Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Highjackthis Log


  • This topic is locked This topic is locked
9 replies to this topic

#1 midamah

midamah

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:34 PM

Posted 08 June 2007 - 02:27 AM

Is it possible to have a computer problem and have it not show up in the highjack this log?

Logfile of HijackThis v1.99.1
Scan saved at 12:22:25 AM, on 6/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\AOL\1181276662\ee\AOLSoftware.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Documents and Settings\Owner\Desktop\SPYWARE and Antivirus\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us7.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.freedom.net/support
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1181276662\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\AOL.EXE" -b
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1181273943562
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WUSB54Gv42SVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv42.exe (file missing)

BC AdBot (Login to Remove)

 


#2 midamah

midamah
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:34 PM

Posted 12 June 2007 - 08:23 PM

HERE IS A UPDATED ONE!!

I have been on this forum for awhile now, trying to get help. I can't even use my keyboard sometimes. My computer is twitching. Please help.

Logfile of HijackThis v1.99.1
Scan saved at 6:16:12 PM, on 6/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\1181276662\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\S3tray2.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.0\waol.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\SPYWARE and Antivirus\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.freedom.net/support
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: CallingID for IE - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CallingID\CallingIDIE.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: CallingID - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CallingID\CallingIDIE.dll
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1181276662\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1181273943562
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WUSB54Gv42SVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv42.exe (file missing)

#3 midamah

midamah
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:34 PM

Posted 12 June 2007 - 08:27 PM

I don't know if this helps, but when I run my avg antivirus, It lists these

Kernel32.dll
Wsock32.dll
User32.dll
Shell32.ll
Ntoskrnl.exe

Nothing else is found, but those things listed. Which I don't understand. Are they infected? cause if they are, they didn't give me an option to quarantine it or delete it.

#4 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:34 PM

Posted 14 June 2007 - 04:19 AM

Hello midamah and welcome to the BC HijackThis forum. I don't see any signs of viruses or malware in the log. It is clean.

It is very possible to have computer problems that do not show up in a HijackThis log. HijackThis is a tool that is used to look at the most common entry points in a system where infections can get in. It does not have the capability to analyze the operating system, performance or application issues. Those types of issues are handled in other forums.

There are some infections that do not show up in HijackThis and we have other tools to look for those. We'll run an additional scan in a bit just to be sure. As for the files that AVG is showing that are changed, that is normal. Those files are system files that are updated frequently by patches from Microsoft. If there is a question regarding their validity they can be examined by multiple anti-virus programs at Jotti's malware scan. Follow the instructions to submit each file and you will get the results immediately.

From what you are describing I believe the issue is a hardware problem or a hardware driver problem. Just to be sure let's run a different scan and see if anything shows up in that.

Download WinPFind3u.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  • In the Driver Services group select Non-Microsoft
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in.

If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#5 midamah

midamah
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:34 PM

Posted 14 June 2007 - 08:20 PM

WinPFind3 logfile created on: 6/14/2007 6:12:47 PM
WinPFind3U by OldTimer - Version 1.0.38 Folder = C:\Program Files\AOL 9.0\download\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

607.48 Mb Total Physical Memory | 333.07 Mb Available Physical Memory | 54.83% Memory free
1.45 Gb Paging File | 1.17 Gb Available in Paging File | 80.70% Paging File free
Paging file location(s): C:\pagefile.sys 912 1824;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 31.98 Gb Total Space | 19.99 Gb Free Space | 62.52% Space Free
Drive D: | 5.27 Gb Total Space | 1.09 Gb Free Space | 20.71% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: FREDSTER
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 1, 4 | Size = 565248 bytes | Modified Date = 6/13/2007 8:33:10 PM | Attr = ]
aolacsd.exe -> %CommonProgramFiles%\aol\acs\AOLacsd.exe -> AOL LLC [Ver = 4.6.1.2 | Size = 46640 bytes | Modified Date = 10/23/2006 4:50:36 AM | Attr = R ]
aolsoftware.exe -> %CommonProgramFiles%\aol\1181276662\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.6.1 | Size = 50736 bytes | Modified Date = 9/25/2006 4:52:48 PM | Attr = ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.453 | Size = 353280 bytes | Modified Date = 6/7/2007 2:57:54 AM | Attr = ]
avgemc.exe -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 351744 bytes | Modified Date = 6/7/2007 2:57:54 AM | Attr = ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 6/7/2007 2:57:58 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 3/14/2007 2:43:44 AM | Attr = ]
kbd.exe -> %SystemDrive%\hp\KBD\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 61440 bytes | Modified Date = 7/6/2001 9:56:56 PM | Attr = ]
s3tray2.exe -> %System32%\S3tray2.exe -> S3 Graphics, Inc. [Ver = 1.00.19-0113 | Size = 69632 bytes | Modified Date = 2/25/2003 3:33:14 AM | Attr = ]
shellmon.exe -> %ProgramFiles%\AOL 9.0\shellmon.exe -> AOL, LLC. [Ver = 9.05.001 | Size = 54832 bytes | Modified Date = 4/17/2007 10:49:06 PM | Attr = ]
superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 8, 0, 1002 | Size = 1314816 bytes | Modified Date = 5/23/2007 9:12:46 AM | Attr = ]
waol.exe -> %ProgramFiles%\AOL 9.0\waol.exe -> AOL, LLC. [Ver = 9.05.001 | Size = 39472 bytes | Modified Date = 4/17/2007 10:49:08 PM | Attr = ]
winpfind3u.exe -> %ProgramFiles%\AOL 9.0\download\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 318976 bytes | Modified Date = 5/22/2007 6:27:40 PM | Attr = ]
wlservice.exe -> %ProgramFiles%\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe -> GEMTEKS [Ver = 1, 0, 0, 9 | Size = 53307 bytes | Modified Date = 7/4/2005 3:46:04 PM | Attr = ]
wusb54gv42.exe -> %ProgramFiles%\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe -> Linksys [Ver = 1.0.3.0 | Size = 5264384 bytes | Modified Date = 11/9/2005 12:33:42 AM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 1, 4 | Size = 565248 bytes | Modified Date = 6/13/2007 8:33:10 PM | Attr = ]
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\aol\acs\AOLacsd.exe -> AOL LLC [Ver = 4.6.1.2 | Size = 46640 bytes | Modified Date = 10/23/2006 4:50:36 AM | Attr = R ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.453 | Size = 353280 bytes | Modified Date = 6/7/2007 2:57:54 AM | Attr = ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 6/7/2007 2:57:58 AM | Attr = ]
(AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG7\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.460 | Size = 351744 bytes | Modified Date = 6/7/2007 2:57:54 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/3/2004 11:56:48 PM | Attr = ]
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found
(NVSvc) NVIDIA Driver Helper Service [Win32_Own | Auto | Stopped] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.13.10.3190 | Size = 61440 bytes | Modified Date = 9/30/2002 11:39:00 PM | Attr = ]
(WUSB54Gv42SVC) WUSB54Gv42SVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe -> GEMTEKS [Ver = 1, 0, 0, 9 | Size = 53307 bytes | Modified Date = 7/4/2005 3:46:04 PM | Attr = ]

