[code] WinPFind35 logfile created on: 2/22/2008 9:00:04 AM WinPFind35U Version 1.0.0.0 Folder = C:\Documents and Settings\jf6120\Desktop\WinPFind35u Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 61.05% Memory free 3.85 Gb Paging File | 3.20 Gb Available in Paging File | 83.27% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111.73 Gb Total Space | 86.79 Gb Free Space | 77.68% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 967.22 Mb Total Space | 965.61 Mb Free Space | 99.83% Space Free | Partition Type: FAT F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SCOTT Current User Name: jf6120 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 9, 0, 1, 12 | Size = 86016 bytes | Modified Date = 9/7/2004 4:02:40 PM | Attr = ] s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 9, 0, 1, 41 | Size = 360521 bytes | Modified Date = 9/7/2004 4:05:10 PM | Attr = ] wlkeeper.exe -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> Intel® Corporation [Ver = 9, 0, 1, 14 | Size = 225353 bytes | Modified Date = 9/7/2004 4:12:32 PM | Attr = ] applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 1/15/2008 2:40:04 AM | Attr = ] mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Inc. [Ver = 1,0,4,12 | Size = 229376 bytes | Modified Date = 7/24/2007 3:17:08 PM | Attr = ] dlactrlw.exe -> %SystemRoot%\system32\DLA\DLACTRLW.EXE -> Sonic Solutions [Ver = 5.20.08a | Size = 122940 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] nicconfigsvc.exe -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> Dell Inc. [Ver = 7, 0, 10, 0 | Size = 380928 bytes | Modified Date = 12/15/2005 10:44:52 AM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.7830 | Size = 127042 bytes | Modified Date = 7/14/2005 12:08:00 PM | Attr = ] pcctlcom.exe -> %ProgramFiles%\Trend Micro\Internet Security 14\PcCtlCom.exe -> Trend Micro Inc. [Ver = 14.60.0.1195 | Size = 1472104 bytes | Modified Date = 11/21/2006 1:58:40 PM | Attr = ] regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 9, 0, 1, 10 | Size = 139264 bytes | Modified Date = 9/7/2004 4:02:04 PM | Attr = ] tmntsrv.exe -> %ProgramFiles%\Trend Micro\Internet Security 14\Tmntsrv.exe -> Trend Micro Inc. [Ver = 14.60.0.1180 | Size = 345696 bytes | Modified Date = 9/18/2006 2:50:54 PM | Attr = ] ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 504104 bytes | Modified Date = 1/15/2008 3:22:44 AM | Attr = ] tmproxy.exe -> %ProgramFiles%\Trend Micro\Internet Security 14\tmproxy.exe -> Trend Micro Inc. [Ver = 2.1.0.1050 | Size = 566872 bytes | Modified Date = 11/9/2006 4:04:02 PM | Attr = ] zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe -> Intel Corporation [Ver = 9, 0, 1, 45 | Size = 389120 bytes | Modified Date = 9/7/2004 4:08:02 PM | Attr = ] 1xconfig.exe -> %ProgramFiles%\Intel\Wireless\Bin\1XConfig.exe -> Intel [Ver = 9, 0, 1, 33 | Size = 245760 bytes | Modified Date = 9/7/2004 4:03:40 PM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 11/9/2006 3:07:30 PM | Attr = ] sm1bg.exe -> %SystemRoot%\SM1bg.exe -> Cypress Semiconductor [Ver = 6.01.1000.0 | Size = 94208 bytes | Modified Date = 8/27/2003 1:20:00 PM | Attr = R ] drgtodsc.exe -> %ProgramFiles%\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe -> Roxio [Ver = 7.1.0.189 | Size = 1691648 bytes | Modified Date = 11/17/2004 8:21:56 AM | Attr = ] realplay.exe -> %ProgramFiles%\Real\RealPlayer\realplay.exe -> RealNetworks, Inc. [Ver = 6.0.9.584 | Size = 26112 bytes | Modified Date = 4/12/2006 1:07:31 AM | Attr = ] issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ] ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe -> Intel Corporation [Ver = 9, 0, 1, 19 | Size = 385024 bytes | Modified Date = 10/30/2004 2:59:54 PM | Attr = ] dmxlauncher.exe -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [Ver = | Size = 94208 bytes | Modified Date = 10/5/2005 3:12:00 AM | Attr = ] dlactrlw.exe -> %SystemRoot%\system32\DLA\DLACTRLW.EXE -> Sonic Solutions [Ver = 5.20.08a | Size = 122940 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] quickset.exe -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 7, 0, 10, 0 | Size = 839680 bytes | Modified Date = 12/15/2005 10:44:40 AM | Attr = ] apoint.exe -> %ProgramFiles%\Apoint\Apoint.exe -> Alps Electric Co., Ltd. [Ver = 5.5.101.155 | Size = 176128 bytes | Modified Date = 10/7/2005 6:13:38 AM | Attr = R ] pccguide.exe -> %ProgramFiles%\Trend Micro\Internet Security 14\pccguide.exe -> Trend Micro Inc. [Ver = 14.60.0.1195 | Size = 1807960 bytes | Modified Date = 11/21/2006 2:02:24 PM | Attr = ] ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 267048 bytes | Modified Date = 1/15/2008 3:22:56 AM | Attr = ] tmas_oemon.exe -> %ProgramFiles%\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe -> Trend Micro Inc. [Ver = 3.53.0.1041 | Size = 321040 bytes | Modified Date = 8/4/2006 3:15:28 PM | Attr = ] superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 6, 0, 1000 | Size = 1310720 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 3:06:00 AM | Attr = ] hpobnz08.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.021 | Size = 323646 bytes | Modified Date = 4/9/2003 4:41:38 PM | Attr = ] hpotdd01.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe -> Hewlett-Packard [Ver = 1, 0, 0, 1 | Size = 28672 bytes | Modified Date = 4/9/2003 5:11:12 PM | Attr = ] mfwakeys.exe -> %ProgramFiles%\MOTU\Audio\MFWAKeys.exe -> [Ver = | Size = 176128 bytes | Modified Date = 4/18/2006 12:16:21 PM | Attr = ] hpoevm08.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.021 | Size = 286720 bytes | Modified Date = 4/9/2003 4:49:36 PM | Attr = ] hposts08.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hposts08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.021 | Size = 311296 bytes | Modified Date = 4/9/2003 4:59:24 PM | Attr = ] apntex.exe -> %ProgramFiles%\Apoint\ApntEx.exe -> Alps Electric Co., Ltd. [Ver = 5.5.1.22 | Size = 45056 bytes | Modified Date = 7/27/2005 8:41:08 AM | Attr = R ] hidfind.exe -> %ProgramFiles%\Apoint\hidfind.exe -> Alps Electric Co., Ltd. [Ver = 1.1.0.23 | Size = 45056 bytes | Modified Date = 6/28/2004 3:56:12 PM | Attr = R ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309760 bytes | Modified Date = 2/20/2008 11:36:44 AM | Attr = ] [Win32 Services - Non-Microsoft Only] (Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 1/15/2008 2:40:04 AM | Attr = ] (Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Inc. [Ver = 1,0,4,12 | Size = 229376 bytes | Modified Date = 7/24/2007 3:17:08 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] (EvtEng) EvtEng [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 9, 0, 1, 12 | Size = 86016 bytes | Modified Date = 9/7/2004 4:02:40 PM | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 10/22/2004 2:24:18 AM | Attr = ] (iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 504104 bytes | Modified Date = 1/15/2008 3:22:44 AM | Attr = ] (NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> Dell Inc. [Ver = 7, 0, 10, 0 | Size = 380928 bytes | Modified Date = 12/15/2005 10:44:52 AM | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.7830 | Size = 127042 bytes | Modified Date = 7/14/2005 12:08:00 PM | Attr = ] (PcCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 14\PcCtlCom.exe -> Trend Micro Inc. [Ver = 14.60.0.1195 | Size = 1472104 bytes | Modified Date = 11/21/2006 1:58:40 PM | Attr = ] (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\HPZipm12.exe -> HP [Ver = 6, 0, 0, 0 | Size = 65795 bytes | Modified Date = 3/9/2003 8:31:02 PM | Attr = ] (RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 9, 0, 1, 10 | Size = 139264 bytes | Modified Date = 9/7/2004 4:02:04 PM | Attr = ] (S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 9, 0, 1, 41 | Size = 360521 bytes | Modified Date = 9/7/2004 4:05:10 PM | Attr = ] (Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 14\Tmntsrv.exe -> Trend Micro Inc. [Ver = 14.60.0.1180 | Size = 345696 bytes | Modified Date = 9/18/2006 2:50:54 PM | Attr = ] (TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Trend Micro\Internet Security 14\TmPfw.exe -> Trend Micro Inc. [Ver = 2.6.0.1050 | Size = 923216 bytes | Modified Date = 11/9/2006 4:03:42 PM | Attr = ] (tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 14\tmproxy.exe -> Trend Micro Inc. [Ver = 2.1.0.1050 | Size = 566872 bytes | Modified Date = 11/9/2006 4:04:02 PM | Attr = ] (WLANKEEPER) WLANKEEPER [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> Intel® Corporation [Ver = 9, 0, 1, 14 | Size = 225353 bytes | Modified Date = 9/7/2004 4:12:32 PM | Attr = ] [Driver Services - Non-Microsoft Only] (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found (AegisP) AEGIS Protocol (IEEE 802.1x) v3.1.0.1 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.1.0.1 | Size = 17056 bytes | Modified Date = 4/12/2006 1:03:13 AM | Attr = ] (AliIde) AliIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 8/17/2001 1:51:56 PM | Attr = ] (amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\AMDAGP.SYS -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 8/3/2004 11:07:44 PM | Attr = ] (ApfiltrService) Alps Touch Pad Filter Driver for Windows 2000/XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Apfiltr.sys -> Alps Electric Co., Ltd. [Ver = 5.5.1.297 | Size = 113847 bytes | Modified Date = 9/28/2005 12:57:18 PM | Attr = R ] (APPDRV) APPDRV [Kernel | System | Running] -> %SystemRoot%\system32\drivers\APPDRV.SYS -> Dell Inc [Ver = 1, 0, 1, 1 | Size = 16128 bytes | Modified Date = 8/12/2005 4:50:46 PM | Attr = ] (asc) asc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 8/17/2001 1:52:00 PM | Attr = ] (asc3550) asc3550 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 8/17/2001 1:51:58 PM | Attr = ] (ASCTRM) ASCTRM [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\asctrm.sys -> Windows (R) 2000 DDK provider [Ver = 5.00.2195.1 | Size = 8552 bytes | Modified Date = 4/12/2006 1:07:32 AM | Attr = ] (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found (b57w2k) Broadcom 570x Gigabit Integrated Controller [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\b57xp32.sys -> Broadcom Corporation [Ver = 7.86.3.0 built by: WinDDK | Size = 121472 bytes | Modified Date = 2/2/2005 3:41:54 PM | Attr = ] (bvrp_pci) bvrp_pci [Kernel | On_Demand | Stopped] -> -> File not found (Cdr4_xp) Cdr4_xp [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cdr4_xp.sys -> Roxio [Ver = 7.1.0.190 | Size = 44288 bytes | Modified Date = 12/6/2004 2:19:22 PM | Attr = ] (Cdralw2k) Cdralw2k [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cdralw2k.sys -> Roxio [Ver = 7.1.0.189 | Size = 24832 bytes | Modified Date = 11/17/2004 8:16:48 AM | Attr = ] (cdudf_xp) cdudf_xp [File_System | System | Running] -> %SystemRoot%\system32\drivers\Cdudf_xp.sys -> Roxio [Ver = 7.1.0.189 | Size = 289920 bytes | Modified Date = 11/17/2004 8:23:24 AM | Attr = ] (Changer) Changer [Kernel | System | Stopped] -> -> File not found (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 8/17/2001 1:51:54 PM | Attr = ] (dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 8/17/2001 1:52:16 PM | Attr = ] (DLABOIOM) DLABOIOM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLABOIOM.SYS -> Sonic Solutions [Ver = 5.20.08a | Size = 25628 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] (DLACDBHM) DLACDBHM [File_System | System | Running] -> %SystemRoot%\system32\drivers\DLACDBHM.SYS -> Sonic Solutions [Ver = 5.20.01a | Size = 5628 bytes | Modified Date = 8/25/2005 12:16:52 PM | Attr = ] (DLADResN) DLADResN [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLADResN.SYS -> Sonic Solutions [Ver = 5.20.08a | Size = 2496 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] (DLAIFS_M) DLAIFS_M [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAIFS_M.SYS -> Sonic Solutions [Ver = 5.20.08a | Size = 86524 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] (DLAOPIOM) DLAOPIOM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAOPIOM.SYS -> Sonic Solutions [Ver = 5.20.08a | Size = 14684 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] (DLAPoolM) DLAPoolM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAPoolM.SYS -> Sonic Solutions [Ver = 5.20.08a | Size = 6364 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] (DLARTL_N) DLARTL_N [File_System | System | Running] -> %SystemRoot%\system32\drivers\DLARTL_N.SYS -> Sonic Solutions [Ver = 5.20.01a | Size = 22684 bytes | Modified Date = 8/25/2005 12:16:16 PM | Attr = ] (DLAUDFAM) DLAUDFAM [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAUDFAM.SYS -> Sonic Solutions [Ver = 5.20.08a | Size = 94332 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] (DLAUDF_M) DLAUDF_M [File_System | Auto | Running] -> %SystemRoot%\system32\DLA\DLAUDF_M.SYS -> Sonic Solutions [Ver = 5.20.08a | Size = 87036 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] (dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] (dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] (DRVMCDB) DRVMCDB [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\DRVMCDB.SYS -> Sonic Solutions [Ver = 3.30.04a | Size = 89264 bytes | Modified Date = 9/12/2005 3:30:00 AM | Attr = ] (DRVNDDM) DRVNDDM [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\DRVNDDM.SYS -> Sonic Solutions [Ver = 5.20.00a | Size = 40544 bytes | Modified Date = 8/12/2005 5:20:00 AM | Attr = ] (DVDVRRdr_xp) DVDVRRdr_xp [File_System | System | Running] -> %SystemRoot%\system32\drivers\DVDVRRdr_xp.sys -> Windows (R) 2000 DDK provider [Ver = 7.1.0.189 | Size = 141184 bytes | Modified Date = 11/17/2004 8:14:02 AM | Attr = ] (dvd_2K) dvd_2K [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\dvd_2k.sys -> Roxio [Ver = 7.1.0.189 | Size = 23936 bytes | Modified Date = 11/17/2004 8:22:46 AM | Attr = ] (E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Modified Date = 8/17/2001 12:12:10 PM | Attr = ] (GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 9/19/2006 1:44:04 PM | Attr = ] (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\hpzid412.sys -> HP [Ver = 6, 0, 0, 0 | Size = 51024 bytes | Modified Date = 3/9/2003 8:31:00 PM | Attr = ] (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZipr12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 16080 bytes | Modified Date = 3/9/2003 8:31:02 PM | Attr = ] (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZius12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 21456 bytes | Modified Date = 3/9/2003 8:31:02 PM | Attr = ] (HSFHWICH) HSFHWICH [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWICH.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 200064 bytes | Modified Date = 6/17/2004 8:57:02 PM | Attr = ] (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Modified Date = 6/17/2004 8:55:04 PM | Attr = ] (IWCA) Intel Wireless Connection Agent Miniport for Win XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\iwca.sys -> Intel Corporation [Ver = 9.00.0.17 built by: WinDDK | Size = 234496 bytes | Modified Date = 8/12/2004 8:44:04 AM | Attr = ] (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 13059 bytes | Modified Date = 3/17/2004 6:04:14 PM | Attr = ] (MFWAMIDI) MOTU FireWire Audio MIDI [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MFWAMIDI.sys -> Mark of the Unicorn [Ver = 3.6.7.0 | Size = 18432 bytes | Modified Date = 4/18/2006 12:16:03 PM | Attr = ] (MFWAWAVE) MOTU FireWire Audio Wave [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MFWAWave.sys -> MOTU [Ver = 3.6.7.0 | Size = 23552 bytes | Modified Date = 4/18/2006 12:15:08 PM | Attr = ] (mmc_2K) mmc_2K [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mmc_2k.sys -> Roxio [Ver = 7.1.0.189 | Size = 23808 bytes | Modified Date = 11/17/2004 8:10:40 AM | Attr = ] (motubus) MOTU Audio MIDI Extension [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\motubus.sys -> Mark of the Unicorn [Ver = 1, 0, 0, 2 | Size = 15360 bytes | Modified Date = 11/18/2005 2:32:37 PM | Attr = ] (MotuFWA) MotuFWA [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MotuFWA.sys -> Mark of the Unicorn [Ver = 3.6.7.0 | Size = 193536 bytes | Modified Date = 4/18/2006 12:14:43 PM | Attr = ] (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 8/17/2001 1:52:12 PM | Attr = ] (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.7830 | Size = 3210304 bytes | Modified Date = 7/14/2005 12:08:00 PM | Attr = ] (omci) OMCI WDM Device Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\omci.sys -> Dell Inc [Ver = 7, 1, 382, 0 | Size = 17153 bytes | Modified Date = 2/13/2004 4:46:00 PM | Attr = ] (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] (pwd_2k) pwd_2k [Kernel | System | Running] -> %SystemRoot%\system32\drivers\Pwd_2k.sys -> Roxio [Ver = 7.1.0.189 | Size = 117632 bytes | Modified Date = 11/17/2004 8:07:30 AM | Attr = ] (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 2.03.32a | Size = 20640 bytes | Modified Date = 4/25/2005 2:03:00 AM | Attr = ] (ql1080) ql1080 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 8/17/2001 1:52:20 PM | Attr = ] (ql12160) ql12160 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 8/17/2001 1:52:20 PM | Attr = ] (ql1280) ql1280 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 8/17/2001 1:52:18 PM | Attr = ] (s24trans) WLAN Transport [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\s24trans.sys -> Intel Corporation [Ver = 9, 0, 0, 3 | Size = 11354 bytes | Modified Date = 8/31/2004 8:53:04 AM | Attr = ] (SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [Ver = 1, 0, 0, 1006 | Size = 5632 bytes | Modified Date = 10/10/2006 12:53:48 PM | Attr = ] (SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 2/16/2006 4:51:08 PM | Attr = R ] (SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [Ver = 1, 0, 0, 1036 | Size = 32256 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 11/13/2007 5:25:53 AM | Attr = ] (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found (sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\SISAGP.SYS -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 8/3/2004 11:07:44 PM | Attr = ] (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 8/17/2001 2:07:44 PM | Attr = ] (STAC97) SigmaTel C-Major Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\STAC97.sys -> SigmaTel, Inc. [Ver = 5.10.4255 | Size = 273168 bytes | Modified Date = 3/10/2005 10:56:06 PM | Attr = ] (symc810) symc810 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 8/17/2001 2:07:34 PM | Attr = ] (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 8/17/2001 2:07:36 PM | Attr = ] (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 8/17/2001 2:07:40 PM | Attr = ] (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 8/17/2001 2:07:42 PM | Attr = ] (tmpreflt) tmpreflt [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmpreflt.sys -> Trend Micro Inc. [Ver = 8.550.0.1001 | Size = 35856 bytes | Modified Date = 9/17/2007 2:40:44 PM | Attr = ] (tmtdi) Trend Micro TDI Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\tmtdi.sys -> Trend Micro Inc. [Ver = 2.1.0.1050 built by: WinDDK | Size = 73288 bytes | Modified Date = 11/9/2006 4:04:20 PM | Attr = ] (tmxpflt) tmxpflt [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmxpflt.sys -> Trend Micro Inc. [Ver = 8.550.0.1001 | Size = 202768 bytes | Modified Date = 9/17/2007 2:40:48 PM | Attr = ] (UDFReadr) UDFReadr [File_System | System | Running] -> %SystemRoot%\system32\drivers\Udfreadr.sys -> Roxio [Ver = 7.1.0.189 | Size = 200832 bytes | Modified Date = 11/17/2004 8:10:52 AM | Attr = ] (ultra) ultra [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 8/17/2001 1:52:22 PM | Attr = ] (vsapint) vsapint [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\vsapint.sys -> Trend Micro Inc. [Ver = 8.550-1001 | Size = 1126072 bytes | Modified Date = 9/17/2007 2:31:22 PM | Attr = ] (w29n51) Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\w29n51.sys -> Intel® Corporation [Ver = 9000-61 Driver | Size = 3210496 bytes | Modified Date = 10/21/2004 8:56:04 PM | Attr = ] (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found (winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Modified Date = 6/17/2004 8:55:38 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Apoint -> %ProgramFiles%\Apoint\Apoint.exe -> Alps Electric Co., Ltd. [Ver = 5.5.101.155 | Size = 176128 bytes | Modified Date = 10/7/2005 6:13:38 AM | Attr = R ] Dell QuickSet -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 7, 0, 10, 0 | Size = 839680 bytes | Modified Date = 12/15/2005 10:44:40 AM | Attr = ] DLA -> %SystemRoot%\system32\DLA\DLACTRLW.EXE -> Sonic Solutions [Ver = 5.20.08a | Size = 122940 bytes | Modified Date = 9/8/2005 5:20:00 AM | Attr = ] DMXLauncher -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [Ver = | Size = 94208 bytes | Modified Date = 10/5/2005 3:12:00 AM | Attr = ] IntelWireless -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe -> Intel Corporation [Ver = 9, 0, 1, 19 | Size = 385024 bytes | Modified Date = 10/30/2004 2:59:54 PM | Attr = ] ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 249856 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ] ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 4, 50, 100, 33433 | Size = 81920 bytes | Modified Date = 6/10/2005 10:44:02 AM | Attr = ] iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 267048 bytes | Modified Date = 1/15/2008 3:22:56 AM | Attr = ] NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.10.7830 | Size = 7118848 bytes | Modified Date = 7/14/2005 12:08:00 PM | Attr = ] nwiz -> %SystemRoot%\system32\nwiz.exe -> NVIDIA Corporation [Ver = 6.14.10.10530 | Size = 1519616 bytes | Modified Date = 7/14/2005 12:08:00 PM | Attr = ] pccguide.exe -> %ProgramFiles%\Trend Micro\Internet Security 14\pccguide.exe -> Trend Micro Inc. [Ver = 14.60.0.1195 | Size = 1807960 bytes | Modified Date = 11/21/2006 2:02:24 PM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe -> Apple Inc. [Ver = 7.4 | Size = 385024 bytes | Modified Date = 1/10/2008 3:27:36 PM | Attr = ] RealTray -> %ProgramFiles%\Real\RealPlayer\realplay.exe -> RealNetworks, Inc. [Ver = 6.0.9.584 | Size = 26112 bytes | Modified Date = 4/12/2006 1:07:31 AM | Attr = ] RoxioDragToDisc -> %ProgramFiles%\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe -> Roxio [Ver = 7.1.0.189 | Size = 1691648 bytes | Modified Date = 11/17/2004 8:21:56 AM | Attr = ] SM1BG -> %SystemRoot%\SM1bg.exe -> Cypress Semiconductor [Ver = 6.01.1000.0 | Size = 94208 bytes | Modified Date = 8/27/2003 1:20:00 PM | Attr = R ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 11/9/2006 3:07:30 PM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> OE_OEM -> %ProgramFiles%\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe -> Trend Micro Inc. [Ver = 3.53.0.1041 | Size = 321040 bytes | Modified Date = 8/4/2006 3:15:28 PM | Attr = ] SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 6, 0, 1000 | Size = 1310720 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 3:06:00 AM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\hp psc 2000 Series.