[code] WinPFind35 logfile created on: 2/17/2008 7:24:19 PM WinPFind35U Version Beta52 Folder = C:\Documents and Settings\Kenny\Desktop\WinPFind35u Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 76.22% Memory free 3.85 Gb Paging File | 3.55 Gb Available in Paging File | 92.29% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 298.08 Gb Total Space | 204.76 Gb Free Space | 68.69% Space Free | Partition Type: NTFS Drive D: | 3.64 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KENNY-7A9CBA8ED Current User Name: Kenny Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] lxdjamon.exe -> %ProgramFiles%\Lexmark 1400 Series\lxdjamon.exe -> [Ver = 1.0.2676.13196 | Size = 20480 bytes | Modified Date = 4/30/2007 7:19:54 AM | Attr = ] setpoint.exe -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> Logitech Inc. [Ver = 4.00.121 | Size = 692224 bytes | Modified Date = 4/23/2007 3:00:00 AM | Attr = ] khalmnpr.exe -> %CommonProgramFiles%\Logitech\KhalShared\KHALMNPR.exe -> Logitech Inc. [Ver = 4.00.101 | Size = 56080 bytes | Modified Date = 4/11/2007 2:32:22 PM | Attr = ] lxdjcoms.exe -> %SystemRoot%\system32\lxdjcoms.exe -> [Ver = 1.62.50.0 | Size = 537520 bytes | Modified Date = 6/11/2007 10:18:00 AM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] pnkbstra.exe -> %SystemRoot%\system32\pnkbstra.exe -> [Ver = | Size = 66872 bytes | Modified Date = 12/14/2007 12:24:50 AM | Attr = ] pnkbstrb.exe -> %SystemRoot%\system32\PnkBstrB.exe -> [Ver = | Size = 107832 bytes | Modified Date = 1/24/2008 1:10:24 AM | Attr = ] ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 504104 bytes | Modified Date = 1/15/2008 3:22:44 AM | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309760 bytes | Modified Date = 2/16/2008 1:03:26 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (Apple Mobile Device) Apple Mobile Device [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 9/4/2007 6:04:36 PM | Attr = ] (Bonjour Service) Bonjour Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> File not found (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] (FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 654848 bytes | Modified Date = 7/9/2007 1:14:57 AM | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/3/2005 11:41:10 PM | Attr = ] (iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 504104 bytes | Modified Date = 1/15/2008 3:22:44 AM | Attr = ] (lxdjCATSCustConnectService) lxdjCATSCustConnectService [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\spool\drivers\w32x86\3\lxdjserv.exe -> Lexmark International, Inc. [Ver = 1.42.0.22 | Size = 99248 bytes | Modified Date = 6/11/2007 10:17:46 AM | Attr = ] (lxdj_device) lxdj_device [Win32_Own | Auto | Running] -> %SystemRoot%\system32\lxdjcoms.exe -> [Ver = 1.62.50.0 | Size = 537520 bytes | Modified Date = 6/11/2007 10:18:00 AM | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] (PcCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 14\PcCtlCom.exe -> Trend Micro Inc. [Ver = 14.60.0.1195 | Size = 1472104 bytes | Modified Date = 11/21/2006 12:58:40 PM | Attr = ] (PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\system32\pnkbstra.exe -> [Ver = | Size = 66872 bytes | Modified Date = 12/14/2007 12:24:50 AM | Attr = ] (PnkBstrB) PnkBstrB [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrB.exe -> [Ver = | Size = 107832 bytes | Modified Date = 1/24/2008 1:10:24 AM | Attr = ] (TabletServicePen) TabletServicePen [Win32_Own | Disabled | Stopped] -> %SystemRoot%\system32\Pen_Tablet.exe -> Wacom Technology, Corp. [Ver = 5.0.5-7 | Size = 1373480 bytes | Modified Date = 9/7/2007 11:16:18 AM | Attr = ] (Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 14\Tmntsrv.exe -> Trend Micro Inc. [Ver = 14.60.0.1180 | Size = 345696 bytes | Modified Date = 9/18/2006 2:50:00 PM | Attr = ] (TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 14\TmPfw.exe -> Trend Micro Inc. [Ver = 2.6.0.1050 | Size = 923216 bytes | Modified Date = 11/9/2006 3:03:42 PM | Attr = ] (tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 14\tmproxy.exe -> Trend Micro Inc. [Ver = 2.1.0.1050 | Size = 566872 bytes | Modified Date = 11/9/2006 3:04:02 PM | Attr = ] (TuneUp.Defrag) TuneUp Drive Defrag Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.0.0.9 | Size = 306432 bytes | Modified Date = 2/2/2008 6:43:49 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> lxdjamon -> %ProgramFiles%\Lexmark 1400 Series\lxdjamon.exe -> [Ver = 1.0.2676.13196 | Size = 20480 bytes | Modified Date = 4/30/2007 7:19:54 AM | Attr = ] NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 8523776 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] pccguide.exe -> %ProgramFiles%\Trend Micro\Internet Security 14\pccguide.exe -> Trend Micro Inc. [Ver = 14.60.0.1195 | Size = 1807960 bytes | Modified Date = 11/21/2006 1:02:24 PM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> Logitech Inc. [Ver = 4.00.121 | Size = 692224 bytes | Modified Date = 4/23/2007 3:00:00 AM | Attr = ] < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Kenny Startup Folder > -> C:\Documents and Settings\Kenny\Start Menu\Programs\Startup -> < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003] > -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.mss [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> C:\WINDOWS\Resources\Themes\Royale.the [C:\WINDOWS\Resources\Themes\Royale.theme] -> File not found < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003] > -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < HOSTS File > (228306 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_CURRENT_USER\: Main\\Start Page -> about:blank -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> HKEY_CURRENT_USER\: ProxyOverride -> *.local -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\] > -> -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\: Main\\Start Page -> about:blank -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\: ProxyEnable -> 0 -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\: ProxyOverride -> *.local -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4200 domain(s) found. -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6310 domain(s) found. -> 40 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4208 domain(s) found. -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4208 domain(s) found. -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4195 domain(s) found. -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4195 domain(s) found. -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\] > -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6310 domain(s) found. -> 40 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\] > -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-602162358-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 10:08:42 PM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 7/12/2007 3:00:35 AM | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 7/12/2007 3:00:35 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 7/12/2007 3:00:35 AM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {6BAD7EBD-8E5F-42DC-927F-99B7670EE650} -> (NVIDIA nForce Networking Controller) -> {B4194C11-0BED-47FD-969D-57C70E5E1EB0} -> (1394 Net Adapter) -> {DBE2C60A-D7D9-4A90-956D-26A0C658F201} -> () -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> File not found < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {215B8138-A3CF-44C5-803F-8226143CFC0A}[HKEY_LOCAL_MACHINE] -> http://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab[Trend Micro ActiveX Scan Agent 6.6] -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 6/15/2005 12:49:30 PM | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 9:21:15 AM | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 3/23/2006 11:37:50 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 1252 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> C:\WINDOWS\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 249092 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 7:44:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> Microsoft Corporation [Ver = 8.1.0178.00 | Size = 5674352 bytes | Modified Date = 7/6/2007 12:59:06 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> Microsoft Corporation [Ver = 1.1.161.0 | Size = 297752 bytes | Modified Date = 1/4/2007 3:10:02 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Lexmark 1400 Series\app4r.exe -> C:\Program Files\Lexmark 1400 Series\App4R.exe [C:\Program Files\Lexmark 1400 Series\App4R.exe:*:Enabled:Printing Application] -> [Ver = 1.31.0.1 | Size = 29360 bytes | Modified Date = 6/20/2007 6:28:46 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 7:44:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\utorrent.exe -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent] -> [Ver = | Size = 219952 bytes | Modified Date = 2/1/2008 5:40:54 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> Microsoft Corporation [Ver = 8.1.0178.00 | Size = 5674352 bytes | Modified Date = 7/6/2007 12:59:06 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> Microsoft Corporation [Ver = 1.1.161.0 | Size = 297752 bytes | Modified Date = 1/4/2007 3:10:02 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Steam\Steam.exe -> C:\Program Files\Steam\Steam.exe [C:\Program Files\Steam\Steam.exe:*:Enabled:Steam Client] -> Valve Corporation [Ver = 1.0.0.0 | Size = 1266936 bytes | Modified Date = 11/29/2007 10:24:14 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\lxdjcoms.exe -> C:\WINDOWS\system32\lxdjcoms.exe [C:\WINDOWS\system32\lxdjcoms.exe:*:Enabled:Lexmark Communications System] -> [Ver = 1.62.50.0 | Size = 537520 bytes | Modified Date = 6/11/2007 10:18:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Lexmark 1400 Series\lxdjamon.exe -> C:\Program Files\Lexmark 1400 Series\lxdjamon.exe [C:\Program Files\Lexmark 1400 Series\lxdjamon.exe:*:Enabled:Lexmark Device Monitor] -> [Ver = 1.0.2676.13196 | Size = 20480 bytes | Modified Date = 4/30/2007 7:19:54 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Lexmark 1400 Series\App4r.exe -> C:\Program Files\Lexmark 1400 Series\App4R.exe [C:\Program Files\Lexmark 1400 Series\App4r.exe:*:Enabled:Lexmark Imaging Studio] -> [Ver = 1.31.0.1 | Size = 29360 bytes | Modified Date = 6/20/2007 6:28:46 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\lxdjcfg.exe -> C:\WINDOWS\system32\lxdjcfg.exe [C:\WINDOWS\system32\lxdjcfg.exe:*:Enabled: ] -> [Ver = 1.62.50.0 | Size = 394160 bytes | Modified Date = 6/11/2007 10:17:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe -> C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe [C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2] -> [Ver = | Size = 8404081 bytes | Modified Date = 4/17/2007 6:40:22 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\EA GAMES\Battlefield 2\BF2.exe -> C:\Program Files\EA GAMES\Battlefield 2\BF2.exe [C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2] -> [Ver = | Size = 7574463 bytes | Modified Date = 9/26/2006 4:53:22 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\pnkbstra.exe -> C:\WINDOWS\system32\pnkbstra.exe [C:\WINDOWS\system32\pnkbstra.exe:*:Enabled:PnkBstrA] -> [Ver = | Size = 66872 bytes | Modified Date = 12/14/2007 12:24:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\PnkBstrB.exe -> C:\WINDOWS\system32\PnkBstrB.exe [C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB] -> [Ver = | Size = 107832 bytes | Modified Date = 1/24/2008 1:10:24 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> Microsoft Corporation [Ver = 4.7.3001 | Size = 1694208 bytes | Modified Date = 10/13/2004 11:24:37 AM | Attr = HS] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\id Software\Enemy Territory - QUAKE Wars\etqwded.exe -> C:\Program Files\id Software\Enemy Territory - QUAKE Wars\etqwded.exe [C:\Program Files\id Software\Enemy Territory - QUAKE Wars\etqwded.exe:*:Enabled:etqwded.exe] -> Splash Damage, Ltd. [Ver = 1.2.11308.32568 | Size = 4883696 bytes | Modified Date = 10/24/2007 8:14:12 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Lexmark 1400 Series\Wireless\lxdjwpss.exe -> C:\Program Files\Lexmark 1400 Series\Wireless\lxdjwpss.exe [C:\Program Files\Lexmark 1400 Series\Wireless\lxdjwpss.exe:*:Enabled: ] -> Lexmark International, Inc. [Ver = 1.0.0.1 | Size = 3756720 bytes | Modified Date = 6/20/2007 6:29:56 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe -> C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe [C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) ] -> [Ver = | Size = 3334144 bytes | Modified Date = 12/17/2007 7:33:02 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\id Software\Enemy Territory - QUAKE Wars\etqw.exe -> C:\Program Files\id Software\Enemy Territory - QUAKE Wars\etqw.exe [C:\Program Files\id Software\Enemy Territory - QUAKE Wars\etqw.exe:*:Enabled:Enemy Territory - QUAKE Wars(TM) ] -> Splash Damage, Ltd. [Ver = 1.2.11308.32568 | Size = 5076208 bytes | Modified Date = 10/24/2007 8:11:30 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> Apple Inc. [Ver = 7.6.0.29 | Size = 19926824 bytes | Modified Date = 1/15/2008 3:22:48 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Atari\ArmA\arma.exe -> C:\Program Files\Atari\ArmA\arma.exe [C:\Program Files\Atari\ArmA\arma.exe:*:Enabled:ArmA] -> Bohemia Interactive [Ver = 1.08 | Size = 10870784 bytes | Modified Date = 1/18/2008 9:16:42 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjpswx.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjpswx.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjpswx.exe:*:Enabled: ] -> [Ver = 4.0.128.0 | Size = 291760 bytes | Modified Date = 6/11/2007 10:17:56 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjjswx.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjjswx.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjjswx.exe:*:Enabled: ] -> [Ver = 4.0.128.0 | Size = 398256 bytes | Modified Date = 6/11/2007 10:17:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjtime.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjtime.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjtime.exe:*:Enabled: ] -> Lexmark International, Inc. [Ver = 1.42.0.22 | Size = 82864 bytes | Modified Date = 6/11/2007 10:17:52 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll [1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Description -> Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 11:39:49 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DisplayName -> Remote Registry -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k LocalService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ObjectName -> NT AUTHORITY\LocalService -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Group -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\FailureActions -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\\ServiceDll -> C:\WINDOWS\system32\regsvc.dll [%SystemRoot%\system32\regsvc.