[code] WinPFind35 logfile created on: 2/21/2008 11:42:48 AM WinPFind35U Version 1.0.0.1 Folder = C:\Documents and Settings\Ken\Desktop\WinPFind35u Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 255.48 Mb Total Physical Memory | 116.58 Mb Available Physical Memory | 45.63% Memory free 618.21 Mb Paging File | 438.22 Mb Available in Paging File | 70.89% Paging File free Paging file location(s): C:\pagefile.sys 384 768; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 18.64 Gb Total Space | 13.00 Gb Free Space | 69.74% Space Free | Partition Type: NTFS Drive D: | 18.63 Gb Total Space | 3.36 Gb Free Space | 18.05% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KEN-BE82E776B3B Current User Name: Ken Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4121 | Size = 376832 bytes | Modified Date = 10/7/2005 6:38:18 PM | Attr = ] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 12/4/2007 9:00:23 PM | Attr = ] ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 12/4/2007 8:59:53 PM | Attr = ] ttplayer.exe -> D:\Program Files\TTPlayer\TTPlayer.exe -> Alen Soft [Ver = 5, 1, 0, 0 | Size = 923136 bytes | Modified Date = 12/19/2007 11:00:10 AM | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309760 bytes | Modified Date = 2/21/2008 7:41:02 PM | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309760 bytes | Modified Date = 2/21/2008 7:41:02 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 17272 bytes | Modified Date = 12/4/2007 10:36:33 PM | Attr = ] (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4121 | Size = 376832 bytes | Modified Date = 10/7/2005 6:38:18 PM | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 140664 bytes | Modified Date = 12/4/2007 9:00:16 PM | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 247160 bytes | Modified Date = 12/4/2007 8:59:53 PM | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 345464 bytes | Modified Date = 12/4/2007 8:59:01 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:50 AM | Attr = ] [Driver Services - Non-Microsoft Only] (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Modified Date = 12/4/2007 10:49:02 PM | Attr = ] (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found (AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\AGRSM.sys -> Agere Systems [Ver = 2.1.65 2.1.65 01/25/2006 16:24:23 | Size = 1149888 bytes | Modified Date = 1/25/2006 4:24:30 PM | Attr = R ] (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found (AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found (amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found (asc) asc [Kernel | Disabled | Stopped] -> -> File not found (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found (asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Modified Date = 12/4/2007 10:55:46 PM | Attr = ] (aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Modified Date = 12/4/2007 10:53:39 PM | Attr = ] (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\system32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Modified Date = 12/4/2007 10:51:52 PM | Attr = ] (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found (ATI2HDDSRV) ATI2HDDSRV [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ati32srv.sys -> File not found (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6575 | Size = 1348096 bytes | Modified Date = 10/7/2005 6:46:06 PM | Attr = ] (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found (Changer) Changer [Kernel | System | Stopped] -> -> File not found (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found (csctl50) John's Windows 2000 Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\CSCtl50.sys -> [Ver = | Size = 30224 bytes | Modified Date = 3/21/2000 5:04:28 AM | Attr = ] (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/3/2004 11:07:18 PM | Attr = ] (dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/3/2004 11:07:18 PM | Attr = ] (dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found (hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found (i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found (i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found (iCafe Update) iCafe Update [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\pcihdd2.sys -> File not found (ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found (IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found (msertk) msertk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\msyecp.sys -> [Ver = | Size = 12672 bytes | Modified Date = 2/22/2008 7:31:50 PM | Attr = ] (msskye) msskye [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\msaclue.sys -> [Ver = | Size = 11264 bytes | Modified Date = 2/21/2008 11:39:43 AM | Attr = ] (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found (PCIIde) PCIIde [Kernel | Disabled | Stopped] -> -> File not found (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found (perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] (ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found (ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found (ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found (ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 8/4/2004 6:31:34 AM | Attr = ] (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [Ver = | Size = 27440 bytes | Modified Date = 7/17/2004 11:36:38 AM | Attr = ] (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found (symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found (TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found (ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found (VIAudio) VIA AC'97 Audio