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.021 | Size = 323646 bytes | Modified Date = 4/9/2003 4:41:38 PM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\hpoddt01.exe.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe -> Hewlett-Packard [Ver = 1, 0, 0, 1 | Size = 28672 bytes | Modified Date = 4/9/2003 5:11:12 PM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\MFWAKeys.lnk -> %ProgramFiles%\MOTU\Audio\MFWAKeys.exe -> [Ver = | Size = 176128 bytes | Modified Date = 4/18/2006 12:16:21 PM | Attr = ] < jf6120 Startup Folder > -> C:\Documents and Settings\jf6120\Start Menu\Programs\Startup -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 12/20/2006 12:55:48 PM | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 282624 bytes | Modified Date = 2/27/2007 11:39:26 AM | Attr = ] IntelWireless -> %ProgramFiles%\Intel\Wireless\Bin\LgNotify.dll -> Intel Corporation [Ver = 9, 0, 1, 0 | Size = 110592 bytes | Modified Date = 9/7/2004 4:08:06 PM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.mss [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> C:\WINDOWS\Resources\Themes\Royale.the [C:\WINDOWS\Resources\Themes\Royale.theme] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoCDBurning -> 0 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/hws/sb/dell-inc/en/side.html?channel=us -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Default_Page_URL -> http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Bar -> http://www.google.com/hws/sb/dell-inc/en/side.html?channel=us -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com/hws/sb/dell-inc/en/side.html?channel=us -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.comcast.net/ -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> HKEY_CURRENT_USER\: ProxyOverride -> *.local -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 6.0.1.2003110300 | Size = 54248 bytes | Modified Date = 11/3/2003 2:17:44 PM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 3:21:52 PM | Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 3, 0, 131, 0 | Size = 1191424 bytes | Modified Date = 2/14/2006 7:05:30 PM | Attr = R ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 3, 0, 131, 0 | Size = 1191424 bytes | Modified Date = 2/14/2006 7:05:30 PM | Attr = R ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 3, 0, 131, 0 | Size = 1191424 bytes | Modified Date = 2/14/2006 7:05:30 PM | Attr = R ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [&Yahoo! Toolbar] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_10\bin\NPJPI150_10.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 11/9/2006 3:21:53 PM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 11/9/2006 3:21:52 PM | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_10\bin\NPJPI150_10.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 11/9/2006 3:21:53 PM | Attr = ] < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &Google Search -> %ProgramFiles%\Google\GoogleToolbar2.dll -> Google Inc. [Ver = 3, 0, 131, 0 | Size = 1191424 bytes | Modified Date = 2/14/2006 7:05:30 PM | Attr = R ] &Translate English Word -> %ProgramFiles%\Google\GoogleToolbar2.dll -> Google Inc. [Ver = 3, 0, 131, 0 | Size = 1191424 bytes | Modified Date = 2/14/2006 7:05:30 PM | Attr = R ] Backward Links -> %ProgramFiles%\Google\GoogleToolbar2.dll -> Google Inc. [Ver = 3, 0, 131, 0 | Size = 1191424 bytes | Modified Date = 2/14/2006 7:05:30 PM | Attr = R ] Cached Snapshot of Page -> %ProgramFiles%\Google\GoogleToolbar2.dll -> Google Inc. [Ver = 3, 0, 131, 0 | Size = 1191424 bytes | Modified Date = 2/14/2006 7:05:30 PM | Attr = R ] Similar Pages -> %ProgramFiles%\Google\GoogleToolbar2.dll -> Google Inc. [Ver = 3, 0, 131, 0 | Size = 1191424 bytes | Modified Date = 2/14/2006 7:05:30 PM | Attr = R ] Translate Page into English -> %ProgramFiles%\Google\GoogleToolbar2.dll -> Google Inc. [Ver = 3, 0, 131, 0 | Size = 1191424 bytes | Modified Date = 2/14/2006 7:05:30 PM | Attr = R ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {6031ADB4-672B-4278-B81C-B578F183D840} -> (Broadcom 570x Gigabit Integrated Controller) -> {7F845D47-A97F-4EFF-AE04-F1555E5F8A9A} -> (1394 Net Adapter) -> {F56E6474-6AE6-45A3-9B5D-FBE2033F4F5F} -> (Intel(R) PRO/Wireless 2200BG Network Connection) -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Inc. [Ver = 1,0,4,12 | Size = 147456 bytes | Modified Date = 7/24/2007 3:17:08 PM | Attr = ] < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab[Java Plug-in 1.5.0_10] -> {AB86CE53-AC9F-449F-9399-D8ABCA09EC09}[HKEY_LOCAL_MACHINE] -> https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx[Get_ActiveX Control] -> {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2_03] -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab[Java Plug-in 1.5.0_06] -> {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab[Java Plug-in 1.5.0_10] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab[Java Plug-in 1.5.0_10] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[Shockwave Flash Object] -> {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1}[HKEY_LOCAL_MACHINE] -> http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.2.1.cab[DownloadManager Control] -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 6/15/2005 12:49:30 PM | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 9:21:15 AM | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 3/23/2006 11:37:50 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 1136 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> C:\WINDOWS\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 16165 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> Microsoft Corporation [Ver = 4.7.3001 | Size = 1694208 bytes | Modified Date = 10/13/2004 11:24:37 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Real\RealPlayer\realplay.exe -> C:\Program Files\Real\RealPlayer\realplay.exe [C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer] -> RealNetworks, Inc. [Ver = 6.0.9.584 | Size = 26112 bytes | Modified Date = 4/12/2006 1:07:31 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Bonjour\mDNSResponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> Apple Inc. [Ver = 1,0,4,12 | Size = 229376 bytes | Modified Date = 7/24/2007 3:17:08 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> Apple Inc. [Ver = 7.6.0.29 | Size = 19926824 bytes | Modified Date = 1/15/2008 3:22:48 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll [1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll [2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll [139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll [445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll [137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll [138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Description -> Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 11:39:49 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DisplayName -> Remote Registry -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k LocalService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ObjectName -> NT AUTHORITY\LocalService -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Group -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\FailureActions -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\\ServiceDll -> C:\WINDOWS\system32\regsvc.dll [%SystemRoot%\system32\regsvc.