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\0 -> Root\LEGACY_REMOTEREGISTRY\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Type -> 16 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 4 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ImagePath -> C:\WINDOWS\system32\tlntsvr.exe [C:\WINDOWS\system32\tlntsvr.exe] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73216 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DisplayName -> Telnet -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 11:39:49 PM | Attr = ] TCPIP -> -> File not found NTLMSSP -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Description -> Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> < Disabled MSConfig Services [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services -> Apple Mobile Device -> -> Bonjour Service -> -> iPod Service -> -> Microsoft Office Groove Audit Service -> -> odserv -> -> ose -> -> TabletServicePen -> -> usnjsvc -> -> WMPNetworkSvc -> -> < Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk -> %SystemDrive%\PROGRA~1\MICROS~2\Office\OSA9.EXE -> File not found C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk -> %SystemDrive%\PROGRA~1\COMMON~1\MICROS~1\WORKSS~1\wkcalrem.exe -> File not found C:^Documents and Settings^Kenny^Start Menu^Programs^Startup^MEMonitor.lnk -> %ProgramFiles%\Verizon Wireless\V CAST Music Manager\MEMonitor.exe -> Smith Micro Software, Inc. [Ver = 1.1.0 | Size = 951640 bytes | Modified Date = 11/7/2007 9:29:27 AM | Attr = ] < Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_SL.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 10/10/2007 7:51:55 PM | Attr = ] Aim6 hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found [Files/Folders - Created Within 90 days] NVIDIA -> %SystemDrive%\NVIDIA -> [Folder | Created Date = 12/24/2007 6:46:28 PM | Attr = ] nv4_disp.dll -> %SystemRoot%\System32\dllcache\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 5773568 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nv4_mini.sys -> %SystemRoot%\System32\dllcache\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] lgusbbus.sys -> %SystemRoot%\System32\drivers\lgusbbus.sys -> LG Electronics Inc. [Ver = Ver 4.8.0 | Size = 12672 bytes | Modified Date = 4/9/2007 9:53:24 AM | Attr = ] lgusbdiag.sys -> %SystemRoot%\System32\drivers\lgusbdiag.sys -> LG Electronics Inc. [Ver = Ver 4.8.0 | Size = 21248 bytes | Modified Date = 4/9/2007 9:56:22 AM | Attr = ] lgusbmodem.sys -> %SystemRoot%\System32\drivers\lgusbmodem.sys -> LG Electronics Inc. [Ver = Ver 4.8.0 | Size = 22912 bytes | Modified Date = 4/9/2007 9:55:08 AM | Attr = ] nv4_mini.sys -> %SystemRoot%\System32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] wacommousefilter.sys -> %SystemRoot%\System32\drivers\wacommousefilter.sys -> Wacom Technology [Ver = 1.2.0002.0 | Size = 11312 bytes | Modified Date = 2/16/2007 11:12:36 AM | Attr = ] wacomvhid.sys -> %SystemRoot%\System32\drivers\wacomvhid.sys -> Wacom Technology [Ver = 2.8.0000.0 | Size = 12848 bytes | Modified Date = 2/16/2007 10:30:12 AM | Attr = ] WacomVKHid.sys -> %SystemRoot%\System32\drivers\WacomVKHid.sys -> Wacom Technology [Ver = 1.1.0000.0 | Size = 11440 bytes | Modified Date = 2/15/2007 4:11:28 PM | Attr = ] BMXState-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> %SystemRoot%\System32\BMXState-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> [Ver = | Size = 54404 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] BMXStateBkp-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> %SystemRoot%\System32\BMXStateBkp-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> [Ver = | Size = 54404 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] CT4MGM.SF2 -> %SystemRoot%\System32\CT4MGM.SF2 -> [Ver = | Size = 4174814 bytes | Modified Date = 12/5/2000 9:11:52 AM | Attr = ] ctzapxx.ini -> %SystemRoot%\System32\ctzapxx.ini -> [Ver = | Size = 191 bytes | Modified Date = 8/17/2006 10:55:34 AM | Attr = ] Data -> %SystemRoot%\System32\Data -> [Folder | Created Date = 11/25/2007 4:58:56 PM | Attr = ] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> DivX.dll -> %SystemRoot%\System32\DivX.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 682496 bytes | Modified Date = 1/4/2008 4:57:10 PM | Attr = ] DivXCodecVersionChecker.exe -> %SystemRoot%\System32\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 6, 7, 0, 1 | Size = 156992 bytes | Modified Date = 1/4/2008 4:56:48 PM | Attr = ] divxdec.ax -> %SystemRoot%\System32\divxdec.ax -> DivX, Inc. [Ver = 6.8.0.0 | Size = 630784 bytes | Modified Date = 1/7/2008 8:16:38 PM | Attr = ] DivXMedia.ax -> %SystemRoot%\System32\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Modified Date = 12/11/2007 5:32:58 PM | Attr = ] DivXsm.exe -> %SystemRoot%\System32\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 4 | Size = 524288 bytes | Modified Date = 1/4/2008 4:59:04 PM | Attr = ] divxsm.tlb -> %SystemRoot%\System32\divxsm.tlb -> [Ver = | Size = 4816 bytes | Modified Date = 1/4/2008 4:59:04 PM | Attr = ] DivXWMPExtType.dll -> %SystemRoot%\System32\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Modified Date = 1/4/2008 4:56:24 PM | Attr = ] divx_xx07.dll -> %SystemRoot%\System32\divx_xx07.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Modified Date = 1/4/2008 4:57:12 PM | Attr = ] divx_xx0c.dll -> %SystemRoot%\System32\divx_xx0c.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Modified Date = 1/4/2008 4:57:10 PM | Attr = ] divx_xx11.dll -> %SystemRoot%\System32\divx_xx11.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 802816 bytes | Modified Date = 1/4/2008 4:57:10 PM | Attr = ] dpl100.dll -> %SystemRoot%\System32\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 81920 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr = ] dpl100.dll.manifest -> %SystemRoot%\System32\dpl100.dll.manifest -> [Ver = | Size = 416 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr = ] dpu10.dll -> %SystemRoot%\System32\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] dpu11.dll -> %SystemRoot%\System32\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] dpuGUI10.dll -> %SystemRoot%\System32\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Modified Date = 1/4/2008 4:57:16 PM | Attr = ] dpuGUI11.dll -> %SystemRoot%\System32\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] dpus11.dll -> %SystemRoot%\System32\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] dpv11.dll -> %SystemRoot%\System32\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] dtu100.dll -> %SystemRoot%\System32\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 196608 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr = ] dtu100.dll.manifest -> %SystemRoot%\System32\dtu100.dll.manifest -> [Ver = | Size = 416 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr = ] DVCState-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> %SystemRoot%\System32\DVCState-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> [Ver = | Size = 64900 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] HouseCall 6.6 -> %SystemRoot%\System32\HouseCall 6.6 -> [Folder | Created Date = 2/15/2008 2:53:58 AM | Attr = ] instwdm.ini -> %SystemRoot%\System32\instwdm.ini -> [Ver = | Size = 87403 bytes | Modified Date = 8/17/2006 11:59:16 AM | Attr = ] keystone.exe -> %SystemRoot%\System32\keystone.exe -> [Ver = | Size = 425984 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] libdivx.dll -> %SystemRoot%\System32\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Modified Date = 1/4/2008 4:58:42 PM | Attr = ] nv4_disp.dll -> %SystemRoot%\System32\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 5773568 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvapi.dll -> %SystemRoot%\System32\nvapi.