Controller (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\viaudio.sys -> VIA Technologies, Inc. [Ver = 5.12.01.3820 built by: VIA | Size = 64128 bytes | Modified Date = 9/16/2002 11:20:00 AM | Attr = R ] (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 79224 bytes | Modified Date = 12/4/2007 9:00:23 PM | Attr = ] Babylon Client -> %ProgramFiles%\Babylon\Babylon-Pro\Babylon.exe -> Babylon Ltd. [Ver = 6.0.0.29 | Size = 2663480 bytes | Modified Date = 2/22/2008 7:18:02 PM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_05\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 36975 bytes | Modified Date = 8/26/2005 6:14:44 PM | Attr = ] < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 10/23/2006 1:48:20 AM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk -> %ProgramFiles%\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe -> [Ver = 8.0.0.0 | Size = 734872 bytes | Modified Date = 10/23/2006 12:01:50 AM | Attr = ] < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Ken Startup Folder > -> C:\Documents and Settings\Ken\Start Menu\Programs\Startup -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> eve.dll -> eve.dll -> File not found ddtj.dll -> ddtj.dll -> File not found xhqq.dll -> xhqq.dll -> File not found naijihzeuyouhz.dll -> naijihzeuyouhz.dll -> File not found iemnaw.dll -> iemnaw.dll -> File not found auhad.dll -> auhad.dll -> File not found wtiemnaw.dll -> wtiemnaw.dll -> File not found ijiq.dll -> ijiq.dll -> File not found gsqq.dll -> gsqq.dll -> File not found jsqc.dll -> jsqc.dll -> File not found qcsct.dll -> qcsct.dll -> File not found QQ.dll -> QQ.dll -> File not found utgnehz.dll -> utgnehz.dll -> File not found uyomielnux.dll -> uyomielnux.dll -> File not found naixuhz.dll -> naixuhz.dll -> File not found nuygnef.dll -> nuygnef.dll -> File not found jmx.dll -> jmx.dll -> File not found oadgnohiac.dll -> oadgnohiac.dll -> File not found dgzg.dll -> dgzg.dll -> File not found vlihzouhgnfe.dll -> vlihzouhgnfe.dll -> File not found sfhx.dll -> sfhx.dll -> File not found ijougiemnaw.dll -> ijougiemnaw.dll -> File not found naijoad.dll -> naijoad.dll -> File not found jsfg.dll -> jsfg.dll -> File not found zqhs.dll -> zqhs.dll -> File not found niluw.dll -> niluw.dll -> File not found nauhgnem.dll -> nauhgnem.dll -> File not found uohsom.dll -> uohsom.dll -> File not found uyom.dll -> uyom.dll -> File not found oadnew.dll -> oadnew.dll -> File not found wtwx.dll -> wtwx.dll -> File not found gnaixnauhuoyizqq.dll -> gnaixnauhuoyizqq.dll -> File not found gnaixnauhqq.dll -> gnaixnauhqq.dll -> File not found hjxr.dll -> hjxr.dll -> File not found nahzij.dll -> nahzij.dll -> File not found fz.dll -> fz.dll -> File not found hz.dll -> hz.dll -> File not found iqnauhc.dll -> iqnauhc.dll -> File not found 3auhad.dll -> 3auhad.dll -> File not found xhtd.dll -> xhtd.dll -> File not found gnefnaib.dll -> gnefnaib.dll -> File not found rj.dll -> rj.dll -> File not found aixauh.dll -> aixauh.dll -> File not found fmxh.dll -> fmxh.dll -> File not found 2ty.dll -> 2ty.dll -> File not found 2nauygniqaixnaij.dll -> 2nauygniqaixnaij.dll -> File not found dqncj.dll -> dqncj.dll -> File not found qnefnaib.dll -> qnefnaib.dll -> File not found bz.dll -> bz.dll -> File not found bauhgnem.dll -> bauhgnem.dll -> File not found cuhad.dll -> cuhad.dll -> File not found ej.dll -> ej.dll -> File not found fmxh.dll -> fmxh.dll -> File not found utiemnaw.dll -> utiemnaw.dll -> File not found wQ.dll -> wQ.dll -> File not found xjxr.dll -> xjxr.dll -> File not found yqhs.dll -> yqhs.dll -> File not found rsqq.dll -> rsqq.dll -> File not found zadnew.dll -> zadnew.dll -> File not found uixauh.dll -> uixauh.dll -> File not found idtj.dll -> idtj.dll -> File not found duygnef.dll -> duygnef.dll -> File not found eohsom.dll -> eohsom.dll -> File not found mhtd.dll -> mhtd.dll -> File not found hjiq.dll -> hjiq.dll -> File not found taijoad.dll -> taijoad.dll -> File not found laixuhz.dll -> laixuhz.dll -> File not found htwx.dll -> htwx.dll -> File not found jz.dll -> jz.dll -> File not found pyomielnux.dll -> pyomielnux.dll -> File not found qlihzouhgnfe.dll -> qlihzouhgnfe.dll -> File not found cty.dll -> cty.dll -> File not found dsfg.dll -> dsfg.dll -> File not found knaixnauhuoyizqq.dll -> knaixnauhuoyizqq.dll -> File not found kiluw.dll -> kiluw.dll -> File not found pahzij.dll -> pahzij.dll -> File not found fyom.dll -> fyom.dll -> File not found tsqc.dll -> tsqc.dll -> File not found jemnaw.dll -> jemnaw.dll -> File not found lnaixnauhqq.dll -> lnaixnauhqq.dll -> File not found mnauygniqaixnaij.dll -> mnauygniqaixnaij.dll -> File not found vauyiqvlnaix.dll -> vauyiqvlnaix.dll -> File not found ijougiemnaw.dll -> ijougiemnaw.dll -> File not found sauhad.dll -> sauhad.dll -> File not found oaijihzeuyouhz.dll -> oaijihzeuyouhz.dll -> File not found vhqq.dll -> vhqq.dll -> File not found gmx.dll -> gmx.dll -> File not found agzg.dll -> agzg.dll -> File not found atgnehz.dll -> %SystemRoot%\system32\atgnehz.dll -> [Ver = | Size = 15947 bytes | Modified Date = 2/22/2008 7:31:49 PM | Attr = HS] rfhx.dll -> rfhx.dll -> File not found sve.dll -> sve.dll -> File not found nadgnohiac.dll -> nadgnohiac.dll -> File not found oqnauhc.dll -> oqnauhc.dll -> File not found wininat.dll -> wininat.dll -> File not found *MultiFile Done* -> -> < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003] > -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4121 | Size = 46080 bytes | Modified Date = 10/7/2005 6:39:30 PM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\lnytjehsw -> C:\WINDOWS\lnytjehsw.exe [lnytjehsw.exe] -> [Ver = | Size = 10125 bytes | Modified Date = 2/22/2008 7:31:45 PM | Attr = HS] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003] > -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.com/ -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\] > -> -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\: Main\\Start Page -> http://www.google.com/ -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 11:08:42 PM | Attr = ] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\BitComet\tools\BitCometBHO_1.2.1.2.dll [BitComet Helper] -> BitComet [Ver = 20080116 | Size = 496952 bytes | Modified Date = 1/25/2008 6:06:28 PM | Attr = ] {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_05\bin\NPJPI150_05.