[Driver Services - Non-Microsoft Only]
(0094) 0094 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\0094.sys -> File not found
(2ab3) 2ab3 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\2ab3.sys -> File not found
(3d6A) 3d6A [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\3d6A.sys -> File not found
(7271A37) 7271A37 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\7271A37.sys -> File not found
(7e28) 7e28 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\7e28.sys -> File not found
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.4.3.0 [Kernel | Auto | Running] -> %System32%\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.4.3.0 | Size = 20747 bytes | Modified Date = 6/7/2007 6:51:40 PM | Attr = ]
(Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found
(aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5730 built by: WinDDK | Size = 2279424 bytes | Modified Date = 10/1/2004 9:24:02 AM | Attr = ]
(AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found
(amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found
(asc) asc [Kernel | Disabled | Stopped] -> -> File not found
(asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(Avg7Core) AVG7 Kernel [Kernel | System | Running] -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Modified Date = 6/7/2007 2:58:00 AM | Attr = ]
(Avg7RsW) AVG7 Wrap Driver [Kernel | System | Running] -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 6/7/2007 2:58:06 AM | Attr = ]
(Avg7RsXP) AVG7 Resident Driver XP [Kernel | System | Running] -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 6/7/2007 2:58:06 AM | Attr = ]
(AvgClean) AVG7 Clean Driver [Kernel | System | Running] -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 6/7/2007 2:58:08 AM | Attr = ]
(AvgTdi) AVG Network Redirector [Kernel | Auto | Running] -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 6/7/2007 2:58:06 AM | Attr = ]
(be4C) be4C [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\be4C.sys -> File not found
(c926) c926 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\c926.sys -> File not found
(cadB) cadB [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\cadB.sys -> File not found
(cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found
(Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found
(dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found
(df77) df77 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\df77.sys -> File not found
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/3/2004 10:07:18 PM | Attr = ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/3/2004 10:07:16 PM | Attr = ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/29/2002 4:00:00 AM | Attr = ]
(dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found
(drvmcdb) drvmcdb [Kernel | Boot | Running] -> %System32%\drivers\drvmcdb.sys -> VERITAS Software, Inc. [Ver = 3.21.45a | Size = 82784 bytes | Modified Date = 10/21/2002 10:21:00 AM | Attr = ]
(ed62) ed62 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\ed62.sys -> File not found
(GoProto) GoProto Protocol Driver [Kernel | On_Demand | Stopped] -> System32\DRIVERS\goprot51.sys -> File not found
(hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found
(i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found
(i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found
(ialm) ialm [Kernel | On_Demand | Stopped] -> %System32%\drivers\ialmnt5.sys -> Intel Corporation [Ver = 6.13.01.3264 | Size = 79323 bytes | Modified Date = 9/16/2002 7:04:10 PM | Attr = ]
(ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(ltmodem5) LT Modem Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ltmdmnt.sys -> LT [Ver = 8.28 | Size = 625537 bytes | Modified Date = 3/31/2003 1:29:00 PM | Attr = ]
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found
(MxlW2k) MxlW2k [Kernel | On_Demand | Running] -> %System32%\drivers\MxlW2k.sys -> MusicMatch, Inc. [Ver = 1.0.1.104 | Size = 28164 bytes | Modified Date = 10/28/2002 10:59:24 AM | Attr = ]
(nv) nv [Kernel | On_Demand | Stopped] -> %System32%\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.5673 | Size = 1897408 bytes | Modified Date = 8/3/2004 9:29:54 PM | Attr = ]
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found
(perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found
(pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %System32%\drivers\pfc.sys -> Padus, Inc. [Ver = 2, 5, 0, 201 | Size = 9856 bytes | Modified Date = 10/27/2002 11:01:48 PM | Attr = R ]
(Ps2) Ps2 [Kernel | On_Demand | Running] -> %System32%\drivers\PS2.sys -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 14112 bytes | Modified Date = 6/4/2001 2:00:00 PM | Attr = ]
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/29/2002 4:00:00 AM | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> VERITAS Software, Inc. [Ver = 2.02.40a | Size = 16416 bytes | Modified Date = 10/21/2002 9:02:00 AM | Attr = ]
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found
(Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found
(ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Running] -> %System32%\drivers\rtl8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 8/3/2004 9:31:32 PM | Attr = ]
(S3Psddr) S3Psddr [Kernel | On_Demand | Running] -> %System32%\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Modified Date = 5/26/2003 12:57:50 PM | Attr = ]
(S3SavageNB) S3SavageNB [Kernel | On_Demand | Stopped] -> %System32%\drivers\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Modified Date = 5/26/2003 12:57:50 PM | Attr = ]
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [Ver = 1, 0, 0, 1006 | Size = 5632 bytes | Modified Date = 10/10/2006 12:53:48 PM | Attr = ]
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 2/16/2006 4:51:08 PM | Attr = R ]
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [Ver = 1, 0, 0, 1036 | Size = 32256 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ]
(SDDMI2) SDDMI2 [Kernel | On_Demand | Stopped] -> %System32%\DDMI2.sys -> File not found
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys -> [Ver = | Size = 27440 bytes | Modified Date = 8/29/2002 4:00:00 AM | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(SISAGP) SiS AGP Filter [Kernel | Boot | Running] -> %System32%\drivers\SISAGP.SYS -> Silicon Integrated Systems Corporation [Ver = 6.1.3010.0 built by: WinDDK | Size = 28160 bytes | Modified Date = 7/17/2002 7:25:18 PM | Attr = ]
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found
(symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found
(TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found
(ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found
(viaagp1) VIA AGP Filter [Kernel | Boot | Running] -> %System32%\drivers\VIAAGP1.SYS -> VIA Technologies, Inc. [Ver = 5.00.00.2410 built by: VIA | Size = 27648 bytes | Modified Date = 3/4/2002 11:10:00 AM | Attr = ]
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Running] -> %System32%\drivers\wanatw4.sys -> America Online, Inc. [Ver = 8.3.0.0 | Size = 33588 bytes | Modified Date = 1/10/2003 1:13:04 PM | Attr = R ]
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(WUSB54GPV4SRV) Linksys Home Wireless-G USB Adaptor Driver [Kernel | On_Demand | Running] -> %System32%\drivers\rt2500usb.sys -> Ralink Technology Inc. [Ver = 2.01.00.0000 | Size = 245376 bytes | Modified Date = 10/17/2005 6:50:06 PM | Attr = ]
({6080A529-897E-4629-A488-ABA0C29B635E}) Intel® Graphics Platform (SoftBIOS) Driver [Kernel | System | Stopped] -> %System32%\drivers\ialmsbw.sys -> Intel Corporation [Ver = 6.13.01.3264 | Size = 91678 bytes | Modified Date = 9/16/2002 7:05:26 PM | Attr = ]
({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel® Graphics Chipset (KCH) Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ialmkchw.sys -> Intel Corporation [Ver = 6.13.01.3264 | Size = 71514 bytes | Modified Date = 9/16/2002 7:05:36 PM | Attr = ]
(GTNDIS5) GTNDIS5 NDIS Protocol Driver [Kernel | On_Demand | Running] -> %System32%\GTNDIS5.sys -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.03.16.54 | Size = 15872 bytes | Modified Date = 9/25/2003 9:15:32 PM | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AlcxMonitor -> %SystemRoot%\ALCXMNTR.EXE -> Realtek Semiconductor Corp. [Ver = 1.5 | Size = 57344 bytes | Modified Date = 9/7/2004 12:47:52 PM | Attr = ]
DDCActiveMenu -> %ProgramFiles%\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe -> WildTangent [Ver = 1, 1, 1, 019 | Size = 86016 bytes | Modified Date = 6/8/2002 1:20:44 AM | Attr = ]
HostManager -> %CommonProgramFiles%\aol\1181276662\ee\AOLSoftware.exe -> America Online, Inc. [Ver = 1.5.6.1 | Size = 50736 bytes | Modified Date = 9/25/2006 4:52:48 PM | Attr = ]
KBD -> %SystemDrive%\hp\KBD\kbd.exe -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 61440 bytes | Modified Date = 7/6/2001 9:56:56 PM | Attr = ]
nwiz -> %System32%\nwiz.exe -> NVIDIA Corporation [Ver = 6.13.10.3190 | Size = 372736 bytes | Modified Date = 9/30/2002 11:39:00 PM | Attr = ]
S3TRAY2 -> %System32%\S3tray2.exe -> S3 Graphics, Inc. [Ver = 1.00.19-0113 | Size = 69632 bytes | Modified Date = 2/25/2003 3:33:14 AM | Attr = ]
StorageGuard -> %ProgramFiles%\VERITAS Software\Update Manager\sgtray.exe -> VERITAS Software, Inc. [Ver = 1.01.02a | Size = 155648 bytes | Modified Date = 6/18/2002 8:01:00 AM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 3/14/2007 2:43:44 AM | Attr = ]
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AOL Fast Start -> %ProgramFiles%\AOL 9.0\aol.exe -> AOL, LLC. [Ver = 9.05.001 | Size = 50736 bytes | Modified Date = 4/17/2007 10:49:02 PM | Attr = ]
NVIEW -> %System32%\nview.dll [rundll32.exe nview.dll,nViewLoadHook] -> NVIDIA Corporation [Ver = 6.13.10.3190 | Size = 548933 bytes | Modified Date = 9/30/2002 11:39:00 PM | Attr = ]
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 8, 0, 1002 | Size = 1314816 bytes | Modified Date = 5/23/2007 9:12:46 AM | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKLM] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 12:55:48 PM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 4/19/2007 12:41:36 PM | Attr = ]
igfxcui -> %System32%\igfxsrvc.dll -> Intel Corporation [Ver = 3,0,0,1847 | Size = 315392 bytes | Modified Date = 9/9/2002 7:05:00 AM | Attr = ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
< HOSTS File > (686 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1 localhost -> ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Bar -> http://srch-us7.hpwis.com/ ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> about:blank ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Default_Search_URL -> http://srch-us7.hpwis.com/ ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKCU: Start Page -> http://aol.com/ ->
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> 127.0.0.1;localhost ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 3/14/2007 2:43:40 AM | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKLM] -> %SystemDrive%\hp\EXPLOREBAR\HPTOOLKT.DLL [hp toolkit] -> Hewlett-Packard Company [Ver = 1.0.0.3 | Size = 90112 bytes | Modified Date = 8/15/2002 9:44:50 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKLM] -> %SystemDrive%\hp\EXPLOREBAR\HPTOOLKT.DLL [hp toolkit] -> Hewlett-Packard Company [Ver = 1.0.0.3 | Size = 90112 bytes | Modified Date = 8/15/2002 9:44:50 PM | Attr = ]
WebBrowser\\{10134636-E7AF-4AC5-A1DC-C7C44BB97D81} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\npjpi160_01.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 132760 bytes | Modified Date = 3/14/2007 2:43:42 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 3/14/2007 2:43:40 AM | Attr = ]
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{1E06D248-343A-48C6-BF0E-80EEBBEAFCFC} -> (Linksys Wireless-G USB Network Adapter) ->
{9FB9C6E1-4DFE-4647-AFEA-44ACD7015994} -> (Realtek RTL8139 Family PCI Fast Ethernet NIC) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/pub/shock...director/sw.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 ->
{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> - CodeBase = http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdat...b?1181273943562 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-...ows-i586-jc.cab ->
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab ->
DirectAnimation Java Classes -> - CodeBase = file://C:\WINDOWS\Java\classes\dajava.cab ->
Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