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\0 -> Root\LEGACY_REMOTEREGISTRY\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Type -> 16 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 4 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ImagePath -> C:\WINDOWS\system32\tlntsvr.exe [C:\WINDOWS\system32\tlntsvr.exe] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73216 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DisplayName -> Telnet -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 11:39:49 PM | Attr = ] TCPIP -> -> File not found NTLMSSP -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Description -> Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> [Files/Folders - Created Within 30 days] iomter.dll -> %SystemRoot%\iomter.dll -> [Ver = | Size = 29184 bytes | Modified Date = 2/21/2008 10:13:30 AM | Attr = ] LastGood -> %SystemRoot%\LastGood -> [Folder | Created Date = 2/21/2008 10:19:51 AM | Attr = ] trashicon.exe -> %SystemRoot%\trashicon.exe -> [Ver = | Size = 48897 bytes | Modified Date = 2/15/2008 8:29:16 AM | Attr = ] wndsk.dll -> %SystemRoot%\wndsk.dll -> [Ver = | Size = 29184 bytes | Modified Date = 2/15/2008 8:29:17 AM | Attr = ] ycmgn.exe -> %SystemRoot%\ycmgn.exe -> [Ver = | Size = 809 bytes | Modified Date = 2/17/2008 8:08:43 PM | Attr = ] ynme.exe -> %SystemRoot%\ynme.exe -> [Ver = | Size = 809 bytes | Modified Date = 2/16/2008 9:39:32 AM | Attr = ] [Files Created - Additional Folder Scans - Non-Microsoft Only] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Created Date = 2/21/2008 9:35:58 AM | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 2/21/2008 9:35:49 AM | Attr = ] garage -> %UserProfile%\My Documents\garage -> [Folder | Created Date = 1/31/2008 4:41:27 PM | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 780 bytes | Modified Date = 2/21/2008 9:35:50 AM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Modified Date = 2/21/2008 10:21:18 AM | Attr = ] RegistryFix.lnk -> %UserProfile%\Desktop\RegistryFix.lnk -> [Ver = | Size = 660 bytes | Modified Date = 2/21/2008 8:37:17 AM | Attr = ] WinPFind35u -> %UserProfile%\Desktop\WinPFind35u -> [Folder | Created Date = 2/21/2008 8:18:33 AM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 2/21/2008 9:35:01 AM | Attr = ] [Files/Folders - Modified Within 30 days] i386 -> %SystemDrive%\i386 -> [Folder | Modified Date = 2/21/2008 8:46:52 AM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2/21/2008 9:35:49 AM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2/22/2008 8:58:30 AM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 2/21/2008 7:53:11 AM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 2/21/2008 10:19:44 AM | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 2/13/2008 7:44:13 AM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 2/13/2008 7:44:13 AM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 30098 bytes | Modified Date = 2/22/2008 8:58:16 AM | Attr = ] nvModes.001 -> %SystemRoot%\System32\nvModes.001 -> [Ver = | Size = 48009 bytes | Modified Date = 2/22/2008 8:58:25 AM | Attr = ] nvModes.dat -> %SystemRoot%\System32\nvModes.dat -> [Ver = | Size = 48009 bytes | Modified Date = 2/22/2008 8:14:02 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 2/22/2008 8:58:13 AM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2/12/2008 2:57:38 PM | Attr = H ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2/21/2008 10:12:50 AM | Attr = S] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 2/13/2008 7:44:06 AM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2/21/2008 10:36:37 AM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 2/21/2008 9:35:55 AM | Attr = HS] iomter.dll -> %SystemRoot%\iomter.dll -> [Ver = | Size = 29184 bytes | Modified Date = 2/21/2008 10:13:30 AM | Attr = ] LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 2/21/2008 10:19:51 AM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2/22/2008 8:58:50 AM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 2/22/2008 8:58:32 AM | Attr = H ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2/21/2008 10:14:47 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 2/21/2008 10:20:45 AM | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 2/22/2008 8:58:20 AM | Attr = ] trashicon.exe -> %SystemRoot%\trashicon.exe -> [Ver = | Size = 48897 bytes | Modified Date = 2/15/2008 8:29:16 AM | Attr = ] wndsk.dll -> %SystemRoot%\wndsk.dll -> [Ver = | Size = 29184 bytes | Modified Date = 2/15/2008 8:29:17 AM | Attr = ] ycmgn.exe -> %SystemRoot%\ycmgn.exe -> [Ver = | Size = 809 bytes | Modified Date = 2/17/2008 8:08:43 PM | Attr = ] ynme.exe -> %SystemRoot%\ynme.exe -> [Ver = | Size = 809 bytes | Modified Date = 2/16/2008 9:39:32 AM | Attr = ] RoxioUpdator.job -> %SystemRoot%\tasks\RoxioUpdator.job -> [Ver = | Size = 322 bytes | Modified Date = 2/11/2008 6:36:08 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2/21/2008 10:13:10 AM | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4232 bytes | Modified Date = 2/21/2008 10:19:10 AM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4617 bytes | Modified Date = 2/21/2008 10:19:10 AM | Attr = ] Retrieve7.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\Retrieve7.exe -> Roxio [Ver = 7.1.0.189 | Size = 1445888 bytes | Modified Date = 11/17/2004 9:15:08 AM | Attr = ] rw2_021_w02_enu.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\rw2_021_w02_enu.exe -> Hewlett-Packard Company [Ver = AIO_002_004_001_021_web_1.0 | Size = 174207416 bytes | Modified Date = 5/2/2007 7:23:18 AM | Attr = ] SSUPDATE.EXE -> C:\Documents and Settings\jf6120\Local Settings\Temp\SSUPDATE.EXE -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1030 | Size = 143360 bytes | Modified Date = 2/17/2006 3:55:46 PM | Attr = ] 29 C:\Documents and Settings\jf6120\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\jf6120\Local Settings\Temp\*.tmp -> IDLKTest.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\{92C3106E-E5FA-4B8C-8D06-9E95C1BE9FDB}\{85D3CC30-8859-481A-9654-FD9B74310BEF}\IDLKTest.exe -> [Ver = | Size = 40960 bytes | Modified Date = 5/12/2004 10:19:34 AM | Attr = ] SystemLocker.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\{92C3106E-E5FA-4B8C-8D06-9E95C1BE9FDB}\{85D3CC30-8859-481A-9654-FD9B74310BEF}\SystemLocker.exe -> [Ver = | Size = 36864 bytes | Modified Date = 3/1/2004 10:18:28 AM | Attr = ] Q810090_W2K_SP4_X86_EN.