system
24
[Files/Folders - Created Within 30 days]
SDFix → %SystemDrive%\SDFix → [Folder | Created Date = 10/16/2007 9:00:38 PM | Attr = ]
SDFix.zip → %SystemDrive%\SDFix.zip → [Ver = | Size = 1346060 bytes | Created Date = 10/16/2007 10:30:09 PM | Attr = ]
$NtUninstallKB922120$ → %SystemRoot%$NtUninstallKB922120$ → [Folder | Created Date = 10/5/2007 7:11:30 PM | Attr = H ]
$NtUninstallKB933729$ → %SystemRoot%$NtUninstallKB933729$ → [Folder | Created Date = 10/10/2007 10:13:12 PM | Attr = H ]
$NtUninstallKB939653$ → %SystemRoot%$NtUninstallKB939653$ → [Folder | Created Date = 10/10/2007 10:11:30 PM | Attr = H ]
$NtUninstallKB941202$ → %SystemRoot%$NtUninstallKB941202$ → [Folder | Created Date = 10/10/2007 10:09:57 PM | Attr = H ]
winshow.exe → %SystemRoot%\winshow.exe → [Ver = 23.03.0020 | Size = 35328 bytes | Created Date = 10/20/2007 4:51:38 PM | Attr = ]
bcwhocfi.exe → %System32%\bcwhocfi.exe → [Ver = | Size = 75328 bytes | Created Date = 1/1/1601 6:00:00 AM | Attr = ]
fnajvskc.ini → %System32%\fnajvskc.ini → [Ver = | Size = 693911 bytes | Created Date = 10/20/2007 2:22:48 PM | Attr = HS]
lrfqotyx.ini → %System32%\lrfqotyx.ini → [Ver = | Size = 694030 bytes | Created Date = 10/21/2007 8:57:48 AM | Attr = HS]
rrutv.bak2 → %System32%\rrutv.bak2 → [Ver = | Size = 641284 bytes | Created Date = 10/21/2007 3:26:34 AM | Attr = HS]
xytoqfrl.dll → %System32%\xytoqfrl.dll → [Ver = | Size = 83008 bytes | Created Date = 10/21/2007 8:57:48 AM | Attr = ]
AvgAsCln.sys → %System32%\drivers\AvgAsCln.sys → GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 10/14/2007 6:45:17 PM | Attr = ]
[Files/Folders - Modified Within 30 days]
avenger → %SystemDrive%\avenger → [Folder | Modified Date = 10/15/2007 8:23:18 PM | Attr = ]
boot.ini → %SystemDrive%\boot.ini → [Ver = | Size = 209 bytes | Modified Date = 10/20/2007 6:41:56 PM | Attr = RHS]
Config.Msi → %SystemDrive%\Config.Msi → [Folder | Modified Date = 9/23/2007 11:00:48 AM | Attr = H ]
Program Files → %ProgramFiles% → [Folder | Modified Date = 10/14/2007 7:44:58 PM | Attr = R ]
SDFix → %SystemDrive%\SDFix → [Folder | Modified Date = 10/15/2007 7:33:38 PM | Attr = ]
SDFix.zip → %SystemDrive%\SDFix.zip → [Ver = | Size = 1346060 bytes | Modified Date = 10/16/2007 11:30:12 PM | Attr = ]
System Volume Information → %SystemDrive%\System Volume Information → [Folder | Modified Date = 10/17/2007 7:11:50 PM | Attr = HS]
WINDOWS → %SystemRoot% → [Folder | Modified Date = 10/21/2007 10:15:24 AM | Attr = ]
$hf_mig$ → %SystemRoot%$hf_mig$ → [Folder | Modified Date = 10/10/2007 11:13:10 PM | Attr = H ]
$NtUninstallKB922120$ → %SystemRoot%$NtUninstallKB922120$ → [Folder | Modified Date = 10/5/2007 8:11:32 PM | Attr = H ]
$NtUninstallKB933729$ → %SystemRoot%$NtUninstallKB933729$ → [Folder | Modified Date = 10/10/2007 11:13:14 PM | Attr = H ]
$NtUninstallKB939653$ → %SystemRoot%$NtUninstallKB939653$ → [Folder | Modified Date = 10/10/2007 11:11:40 PM | Attr = H ]
$NtUninstallKB941202$ → %SystemRoot%$NtUninstallKB941202$ → [Folder | Modified Date = 10/10/2007 11:09:58 PM | Attr = H ]