[Files/Folders - Created Within 30 days]
i386 -> %SystemDrive%\i386 -> [Folder | Created Date = 6/7/2007 12:01:09 AM | Attr = ]
Linksys Driver -> %SystemDrive%\Linksys Driver -> [Folder | Created Date = 6/7/2007 4:12:41 PM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Created Date = 6/6/2007 11:19:59 PM | Attr = R ]
Python25 -> %SystemDrive%\Python25 -> [Folder | Created Date = 6/7/2007 9:25:16 PM | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 6/10/2007 7:54:24 PM | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 6/7/2007 3:30:38 AM | Attr = HS]
SDFix -> %SystemDrive%\SDFix -> [Folder | Created Date = 6/11/2007 5:18:41 PM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 2/23/1755 6:20:31 AM | Attr = HS]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 6/8/2007 6:32:33 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Created Date = 6/7/2007 7:46:03 PM | Attr = H ]
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Created Date = 6/7/2007 7:45:40 PM | Attr = H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Created Date = 6/7/2007 9:49:15 PM | Attr = H ]
$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 6/9/2007 5:41:25 PM | Attr = H ]
$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 6/9/2007 5:41:12 PM | Attr = H ]
$NtUninstallKB835409$ -> %SystemRoot%\$NtUninstallKB835409$ -> [Folder | Created Date = 6/7/2007 8:48:09 PM | Attr = H ]
$NtUninstallKB835732$ -> %SystemRoot%\$NtUninstallKB835732$ -> [Folder | Created Date = 6/7/2007 9:11:54 PM | Attr = H ]
$NtUninstallKB842773$ -> %SystemRoot%\$NtUninstallKB842773$ -> [Folder | Created Date = 6/7/2007 7:45:09 PM | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Created Date = 6/7/2007 10:11:14 PM | Attr = H ]
$NtUninstallKB873339_0$ -> %SystemRoot%\$NtUninstallKB873339_0$ -> [Folder | Created Date = 6/7/2007 9:06:01 PM | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Created Date = 6/7/2007 10:11:56 PM | Attr = H ]
$NtUninstallKB885835_0$ -> %SystemRoot%\$NtUninstallKB885835_0$ -> [Folder | Created Date = 6/7/2007 9:15:15 PM | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Created Date = 6/7/2007 10:12:34 PM | Attr = H ]
$NtUninstallKB885836_0$ -> %SystemRoot%\$NtUninstallKB885836_0$ -> [Folder | Created Date = 6/7/2007 9:14:45 PM | Attr = H ]
$NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Created Date = 6/8/2007 3:57:17 PM | Attr = H ]
$NtUninstallKB887472$ -> %SystemRoot%\$NtUninstallKB887472$ -> [Folder | Created Date = 6/8/2007 4:00:27 PM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Created Date = 6/7/2007 10:13:12 PM | Attr = H ]
$NtUninstallKB888302_0$ -> %SystemRoot%\$NtUninstallKB888302_0$ -> [Folder | Created Date = 6/7/2007 8:53:35 PM | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Created Date = 6/7/2007 10:13:45 PM | Attr = H ]
$NtUninstallKB890046_0$ -> %SystemRoot%\$NtUninstallKB890046_0$ -> [Folder | Created Date = 6/7/2007 8:58:17 PM | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Created Date = 6/7/2007 10:14:20 PM | Attr = H ]
$NtUninstallKB890859_0$ -> %SystemRoot%\$NtUninstallKB890859_0$ -> [Folder | Created Date = 6/7/2007 8:25:32 PM | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Created Date = 6/7/2007 10:14:58 PM | Attr = H ]
$NtUninstallKB891781_0$ -> %SystemRoot%\$NtUninstallKB891781_0$ -> [Folder | Created Date = 6/7/2007 8:59:02 PM | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Created Date = 6/7/2007 10:15:39 PM | Attr = H ]
$NtUninstallKB893756_0$ -> %SystemRoot%\$NtUninstallKB893756_0$ -> [Folder | Created Date = 6/7/2007 9:08:58 PM | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Created Date = 6/7/2007 10:16:16 PM | Attr = H ]
$NtUninstallKB896358_0$ -> %SystemRoot%\$NtUninstallKB896358_0$ -> [Folder | Created Date = 6/7/2007 9:02:05 PM | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Created Date = 6/7/2007 10:16:57 PM | Attr = H ]
$NtUninstallKB896423_0$ -> %SystemRoot%\$NtUninstallKB896423_0$ -> [Folder | Created Date = 6/7/2007 9:06:58 PM | Attr = H ]
$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Created Date = 6/7/2007 10:17:48 PM | Attr = H ]
$NtUninstallKB896424_0$ -> %SystemRoot%\$NtUninstallKB896424_0$ -> [Folder | Created Date = 6/7/2007 9:09:27 PM | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Created Date = 6/7/2007 10:18:33 PM | Attr = H ]
$NtUninstallKB896428_0$ -> %SystemRoot%\$NtUninstallKB896428_0$ -> [Folder | Created Date = 6/7/2007 8:48:40 PM | Attr = H ]
$NtUninstallKB898458$ -> %SystemRoot%\$NtUninstallKB898458$ -> [Folder | Created Date = 6/7/2007 9:01:09 PM | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Created Date = 6/7/2007 7:46:03 PM | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Created Date = 6/7/2007 10:19:15 PM | Attr = H ]
$NtUninstallKB899587_0$ -> %SystemRoot%\$NtUninstallKB899587_0$ -> [Folder | Created Date = 6/7/2007 9:18:26 PM | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Created Date = 6/7/2007 10:19:57 PM | Attr = H ]
$NtUninstallKB899591_0$ -> %SystemRoot%\$NtUninstallKB899591_0$ -> [Folder | Created Date = 6/7/2007 9:10:29 PM | Attr = H ]
$NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Created Date = 6/8/2007 4:01:08 PM | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Created Date = 6/7/2007 10:20:35 PM | Attr = H ]
$NtUninstallKB900725_0$ -> %SystemRoot%\$NtUninstallKB900725_0$ -> [Folder | Created Date = 6/7/2007 8:53:03 PM | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Created Date = 6/7/2007 10:21:26 PM | Attr = H ]
$NtUninstallKB901017_0$ -> %SystemRoot%\$NtUninstallKB901017_0$ -> [Folder | Created Date = 6/7/2007 9:10:56 PM | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Created Date = 6/7/2007 10:22:06 PM | Attr = H ]
$NtUninstallKB901214_0$ -> %SystemRoot%\$NtUninstallKB901214_0$ -> [Folder | Created Date = 6/7/2007 8:55:17 PM | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Created Date = 6/7/2007 10:22:46 PM | Attr = H ]
$NtUninstallKB902400_0$ -> %SystemRoot%\$NtUninstallKB902400_0$ -> [Folder | Created Date = 6/7/2007 8:59:49 PM | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Created Date = 6/7/2007 10:23:34 PM | Attr = H ]
$NtUninstallKB904706_0$ -> %SystemRoot%\$NtUninstallKB904706_0$ -> [Folder | Created Date = 6/7/2007 8:50:06 PM | Attr = H ]
$NtUninstallKB904942$ -> %SystemRoot%\$NtUninstallKB904942$ -> [Folder | Created Date = 6/9/2007 5:38:33 PM | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Created Date = 6/7/2007 10:24:08 PM | Attr = H ]
$NtUninstallKB905414_0$ -> %SystemRoot%\$NtUninstallKB905414_0$ -> [Folder | Created Date = 6/7/2007 8:56:42 PM | Attr = H ]
$NtUninstallKB905495$ -> %SystemRoot%\$NtUninstallKB905495$ -> [Folder | Created Date = 6/7/2007 9:00:50 PM | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Created Date = 6/7/2007 10:24:42 PM | Attr = H ]
$NtUninstallKB905749_0$ -> %SystemRoot%\$NtUninstallKB905749_0$ -> [Folder | Created Date = 6/7/2007 8:49:24 PM | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Created Date = 6/7/2007 10:25:25 PM | Attr = H ]
$NtUninstallKB908519_0$ -> %SystemRoot%\$NtUninstallKB908519_0$ -> [Folder | Created Date = 6/7/2007 8:28:11 PM | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Created Date = 6/7/2007 10:26:00 PM | Attr = H ]
$NtUninstallKB908531_0$ -> %SystemRoot%\$NtUninstallKB908531_0$ -> [Folder | Created Date = 6/7/2007 8:49:41 PM | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Created Date = 6/7/2007 10:26:44 PM | Attr = H ]
$NtUninstallKB910437_0$ -> %SystemRoot%\$NtUninstallKB910437_0$ -> [Folder | Created Date = 6/7/2007 9:01:36 PM | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Created Date = 6/7/2007 10:27:20 PM | Attr = H ]
$NtUninstallKB911280_0$ -> %SystemRoot%\$NtUninstallKB911280_0$ -> [Folder | Created Date = 6/7/2007 9:08:29 PM | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Created Date = 6/7/2007 10:27:57 PM | Attr = H ]
$NtUninstallKB911562_0$ -> %SystemRoot%\$NtUninstallKB911562_0$ -> [Folder | Created Date = 6/7/2007 9:07:52 PM | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Created Date = 6/7/2007 9:00:24 PM | Attr = H ]
$NtUninstallKB911565$ -> %SystemRoot%\$NtUninstallKB911565$ -> [Folder | Created Date = 6/7/2007 10:56:57 PM | Attr = H ]
$NtUninstallKB911567-OE6SP1-20060316.165634$ -> %SystemRoot%\$NtUninstallKB911567-OE6SP1-20060316.165634$ -> [Folder | Created Date = 6/7/2007 8:50:24 PM | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Created Date = 6/7/2007 10:28:33 PM | Attr = H ]
$NtUninstallKB911927_0$ -> %SystemRoot%\$NtUninstallKB911927_0$ -> [Folder | Created Date = 6/7/2007 9:12:30 PM | Attr = H ]
$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Created Date = 6/7/2007 10:29:06 PM | Attr = H ]
$NtUninstallKB912919_0$ -> %SystemRoot%\$NtUninstallKB912919_0$ -> [Folder | Created Date = 6/7/2007 8:52:18 PM | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Created Date = 6/7/2007 10:30:02 PM | Attr = H ]
$NtUninstallKB913580_0$ -> %SystemRoot%\$NtUninstallKB913580_0$ -> [Folder | Created Date = 6/7/2007 8:48:59 PM | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Created Date = 6/7/2007 10:30:40 PM | Attr = H ]
$NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Created Date = 6/7/2007 8:57:30 PM | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Created Date = 6/7/2007 10:31:24 PM | Attr = H ]
$NtUninstallKB914389_0$ -> %SystemRoot%\$NtUninstallKB914389_0$ -> [Folder | Created Date = 6/7/2007 8:26:46 PM | Attr = H ]