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\{9D08F48A-1D0D-48C8-9027-CCFF551516D7}\{F8E28912-A7B8-488C-B259-33F9014B9D09}\Q810090_W2K_SP4_X86_EN.exe -> Microsoft Corporation [Ver = 5.3.0010.0 (xpclnt_qfe.020226-1835) | Size = 457840 bytes | Modified Date = 1/30/2003 6:11:20 PM | Attr = ] Q816843_WXP_SP2_x86_ENU.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\{9D08F48A-1D0D-48C8-9027-CCFF551516D7}\{F8E28912-A7B8-488C-B259-33F9014B9D09}\Q816843_WXP_SP2_x86_ENU.exe -> Microsoft Corporation [Ver = 5.3.0016.5 (xpclnt_qfe.020226-1835) | Size = 286568 bytes | Modified Date = 3/21/2003 7:51:06 PM | Attr = ] unoinstl.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\{9D08F48A-1D0D-48C8-9027-CCFF551516D7}\{F8E28912-A7B8-488C-B259-33F9014B9D09}\unoinstl.exe -> M-Audio [Ver = 1, 0, 0, 3 | Size = 28672 bytes | Modified Date = 12/4/2004 12:08:16 AM | Attr = ] unouninst.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\{9D08F48A-1D0D-48C8-9027-CCFF551516D7}\{F8E28912-A7B8-488C-B259-33F9014B9D09}\unouninst.exe -> M-Audio [Ver = 1, 0, 4, 0 | Size = 45056 bytes | Modified Date = 12/6/2004 4:33:02 PM | Attr = ] update70to71_2.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\RoxUpdat\update70to71_2.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 124895952 bytes | Modified Date = 5/7/2006 5:43:04 PM | Attr = ] Setup.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\Temporary Directory 1 for MOTU_Audio3.6.7.0.zip\MOTU_Audio3.6.7.0\Setup.exe -> [Ver = | Size = 16024091 bytes | Modified Date = 4/18/2006 8:47:14 AM | Attr = R ] @Alternate Data Stream - 0 bytes -> %UserProfile%\Local Settings\Temp\Temporary Directory 1 for MOTU_Audio3.6.7.0.zip\MOTU_Audio3.6.7.0\Setup.exe:Zone.Identifier Setup.exe -> C:\Documents and Settings\jf6120\Local Settings\Temp\Temporary Directory 1 for MOTU_Audio3.6.7.0[1].zip\MOTU_Audio3.6.7.0\Setup.exe -> [Ver = | Size = 16024091 bytes | Modified Date = 4/18/2006 8:47:14 AM | Attr = R ] @Alternate Data Stream - 0 bytes -> %UserProfile%\Local Settings\Temp\Temporary Directory 1 for MOTU_Audio3.6.7.0[1].zip\MOTU_Audio3.6.7.0\Setup.exe:Zone.Identifier ikooqdro.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\ikooqdro.dll -> [Ver = | Size = 53248 bytes | Modified Date = 2/22/2008 8:47:48 AM | Attr = ] PSP MixBass.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\PSP MixBass.dll -> [Ver = | Size = 483328 bytes | Modified Date = 5/21/2006 8:45:20 AM | Attr = ] PSP MixPressor.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\PSP MixPressor.dll -> [Ver = | Size = 712704 bytes | Modified Date = 5/21/2006 8:45:20 AM | Attr = ] PSP MixSaturator.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\PSP MixSaturator.dll -> [Ver = | Size = 655360 bytes | Modified Date = 5/21/2006 8:45:20 AM | Attr = ] PSP MixTreble.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\PSP MixTreble.dll -> [Ver = | Size = 860160 bytes | Modified Date = 5/21/2006 8:45:21 AM | Attr = ] TargetFinder.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\TargetFinder.dll -> [Ver = 1, 0, 0, 1 | Size = 172032 bytes | Modified Date = 4/13/2004 5:29:52 PM | Attr = ] uninst.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\uninst.dll -> [Ver = | Size = 114688 bytes | Modified Date = 9/1/2004 10:56:56 AM | Attr = ] 29 C:\Documents and Settings\jf6120\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\jf6120\Local Settings\Temp\*.tmp -> IDLK.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\{92C3106E-E5FA-4B8C-8D06-9E95C1BE9FDB}\{85D3CC30-8859-481A-9654-FD9B74310BEF}\IDLK.dll -> Intel Corporation [Ver = 1.1.0.17 | Size = 69632 bytes | Modified Date = 5/12/2004 10:18:10 AM | Attr = ] isrt.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\{92C3106E-E5FA-4B8C-8D06-9E95C1BE9FDB}\{85D3CC30-8859-481A-9654-FD9B74310BEF}\isrt.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 401408 bytes | Modified Date = 11/10/2003 5:15:36 PM | Attr = ] _IsRes.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\{92C3106E-E5FA-4B8C-8D06-9E95C1BE9FDB}\{85D3CC30-8859-481A-9654-FD9B74310BEF}\_IsRes.dll -> InstallShield Software Corporation [Ver = 9.00.333 | Size = 364544 bytes | Modified Date = 9/3/2003 3:56:56 AM | Attr = ] _ISUser.dll -> C:\Documents and Settings\jf6120\Local Settings\Temp\{92C3106E-E5FA-4B8C-8D06-9E95C1BE9FDB}\{85D3CC30-8859-481A-9654-FD9B74310BEF}\_ISUser.dll -> [Ver = | Size = 53248 bytes | Modified Date = 9/8/2005 6:22:08 PM | Attr = ] EVOLUSB.DLL -> C:\Documents and Settings\jf6120\Local Settings\Temp\{9D08F48A-1D0D-48C8-9027-CCFF551516D7}\{F8E28912-A7B8-488C-B259-33F9014B9D09}\EVOLUSB.DLL -> Evolution Electronics Ltd. [Ver = 5.2.3 | Size = 17920 bytes | Modified Date = 10/20/2004 3:50:50 PM | Attr = ] EVOLUSBN.DLL -> C:\Documents and Settings\jf6120\Local Settings\Temp\{9D08F48A-1D0D-48C8-9027-CCFF551516D7}\{F8E28912-A7B8-488C-B259-33F9014B9D09}\EVOLUSBN.DLL -> Evolution Electronics Ltd. [Ver = 5.2.3 | Size = 85504 bytes | Modified Date = 10/20/2004 3:50:54 PM | Attr = ] USBMM1X1.DLL -> C:\Documents and Settings\jf6120\Local Settings\Temp\{9D08F48A-1D0D-48C8-9027-CCFF551516D7}\{F8E28912-A7B8-488C-B259-33F9014B9D09}\USBMM1X1.DLL -> Doug Fetter Software Wizardry [Ver = 4.1.21 | Size = 17920 bytes | Modified Date = 2/4/2003 5:42:56 AM | Attr = ] USBMN1X1.DLL -> C:\Documents and Settings\jf6120\Local Settings\Temp\{9D08F48A-1D0D-48C8-9027-CCFF551516D7}\{F8E28912-A7B8-488C-B259-33F9014B9D09}\USBMN1X1.DLL -> Doug Fetter Software Wizardry [Ver = 4.1.21 | Size = 82944 bytes | Modified Date = 2/4/2003 5:42:56 AM | Attr = ] index.dat -> C:\Documents and Settings\jf6120\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 8/24/2006 11:14:05 AM | Attr = ] 0x0404.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x0404.ini -> [Ver = | Size = 3771 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0407.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x0407.ini -> [Ver = | Size = 6265 bytes | Modified Date = 11/3/2007 8:12:39 AM | Attr = ] 0x0409.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x0409.ini -> [Ver = | Size = 5495 bytes | Modified Date = 11/3/2007 8:12:39 AM | Attr = ] 0x040a.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x040a.ini -> [Ver = | Size = 6265 bytes | Modified Date = 11/3/2007 8:12:39 AM | Attr = ] 0x040c.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x040c.ini -> [Ver = | Size = 6394 bytes | Modified Date = 11/3/2007 8:12:39 AM | Attr = ] 0x0410.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x0410.ini -> [Ver = | Size = 6160 bytes | Modified Date = 11/3/2007 8:12:39 AM | Attr = ] 0x0411.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x0411.ini -> [Ver = | Size = 5887 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0412.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x0412.ini -> [Ver = | Size = 5045 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0413.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x0413.ini -> [Ver = | Size = 6087 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0416.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x0416.ini -> [Ver = | Size = 5900 bytes | Modified Date = 11/3/2007 8:12:39 AM | Attr = ] 0x0804.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\0x0804.ini -> [Ver = | Size = 3841 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] Setup.INI -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\Setup.INI -> [Ver = | Size = 1994 bytes | Modified Date = 11/3/2007 8:12:39 AM | Attr = ] _ISMSIDEL.INI -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CB\_ISMSIDEL.INI -> [Ver = | Size = 765 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0404.