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 385024 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvappbar.exe -> %SystemRoot%\System32\nvappbar.exe -> [Ver = | Size = 442368 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 163353 bytes | Modified Date = 12/24/2007 6:48:53 PM | Attr = ] nvcod.dll -> %SystemRoot%\System32\nvcod.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35 | Size = 35328 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcodins.dll -> %SystemRoot%\System32\nvcodins.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35 | Size = 35328 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcolor.exe -> %SystemRoot%\System32\nvcolor.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 147456 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcpl.cpl -> %SystemRoot%\System32\nvcpl.cpl -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 413696 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcpl.dll -> %SystemRoot%\System32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 8523776 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcplui.exe -> %SystemRoot%\System32\nvcplui.exe -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 753664 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [Ver = | Size = 17737 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvdisps.dll -> %SystemRoot%\System32\nvdisps.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 6549504 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvdspsch.exe -> %SystemRoot%\System32\nvdspsch.exe -> [Ver = | Size = 1339392 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvexpbar.dll -> %SystemRoot%\System32\nvexpbar.dll -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 307200 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvgames.dll -> %SystemRoot%\System32\nvgames.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 3420160 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nview.dll -> %SystemRoot%\System32\nview.dll -> [Ver = | Size = 1474560 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmccs.dll -> %SystemRoot%\System32\nvmccs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 229376 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmccsrs.dll -> %SystemRoot%\System32\nvmccsrs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 45056 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmccss.dll -> %SystemRoot%\System32\nvmccss.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 188416 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmctray.dll -> %SystemRoot%\System32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmobls.dll -> %SystemRoot%\System32\nvmobls.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 1228800 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvnt4cpl.dll -> %SystemRoot%\System32\nvnt4cpl.dll -> [Ver = | Size = 286720 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvoglnt.dll -> %SystemRoot%\System32\nvoglnt.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 6901760 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvshell.dll -> %SystemRoot%\System32\nvshell.dll -> [Ver = | Size = 466944 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvsvc32.exe -> %SystemRoot%\System32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvtuicpl.cpl -> %SystemRoot%\System32\nvtuicpl.cpl -> [Ver = | Size = 73728 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 1 , 1 , 0 | Size = 356352 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] NVUNINST.EXE -> %SystemRoot%\System32\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 1 , 1 , 0 | Size = 356352 bytes | Modified Date = 11/12/2007 8:03:34 AM | Attr = ] nvvitvs.dll -> %SystemRoot%\System32\nvvitvs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 3710976 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvwddi.dll -> %SystemRoot%\System32\nvwddi.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvwdmcpl.dll -> %SystemRoot%\System32\nvwdmcpl.dll -> [Ver = | Size = 1703936 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvwimg.dll -> %SystemRoot%\System32\nvwimg.dll -> [Ver = | Size = 1019904 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvwss.dll -> %SystemRoot%\System32\nvwss.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 2498560 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nwiz.exe -> %SystemRoot%\System32\nwiz.exe -> [Ver = | Size = 1626112 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] OpenAL32.dll -> %SystemRoot%\System32\OpenAL32.dll -> Portions (C) Creative Labs Inc. and NVIDIA Corp. [Ver = 6.14.0357.22 | Size = 110592 bytes | Modified Date = 2/14/2008 9:26:07 PM | Attr = ] pbsvc.exe -> %SystemRoot%\System32\pbsvc.exe -> [Ver = | Size = 669184 bytes | Modified Date = 11/27/2007 12:21:04 AM | Attr = ] PenTablet.cpl -> %SystemRoot%\System32\PenTablet.cpl -> Wacom Technology, Corp. [Ver = 5.0.5-7 | Size = 2684200 bytes | Modified Date = 9/7/2007 11:07:32 AM | Attr = ] PenTablet.znc -> %SystemRoot%\System32\PenTablet.znc -> [Ver = | Size = 1380680 bytes | Modified Date = 9/7/2007 11:04:44 AM | Attr = ] Pen_Tablet.dll -> %SystemRoot%\System32\Pen_Tablet.dll -> Wacom Technology, Corp. [Ver = 5.0.5-7 | Size = 128296 bytes | Modified Date = 9/7/2007 11:09:32 AM | Attr = ] Pen_Tablet.exe -> %SystemRoot%\System32\Pen_Tablet.exe -> Wacom Technology, Corp. [Ver = 5.0.5-7 | Size = 1373480 bytes | Modified Date = 9/7/2007 11:16:18 AM | Attr = ] pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Modified Date = 12/11/2007 12:50:03 AM | Attr = ] qt-dx331.dll -> %SystemRoot%\System32\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Modified Date = 1/4/2008 4:58:50 PM | Attr = ] QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Inc. [Ver = 7.4.1 | Size = 57344 bytes | Modified Date = 1/31/2008 11:13:18 PM | Attr = ] QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.4.1 | Size = 90112 bytes | Modified Date = 1/31/2008 11:13:18 PM | Attr = ] settings.sfm -> %SystemRoot%\System32\settings.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] settingsbkup.sfm -> %SystemRoot%\System32\settingsbkup.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] ssldivx.dll -> %SystemRoot%\System32\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Modified Date = 1/4/2008 4:58:42 PM | Attr = ] tmp1B441.FOT -> %SystemRoot%\System32\tmp1B441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp34441.FOT -> %SystemRoot%\System32\tmp34441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp36441.FOT -> %SystemRoot%\System32\tmp36441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp43441.FOT -> %SystemRoot%\System32\tmp43441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp50441.FOT -> %SystemRoot%\System32\tmp50441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp51441.FOT -> %SystemRoot%\System32\tmp51441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp90641.FOT -> %SystemRoot%\System32\tmp90641.