$NtUninstallKB914440$ -> %SystemRoot%\$NtUninstallKB914440$ -> [Folder | Created Date = 6/9/2007 5:38:47 PM | Attr = H ]
$NtUninstallKB915865$ -> %SystemRoot%\$NtUninstallKB915865$ -> [Folder | Created Date = 6/9/2007 5:40:51 PM | Attr = H ]
$NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Created Date = 6/8/2007 3:57:10 PM | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Created Date = 6/7/2007 10:32:04 PM | Attr = H ]
$NtUninstallKB917344_0$ -> %SystemRoot%\$NtUninstallKB917344_0$ -> [Folder | Created Date = 6/7/2007 8:57:04 PM | Attr = H ]
$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Created Date = 6/7/2007 10:32:44 PM | Attr = H ]
$NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Created Date = 6/7/2007 8:53:59 PM | Attr = H ]
$NtUninstallKB917734_WMP8$ -> %SystemRoot%\$NtUninstallKB917734_WMP8$ -> [Folder | Created Date = 6/7/2007 8:55:58 PM | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Created Date = 6/7/2007 10:33:22 PM | Attr = H ]
$NtUninstallKB917953_0$ -> %SystemRoot%\$NtUninstallKB917953_0$ -> [Folder | Created Date = 6/7/2007 8:56:20 PM | Attr = H ]
$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Created Date = 6/8/2007 3:58:10 PM | Attr = H ]
$NtUninstallKB918439-IE6SP1-20060530.145346$ -> %SystemRoot%\$NtUninstallKB918439-IE6SP1-20060530.145346$ -> [Folder | Created Date = 6/7/2007 9:02:41 PM | Attr = H ]
$NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Created Date = 6/7/2007 8:50:54 PM | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Created Date = 6/7/2007 10:34:06 PM | Attr = H ]
$NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Created Date = 6/7/2007 8:57:57 PM | Attr = H ]
$NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Created Date = 6/8/2007 3:57:23 PM | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Created Date = 6/7/2007 10:34:44 PM | Attr = H ]
$NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Created Date = 6/7/2007 8:59:21 PM | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Created Date = 6/7/2007 10:35:26 PM | Attr = H ]
$NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Created Date = 6/7/2007 8:27:27 PM | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Created Date = 6/7/2007 10:36:00 PM | Attr = H ]
$NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Created Date = 6/7/2007 9:10:01 PM | Attr = H ]
$NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Created Date = 6/8/2007 3:58:53 PM | Attr = H ]
$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Created Date = 6/7/2007 10:36:47 PM | Attr = H ]
$NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Created Date = 6/7/2007 9:03:17 PM | Attr = H ]
$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Created Date = 6/7/2007 10:37:34 PM | Attr = H ]
$NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Created Date = 6/7/2007 9:13:07 PM | Attr = H ]
$NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Created Date = 6/8/2007 3:58:24 PM | Attr = H ]
$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Created Date = 6/7/2007 10:38:16 PM | Attr = H ]
$NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Created Date = 6/7/2007 9:11:24 PM | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Created Date = 6/7/2007 10:38:51 PM | Attr = H ]
$NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Created Date = 6/7/2007 9:16:18 PM | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Created Date = 6/7/2007 10:39:23 PM | Attr = H ]
$NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Created Date = 6/7/2007 8:54:29 PM | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Created Date = 6/7/2007 10:40:09 PM | Attr = H ]
$NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Created Date = 6/7/2007 9:13:42 PM | Attr = H ]
$NtUninstallKB923694$ -> %SystemRoot%\$NtUninstallKB923694$ -> [Folder | Created Date = 6/8/2007 3:56:50 PM | Attr = H ]
$NtUninstallKB923723$ -> %SystemRoot%\$NtUninstallKB923723$ -> [Folder | Created Date = 6/8/2007 4:01:35 PM | Attr = H ]
$NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Created Date = 6/8/2007 4:01:20 PM | Attr = H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Created Date = 6/7/2007 10:40:51 PM | Attr = H ]
$NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Created Date = 6/7/2007 9:17:35 PM | Attr = H ]
$NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Created Date = 6/8/2007 4:00:56 PM | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Created Date = 6/7/2007 10:41:34 PM | Attr = H ]
$NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Created Date = 6/7/2007 9:04:33 PM | Attr = H ]
$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Created Date = 6/8/2007 4:01:14 PM | Attr = H ]
$NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ -> [Folder | Created Date = 6/8/2007 4:01:50 PM | Attr = H ]
$NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Created Date = 6/7/2007 9:03:56 PM | Attr = H ]
$NtUninstallKB925720$ -> %SystemRoot%\$NtUninstallKB925720$ -> [Folder | Created Date = 6/9/2007 4:38:54 PM | Attr = H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Created Date = 6/8/2007 3:59:14 PM | Attr = H ]
$NtUninstallKB926239$ -> %SystemRoot%\$NtUninstallKB926239$ -> [Folder | Created Date = 6/7/2007 11:28:52 PM | Attr = H ]
$NtUninstallKB926247$ -> %SystemRoot%\$NtUninstallKB926247$ -> [Folder | Created Date = 6/8/2007 3:56:13 PM | Attr = H ]
$NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Created Date = 6/8/2007 3:57:54 PM | Attr = H ]
$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Created Date = 6/8/2007 3:59:02 PM | Attr = H ]
$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Created Date = 6/8/2007 4:02:36 PM | Attr = H ]
$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Created Date = 6/8/2007 4:02:29 PM | Attr = H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Created Date = 6/8/2007 4:00:43 PM | Attr = H ]
$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Created Date = 6/8/2007 4:02:16 PM | Attr = H ]
$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Created Date = 6/8/2007 3:55:57 PM | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 6/12/2007 6:14:35 PM | Attr = H ]
$NtUninstallKB929399$ -> %SystemRoot%\$NtUninstallKB929399$ -> [Folder | Created Date = 6/8/2007 3:57:43 PM | Attr = H ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Created Date = 6/8/2007 4:01:56 PM | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Created Date = 6/8/2007 3:58:43 PM | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Created Date = 6/8/2007 3:57:03 PM | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Created Date = 6/8/2007 4:00:50 PM | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Created Date = 6/8/2007 3:59:41 PM | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Created Date = 6/8/2007 4:02:04 PM | Attr = H ]
$NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ -> [Folder | Created Date = 6/8/2007 4:00:37 PM | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Created Date = 6/9/2007 5:39:00 PM | Attr = H ]
$NtUninstallKB932168_0$ -> %SystemRoot%\$NtUninstallKB932168_0$ -> [Folder | Created Date = 6/8/2007 3:58:32 PM | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 6/12/2007 6:12:46 PM | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 6/12/2007 6:14:26 PM | Attr = H ]
$NtUninstallMSCompPackV1$ -> %SystemRoot%\$NtUninstallMSCompPackV1$ -> [Folder | Created Date = 6/7/2007 11:28:21 PM | Attr = H ]
$NtUninstallWIC$ -> %SystemRoot%\$NtUninstallWIC$ -> [Folder | Created Date = 6/9/2007 3:53:55 PM | Attr = H ]
$NtUninstallWMFDist11$ -> %SystemRoot%\$NtUninstallWMFDist11$ -> [Folder | Created Date = 6/7/2007 11:27:02 PM | Attr = H ]
$NtUninstallwmp11$ -> %SystemRoot%\$NtUninstallwmp11$ -> [Folder | Created Date = 6/7/2007 11:27:48 PM | Attr = H ]
$NtUninstallWudf01000$ -> %SystemRoot%\$NtUninstallWudf01000$ -> [Folder | Created Date = 6/7/2007 11:26:33 PM | Attr = H ]
assembly -> %SystemRoot%\assembly -> [Folder | Created Date = 6/6/2007 11:19:40 PM | Attr = R S]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 87552 bytes | Created Date = 6/10/2007 7:52:28 PM | Attr = ]
checkip.dat -> %SystemRoot%\checkip.dat -> [Ver = | Size = 553 bytes | Created Date = 6/7/2007 3:14:02 AM | Attr = ]
EHome -> %SystemRoot%\EHome -> [Folder | Created Date = 6/7/2007 9:49:10 PM | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 6/10/2007 7:54:37 PM | Attr = ]
freedom.backup.dat -> %SystemRoot%\freedom.backup.dat -> [Ver = | Size = 7004 bytes | Created Date = 6/7/2007 3:31:42 AM | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 6/9/2007 5:41:44 PM | Attr = H ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 6/10/2007 4:51:48 PM | Attr = ]
iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.0.3 | Size = 720896 bytes | Created Date = 6/9/2007 4:19:25 PM | Attr = ]
jautoexp.dat -> %SystemRoot%\jautoexp.dat -> [Ver = | Size = 6550 bytes | Created Date = 6/7/2007 8:58:46 PM | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 6/9/2007 5:38:50 PM | Attr = ]
nircmd.exe -> %SystemRoot%\nircmd.exe -> NirSoft [Ver = 1.85 | Size = 49152 bytes | Created Date = 6/10/2007 7:52:28 PM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 335 bytes | Created Date = 6/7/2007 8:07:55 PM | Attr = ]
Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Created Date = 6/6/2007 11:19:20 PM | Attr = R ]
peernet -> %SystemRoot%\peernet -> [Folder | Created Date = 6/7/2007 10:03:15 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 6/7/2007 10:51:43 PM | Attr = ]