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x0404.ini -> [Ver = | Size = 3771 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0407.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x0407.ini -> [Ver = | Size = 6265 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0409.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x0409.ini -> [Ver = | Size = 5495 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x040a.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x040a.ini -> [Ver = | Size = 6265 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x040c.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x040c.ini -> [Ver = | Size = 6394 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0410.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x0410.ini -> [Ver = | Size = 6160 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0411.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x0411.ini -> [Ver = | Size = 5887 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0412.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x0412.ini -> [Ver = | Size = 5045 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0413.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x0413.ini -> [Ver = | Size = 6087 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0416.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x0416.ini -> [Ver = | Size = 5900 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] 0x0804.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\0x0804.ini -> [Ver = | Size = 3841 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] Setup.INI -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\Setup.INI -> [Ver = | Size = 1994 bytes | Modified Date = 11/3/2007 8:12:40 AM | Attr = ] _ISMSIDEL.INI -> C:\Documents and Settings\jf6120\Local Settings\Temp\_is2CD\_ISMSIDEL.INI -> [Ver = | Size = 765 bytes | Modified Date = 11/3/2007 8:12:41 AM | Attr = ] 0x0404.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x0404.ini -> [Ver = | Size = 3771 bytes | Modified Date = 11/3/2007 8:17:53 AM | Attr = ] 0x0407.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x0407.ini -> [Ver = | Size = 6265 bytes | Modified Date = 11/3/2007 8:17:52 AM | Attr = ] 0x0409.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x0409.ini -> [Ver = | Size = 5495 bytes | Modified Date = 11/3/2007 8:17:52 AM | Attr = ] 0x040a.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x040a.ini -> [Ver = | Size = 6265 bytes | Modified Date = 11/3/2007 8:17:51 AM | Attr = ] 0x040c.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x040c.ini -> [Ver = | Size = 6394 bytes | Modified Date = 11/3/2007 8:17:52 AM | Attr = ] 0x0410.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x0410.ini -> [Ver = | Size = 6160 bytes | Modified Date = 11/3/2007 8:17:51 AM | Attr = ] 0x0411.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x0411.ini -> [Ver = | Size = 5887 bytes | Modified Date = 11/3/2007 8:17:53 AM | Attr = ] 0x0412.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x0412.ini -> [Ver = | Size = 5045 bytes | Modified Date = 11/3/2007 8:17:52 AM | Attr = ] 0x0413.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x0413.ini -> [Ver = | Size = 6087 bytes | Modified Date = 11/3/2007 8:17:53 AM | Attr = ] 0x0416.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x0416.ini -> [Ver = | Size = 5900 bytes | Modified Date = 11/3/2007 8:17:52 AM | Attr = ] 0x0804.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\0x0804.ini -> [Ver = | Size = 3841 bytes | Modified Date = 11/3/2007 8:17:53 AM | Attr = ] Setup.INI -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\Setup.INI -> [Ver = | Size = 1994 bytes | Modified Date = 11/3/2007 8:17:51 AM | Attr = ] _ISMSIDEL.INI -> C:\Documents and Settings\jf6120\Local Settings\Temp\_isA\_ISMSIDEL.INI -> [Ver = | Size = 741 bytes | Modified Date = 11/3/2007 8:17:53 AM | Attr = ] corecomp.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\{92C3106E-E5FA-4B8C-8D06-9E95C1BE9FDB}\corecomp.ini -> [Ver = | Size = 65503 bytes | Modified Date = 4/15/2002 4:04:36 PM | Attr = ] desktop.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\Temporary Internet Files\Content.IE5\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 8/24/2006 11:06:39 AM | Attr = HS] desktop.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\Temporary Internet Files\Content.IE5\1MXECNVG\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 8/24/2006 11:06:39 AM | Attr = HS] desktop.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\Temporary Internet Files\Content.IE5\8H23GDQZ\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 8/24/2006 11:06:39 AM | Attr = HS] desktop.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\Temporary Internet Files\Content.IE5\SDEB896R\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 8/24/2006 11:06:39 AM | Attr = HS] desktop.ini -> C:\Documents and Settings\jf6120\Local Settings\Temp\Temporary Internet Files\Content.IE5\WHUBCHI3\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 8/24/2006 11:06:39 AM | Attr = HS] iottem.dll -> C:\WINDOWS\Temp\iottem.dll -> [Ver = | Size = 29184 bytes | Modified Date = 2/21/2008 10:13:28 AM | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 2/21/2008 9:35:58 AM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 2/13/2008 4:58:21 PM | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 2/21/2008 9:35:49 AM | Attr = ] checkbook 13.xls -> %UserProfile%\My Documents\checkbook 13.xls -> [Ver = | Size = 27648 bytes | Modified Date = 1/26/2008 9:10:04 AM | Attr = ] checkbook 14.xls -> %UserProfile%\My Documents\checkbook 14.xls -> [Ver = | Size = 27136 bytes | Modified Date = 2/16/2008 6:42:19 PM | Attr = ] garage -> %UserProfile%\My Documents\garage -> [Folder | Modified Date = 1/31/2008 4:41:35 PM | Attr = ] SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 780 bytes | Modified Date = 2/21/2008 9:35:50 AM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Modified Date = 2/21/2008 10:21:18 AM | Attr = ] RegistryFix.lnk -> %UserProfile%\Desktop\RegistryFix.lnk -> [Ver = | Size = 660 bytes | Modified Date = 2/21/2008 8:37:17 AM | Attr = ] WinPFind35u -> %UserProfile%\Desktop\WinPFind35u -> [Folder | Modified Date = 2/22/2008 8:52:41 AM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 2/21/2008 9:35:01 AM | Attr = ] [File - Lop Check: Additional Folder Scans - Non-Microsoft Only] C:\Documents and Settings\All Users\Application Data\ -> C:\Documents and Settings\All Users\Application Data -> [Folder | Modified Date = 2/21/2008 9:35:58 AM | Attr = RH ] Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [Folder | Modified Date = 4/12/2006 1:05:13 AM | Attr = ] AOL -> C:\Documents and Settings\All Users\Application Data\AOL -> [Folder | Modified Date = 5/7/2006 8:42:45 AM | Attr = ] Apple -> C:\Documents and Settings\All Users\Application Data\Apple -> [Folder | Modified Date = 1/17/2008 3:54:39 PM | Attr = ] Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer -> [Folder | Modified Date = 3/23/2007 10:39:06 AM | Attr = ] Cakewalk -> C:\Documents and Settings\All Users\Application Data\Cakewalk -> [Folder | Modified Date = 5/8/2006 6:33:02 PM | Attr = ] DIGStream -> C:\Documents and Settings\All Users\Application Data\DIGStream -> [Folder | Modified Date = 8/16/2005 