assembly → %SystemRoot%\assembly → [Folder | Modified Date = 9/23/2007 10:50:36 AM | Attr = R S]
bootstat.dat → %SystemRoot%\bootstat.dat → [Ver = | Size = 2048 bytes | Modified Date = 10/21/2007 10:13:10 AM | Attr = S]
cookies.ini → %SystemRoot%\cookies.ini → [Ver = | Size = 2021 bytes | Modified Date = 10/21/2007 9:58:12 AM | Attr = ]
Help → %SystemRoot%\Help → [Folder | Modified Date = 10/11/2007 11:08:44 PM | Attr = ]
imsins.BAK → %SystemRoot%\imsins.BAK → [Ver = | Size = 1393 bytes | Modified Date = 10/10/2007 11:13:08 PM | Attr = ]
inf → %SystemRoot%\inf → [Folder | Modified Date = 10/10/2007 11:13:32 PM | Attr = H ]
Installer → %SystemRoot%\Installer → [Folder | Modified Date = 9/23/2007 10:44:24 AM | Attr = HS]
Microsoft.NET → %SystemRoot%\Microsoft.NET → [Folder | Modified Date = 9/23/2007 10:48:10 AM | Attr = ]
netdet.ini → %SystemRoot%\netdet.ini → [Ver = | Size = 520 bytes | Modified Date = 10/8/2007 10:59:26 PM | Attr = ]
Prefetch → %SystemRoot%\Prefetch → [Folder | Modified Date = 10/21/2007 10:50:02 AM | Attr = ]
pss → %SystemRoot%\pss → [Folder | Modified Date = 10/16/2007 11:23:10 PM | Attr = ]
QTFont.qfn → %SystemRoot%\QTFont.qfn → [Ver = | Size = 54156 bytes | Modified Date = 10/9/2007 5:23:46 PM | Attr = H ]
system.ini → %SystemRoot%\system.ini → [Ver = | Size = 435 bytes | Modified Date = 10/20/2007 6:41:56 PM | Attr = ]
system32 → %System32% → [Folder | Modified Date = 10/21/2007 10:55:32 AM | Attr = ]
Tasks → %SystemRoot%\Tasks → [Folder | Modified Date = 10/20/2007 3:53:42 PM | Attr = S]
Temp → %SystemRoot%\Temp → [Folder | Modified Date = 10/21/2007 10:17:06 AM | Attr = ]
Thumbs.db → %SystemRoot%\Thumbs.db → [Ver = | Size = 73216 bytes | Modified Date = 10/11/2007 8:56:02 PM | Attr = HS]
@Alternate Data Stream - 0 bytes → %SystemRoot%\Thumbs.db:encryptable →
win.ini → %SystemRoot%\win.ini → [Ver = | Size = 730 bytes | Modified Date = 10/20/2007 6:41:56 PM | Attr = ]
winshow.exe → %SystemRoot%\winshow.exe → [Ver = 23.03.0020 | Size = 35328 bytes | Modified Date = 10/4/2007 12:19:48 AM | Attr = ]
WinSxS → %SystemRoot%\WinSxS → [Folder | Modified Date = 9/23/2007 10:39:30 AM | Attr = ]
SA.DAT → %SystemRoot%\tasks\SA.DAT → [Ver = | Size = 6 bytes | Modified Date = 10/21/2007 10:14:02 AM | Attr = H ]
Win_Update_Program.job → %SystemRoot%\tasks\Win_Update_Program.job → [Ver = | Size = 222 bytes | Modified Date = 10/21/2007 10:00:00 AM | Attr = ]
bcwhocfi.exe → %System32%\bcwhocfi.exe → [Ver = | Size = 75328 bytes | Modified Date = 10/21/2007 9:57:28 AM | Attr = ]
CatRoot2 → %System32%\CatRoot2 → [Folder | Modified Date = 10/18/2007 5:17:24 AM | Attr = ]
dllcache → %System32%\dllcache → [Folder | Modified Date = 10/17/2007 10:31:40 PM | Attr = RHS]
drivers → %System32%\drivers → [Folder | Modified Date = 10/15/2007 8:23:22 PM | Attr = ]
fnajvskc.ini → %System32%\fnajvskc.ini → [Ver = | Size = 693911 bytes | Modified Date = 10/21/2007 9:53:48 AM | Attr = HS]
FNTCACHE.DAT → %System32%\FNTCACHE.DAT → [Ver = | Size = 376056 bytes | Modified Date = 9/22/2007 5:00:14 AM | Attr = ]
