The first two were debated in some forums but seem to be okay, I posted them anyway for another opinion... the other two, I'm not so sure they are safe.
All of these show up on the sysinternals forums and do not seem to be a problem. I am surprised that these are the only things that showed up on your scan. I usually get a much longer list.
thx for the replies guys, I restarted my comp and ran it again just as an experiment to see if I would find the same results... to my surprise I lost one discrepancy and got 3 more, this is what it found this time:
HKLM\SECURITY\Policy\Secrets\SAC* 7/23/2009 1:03 AM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 7/23/2009 1:03 AM 0 bytes Key name contains embedded nulls (*)
C:\System Volume Information\_restore{CD7812B2-54EA-4CA5-B653-B5CC553F7844}\RP40\A0004964.ini 8/14/2009 3:16 PM 2.67 KB Hidden from Windows API.
C:\System Volume Information\_restore{CD7812B2-54EA-4CA5-B653-B5CC553F7844}\RP40\A0004965.INI 8/14/2009 3:16 PM 497.03 KB Hidden from Windows API.
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp .edb 8/14/2009 3:32 PM 64.00 KB Visible in Windows API, but not in MFT or directory index.
C:\WINDOWS\system32\wbem\Logs\wmiprov.log 8/14/2009 3:42 PM 513 bytes Hidden from Windows API.
Are these still all safe? Why would it show inconsistent results? I may have ran CCleaner the first time around... very curious if this is normal.