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp9E541.FOT -> %SystemRoot%\System32\tmp9E541.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.0.0.9 | Size = 306432 bytes | Modified Date = 2/2/2008 6:43:49 PM | Attr = ] uxtuneup.dll -> %SystemRoot%\System32\uxtuneup.dll -> TuneUp Software GmbH [Ver = 2.0.0.9 | Size = 29440 bytes | Modified Date = 12/20/2007 10:41:56 AM | Attr = ] VZWDLManager.dll -> %SystemRoot%\System32\VZWDLManager.dll -> [Ver = 1, 12, 2007, 215 | Size = 49152 bytes | Modified Date = 5/1/2007 5:23:46 PM | Attr = ] VZWDLManager.inf -> %SystemRoot%\System32\VZWDLManager.inf -> [Ver = | Size = 375 bytes | Modified Date = 5/2/2007 3:34:00 AM | Attr = ] VZWDownManager.exe -> %SystemRoot%\System32\VZWDownManager.exe -> Verizon [Ver = 0, 28, 2007, 215 | Size = 528384 bytes | Modified Date = 5/1/2007 5:23:26 PM | Attr = ] Wintab32.dll -> %SystemRoot%\System32\Wintab32.dll -> Wacom Technology, Corp. [Ver = 1.0.3-1 | Size = 181544 bytes | Modified Date = 9/7/2007 10:55:28 AM | Attr = ] wrap_oal.dll -> %SystemRoot%\System32\wrap_oal.dll -> Creative Labs [Ver = 2.1.8.1 | Size = 413696 bytes | Modified Date = 2/14/2008 9:26:07 PM | Attr = ] WTablet -> %SystemRoot%\System32\WTablet -> [Folder | Created Date = 12/26/2007 3:01:20 PM | Attr = ] AM_D8.PRF -> %SystemRoot%\AM_D8.PRF -> [Ver = | Size = 24 bytes | Modified Date = 12/6/2007 9:50:50 PM | Attr = ] cdplayer.ini -> %SystemRoot%\cdplayer.ini -> [Ver = | Size = 25 bytes | Modified Date = 12/11/2007 12:51:30 AM | Attr = ] CSC -> %SystemRoot%\CSC -> [Folder | Created Date = 2/15/2008 3:30:56 AM | Attr = ] 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> CTDCRES.DLL -> %SystemRoot%\CTDCRES.DLL -> Creative Technology Ltd [Ver = 5.12.01.1140-2.07.0070 | Size = 10240 bytes | Modified Date = 8/17/2006 11:31:42 AM | Attr = ] CTXFIRES.DLL -> %SystemRoot%\CTXFIRES.DLL -> [Ver = 1, 0, 3, 0 | Size = 3072 bytes | Modified Date = 8/17/2006 11:32:16 AM | Attr = ] MEDB.mdb -> %SystemRoot%\MEDB.mdb -> [Ver = | Size = 4395008 bytes | Modified Date = 12/19/2007 9:38:02 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Created Date = 12/24/2007 6:47:25 PM | Attr = ] PowerReg.dat -> %SystemRoot%\PowerReg.dat -> [Ver = | Size = 333 bytes | Modified Date = 12/26/2007 3:10:04 PM | Attr = ] SWAT 4 -> %SystemRoot%\SWAT 4 -> [Folder | Created Date = 12/11/2007 12:20:18 AM | Attr = ] unins001.dat -> %SystemRoot%\unins001.dat -> [Ver = | Size = 3452 bytes | Modified Date = 2/1/2008 7:25:48 PM | Attr = ] unins001.exe -> %SystemRoot%\unins001.exe -> [Ver = 51.49.0.0 | Size = 691545 bytes | Modified Date = 2/1/2008 7:25:25 PM | Attr = ] [Files/Folders - Modified Within 90 days] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 202 bytes | Modified Date = 2/15/2008 3:21:57 AM | Attr = RHS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 2/15/2008 3:21:37 AM | Attr = ] NVIDIA -> %SystemDrive%\NVIDIA -> [Folder | Modified Date = 12/24/2007 6:46:28 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2/15/2008 3:21:15 AM | Attr = R ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 2/2/2008 7:26:01 PM | Attr = HS] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2/17/2008 7:17:38 PM | Attr = ] nv4_disp.dll -> %SystemRoot%\System32\dllcache\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 5773568 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nv4_mini.sys -> %SystemRoot%\System32\dllcache\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 2/16/2008 3:39:55 AM | Attr = ] 1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 228306 bytes | Modified Date = 2/14/2008 12:05:46 AM | Attr = ] hosts.20071213-224508.backup -> %SystemRoot%\System32\drivers\etc\hosts.20071213-224508.backup -> [Ver = | Size = 224638 bytes | Modified Date = 12/13/2007 10:44:59 PM | Attr = R ] hosts.20080112-030033.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080112-030033.backup -> [Ver = | Size = 221948 bytes | Modified Date = 12/14/2007 4:40:46 AM | Attr = ] hosts.20080112-222717.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080112-222717.backup -> [Ver = | Size = 226227 bytes | Modified Date = 1/12/2008 1:38:08 PM | Attr = ] hosts.20080120-172312.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080120-172312.backup -> [Ver = | Size = 226227 bytes | Modified Date = 1/12/2008 10:53:27 PM | Attr = ] hosts.20080120-172418.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080120-172418.backup -> [Ver = | Size = 7145 bytes | Modified Date = 1/20/2008 5:23:13 PM | Attr = R ] hosts.20080129-012110.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080129-012110.backup -> [Ver = | Size = 7145 bytes | Modified Date = 1/20/2008 5:24:18 PM | Attr = R ] hosts.20080201-193659.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080201-193659.backup -> [Ver = | Size = 227491 bytes | Modified Date = 1/29/2008 7:03:54 PM | Attr = ] hosts.20080211-044144.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080211-044144.backup -> [Ver = | Size = 227948 bytes | Modified Date = 2/1/2008 9:50:14 PM | Attr = ] hosts.20080212-195736.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080212-195736.backup -> [Ver = | Size = 228306 bytes | Modified Date = 2/12/2008 6:53:58 PM | Attr = ] hosts.20080213-015515.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080213-015515.backup -> [Ver = | Size = 228306 bytes | Modified Date = 2/12/2008 10:52:44 PM | Attr = ] hosts.20080213-234646.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080213-234646.backup -> [Ver = | Size = 228306 bytes | Modified Date = 2/13/2008 2:56:30 AM | Attr = ] hosts.bak -> %SystemRoot%\System32\drivers\etc\hosts.bak -> [Ver = | Size = 230996 bytes | Modified Date = 2/13/2008 11:46:47 PM | Attr = R ] hamachi.sys -> %SystemRoot%\System32\drivers\hamachi.sys -> LogMeIn, Inc. [Ver = 6.0.2.2 | Size = 25280 bytes | Modified Date = 12/11/2007 1:07:12 AM | Attr = ] nv4_mini.sys -> %SystemRoot%\System32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Modified Date = 1/17/2008 10:06:43 PM | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Modified Date = 12/19/2007 11:12:33 AM | Attr = ] Msft_User_WpdMtpDr_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 12/19/2007 11:12:33 AM | Attr = H ] BMXState-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> %SystemRoot%\System32\BMXState-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> [Ver = | Size = 54404 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] BMXStateBkp-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> %SystemRoot%\System32\BMXStateBkp-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> [Ver = | Size = 54404 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 2/13/2008 1:50:23 AM | Attr = ] 3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 2/14/2008 9:26:13 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 2/14/2008 9:09:44 PM | Attr = ] Data -> %SystemRoot%\System32\Data -> [Folder | Modified Date = 11/26/2007 8:59:54 PM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 2/14/2008 9:26:14 PM | Attr = ] DivX.dll -> %SystemRoot%\System32\DivX.