lrfqotyx.ini → %System32%\lrfqotyx.ini → [Ver = | Size = 694030 bytes | Modified Date = 10/21/2007 10:17:36 AM | Attr = HS]
perfc009.dat → %System32%\perfc009.dat → [Ver = | Size = 63166 bytes | Modified Date = 9/23/2007 10:42:22 AM | Attr = ]
perfh009.dat → %System32%\perfh009.dat → [Ver = | Size = 403604 bytes | Modified Date = 9/23/2007 10:42:22 AM | Attr = ]
PerfStringBackup.INI → %System32%\PerfStringBackup.INI → [Ver = | Size = 457498 bytes | Modified Date = 9/23/2007 10:42:22 AM | Attr = ]
Restore → %System32%\Restore → [Folder | Modified Date = 10/17/2007 7:11:50 PM | Attr = ]
rrutv.bak2 → %System32%\rrutv.bak2 → [Ver = | Size = 641284 bytes | Modified Date = 10/21/2007 4:26:36 AM | Attr = HS]
rrutv.ini → %System32%\rrutv.ini → [Ver = | Size = 642589 bytes | Modified Date = 10/21/2007 10:55:42 AM | Attr = HS]
wpa.dbl → %System32%\wpa.dbl → [Ver = | Size = 1158 bytes | Modified Date = 10/5/2007 10:09:30 PM | Attr = ]
xytoqfrl.dll → %System32%\xytoqfrl.dll → [Ver = | Size = 83008 bytes | Modified Date = 10/21/2007 9:57:50 AM | Attr = ]
HpUsbPVR → %System32%\drivers\HpUsbPVR → [Folder | Modified Date = 10/7/2007 11:55:42 AM | Attr = ]
[File String Scan - Non-Microsoft Only]
@Alternate Data Stream - 0 bytes → %SystemDrive%\Thumbs.db:encryptable →
Thawte Consulting , → %SystemRoot%\HPBroker.dll → [Ver = 1, 0, 0, 18 | Size = 91848 bytes | Modified Date = 11/17/2006 11:34:40 AM | Attr = ]
@Alternate Data Stream - 0 bytes → %SystemRoot%\Thumbs.db:encryptable →
UPX! , UPX0 , → %System32%\aswBoot.exe → ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 801144 bytes | Modified Date = 9/6/2007 5:09:50 AM | Attr = ]
PEC2 , → %System32%\dfrg.msc → [Ver = | Size = 41397 bytes | Modified Date = 7/30/2003 11:00:00 PM | Attr = ]
PEC2 , PECompact2 , → %System32%\DivX.dll → DivX, Inc. [Ver = 6.6.1.4 | Size = 740442 bytes | Modified Date = 7/25/2007 9:50:22 PM | Attr = ]
PTech , → %System32%\LegitCheckControl.DLL → Microsoft® Corporation [Ver = 1.3.0272.0 | Size = 520968 bytes | Modified Date = 8/29/2005 2:27:12 PM | Attr = ]
aspack , → %System32%\LibHupSink.dll → [Ver = | Size = 206848 bytes | Modified Date = 8/27/2006 2:22:24 PM | Attr = ]
@Alternate Data Stream - 0 bytes → %System32%\Thumbs.db:encryptable →
winsync , → %System32%\wbdbase.deu → [Ver = | Size = 1309184 bytes | Modified Date = 7/30/2003 11:00:00 PM | Attr = ]
Thawte Consulting , → %System32%\XceedZip.dll → Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com [Ver = 4.5.77.0 | Size = 397856 bytes | Modified Date = 10/29/2001 9:44:36 AM | Attr = R ]
Thawte Consulting , → %System32%\xupload.ocx → Persits Software, Inc. [Ver = 2, 1, 0, 0 | Size = 227672 bytes | Modified Date = 11/22/2000 12:47:08 PM | Attr = ]
MZKERNEL32.DLL , → %System32%\zfkhggn.exe → [Ver = | Size = 49816 bytes | Modified Date = 5/9/2005 7:02:04 PM | Attr = ]
WSUD , UPX0 , → %System32%\dllcache\hwxjpn.dll → [Ver = | Size = 13463552 bytes | Modified Date = 7/30/2003 3:00:00 PM | Attr = ]
PTech , → %System32%\drivers\mtlstrm.sys → Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/3/2004 10:41:38 PM | Attr = ]
< End of report >
