20user@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Embedded\XPEImages\VA21_1420\Documents and Settings\VA20User\Cookies\va20user@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@com[1].txt -> TrackingCookie.Com : Cleaned.
H:\M1\Documents and Settings\amrit\Cookies\amrit@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.225:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.226:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.227:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.228:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.17:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.261:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.262:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.263:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.264:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.265:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.266:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.267:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.128:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.129:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.130:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.326:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
:mozilla.327:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
:mozilla.771:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.398:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.399:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.585:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.586:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.587:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@search.live[1].txt -> TrackingCookie.Live : Cleaned.
:mozilla.595:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.608:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.609:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.610:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.611:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@sec1.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.34:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.588:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.589:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.590:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.591:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.592:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
:mozilla.593:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
:mozilla.7:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
H:\M1\Documents and Settings\amrit\Cookies\amrit@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.643:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.644:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.645:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.521:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.527:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.102:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.103:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.104:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.105:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.538:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.539:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.542:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.543:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/wesp@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.555:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.556:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.557:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.566:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.567:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.568:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.569:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.570:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.571:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.572:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.276:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.277:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.278:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.28:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.29:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.30:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.31:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.32:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.33:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.828:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.829:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.830:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.635:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.97:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.98:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.99:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.374:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.375:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.376:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.686:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@try.starware[1].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.118:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.655:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.656:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.657:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.658:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Embedded\XPEImages\va211420.zip/Storage Card/Documents and Settings/VA20User/Cookies/va20user@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.678:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.679:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.680:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.681:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.682:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.683:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.684:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.685:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.558:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.559:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.560:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.561:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.562:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.434:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.882:C:\Documents and Settings\amrit\Application Data\Mozilla\Firefox\Profiles\ijdp4my6.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\amrit\Cookies\amrit@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\amrit\Desktop\WinPFind3u\MovedFiles\WINDOWS\pmlige.dll -> Trojan.Agent.agv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{3AB3999D-EC85-4A19-90D9-54295342A901}\RP1002\A0538753.dll -> Trojan.Agent.agv : Cleaned with backup (quarantined).


::Report end

2. WinPFind3U log

WinPFind3 logfile created on: 3/29/2007 9:17:01 AM
WinPFind3U by OldTimer - Version 1.0.28 Folder = C:\Documents and Settings\amrit\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