provisioning -> %SystemRoot%\provisioning -> [Folder | Created Date = 6/7/2007 10:03:14 PM | Attr = ]
ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [Folder | Created Date = 6/7/2007 9:59:03 PM | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 6/7/2007 7:33:58 PM | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 6/7/2007 11:34:54 PM | Attr = ]
WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 6/9/2007 5:44:41 PM | Attr = ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 31 bytes | Created Date = 6/7/2007 3:23:25 AM | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 6/7/2007 8:27:50 PM | Attr = ]
accserv.mib -> %System32%\accserv.mib -> [Ver = | Size = 15597 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
AegisE5.dll -> %System32%\AegisE5.dll -> Meetinghouse Data Communications [Ver = 1, 8, 45, 1 | Size = 929792 bytes | Created Date = 6/7/2007 4:15:33 PM | Attr = ]
authserv.mib -> %System32%\authserv.mib -> [Ver = | Size = 16617 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
bcm42rly.sys -> %System32%\bcm42rly.sys -> Broadcom Corporation [Ver = 3.90.30.0 (BROADCOM INTERNAL DRIVER) | Size = 17992 bytes | Created Date = 6/7/2007 6:51:37 PM | Attr = ]
bits -> %System32%\bits -> [Folder | Created Date = 6/7/2007 7:45:18 PM | Attr = ]
dhcp.mib -> %System32%\dhcp.mib -> [Ver = | Size = 4597 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Created Date = 6/6/2007 11:16:41 PM | Attr = RHS]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Created Date = 6/13/2007 4:34:46 PM | Attr = ]
en-us -> %System32%\en-us -> [Folder | Created Date = 6/9/2007 3:59:43 PM | Attr = ]
GTNDIS3.VXD -> %System32%\GTNDIS3.VXD -> [Ver = | Size = 31930 bytes | Created Date = 6/7/2007 4:15:34 PM | Attr = ]
GTNDIS5.sys -> %System32%\GTNDIS5.sys -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.03.16.54 | Size = 15872 bytes | Created Date = 6/7/2007 4:15:34 PM | Attr = ]
GTW32N50.dll -> %System32%\GTW32N50.dll -> [Ver = 1.0.0.1 | Size = 94208 bytes | Created Date = 6/7/2007 4:15:34 PM | Attr = ]
hostmib.mib -> %System32%\hostmib.mib -> [Ver = | Size = 48593 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
ipforwd.mib -> %System32%\ipforwd.mib -> [Ver = | Size = 15799 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 6/7/2007 11:34:44 PM | Attr = ]
javacpl.cpl -> %System32%\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 69632 bytes | Created Date = 6/7/2007 11:34:44 PM | Attr = ]
javasup.vxd -> %System32%\javasup.vxd -> [Ver = | Size = 7315 bytes | Created Date = 6/7/2007 8:58:46 PM | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 135168 bytes | Created Date = 6/7/2007 11:34:44 PM | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 139264 bytes | Created Date = 6/7/2007 11:34:44 PM | Attr = ]
lmmib2.mib -> %System32%\lmmib2.mib -> [Ver = | Size = 26100 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
LogFiles -> %System32%\LogFiles -> [Folder | Created Date = 6/7/2007 11:26:42 PM | Attr = ]
mcastmib.mib -> %System32%\mcastmib.mib -> [Ver = | Size = 30448 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
mib_ii.mib -> %System32%\mib_ii.mib -> [Ver = | Size = 107882 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
mipx.mib -> %System32%\mipx.mib -> [Ver = | Size = 21386 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
mripsap.mib -> %System32%\mripsap.mib -> [Ver = | Size = 10313 bytes | Created Date = 6/7/2007 7:08:00 PM | Attr = ]
msft.mib -> %System32%\msft.mib -> [Ver = | Size = 581 bytes | Created Date = 6/7/2007 7:08:01 PM | Attr = ]
msipbtp.mib -> %System32%\msipbtp.mib -> [Ver = | Size = 13767 bytes | Created Date = 6/7/2007 7:08:01 PM | Attr = ]
msiprip2.mib -> %System32%\msiprip2.mib -> [Ver = | Size = 34317 bytes | Created Date = 6/7/2007 7:08:01 PM | Attr = ]
nipx.mib -> %System32%\nipx.mib -> [Ver = | Size = 38608 bytes | Created Date = 6/7/2007 7:08:01 PM | Attr = ]
OEMINFO.PNF -> %System32%\OEMINFO.PNF -> [Ver = | Size = 3996 bytes | Created Date = 6/7/2007 6:26:10 PM | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Created Date = 6/7/2007 7:46:07 PM | Attr = ]
rt2500usb.cat -> %System32%\rt2500usb.cat -> [Ver = | Size = 8022 bytes | Created Date = 6/7/2007 6:51:39 PM | Attr = ]
rt2500usb.sys -> %System32%\rt2500usb.sys -> Ralink Technology Inc. [Ver = 2.01.00.0000 | Size = 245376 bytes | Created Date = 6/7/2007 6:51:39 PM | Attr = ]
secupd.dat -> %System32%\secupd.dat -> [Ver = | Size = 4569 bytes | Created Date = 6/7/2007 9:39:47 PM | Attr = ]
secupd.sig -> %System32%\secupd.sig -> [Ver = | Size = 7208 bytes | Created Date = 6/7/2007 9:39:47 PM | Attr = ]
smi.mib -> %System32%\smi.mib -> [Ver = | Size = 4332 bytes | Created Date = 6/7/2007 7:08:01 PM | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Created Date = 6/7/2007 7:35:09 PM | Attr = ]
ssleay32.dll -> %System32%\ssleay32.dll -> [Ver = | Size = 147456 bytes | Created Date = 6/7/2007 4:14:13 PM | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.6 | Size = 428032 bytes | Created Date = 6/10/2007 7:52:29 PM | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 6/10/2007 7:52:28 PM | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 6/10/2007 7:52:28 PM | Attr = ]
vfind.exe -> %System32%\vfind.exe -> [Ver = | Size = 49152 bytes | Created Date = 6/10/2007 7:52:28 PM | Attr = ]
wfospf.mib -> %System32%\wfospf.mib -> [Ver = | Size = 49275 bytes | Created Date = 6/7/2007 7:08:01 PM | Attr = ]
wins.mib -> %System32%\wins.mib -> [Ver = | Size = 26236 bytes | Created Date = 6/7/2007 7:08:01 PM | Attr = ]
WLAN.INI -> %System32%\WLAN.INI -> [Ver = | Size = 1668 bytes | Created Date = 6/7/2007 4:14:05 PM | Attr = ]
WUSB20XP.sys -> %System32%\WUSB20XP.sys -> Cisco-Linksys, LLC. [Ver = 1.0.8 | Size = 339488 bytes | Created Date = 6/7/2007 6:51:39 PM | Attr = ]
WUSB54G.cat -> %System32%\WUSB54G.cat -> [Ver = | Size = 8090 bytes | Created Date = 6/7/2007 6:51:39 PM | Attr = ]
WUSB54GV2.cat -> %System32%\WUSB54GV2.cat -> [Ver = | Size = 7846 bytes | Created Date = 6/7/2007 6:51:39 PM | Attr = ]
WUSBGXP.sys -> %System32%\WUSBGXP.sys -> Cisco-Linksys, LLC. [Ver = 3.00.12 | Size = 374752 bytes | Created Date = 6/7/2007 6:51:39 PM | Attr = ]
XPSViewer -> %System32%\XPSViewer -> [Folder | Created Date = 6/9/2007 3:59:45 PM | Attr = ]
zonedoff.reg -> %System32%\zonedoff.reg -> [Ver = | Size = 113 bytes | Created Date = 6/7/2007 8:58:40 PM | Attr = ]
zonedon.reg -> %System32%\zonedon.reg -> [Ver = | Size = 113 bytes | Created Date = 6/7/2007 8:58:40 PM | Attr = ]
apphelp.sdb -> %System32%\dllcache\apphelp.sdb -> [Ver = | Size = 217118 bytes | Created Date = 6/7/2007 11:28:30 PM | Attr = ]
apph_sp.sdb -> %System32%\dllcache\apph_sp.sdb -> [Ver = | Size = 764868 bytes | Created Date = 6/7/2007 11:28:30 PM | Attr = ]
sysmain.sdb -> %System32%\dllcache\sysmain.sdb -> [Ver = | Size = 1197294 bytes | Created Date = 6/7/2007 11:28:30 PM | Attr = ]
AegisP.sys -> %System32%\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.4.3.0 | Size = 20747 bytes | Created Date = 6/7/2007 6:51:39 PM | Attr = ]
avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Created Date = 6/7/2007 2:57:58 AM | Attr = ]
avg7rsw.sys -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Created Date = 6/7/2007 2:58:04 AM | Attr = ]
avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Created Date = 6/7/2007 2:58:04 AM | Attr = ]
avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 6/7/2007 2:58:06 AM | Attr = ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.447 | Size = 19840 bytes | Created Date = 6/7/2007 2:58:05 AM | Attr = ]
avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Created Date = 6/7/2007 2:58:05 AM | Attr = ]
AWRTPD.sys -> %System32%\drivers\AWRTPD.sys -> Lavasoft AB [Ver = 1.0.0.134 | Size = 6272 bytes | Created Date = 6/4/2007 3:14:56 PM | Attr = ]
AWRTRD.sys -> %System32%\drivers\AWRTRD.sys -> Lavasoft AB [Ver = 7.0.1.2 | Size = 8320 bytes | Created Date = 6/4/2007 3:17:02 PM | Attr = ]
bcm42rly.sys -> %System32%\drivers\bcm42rly.sys -> Broadcom Corporation [Ver = 3.90.30.0 (BROADCOM INTERNAL DRIVER) | Size = 17992 bytes | Created Date = 6/7/2007 6:51:37 PM | Attr = ]
HP_DB282A-ABA 304w_YC_Pavi_QKR2470_E31NAheBLU3_4_IKM266-8235_S_V_BAM37304_T021105_WXH1_L409_M608_J40_7AMD_8Athlon XP 1800+_91.53_1_N10EC8139_P_Z11C1044E_K_A11063059_U11063038_G53338D04_OCyberDrv CW058D CD-R RW_DHWP0503.MRK -> %System32%\drivers\HP_DB282A-ABA 304w_YC_Pavi_QKR2470_E31NAheBLU3_4_IKM266-8235_S_V_BAM37304_T021105_WXH1_L409_M608_J40_7AMD_8Athlon XP 1800+_91.53_1_N10EC8139_P_Z11C1044E_K_A11063059_U11063038_G53338D04_OCyberDrv CW058D CD-R RW_DHWP0503.MRK -> [Ver = | Size = 3440 bytes | Created Date = 6/7/2007 2:40:25 AM | Attr = RHS]
netwlan5.img -> %System32%\drivers\netwlan5.img -> [Ver = | Size = 67866 bytes | Created Date = 6/7/2007 9:39:46 PM | Attr = ]
NSDriver.sys -> %System32%\drivers\NSDriver.sys -> Lavasoft AB [Ver = 1.0.0.0 | Size = 9344 bytes | Created Date = 6/4/2007 3:18:48 PM | Attr = ]
rt2500usb.sys -> %System32%\drivers\rt2500usb.sys -> Ralink Technology Inc. [Ver = 2.01.00.0000 | Size = 245376 bytes | Created Date = 6/7/2007 6:51:39 PM | Attr = ]
UMDF -> %System32%\drivers\UMDF -> [Folder | Created Date = 6/7/2007 11:26:42 PM | Attr = ]
wanatw4.sys -> %System32%\drivers\wanatw4.sys -> America Online, Inc. [Ver = 8.3.0.0 | Size = 33588 bytes | Created Date = 6/7/2007 8:25:31 PM | Attr = R ]
MsftWdf_user_01_00_00.Wdf -> %System32%\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 6/7/2007 11:26:43 PM | Attr = H ]