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 682496 bytes | Modified Date = 1/4/2008 4:57:10 PM | Attr = ] DivXCodecVersionChecker.exe -> %SystemRoot%\System32\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 6, 7, 0, 1 | Size = 156992 bytes | Modified Date = 1/4/2008 4:56:48 PM | Attr = ] divxdec.ax -> %SystemRoot%\System32\divxdec.ax -> DivX, Inc. [Ver = 6.8.0.0 | Size = 630784 bytes | Modified Date = 1/7/2008 8:16:38 PM | Attr = ] DivXMedia.ax -> %SystemRoot%\System32\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Modified Date = 12/11/2007 5:32:58 PM | Attr = ] DivXsm.exe -> %SystemRoot%\System32\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 4 | Size = 524288 bytes | Modified Date = 1/4/2008 4:59:04 PM | Attr = ] divxsm.tlb -> %SystemRoot%\System32\divxsm.tlb -> [Ver = | Size = 4816 bytes | Modified Date = 1/4/2008 4:59:04 PM | Attr = ] DivXWMPExtType.dll -> %SystemRoot%\System32\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Modified Date = 1/4/2008 4:56:24 PM | Attr = ] divx_xx07.dll -> %SystemRoot%\System32\divx_xx07.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Modified Date = 1/4/2008 4:57:12 PM | Attr = ] divx_xx0c.dll -> %SystemRoot%\System32\divx_xx0c.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 823296 bytes | Modified Date = 1/4/2008 4:57:10 PM | Attr = ] divx_xx11.dll -> %SystemRoot%\System32\divx_xx11.dll -> DivX, Inc. [Ver = 6.8.0.14 | Size = 802816 bytes | Modified Date = 1/4/2008 4:57:10 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 2/13/2008 3:53:30 AM | Attr = RHS] dpl100.dll -> %SystemRoot%\System32\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 81920 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr = ] dpl100.dll.manifest -> %SystemRoot%\System32\dpl100.dll.manifest -> [Ver = | Size = 416 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr = ] dpu10.dll -> %SystemRoot%\System32\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] dpu11.dll -> %SystemRoot%\System32\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] dpuGUI10.dll -> %SystemRoot%\System32\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Modified Date = 1/4/2008 4:57:16 PM | Attr = ] dpuGUI11.dll -> %SystemRoot%\System32\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] dpus11.dll -> %SystemRoot%\System32\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] dpv11.dll -> %SystemRoot%\System32\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Modified Date = 1/4/2008 4:57:14 PM | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 2/13/2008 1:51:16 AM | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 12/27/2007 12:27:23 AM | Attr = ] dtu100.dll -> %SystemRoot%\System32\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 40 | Size = 196608 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr = ] dtu100.dll.manifest -> %SystemRoot%\System32\dtu100.dll.manifest -> [Ver = | Size = 416 bytes | Modified Date = 1/4/2008 4:57:22 PM | Attr = ] DVCState-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> %SystemRoot%\System32\DVCState-{00000003-00000000-00000003-00001102-00000005-10031102}.rfx -> [Ver = | Size = 64900 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 1573360 bytes | Modified Date = 11/27/2007 1:32:44 PM | Attr = ] HouseCall 6.6 -> %SystemRoot%\System32\HouseCall 6.6 -> [Folder | Modified Date = 2/15/2008 2:54:00 AM | Attr = ] keystone.exe -> %SystemRoot%\System32\keystone.exe -> [Ver = | Size = 425984 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] libdivx.dll -> %SystemRoot%\System32\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Modified Date = 1/4/2008 4:58:42 PM | Attr = ] nv4_disp.dll -> %SystemRoot%\System32\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 5773568 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvapi.dll -> %SystemRoot%\System32\nvapi.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 385024 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvappbar.exe -> %SystemRoot%\System32\nvappbar.exe -> [Ver = | Size = 442368 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 163353 bytes | Modified Date = 12/24/2007 6:48:53 PM | Attr = ] nvcod.dll -> %SystemRoot%\System32\nvcod.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35 | Size = 35328 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcodins.dll -> %SystemRoot%\System32\nvcodins.dll -> NVIDIA Corporation [Ver = 1 , 0 , 0 , 35 | Size = 35328 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcolor.exe -> %SystemRoot%\System32\nvcolor.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 147456 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcpl.cpl -> %SystemRoot%\System32\nvcpl.cpl -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 413696 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcpl.dll -> %SystemRoot%\System32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 8523776 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcplui.exe -> %SystemRoot%\System32\nvcplui.exe -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 753664 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvcuda.dll -> %SystemRoot%\System32\nvcuda.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 1089536 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [Ver = | Size = 17737 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvdisps.dll -> %SystemRoot%\System32\nvdisps.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 6549504 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvdspsch.exe -> %SystemRoot%\System32\nvdspsch.exe -> [Ver = | Size = 1339392 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvexpbar.dll -> %SystemRoot%\System32\nvexpbar.dll -> NVIDIA Corporation [Ver = 1.5.30.38 | Size = 307200 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvgames.dll -> %SystemRoot%\System32\nvgames.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 3420160 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nview.dll -> %SystemRoot%\System32\nview.dll -> [Ver = | Size = 1474560 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmccs.dll -> %SystemRoot%\System32\nvmccs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 229376 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmccsrs.dll -> %SystemRoot%\System32\nvmccsrs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 45056 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmccss.dll -> %SystemRoot%\System32\nvmccss.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 188416 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmctray.dll -> %SystemRoot%\System32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvmobls.dll -> %SystemRoot%\System32\nvmobls.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 1228800 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvnt4cpl.dll -> %SystemRoot%\System32\nvnt4cpl.dll -> [Ver = | Size = 286720 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvoglnt.dll -> %SystemRoot%\System32\nvoglnt.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 6901760 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvshell.dll -> %SystemRoot%\System32\nvshell.dll -> [Ver = | Size = 466944 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvsvc32.exe -> %SystemRoot%\System32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvtuicpl.cpl -> %SystemRoot%\System32\nvtuicpl.cpl -> [Ver = | Size = 73728 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 1 , 1 , 0 | Size = 356352 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvvitvs.dll -> %SystemRoot%\System32\nvvitvs.