8:54:52 PM | Attr = ] InstallShield -> C:\Documents and Settings\All Users\Application Data\InstallShield -> [Folder | Modified Date = 4/12/2006 1:12:20 AM | Attr = ] Intel -> C:\Documents and Settings\All Users\Application Data\Intel -> [Folder | Modified Date = 4/12/2006 1:03:01 AM | Attr = ] Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [Folder | Modified Date = 5/10/2006 7:22:05 PM | Attr = S] Napster -> C:\Documents and Settings\All Users\Application Data\Napster -> [Folder | Modified Date = 5/7/2006 4:55:30 PM | Attr = ] nView_Profiles -> C:\Documents and Settings\All Users\Application Data\nView_Profiles -> [Folder | Modified Date = 6/11/2006 8:27:29 PM | Attr = ] QuickTime -> C:\Documents and Settings\All Users\Application Data\QuickTime -> [Folder | Modified Date = 4/12/2006 1:07:39 AM | Attr = ] Roxio -> C:\Documents and Settings\All Users\Application Data\Roxio -> [Folder | Modified Date = 5/7/2006 4:39:56 PM | Attr = ] Sonic -> C:\Documents and Settings\All Users\Application Data\Sonic -> [Folder | Modified Date = 4/12/2006 1:04:06 AM | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 2/21/2008 9:35:58 AM | Attr = ] Support.com -> C:\Documents and Settings\All Users\Application Data\Support.com -> [Folder | Modified Date = 7/28/2007 9:13:35 AM | Attr = ] Trend Micro -> C:\Documents and Settings\All Users\Application Data\Trend Micro -> [Folder | Modified Date = 11/3/2007 8:23:10 AM | Attr = ] Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [Folder | Modified Date = 2/2/2007 12:25:43 PM | Attr = ] Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 5/6/2006 7:04:48 PM | Attr = ] C:\Documents and Settings\jf6120\Application Data\ -> C:\Documents and Settings\jf6120\Application Data -> [Folder | Modified Date = 2/21/2008 9:35:49 AM | Attr = RH ] Adobe -> C:\Documents and Settings\jf6120\Application Data\Adobe -> [Folder | Modified Date = 2/13/2008 4:58:21 PM | Attr = ] AdobeUM -> C:\Documents and Settings\jf6120\Application Data\AdobeUM -> [Folder | Modified Date = 6/5/2007 6:14:34 PM | Attr = ] Apple Computer -> C:\Documents and Settings\jf6120\Application Data\Apple Computer -> [Folder | Modified Date = 6/1/2006 5:26:58 PM | Attr = ] Cakewalk -> C:\Documents and Settings\jf6120\Application Data\Cakewalk -> [Folder | Modified Date = 5/7/2006 12:01:59 PM | Attr = ] Download Manager -> C:\Documents and Settings\jf6120\Application Data\Download Manager -> [Folder | Modified Date = 11/3/2007 8:07:35 AM | Attr = ] Google -> C:\Documents and Settings\jf6120\Application Data\Google -> [Folder | Modified Date = 4/12/2006 1:16:09 AM | Attr = ] Help -> C:\Documents and Settings\jf6120\Application Data\Help -> [Folder | Modified Date = 12/28/2006 9:02:59 PM | Attr = ] Hewlett-Packard -> C:\Documents and Settings\jf6120\Application Data\Hewlett-Packard -> [Folder | Modified Date = 5/3/2007 6:56:07 AM | Attr = ] Identities -> C:\Documents and Settings\jf6120\Application Data\Identities -> [Folder | Modified Date = 5/8/2006 6:38:13 PM | Attr = ] Intel -> C:\Documents and Settings\jf6120\Application Data\Intel -> [Folder | Modified Date = 4/12/2006 1:03:30 AM | Attr = ] Leadertech -> C:\Documents and Settings\jf6120\Application Data\Leadertech -> [Folder | Modified Date = 5/6/2006 8:09:58 PM | Attr = ] Macromedia -> C:\Documents and Settings\jf6120\Application Data\Macromedia -> [Folder | Modified Date = 5/6/2006 7:22:05 PM | Attr = ] Microsoft -> C:\Documents and Settings\jf6120\Application Data\Microsoft -> [Folder | Modified Date = 9/2/2006 11:41:37 AM | Attr = S] Microsoft Web Folders -> C:\Documents and Settings\jf6120\Application Data\Microsoft Web Folders -> [Folder | Modified Date = 8/24/2006 11:09:40 AM | Attr = ] Move Networks -> C:\Documents and Settings\jf6120\Application Data\Move Networks -> [Folder | Modified Date = 3/15/2007 12:19:14 PM | Attr = ] Roxio -> C:\Documents and Settings\jf6120\Application Data\Roxio -> [Folder | Modified Date = 5/21/2006 12:50:02 PM | Attr = ] Sonic -> C:\Documents and Settings\jf6120\Application Data\Sonic -> [Folder | Modified Date = 5/6/2006 8:10:10 PM | Attr = ] Sun -> C:\Documents and Settings\jf6120\Application Data\Sun -> [Folder | Modified Date = 4/12/2006 12:59:21 AM | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\jf6120\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 2/21/2008 9:35:49 AM | Attr = ] Viewpoint -> C:\Documents and Settings\jf6120\Application Data\Viewpoint -> [Folder | Modified Date = 2/2/2007 12:25:46 PM | Attr = ] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [Folder | Modified Date = 1/17/2008 3:55:56 PM | Attr = S] AppleSoftwareUpdate.job -> C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 1/17/2008 3:55:57 PM | Attr = ] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 8/10/2004 5:00:00 AM | Attr = RH ] FRU Task #Hewlett-Packard#hp psc 2170 series#1178109400.job -> C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1178109400.job -> [Ver = | Size = 344 bytes | Modified Date = 8/17/2007 7:59:49 AM | Attr = ] RoxioUpdator.job -> C:\WINDOWS\Tasks\RoxioUpdator.job -> [Ver = | Size = 322 bytes | Modified Date = 2/11/2008 6:36:08 PM | Attr = ] SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2/21/2008 10:13:10 AM | Attr = H ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] [CatchMe Rootkit Scan by GMER] < Windows folder & sub-folders > scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 < Document and Settings folder & sub folders > scanning hidden files ... C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\All Users\Documents\My Pictures\Landscapes - GalleryPlayer\ehthumbs.db:encryptable 0 bytes C:\Documents and Settings\All Users\Documents\My Pictures\Masterpieces - GalleryPlayer\ehthumbs.db:encryptable 0 bytes C:\Documents and Settings\All Users\Documents\My Pictures\Nature - GalleryPlayer\ehthumbs.db:encryptable 0 bytes C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\All Users\Documents\My Videos\ehthumbs.db:encryptable 0 bytes C:\Documents and Settings\jf6120\Application Data\Microsoft\eHome\mcl_images\ehthumbs.db:encryptable 0 bytes C:\Documents and Settings\jf6120\Favorites\ImageShack® - Hosting.url:favicon 1406 bytes C:\Documents and Settings\jf6120\Favorites\Links\ESPN The Worldwide Leader In Sports.url:favicon 2862 bytes C:\Documents and Settings\jf6120\Favorites\Links\Windows.url:favicon 3638 bytes C:\Documents and Settings\jf6120\Favorites\micing drums.url:favicon 1406 bytes C:\Documents and Settings\jf6120\Favorites\Posting New Topic - Geeks to Go!.url:favicon 1406 bytes C:\Documents and Settings\jf6120\Favorites\zZounds.com.url:favicon 1822 bytes C:\Documents and Settings\jf6120\Local Settings\Application Data\Microsoft\ehome\musicThumbs.db:encryptable 0 bytes C:\Documents and Settings\jf6120\Local Settings\Application Data\Microsoft\ehome\Video.db:encryptable 0 bytes C:\Documents and Settings\jf6120\My Documents\My Pictures\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\jf6120\My Documents\My Pictures\Home Facade\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\jf6120\My Documents\My Pictures\JF Promos\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\jf6120\My Documents\My Pictures\Picture\Thumbs.db:encryptable 0 bytes C:\Documents and Settings\jf6120\My Documents\My Pictures\Ryan Homes Promos\Thumbs.db:encryptable 0 bytes scan completed successfully hidden files: 37 < End of report > [/code]