[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 201 bytes | Modified Date = 6/7/2007 10:05:32 PM | Attr = RHS]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 6/11/2007 5:17:16 PM | Attr = ]
hp -> %SystemDrive%\hp -> [Folder | Modified Date = 6/7/2007 3:26:44 AM | Attr = H ]
i386 -> %SystemDrive%\i386 -> [Folder | Modified Date = 6/7/2007 12:05:24 AM | Attr = ]
Linksys Driver -> %SystemDrive%\Linksys Driver -> [Folder | Modified Date = 6/7/2007 6:51:26 PM | Attr = ]
NTDETECT.COM -> %SystemDrive%\NTDETECT.COM -> [Ver = | Size = 47564 bytes | Modified Date = 6/7/2007 9:54:02 PM | Attr = RHS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 6/13/2007 4:34:24 PM | Attr = R ]
Python25 -> %SystemDrive%\Python25 -> [Folder | Modified Date = 6/7/2007 9:25:48 PM | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 6/10/2007 7:54:26 PM | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 6/11/2007 5:19:48 PM | Attr = HS]
SDFix -> %SystemDrive%\SDFix -> [Folder | Modified Date = 6/11/2007 5:28:34 PM | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 6/7/2007 10:51:16 PM | Attr = HS]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 6/8/2007 6:32:34 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 6/14/2007 8:24:38 AM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 6/12/2007 12:25:54 PM | Attr = H ]
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Modified Date = 6/7/2007 7:45:44 PM | Attr = H ]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 6/7/2007 9:52:16 PM | Attr = H ]
$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 6/9/2007 5:41:26 PM | Attr = H ]
$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 6/9/2007 5:41:14 PM | Attr = H ]
$NtUninstallKB835409$ -> %SystemRoot%\$NtUninstallKB835409$ -> [Folder | Modified Date = 6/7/2007 8:48:12 PM | Attr = H ]
$NtUninstallKB835732$ -> %SystemRoot%\$NtUninstallKB835732$ -> [Folder | Modified Date = 6/7/2007 9:11:56 PM | Attr = H ]
$NtUninstallKB842773$ -> %SystemRoot%\$NtUninstallKB842773$ -> [Folder | Modified Date = 6/7/2007 7:45:10 PM | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Modified Date = 6/7/2007 10:11:16 PM | Attr = H ]
$NtUninstallKB873339_0$ -> %SystemRoot%\$NtUninstallKB873339_0$ -> [Folder | Modified Date = 6/7/2007 9:06:04 PM | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Modified Date = 6/7/2007 10:11:58 PM | Attr = H ]
$NtUninstallKB885835_0$ -> %SystemRoot%\$NtUninstallKB885835_0$ -> [Folder | Modified Date = 6/7/2007 9:15:16 PM | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Modified Date = 6/7/2007 10:12:36 PM | Attr = H ]
$NtUninstallKB885836_0$ -> %SystemRoot%\$NtUninstallKB885836_0$ -> [Folder | Modified Date = 6/7/2007 9:14:46 PM | Attr = H ]
$NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Modified Date = 6/8/2007 3:57:18 PM | Attr = H ]
$NtUninstallKB887472$ -> %SystemRoot%\$NtUninstallKB887472$ -> [Folder | Modified Date = 6/8/2007 4:00:28 PM | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 6/7/2007 10:13:14 PM | Attr = H ]
$NtUninstallKB888302_0$ -> %SystemRoot%\$NtUninstallKB888302_0$ -> [Folder | Modified Date = 6/7/2007 8:53:36 PM | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 6/7/2007 10:13:48 PM | Attr = H ]
$NtUninstallKB890046_0$ -> %SystemRoot%\$NtUninstallKB890046_0$ -> [Folder | Modified Date = 6/7/2007 8:58:20 PM | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Modified Date = 6/7/2007 10:14:24 PM | Attr = H ]
$NtUninstallKB890859_0$ -> %SystemRoot%\$NtUninstallKB890859_0$ -> [Folder | Modified Date = 6/7/2007 8:25:36 PM | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Modified Date = 6/7/2007 10:15:00 PM | Attr = H ]
$NtUninstallKB891781_0$ -> %SystemRoot%\$NtUninstallKB891781_0$ -> [Folder | Modified Date = 6/7/2007 8:59:04 PM | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Modified Date = 6/7/2007 10:15:42 PM | Attr = H ]
$NtUninstallKB893756_0$ -> %SystemRoot%\$NtUninstallKB893756_0$ -> [Folder | Modified Date = 6/7/2007 9:09:00 PM | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Modified Date = 6/7/2007 10:16:18 PM | Attr = H ]
$NtUninstallKB896358_0$ -> %SystemRoot%\$NtUninstallKB896358_0$ -> [Folder | Modified Date = 6/7/2007 9:02:08 PM | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Modified Date = 6/7/2007 10:17:00 PM | Attr = H ]
$NtUninstallKB896423_0$ -> %SystemRoot%\$NtUninstallKB896423_0$ -> [Folder | Modified Date = 6/7/2007 9:07:00 PM | Attr = H ]
$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Modified Date = 6/7/2007 10:17:50 PM | Attr = H ]
$NtUninstallKB896424_0$ -> %SystemRoot%\$NtUninstallKB896424_0$ -> [Folder | Modified Date = 6/7/2007 9:09:30 PM | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Modified Date = 6/7/2007 10:18:36 PM | Attr = H ]
$NtUninstallKB896428_0$ -> %SystemRoot%\$NtUninstallKB896428_0$ -> [Folder | Modified Date = 6/7/2007 8:48:42 PM | Attr = H ]
$NtUninstallKB898458$ -> %SystemRoot%\$NtUninstallKB898458$ -> [Folder | Modified Date = 6/7/2007 9:01:12 PM | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Modified Date = 6/7/2007 7:46:04 PM | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Modified Date = 6/7/2007 10:19:18 PM | Attr = H ]
$NtUninstallKB899587_0$ -> %SystemRoot%\$NtUninstallKB899587_0$ -> [Folder | Modified Date = 6/7/2007 9:18:28 PM | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Modified Date = 6/7/2007 10:20:00 PM | Attr = H ]
$NtUninstallKB899591_0$ -> %SystemRoot%\$NtUninstallKB899591_0$ -> [Folder | Modified Date = 6/7/2007 9:10:32 PM | Attr = H ]
$NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Modified Date = 6/8/2007 4:01:10 PM | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Modified Date = 6/7/2007 10:20:40 PM | Attr = H ]
$NtUninstallKB900725_0$ -> %SystemRoot%\$NtUninstallKB900725_0$ -> [Folder | Modified Date = 6/7/2007 8:53:06 PM | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Modified Date = 6/7/2007 10:21:28 PM | Attr = H ]
$NtUninstallKB901017_0$ -> %SystemRoot%\$NtUninstallKB901017_0$ -> [Folder | Modified Date = 6/7/2007 9:10:58 PM | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Modified Date = 6/7/2007 10:22:08 PM | Attr = H ]
$NtUninstallKB901214_0$ -> %SystemRoot%\$NtUninstallKB901214_0$ -> [Folder | Modified Date = 6/7/2007 8:55:20 PM | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Modified Date = 6/7/2007 10:22:48 PM | Attr = H ]
$NtUninstallKB902400_0$ -> %SystemRoot%\$NtUninstallKB902400_0$ -> [Folder | Modified Date = 6/7/2007 8:59:52 PM | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Modified Date = 6/7/2007 10:23:36 PM | Attr = H ]
$NtUninstallKB904706_0$ -> %SystemRoot%\$NtUninstallKB904706_0$ -> [Folder | Modified Date = 6/7/2007 8:50:08 PM | Attr = H ]
$NtUninstallKB904942$ -> %SystemRoot%\$NtUninstallKB904942$ -> [Folder | Modified Date = 6/9/2007 5:38:36 PM | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Modified Date = 6/7/2007 10:24:10 PM | Attr = H ]
$NtUninstallKB905414_0$ -> %SystemRoot%\$NtUninstallKB905414_0$ -> [Folder | Modified Date = 6/7/2007 8:56:44 PM | Attr = H ]
$NtUninstallKB905495$ -> %SystemRoot%\$NtUninstallKB905495$ -> [Folder | Modified Date = 6/7/2007 9:00:52 PM | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Modified Date = 6/7/2007 10:24:44 PM | Attr = H ]
$NtUninstallKB905749_0$ -> %SystemRoot%\$NtUninstallKB905749_0$ -> [Folder | Modified Date = 6/7/2007 8:49:26 PM | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Modified Date = 6/7/2007 10:25:28 PM | Attr = H ]
$NtUninstallKB908519_0$ -> %SystemRoot%\$NtUninstallKB908519_0$ -> [Folder | Modified Date = 6/7/2007 8:28:14 PM | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Modified Date = 6/7/2007 10:26:02 PM | Attr = H ]
$NtUninstallKB908531_0$ -> %SystemRoot%\$NtUninstallKB908531_0$ -> [Folder | Modified Date = 6/7/2007 8:49:44 PM | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Modified Date = 6/7/2007 10:26:48 PM | Attr = H ]
$NtUninstallKB910437_0$ -> %SystemRoot%\$NtUninstallKB910437_0$ -> [Folder | Modified Date = 6/7/2007 9:01:38 PM | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Modified Date = 6/7/2007 10:27:22 PM | Attr = H ]
$NtUninstallKB911280_0$ -> %SystemRoot%\$NtUninstallKB911280_0$ -> [Folder | Modified Date = 6/7/2007 9:08:32 PM | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Modified Date = 6/7/2007 10:28:00 PM | Attr = H ]
$NtUninstallKB911562_0$ -> %SystemRoot%\$NtUninstallKB911562_0$ -> [Folder | Modified Date = 6/7/2007 9:07:54 PM | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Modified Date = 6/7/2007 9:00:26 PM | Attr = H ]
$NtUninstallKB911565$ -> %SystemRoot%\$NtUninstallKB911565$ -> [Folder | Modified Date = 6/7/2007 10:57:00 PM | Attr = H ]
$NtUninstallKB911567-OE6SP1-20060316.165634$ -> %SystemRoot%\$NtUninstallKB911567-OE6SP1-20060316.165634$ -> [Folder | Modified Date = 6/7/2007 8:50:28 PM | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Modified Date = 6/7/2007 10:28:36 PM | Attr = H ]
$NtUninstallKB911927_0$ -> %SystemRoot%\$NtUninstallKB911927_0$ -> [Folder | Modified Date = 6/7/2007 9:12:32 PM | Attr = H ]
$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Modified Date = 6/7/2007 10:29:08 PM | Attr = H ]
$NtUninstallKB912919_0$ -> %SystemRoot%\$NtUninstallKB912919_0$ -> [Folder | Modified Date = 6/7/2007 8:52:20 PM | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Modified Date = 6/7/2007 10:30:04 PM | Attr = H ]
$NtUninstallKB913580_0$ -> %SystemRoot%\$NtUninstallKB913580_0$ -> [Folder | Modified Date = 6/7/2007 8:49:02 PM | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Modified Date = 6/7/2007 10:30:42 PM | Attr = H ]
$NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Modified Date = 6/7/2007 8:57:32 PM | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Modified Date = 6/7/2007 10:31:26 PM | Attr = H ]
$NtUninstallKB914389_0$ -> %SystemRoot%\$NtUninstallKB914389_0$ -> [Folder | Modified Date = 6/7/2007 8:26:50 PM | Attr = H ]
$NtUninstallKB914440$ -> %SystemRoot%\$NtUninstallKB914440$ -> [Folder | Modified Date = 6/9/2007 5:38:50 PM | Attr = H ]
$NtUninstallKB915865$ -> %SystemRoot%\$NtUninstallKB915865$ -> [Folder | Modified Date = 6/9/2007 5:40:52 PM | Attr = H ]
$NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Modified Date = 6/8/2007 3:57:12 PM | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Modified Date = 6/7/2007 10:32:06 PM | Attr = H ]
$NtUninstallKB917344_0$ -> %SystemRoot%\$NtUninstallKB917344_0$ -> [Folder | Modified Date = 6/7/2007 8:57:08 PM | Attr = H ]
$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Modified Date = 6/7/2007 10:32:46 PM | Attr = H ]
$NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Modified Date = 6/7/2007 8:54:02 PM | Attr = H ]
$NtUninstallKB917734_WMP8$ -> %SystemRoot%\$NtUninstallKB917734_WMP8$ -> [Folder | Modified Date = 6/7/2007 8:56:02 PM | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Modified Date = 6/7/2007 10:33:24 PM | Attr = H ]
$NtUninstallKB917953_0$ -> %SystemRoot%\$NtUninstallKB917953_0$ -> [Folder | Modified Date = 6/7/2007 8:56:22 PM | Attr = H ]
$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Modified Date = 6/8/2007 3:58:12 PM | Attr = H ]
$NtUninstallKB918439-IE6SP1-20060530.145346$ -> %SystemRoot%\$NtUninstallKB918439-IE6SP1-20060530.145346$ -> [Folder | Modified Date = 6/7/2007 9:02:44 PM | Attr = H ]
$NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Modified Date = 6/7/2007 8:50:58 PM | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Modified Date = 6/7/2007 10:34:08 PM | Attr = H ]
$NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Modified Date = 6/7/2007 8:58:00 PM | Attr = H ]
$NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Modified Date = 6/8/2007 3:57:26 PM | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Modified Date = 6/7/2007 10:34:46 PM | Attr = H ]
$NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Modified Date = 6/7/2007 8:59:24 PM | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Modified Date = 6/7/2007 10:35:28 PM | Attr = H ]
$NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Modified Date = 6/7/2007 8:27:30 PM | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Modified Date = 6/7/2007 10:36:02 PM | Attr = H ]
$NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Modified Date = 6/7/2007 9:10:04 PM | Attr = H ]
$NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Modified Date = 6/8/2007 3:58:56 PM | Attr = H ]
$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Modified Date = 6/7/2007 10:36:50 PM | Attr = H ]
$NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Modified Date = 6/7/2007 9:03:20 PM | Attr = H ]
$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Modified Date = 6/7/2007 10:37:38 PM | Attr = H ]
$NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Modified Date = 6/7/2007 9:13:10 PM | Attr = H ]
$NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Modified Date = 6/8/2007 3:58:26 PM | Attr = H ]
$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Modified Date = 6/7/2007 10:38:18 PM | Attr = H ]
$NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Modified Date = 6/7/2007 9:11:28 PM | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Modified Date = 6/7/2007 10:38:54 PM | Attr = H ]
$NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Modified Date = 6/7/2007 9:16:22 PM | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Modified Date = 6/7/2007 10:39:26 PM | Attr = H ]
$NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Modified Date = 6/7/2007 8:54:32 PM | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Modified Date = 6/7/2007 10:40:12 PM | Attr = H ]
$NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Modified Date = 6/7/2007 9:13:44 PM | Attr = H ]
$NtUninstallKB923694$ -> %SystemRoot%\$NtUninstallKB923694$ -> [Folder | Modified Date = 6/8/2007 3:56:54 PM | Attr = H ]