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 3710976 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvwddi.dll -> %SystemRoot%\System32\nvwddi.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvwdmcpl.dll -> %SystemRoot%\System32\nvwdmcpl.dll -> [Ver = | Size = 1703936 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvwimg.dll -> %SystemRoot%\System32\nvwimg.dll -> [Ver = | Size = 1019904 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvwss.dll -> %SystemRoot%\System32\nvwss.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 2498560 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nwiz.exe -> %SystemRoot%\System32\nwiz.exe -> [Ver = | Size = 1626112 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] OpenAL32.dll -> %SystemRoot%\System32\OpenAL32.dll -> Portions (C) Creative Labs Inc. and NVIDIA Corp. [Ver = 6.14.0357.22 | Size = 110592 bytes | Modified Date = 2/14/2008 9:26:07 PM | Attr = ] pbsvc.exe -> %SystemRoot%\System32\pbsvc.exe -> [Ver = | Size = 669184 bytes | Modified Date = 11/27/2007 12:21:04 AM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 64372 bytes | Modified Date = 2/1/2008 7:57:01 PM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 409232 bytes | Modified Date = 2/1/2008 7:57:01 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 460756 bytes | Modified Date = 2/1/2008 7:57:01 PM | Attr = ] pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Modified Date = 12/11/2007 12:50:03 AM | Attr = ] pnkbstra.exe -> %SystemRoot%\System32\pnkbstra.exe -> [Ver = | Size = 66872 bytes | Modified Date = 12/14/2007 12:24:50 AM | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 107832 bytes | Modified Date = 1/24/2008 1:10:24 AM | Attr = ] Px.dll -> %SystemRoot%\System32\Px.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 555768 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = ] pxafs.dll -> %SystemRoot%\System32\pxafs.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 129784 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = ] pxcpya64.exe -> %SystemRoot%\System32\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.46a | Size = 63784 bytes | Modified Date = 12/4/2007 2:08:46 AM | Attr = ] pxcpyi64.exe -> %SystemRoot%\System32\pxcpyi64.exe -> Sonic Solutions [Ver = 1.00.46a | Size = 118056 bytes | Modified Date = 12/4/2007 2:08:46 AM | Attr = ] pxdrv.dll -> %SystemRoot%\System32\pxdrv.dll -> Sonic Solutions [Ver = 1.02.12d | Size = 531192 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = ] PxMas.dll -> %SystemRoot%\System32\PxMas.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 187128 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = ] pxsfs.dll -> %SystemRoot%\System32\pxsfs.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 1628920 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = ] PxWave.dll -> %SystemRoot%\System32\PxWave.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 379640 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = ] qt-dx331.dll -> %SystemRoot%\System32\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Modified Date = 1/4/2008 4:58:50 PM | Attr = ] QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Inc. [Ver = 7.4.1 | Size = 57344 bytes | Modified Date = 1/31/2008 11:13:18 PM | Attr = ] QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.4.1 | Size = 90112 bytes | Modified Date = 1/31/2008 11:13:18 PM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 12/26/2007 3:01:43 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 2/2/2008 7:26:01 PM | Attr = ] settings.sfm -> %SystemRoot%\System32\settings.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] settingsbkup.sfm -> %SystemRoot%\System32\settingsbkup.sfm -> [Ver = | Size = 1080 bytes | Modified Date = 2/17/2008 4:33:16 AM | Attr = ] ssldivx.dll -> %SystemRoot%\System32\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Modified Date = 1/4/2008 4:58:42 PM | Attr = ] tmp1B441.FOT -> %SystemRoot%\System32\tmp1B441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp34441.FOT -> %SystemRoot%\System32\tmp34441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp36441.FOT -> %SystemRoot%\System32\tmp36441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp43441.FOT -> %SystemRoot%\System32\tmp43441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp50441.FOT -> %SystemRoot%\System32\tmp50441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp51441.FOT -> %SystemRoot%\System32\tmp51441.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp90641.FOT -> %SystemRoot%\System32\tmp90641.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] tmp9E541.FOT -> %SystemRoot%\System32\tmp9E541.FOT -> [Ver = | Size = 1409 bytes | Modified Date = 12/9/2007 2:09:07 AM | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.0.0.9 | Size = 306432 bytes | Modified Date = 2/2/2008 6:43:49 PM | Attr = ] uxtuneup.dll -> %SystemRoot%\System32\uxtuneup.dll -> TuneUp Software GmbH [Ver = 2.0.0.9 | Size = 29440 bytes | Modified Date = 12/20/2007 10:41:56 AM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 2/13/2008 1:46:12 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 2/17/2008 7:17:39 PM | Attr = ] wrap_oal.dll -> %SystemRoot%\System32\wrap_oal.dll -> Creative Labs [Ver = 2.1.8.1 | Size = 413696 bytes | Modified Date = 2/14/2008 9:26:07 PM | Attr = ] WTablet -> %SystemRoot%\System32\WTablet -> [Folder | Modified Date = 12/26/2007 3:01:20 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2/12/2008 6:57:41 PM | Attr = H ] 1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> AM_D8.PRF -> %SystemRoot%\AM_D8.PRF -> [Ver = | Size = 24 bytes | Modified Date = 12/6/2007 9:50:50 PM | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 2/1/2008 8:03:37 PM | Attr = R S] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2/17/2008 7:16:34 PM | Attr = S] cdplayer.ini -> %SystemRoot%\cdplayer.ini -> [Ver = | Size = 25 bytes | Modified Date = 12/11/2007 12:51:30 AM | Attr = ] CSC -> %SystemRoot%\CSC -> [Folder | Modified Date = 2/15/2008 3:30:56 AM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 2/12/2008 7:57:36 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2/15/2008 2:54:00 AM | Attr = S] game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 319 bytes | Modified Date = 12/13/2007 11:57:55 PM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 12/24/2007 6:47:27 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2/15/2008 2:53:58 AM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 2/15/2008 3:21:44 AM | Attr = HS] MEDB.mdb -> %SystemRoot%\MEDB.mdb -> [Ver = | Size = 4395008 bytes | Modified Date = 12/19/2007 9:38:02 PM | Attr = ] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 2/1/2008 8:03:37 PM | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 1/12/2008 11:04:17 PM | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1963 bytes | Modified Date = 12/11/2007 12:50:37 AM | Attr = ] msdownld.tmp -> %SystemRoot%\msdownld.tmp -> [Folder | Modified Date = 11/27/2007 1:47:29 AM | Attr = H ] nview -> %SystemRoot%\nview -> [Folder | Modified Date = 12/24/2007 6:47:25 PM | Attr = ] PowerReg.dat -> %SystemRoot%\PowerReg.dat -> [Ver = | Size = 333 bytes | Modified Date = 12/26/2007 3:10:04 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2/17/2008 7:21:50 PM | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 12/20/2007 1:20:30 PM | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2/17/2008 7:17:20 