1023 Mb Total Physical Memory | 656 Mb Available Physical Memory | 64.10% Memory free
1 Gb Paging File | 1 Gb Available in Paging File | 85.74% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1534;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76 Gb Total Space | 22 Gb Free Space | 29.76% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: BLUE78
Current User Name: amrit
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
defwatch.exe -> %ProgramFiles%\NavNT\defwatch.exe -> Symantec Corporation [Ver = 7, 51, 0, 1 | Size = 32768 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
ghoststartservice.exe -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartService.exe -> Symantec Corporation [Ver = 2003.775 | Size = 200704 bytes | Modified Date = 8/14/2002 3:21:16 PM | Attr = ]
ghoststarttrayapp.exe -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe -> Symantec Corporation [Ver = 2003.775 | Size = 94208 bytes | Modified Date = 8/14/2002 3:21:28 PM | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 12/15/2006 3:23:28 AM | Attr = ]
msgsys.exe -> %System32%\MSGSYS.EXE -> Intel Corporation [Ver = 6.0.201.0940 E | Size = 14336 bytes | Modified Date = 9/18/2000 5:12:40 PM | Attr = ]
ncs.exe -> %ProgramFiles%\Compuware\PCShared\NCS.exe -> Compuware Numega Lab [Ver = 1, 0, 0, 1 | Size = 45110 bytes | Modified Date = 9/25/2000 11:30:20 AM | Attr = ]
rtvscan.exe -> %ProgramFiles%\NavNT\rtvscan.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 430080 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
trayit!.exe -> %ProgramFiles%\Trayit\trayit!.exe -> Igor Nys [Ver = 2, 9, 1, 1 | Size = 61952 bytes | Modified Date = 9/7/2000 2:10:34 PM | Attr = R ]
vptray.exe -> %ProgramFiles%\NavNT\vptray.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 53248 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.28.0 | Size = 316416 bytes | Modified Date = 3/22/2007 7:01:30 AM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 413696 bytes | Modified Date = 8/22/2006 8:45:14 PM | Attr = ]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe -> [Ver = 5.13.0025 | Size = 520192 bytes | Modified Date = 8/22/2006 8:05:00 PM | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr = ]
(DefWatch) DefWatch [Win32_Own | Auto | Running] -> %ProgramFiles%\NavNT\defwatch.exe -> Symantec Corporation [Ver = 7, 51, 0, 1 | Size = 32768 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:50 AM | Attr = ]
(GhostStartService) GhostStartService [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartService.exe -> Symantec Corporation [Ver = 2003.775 | Size = 200704 bytes | Modified Date = 8/14/2002 3:21:16 PM | Attr = ]
(NCS) Numega Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Compuware\PCShared\NCS.exe -> Compuware Numega Lab [Ver = 1, 0, 0, 1 | Size = 45110 bytes | Modified Date = 9/25/2000 11:30:20 AM | Attr = ]
(Norton AntiVirus Server) Norton AntiVirus Client [Win32_Own | Auto | Running] -> %ProgramFiles%\NavNT\rtvscan.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 430080 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 10/7/2006 7:20:00 AM | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5117 | Size = 339968 bytes | Modified Date = 8/3/2004 9:10:00 PM | Attr = ]
GhostStartTrayApp -> %ProgramFiles%\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe -> Symantec Corporation [Ver = 2003.775 | Size = 94208 bytes | Modified Date = 8/14/2002 3:21:28 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 12/15/2006 3:23:28 AM | Attr = ]
vptray -> %ProgramFiles%\NavNT\vptray.exe -> Symantec Corporation [Ver = 7.51.00.847 | Size = 53248 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< User Startup > -> C:\Documents and Settings\amrit\Start Menu\Programs\Startup
%UserStartup%\TrayIt!.lnk -> %ProgramFiles%\Trayit\trayit!.exe -> Igor Nys [Ver = 2, 9, 1, 1 | Size = 61952 bytes | Modified Date = 9/7/2000 2:10:34 PM | Attr = R ]
< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 9/28/2006 9:13:28 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4142 | Size = 86016 bytes | Modified Date = 8/22/2006 8:46:30 PM | Attr = ]
NavLogon -> %System32%\NavLogon.dll -> [Ver = | Size = 28672 bytes | Modified Date = 12/22/2000 7:51:00 AM | Attr = ]
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1 localhost -> ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Local Page -> C:\windows\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Start Page -> http://www.google.com/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 12:02:04 PM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Data - Value does not exist] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 12/15/2006 3:23:24 AM | Attr = ]
{CE92F0E4-87AD-11D3-B713-00C04F8F6C86} [HKLM] -> %ProgramFiles%\Compuware\PCShared\NMIEHELP.dll [NMIEHelper Class] -> [Ver = 1, 0, 0, 1 | Size = 61497 bytes | Modified Date = 5/3/2000 2:41:02 AM | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 12/15/2006 3:23:26 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 12/15/2006 3:23:24 AM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&xport to Microsoft Excel -> -> File not found
< Internet Explorer Plugins [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\
.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [Reg Data - Value does not exist] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 1:56:24 PM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{44556415-7559-4F50-A091-12CFD3069AD5} -> (Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45) ->
{46DE913A-65A4-488B-8795-89C7C8B95372} -> 192.94.228.111,192.94.228.15,192.94.228.201,12.127.16.67,12.127.17.71 (Broadcom NetXtreme Gigabit Ethernet) ->
{6D732098-7696-458B-B1DB-62C0B96AFF43} -> (1394 Net Adapter) ->
{84F19A83-B165-4CE8-BB4D-44B19D4D9EDA} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{0000000A-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/8/B...42/wmsp9dmo.cab ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -> QuickTime Object - CodeBase = http://www.apple.com/qtactivex/qtplugin.cab ->
{0814DE28-AB38-48D3-A4C6-D5740ADDD721} -> IWorks Control - CodeBase = http://192.168.0.100/iWorks.CAB ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 ->
{33564D57-0000-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB ->
{33564D57-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab ->
{3C63E58F-715F-4B88-9F1F-5C3C9F07976B} -> Upgrade Control - CodeBase = http://192.168.000.100/iWorks.CAB ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/...b?1174501304187 ->
{69565A48-8A92-11D9-8BDE-F66BAD1E3F3A} -> BridgeChannel v3.2 - CodeBase = http://channel.bridge.com/bc/java/rbc33_i.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdat...b?1174507015109 ->
{82774781-8F4E-11D1-AB1C-0000F8773BF0} -> DLC Class - CodeBase = https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{9E5B3E8E-5F5B-437D-86D7-E2BCF1EEF678} -> IHistoryLog Control - CodeBase = http://192.168.0.100/iWorks.CAB ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> Shockwave Flash Object - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab ->
Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


< End of report >


Thanks and I will look forward to next set of actions.

Aditya




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users