$NtUninstallKB923723$ -> %SystemRoot%\$NtUninstallKB923723$ -> [Folder | Modified Date = 6/8/2007 4:01:36 PM | Attr = H ]
$NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Modified Date = 6/8/2007 4:01:22 PM | Attr = H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Modified Date = 6/7/2007 10:40:54 PM | Attr = H ]
$NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Modified Date = 6/7/2007 9:17:36 PM | Attr = H ]
$NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Modified Date = 6/8/2007 4:00:58 PM | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Modified Date = 6/7/2007 10:41:38 PM | Attr = H ]
$NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Modified Date = 6/7/2007 9:04:36 PM | Attr = H ]
$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Modified Date = 6/8/2007 4:01:16 PM | Attr = H ]
$NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ -> [Folder | Modified Date = 6/8/2007 4:01:52 PM | Attr = H ]
$NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Modified Date = 6/7/2007 9:03:58 PM | Attr = H ]
$NtUninstallKB925720$ -> %SystemRoot%\$NtUninstallKB925720$ -> [Folder | Modified Date = 6/9/2007 4:38:56 PM | Attr = H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Modified Date = 6/8/2007 3:59:16 PM | Attr = H ]
$NtUninstallKB926239$ -> %SystemRoot%\$NtUninstallKB926239$ -> [Folder | Modified Date = 6/7/2007 11:28:54 PM | Attr = H ]
$NtUninstallKB926247$ -> %SystemRoot%\$NtUninstallKB926247$ -> [Folder | Modified Date = 6/8/2007 3:56:16 PM | Attr = H ]
$NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Modified Date = 6/8/2007 3:57:56 PM | Attr = H ]
$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Modified Date = 6/8/2007 3:59:06 PM | Attr = H ]
$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Modified Date = 6/8/2007 4:02:38 PM | Attr = H ]
$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Modified Date = 6/8/2007 4:02:30 PM | Attr = H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Modified Date = 6/8/2007 4:00:46 PM | Attr = H ]
$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Modified Date = 6/8/2007 4:02:18 PM | Attr = H ]
$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Modified Date = 6/8/2007 3:56:02 PM | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 6/12/2007 6:14:38 PM | Attr = H ]
$NtUninstallKB929399$ -> %SystemRoot%\$NtUninstallKB929399$ -> [Folder | Modified Date = 6/8/2007 3:57:46 PM | Attr = H ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Modified Date = 6/8/2007 4:01:58 PM | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Modified Date = 6/8/2007 3:58:46 PM | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Modified Date = 6/8/2007 3:57:06 PM | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Modified Date = 6/8/2007 4:00:52 PM | Attr = H ]
$NtUninstallKB931768$ -> %SystemRoot%\$NtUninstallKB931768$ -> [Folder | Modified Date = 6/8/2007 3:59:46 PM | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Modified Date = 6/8/2007 4:02:06 PM | Attr = H ]
$NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ -> [Folder | Modified Date = 6/8/2007 4:00:38 PM | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Modified Date = 6/9/2007 5:39:02 PM | Attr = H ]
$NtUninstallKB932168_0$ -> %SystemRoot%\$NtUninstallKB932168_0$ -> [Folder | Modified Date = 6/8/2007 3:58:34 PM | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 6/12/2007 6:12:48 PM | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 6/12/2007 6:14:28 PM | Attr = H ]
$NtUninstallMSCompPackV1$ -> %SystemRoot%\$NtUninstallMSCompPackV1$ -> [Folder | Modified Date = 6/7/2007 11:28:22 PM | Attr = H ]
$NtUninstallWIC$ -> %SystemRoot%\$NtUninstallWIC$ -> [Folder | Modified Date = 6/9/2007 3:53:56 PM | Attr = H ]
$NtUninstallWMFDist11$ -> %SystemRoot%\$NtUninstallWMFDist11$ -> [Folder | Modified Date = 6/7/2007 11:27:06 PM | Attr = H ]
$NtUninstallwmp11$ -> %SystemRoot%\$NtUninstallwmp11$ -> [Folder | Modified Date = 6/7/2007 11:27:56 PM | Attr = H ]
$NtUninstallWudf01000$ -> %SystemRoot%\$NtUninstallWudf01000$ -> [Folder | Modified Date = 6/7/2007 11:26:34 PM | Attr = H ]
addins -> %SystemRoot%\addins -> [Folder | Modified Date = 6/7/2007 3:34:56 AM | Attr = ]
AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 6/8/2007 11:02:44 AM | Attr = ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 6/10/2007 1:35:48 AM | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 6/14/2007 3:46:16 PM | Attr = S]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 87552 bytes | Modified Date = 6/5/2007 5:24:04 AM | Attr = ]
checkip.dat -> %SystemRoot%\checkip.dat -> [Ver = | Size = 553 bytes | Modified Date = 6/7/2007 3:14:26 AM | Attr = ]
Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 6/6/2007 11:54:28 PM | Attr = ]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 6/13/2007 12:11:12 PM | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 6/9/2007 6:26:16 PM | Attr = S]
EHome -> %SystemRoot%\EHome -> [Folder | Modified Date = 6/7/2007 9:49:12 PM | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 6/10/2007 7:54:40 PM | Attr = ]
Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 6/9/2007 9:32:58 PM | Attr = R S]
freedom.backup.dat -> %SystemRoot%\freedom.backup.dat -> [Ver = | Size = 7004 bytes | Modified Date = 6/7/2007 8:02:00 PM | Attr = ]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 6/9/2007 6:42:48 PM | Attr = ]
ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 6/9/2007 5:43:46 PM | Attr = H ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 6/12/2007 6:12:10 PM | Attr = ]
ime -> %SystemRoot%\ime -> [Folder | Modified Date = 6/7/2007 10:03:42 PM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 6/13/2007 4:34:50 PM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 6/13/2007 4:34:54 PM | Attr = HS]
iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.0.3 | Size = 720896 bytes | Modified Date = 6/9/2007 4:19:16 PM | Attr = ]
Media -> %SystemRoot%\Media -> [Folder | Modified Date = 6/9/2007 5:44:16 PM | Attr = ]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 6/9/2007 5:18:16 PM | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 6/7/2007 6:21:06 PM | Attr = ]
msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 6/9/2007 6:42:46 PM | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 6/9/2007 5:38:52 PM | Attr = ]
nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 335 bytes | Modified Date = 6/7/2007 8:07:56 PM | Attr = ]
Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Modified Date = 6/6/2007 11:53:14 PM | Attr = R ]
peernet -> %SystemRoot%\peernet -> [Folder | Modified Date = 6/7/2007 10:03:16 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 6/14/2007 6:12:12 PM | Attr = ]
provisioning -> %SystemRoot%\provisioning -> [Folder | Modified Date = 6/7/2007 10:03:16 PM | Attr = ]
QUICKEN.INI -> %SystemRoot%\QUICKEN.INI -> [Ver = | Size = 608 bytes | Modified Date = 6/7/2007 5:57:40 PM | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 6/9/2007 4:31:34 PM | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 6/8/2007 12:49:12 AM | Attr = ]
ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [Folder | Modified Date = 6/7/2007 9:59:04 PM | Attr = ]
SMINST -> %SystemRoot%\SMINST -> [Folder | Modified Date = 6/7/2007 12:01:52 AM | Attr = ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 6/7/2007 7:39:14 PM | Attr = ]
srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 6/7/2007 9:58:44 PM | Attr = ]
Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 6/7/2007 11:34:56 PM | Attr = ]
system -> %SystemRoot%\system -> [Folder | Modified Date = 6/7/2007 9:57:50 PM | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 231 bytes | Modified Date = 6/7/2007 2:34:44 AM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 6/13/2007 4:34:48 PM | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 6/14/2007 6:05:06 PM | Attr = ]
WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 6/9/2007 5:44:44 PM | Attr = ]
Web -> %SystemRoot%\Web -> [Folder | Modified Date = 6/7/2007 9:54:32 PM | Attr = R ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 622 bytes | Modified Date = 6/14/2007 6:11:26 PM | Attr = ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 31 bytes | Modified Date = 6/7/2007 3:23:26 AM | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 6/13/2007 4:34:28 PM | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 6/7/2007 11:27:22 PM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 6/14/2007 3:46:22 PM | Attr = H ]
$winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 993 bytes | Modified Date = 6/7/2007 2:39:00 AM | Attr = ]
amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 6/7/2007 11:28:16 PM | Attr = ]
bits -> %System32%\bits -> [Folder | Modified Date = 6/7/2007 7:45:20 PM | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 6/10/2007 4:52:48 PM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 6/13/2007 4:34:48 PM | Attr = ]
Com -> %System32%\Com -> [Folder | Modified Date = 6/7/2007 10:23:12 PM | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 6/10/2007 7:54:58 PM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 6/12/2007 6:14:40 PM | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 6/10/2007 7:59:48 PM | Attr = ]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 6/13/2007 4:34:48 PM | Attr = ]
en-us -> %System32%\en-us -> [Folder | Modified Date = 6/10/2007 4:52:04 PM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 198552 bytes | Modified Date = 6/10/2007 2:28:50 PM | Attr = ]
ias -> %System32%\ias -> [Folder | Modified Date = 6/6/2007 11:59:08 PM | Attr = ]
icsxml -> %System32%\icsxml -> [Folder | Modified Date = 6/6/2007 11:59:10 PM | Attr = ]
LogFiles -> %System32%\LogFiles -> [Folder | Modified Date = 6/10/2007 7:58:42 PM | Attr = ]
Macromed -> %System32%\Macromed -> [Folder | Modified Date = 6/8/2007 2:59:08 PM | Attr = ]
mapisvc.inf -> %System32%\mapisvc.inf -> [Ver = | Size = 596 bytes | Modified Date = 6/7/2007 3:34:48 AM | Attr = ]
mui -> %System32%\mui -> [Folder | Modified Date = 6/7/2007 10:03:44 PM | Attr = ]
npp -> %System32%\npp -> [Folder | Modified Date = 6/7/2007 9:58:48 PM | Attr = ]
nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 6/7/2007 11:28:16 PM | Attr = ]
OEMINFO.PNF -> %System32%\OEMINFO.PNF -> [Ver = | Size = 3996 bytes | Modified Date = 6/7/2007 6:26:12 PM | Attr = ]
oobe -> %System32%\oobe -> [Folder | Modified Date = 6/7/2007 10:03:46 PM | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 67106 bytes | Modified Date = 6/9/2007 4:37:14 PM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 429374 bytes | Modified Date = 6/9/2007 4:37:14 PM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 487766 bytes | Modified Date = 6/9/2007 4:37:14 PM | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Modified Date = 6/7/2007 7:46:08 PM | Attr = ]
ras -> %System32%\ras -> [Folder | Modified Date = 6/6/2007 11:59:34 PM | Attr = ]
ReinstallBackups -> %System32%\ReinstallBackups -> [Folder | Modified Date = 6/8/2007 3:59:24 PM | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 6/7/2007 9:58:48 PM | Attr = ]
Setup -> %System32%\Setup -> [Folder | Modified Date = 6/7/2007 10:03:44 PM | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Modified Date = 6/7/2007 7:35:10 PM | Attr = ]
spool -> %System32%\spool -> [Folder | Modified Date = 6/9/2007 3:58:40 PM | Attr = ]
usmt -> %System32%\usmt -> [Folder | Modified Date = 6/7/2007 9:57:52 PM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 6/7/2007 10:52:24 PM | Attr = ]
WLAN.INI -> %System32%\WLAN.INI -> [Ver = | Size = 1668 bytes | Modified Date = 6/7/2007 6:51:34 PM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 6/14/2007 6:04:58 PM | Attr = ]
XPSViewer -> %System32%\XPSViewer -> [Folder | Modified Date = 6/9/2007 3:59:46 PM | Attr = ]
AegisP.sys -> %System32%\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.4.3.0 | Size = 20747 bytes | Modified Date = 6/7/2007 6:51:40 PM | Attr = ]
avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Modified Date = 6/7/2007 2:58:00 AM | Attr = ]
avg7rsw.sys -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 6/7/2007 2:58:06 AM | Attr = ]
avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 6/7/2007 2:58:06 AM | Attr = ]
avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 6/7/2007 2:58:08 AM | Attr = ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.447 | Size = 19840 bytes | Modified Date = 6/7/2007 2:58:06 AM | Attr = ]
avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 6/7/2007 2:58:06 AM | Attr = ]
AWRTPD.sys -> %System32%\drivers\AWRTPD.sys -> Lavasoft AB [Ver = 1.0.0.134 | Size = 6272 bytes | Modified Date = 6/4/2007 3:14:56 PM | Attr = ]
AWRTRD.sys -> %System32%\drivers\AWRTRD.sys -> Lavasoft AB [Ver = 7.0.1.2 | Size = 8320 bytes | Modified Date = 6/4/2007 3:17:02 PM | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 6/11/2007 5:22:32 PM | Attr = ]
HP_DB282A-ABA 304w_YC_Pavi_QKR2470_E31NAheBLU3_4_IKM266-8235_S_V_BAM37304_T021105_WXH1_L409_M608_J40_7AMD_8Athlon XP 1800+_91.53_1_N10EC8139_P_Z11C1044E_K_A11063059_U11063038_G53338D04_OCyberDrv CW058D CD-R RW_DHWP0503.MRK -> %System32%\drivers\HP_DB282A-ABA 304w_YC_Pavi_QKR2470_E31NAheBLU3_4_IKM266-8235_S_V_BAM37304_T021105_WXH1_L409_M608_J40_7AMD_8Athlon XP 1800+_91.53_1_N10EC8139_P_Z11C1044E_K_A11063059_U11063038_G53338D04_OCyberDrv CW058D CD-R RW_DHWP0503.MRK -> [Ver = | Size = 3440 bytes | Modified Date = 6/7/2007 2:40:26 AM | Attr = RHS]
NSDriver.sys -> %System32%\drivers\NSDriver.sys -> Lavasoft AB [Ver = 1.0.0.0 | Size = 9344 bytes | Modified Date = 6/4/2007 3:18:48 PM | Attr = ]
UMDF -> %System32%\drivers\UMDF -> [Folder | Modified Date = 6/7/2007 11:27:16 PM | Attr = ]
MsftWdf_user_01_00_00.Wdf -> %System32%\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 6/7/2007 11:26:44 PM | Attr = H ]