PM | Attr = ] SWAT 4 -> %SystemRoot%\SWAT 4 -> [Folder | Modified Date = 12/11/2007 12:20:18 AM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 11/25/2007 4:47:52 PM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 2/15/2008 3:21:57 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 2/15/2008 3:21:15 AM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2/2/2008 6:43:54 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 2/17/2008 7:22:53 PM | Attr = ] unins001.dat -> %SystemRoot%\unins001.dat -> [Ver = | Size = 3452 bytes | Modified Date = 2/1/2008 7:25:48 PM | Attr = ] unins001.exe -> %SystemRoot%\unins001.exe -> [Ver = 51.49.0.0 | Size = 691545 bytes | Modified Date = 2/1/2008 7:25:25 PM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 512 bytes | Modified Date = 2/15/2008 3:21:57 AM | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 2/1/2008 7:56:58 PM | Attr = ] 1-Click Maintenance.job -> %SystemRoot%\tasks\1-Click Maintenance.job -> [Ver = | Size = 376 bytes | Modified Date = 2/2/2008 6:43:54 PM | Attr = ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 2/11/2008 4:18:01 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2/17/2008 7:16:35 PM | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4617 bytes | Modified Date = 2/13/2008 1:50:37 AM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4232 bytes | Modified Date = 2/13/2008 1:50:37 AM | Attr = ] opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8316 bytes | Modified Date = 10/17/2007 1:40:51 AM | Attr = ] EASOUNInstaller.exe -> C:\Documents and Settings\Kenny\Local Settings\Temp\EASOUNInstaller.exe -> Electronic Arts Inc. [Ver = 2.0.0.4 | Size = 405504 bytes | Modified Date = 12/15/2007 3:32:55 AM | Attr = ] eauninstall.exe -> C:\Documents and Settings\Kenny\Local Settings\Temp\eauninstall.exe -> Electronic Arts Inc. [Ver = 1.00.00.000 | Size = 319488 bytes | Modified Date = 12/15/2007 3:32:54 AM | Attr = ] Madden NFL 08_uninst.exe -> C:\Documents and Settings\Kenny\Local Settings\Temp\Madden NFL 08_uninst.exe -> Electronic Arts [Ver = 1.07.07 | Size = 94208 bytes | Modified Date = 12/15/2007 3:35:18 AM | Attr = ] PxCpyA64.exe -> C:\Documents and Settings\Kenny\Local Settings\Temp\PxCpyA64.exe -> Sonic Solutions [Ver = 1.00.46a | Size = 63784 bytes | Modified Date = 12/4/2007 2:08:46 AM | Attr = R ] PxCpyI64.exe -> C:\Documents and Settings\Kenny\Local Settings\Temp\PxCpyI64.exe -> Sonic Solutions [Ver = 1.00.46a | Size = 118056 bytes | Modified Date = 12/4/2007 2:08:46 AM | Attr = R ] pxhpinst.exe -> C:\Documents and Settings\Kenny\Local Settings\Temp\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.64a | Size = 72440 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = R ] PxInsA64.exe -> C:\Documents and Settings\Kenny\Local Settings\Temp\PxInsA64.exe -> Sonic Solutions [Ver = 3.00.64a | Size = 64760 bytes | Modified Date = 12/4/2007 2:08:46 AM | Attr = R ] PxInsI64.exe -> C:\Documents and Settings\Kenny\Local Settings\Temp\PxInsI64.exe -> Sonic Solutions [Ver = 3.00.64a | Size = 118520 bytes | Modified Date = 12/4/2007 2:08:46 AM | Attr = R ] pxsetup.exe -> C:\Documents and Settings\Kenny\Local Settings\Temp\pxsetup.exe -> Sonic Solutions [Ver = 1.00.46a | Size = 72440 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = R ] 4 C:\Documents and Settings\Kenny\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Kenny\Local Settings\Temp\*.tmp -> AutoRunGUI.dll -> C:\Documents and Settings\Kenny\Local Settings\Temp\AutoRunGUI.dll -> Electronic Arts Inc. [Ver = 1.1.41.9 | Size = 442368 bytes | Modified Date = 12/15/2007 3:32:55 AM | Attr = ] EAInstall.dll -> C:\Documents and Settings\Kenny\Local Settings\Temp\EAInstall.dll -> [Ver = | Size = 876544 bytes | Modified Date = 12/15/2007 3:32:54 AM | Attr = ] px.dll -> C:\Documents and Settings\Kenny\Local Settings\Temp\px.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 555768 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = R ] pxafs.dll -> C:\Documents and Settings\Kenny\Local Settings\Temp\pxafs.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 129784 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = R ] pxdrv.dll -> C:\Documents and Settings\Kenny\Local Settings\Temp\pxdrv.dll -> Sonic Solutions [Ver = 1.02.12d | Size = 531192 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = R ] pxmas.dll -> C:\Documents and Settings\Kenny\Local Settings\Temp\pxmas.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 187128 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = R ] pxsfs.dll -> C:\Documents and Settings\Kenny\Local Settings\Temp\pxsfs.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 1628920 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = R ] pxwave.dll -> C:\Documents and Settings\Kenny\Local Settings\Temp\pxwave.dll -> Sonic Solutions [Ver = 4.0.45.500 | Size = 379640 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = R ] vxblock.dll -> C:\Documents and Settings\Kenny\Local Settings\Temp\vxblock.dll -> Sonic Solutions [Ver = 1.00.83a | Size = 88824 bytes | Modified Date = 12/4/2007 2:08:48 AM | Attr = R ] 4 C:\Documents and Settings\Kenny\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Kenny\Local Settings\Temp\*.tmp -> 7Z.DLL -> C:\Documents and Settings\Kenny\Local Settings\Temp\_PASFX313\7Z.DLL -> [Ver = | Size = 76288 bytes | Modified Date = 2/11/2008 4:25:19 AM | Attr = ] 7Z.DLL -> C:\Documents and Settings\Kenny\Local Settings\Temp\_PASFX497\7Z.DLL -> [Ver = | Size = 76288 bytes | Modified Date = 2/13/2008 9:15:30 PM | Attr = ] 7Z.DLL -> C:\Documents and Settings\Kenny\Local Settings\Temp\_PASFX531\7Z.DLL -> [Ver = | Size = 76288 bytes | Modified Date = 2/13/2008 8:40:33 PM | Attr = ] 7Z.DLL -> C:\Documents and Settings\Kenny\Local Settings\Temp\_PASFX589\7Z.DLL -> [Ver = | Size = 76288 bytes | Modified Date = 2/13/2008 8:38:13 PM | Attr = ] 7Z.DLL -> C:\Documents and Settings\Kenny\Local Settings\Temp\_PASFX685\7Z.DLL -> [Ver = | Size = 76288 bytes | Modified Date = 2/11/2008 3:54:33 AM | Attr = ] 7Z.DLL -> C:\Documents and Settings\Kenny\Local Settings\Temp\_PASFX920\7Z.DLL -> [Ver = | Size = 76288 bytes | Modified Date = 2/13/2008 8:58:24 PM | Attr = ] index.dat -> C:\WINDOWS\Temp\Cookies\index.dat -> [Ver = | Size = 16384 bytes | Modified Date = 11/26/2007 4:18:01 PM | Attr = HS] index.dat -> C:\WINDOWS\Temp\History\History.IE5\index.dat -> [Ver = | Size = 16384 bytes | Modified Date = 11/26/2007 4:18:01 PM | Attr = HS] index.dat -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 11/26/2007 4:18:01 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\History\History.IE5\desktop.ini -> [Ver = | Size = 145 bytes | Modified Date = 11/26/2007 4:18:02 PM | Attr = ] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 11/26/2007 4:18:02 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\6ERNDOG2\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 11/26/2007 4:18:02 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\LEGJK342\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 11/26/2007 4:18:02 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\QAPVV0VJ\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 11/26/2007 4:18:02 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\UPY9SMJ0\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 11/26/2007 4:18:02 PM | Attr = HS] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]