[File String Scan - Non-Microsoft Only]
WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.0.34 | Size = 16121856 bytes | Modified Date = 9/20/2004 2:20:44 PM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/29/2002 4:00:00 AM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/29/2002 4:00:00 AM | Attr = ]
UPX! , FSG! , PEC2 , aspack , -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Modified Date = 6/7/2007 2:58:00 AM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/3/2004 9:41:38 PM | Attr = ]

< End of report >

#6 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:34 PM

Posted 16 June 2007 - 06:58 AM

Hi midamah. I don't see any signs of viruses or malware in the WinPFind3u log either. There is a bit of housekeeping that can be done so let's do that while you are here.

Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Driver Services - Non-Microsoft Only]
NY -> (0094) 0094 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\0094.sys
NY -> (2ab3) 2ab3 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\2ab3.sys
NY -> (3d6A) 3d6A [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\3d6A.sys
NY -> (7271A37) 7271A37 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\7271A37.sys
NY -> (7e28) 7e28 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\7e28.sys
NY -> (be4C) be4C [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\be4C.sys
NY -> (c926) c926 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\c926.sys
NY -> (cadB) cadB [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\cadB.sys
NY -> (df77) df77 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\df77.sys
NY -> (ed62) ed62 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Owner\LOCALS~1\Temp\ed62.sys
NY -> (SDDMI2) SDDMI2 [Kernel | On_Demand | Stopped] -> %System32%\DDMI2.sys
[Registry - Non-Microsoft Only]
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
YN -> {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\{10134636-E7AF-4AC5-A1DC-C7C44BB97D81} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
YN -> {e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here and I will review it when it comes back in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#7 midamah

midamah
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:34 PM

Posted 16 June 2007 - 09:31 PM

[Driver Services - Non-Microsoft Only]
Service 0094 stopped successfully.
Service 0094 deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\0094.sys not found.
Service 2ab3 stopped successfully.
Service 2ab3 deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\2ab3.sys not found.
Service 3d6A stopped successfully.
Service 3d6A deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\3d6A.sys not found.
Service 7271A37 stopped successfully.
Service 7271A37 deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\7271A37.sys not found.
Service 7e28 stopped successfully.
Service 7e28 deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\7e28.sys not found.
Service be4C stopped successfully.
Service be4C deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\be4C.sys not found.
Service c926 stopped successfully.
Service c926 deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\c926.sys not found.
Service cadB stopped successfully.
Service cadB deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\cadB.sys not found.
Service df77 stopped successfully.
Service df77 deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\df77.sys not found.
Service ed62 stopped successfully.
Service ed62 deleted successfully.
File C:\DOCUME~1\Owner\LOCALS~1\Temp\ed62.sys not found.
Service SDDMI2 stopped successfully.
Service SDDMI2 deleted successfully.
File C:\WINDOWS\SYSTEM32\DDMI2.sys not found.
[Registry - Non-Microsoft Only]
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045} deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{10134636-E7AF-4AC5-A1DC-C7C44BB97D81} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} deleted successfully.
< End of log >
Created on 06/16/2007 18:30:27

#8 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:34 PM

Posted 17 June 2007 - 07:48 AM

Hi midamah. That all looks good.

The HijackThis forum deals exclusively with virus and malware issues. HijackThis does not have the capability to analyze performance, hardware or application issues. If there are still issues with the keyboard and display I would suggest posting to the The techs in that forum specialize in matters pertaining to hardware issues. Let them know that you have been to this forum and that no malware was found.

When posting to any other forum, do not post a HijackThis log or the post will simply be moved back to this forum for infection analysis. That is what HijackThis is used for and that is what we specialize in here in this forum.

Also, when posting in any other forum for assistance, give as much detail as possible regarding any issues that are occurring. The more information they have, the better the techs can analyze the issue and make any recommendations for resolving it.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#9 midamah

midamah
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:34 PM

Posted 17 June 2007 - 03:55 PM

Thank you for your help!

#10 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:34 PM

Posted 18 June 2007 - 03:23 PM

You are welcome midamah. I will now close this topic. If you have any future malware related questions or issues please start a new topic.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users