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 69746 bytes | Modified Date = 8/26/2005 6:33:54 PM | Attr = ] {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [BitComet] -> File not found < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} [HKEY_LOCAL_MACHINE] -> [BitComet] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &D&ownload &with BitComet -> %ProgramFiles%\BitComet\BitComet.exe -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 PM | Attr = ] &D&ownload all video with BitComet -> %ProgramFiles%\BitComet\BitComet.exe -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 PM | Attr = ] &D&ownload all with BitComet -> %ProgramFiles%\BitComet\BitComet.exe -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 PM | Attr = ] < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} [HKEY_LOCAL_MACHINE] -> [BitComet] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1993962763-1275210071-725345543-1003\Software\Microsoft\Internet Explorer\MenuExt\ -> &D&ownload &with BitComet -> %ProgramFiles%\BitComet\BitComet.exe -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 PM | Attr = ] &D&ownload all video with BitComet -> %ProgramFiles%\BitComet\BitComet.exe -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 PM | Attr = ] &D&ownload all with BitComet -> %ProgramFiles%\BitComet\BitComet.exe -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 PM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> SV1 -> -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {C71A499A-A5E4-4A27-A638-B2912AD5EEF0} -> 192.168.1.1 (Realtek RTL8139 Family PCI Fast Ethernet NIC) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab[Java Plug-in 1.5.0_05] -> {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab[Java Plug-in 1.5.0_05] -> Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 294400 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 144896 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49152 bytes | Modified Date = 8/4/2004 12:56:48 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 596 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> C:\WINDOWS\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 52 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> Microsoft Corporation [Ver = 8.1.0178.00 | Size = 5674352 bytes | Modified Date = 1/19/2007 12:54:56 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> Microsoft Corporation [Ver = 1.1.161.0 | Size = 297752 bytes | Modified Date = 1/4/2007 4:10:02 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BitComet\BitComet.exe -> C:\Program Files\BitComet\BitComet.exe [C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client] -> www.BitComet.com [Ver = 0.99 | Size = 2194744 bytes | Modified Date = 2/1/2008 3:20:14 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> Microsoft Corporation [Ver = 8.1.0178.00 | Size = 5674352 bytes | Modified Date = 1/19/2007 12:54:56 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> Microsoft Corporation [Ver = 1.1.161.0 | Size = 297752 bytes | Modified Date = 1/4/2007 4:10:02 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\15259:TCP -> 15259:TCP:*:Enabled:BitComet 15259 TCP -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\15259:UDP -> 15259:UDP:*:Enabled:BitComet 15259 UDP -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/4/2004 12:56:48 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Description -> Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 395776 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DisplayName -> Remote Registry -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k LocalService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ObjectName -> NT AUTHORITY\LocalService -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Group -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\FailureActions -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\\ServiceDll -> C:\WINDOWS\system32\regsvc.dll [%SystemRoot%\system32\regsvc.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\0 -> Root\LEGACY_REMOTEREGISTRY\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Type -> 16 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 4 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ImagePath -> C:\WINDOWS\system32\tlntsvr.exe [C:\WINDOWS\system32\tlntsvr.exe] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73216 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DisplayName -> Telnet -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 395776 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr = ] TCPIP -> -> File not found NTLMSSP -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Description -> Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> -> File not found .cmd [@ = cmdfile] -> -> File not found .com [@ = comfile] -> -> File not found .exe [@ = exefile] -> -> File not found .pif [@ = piffile] -> -> File not found .scr [@ = scrfile] -> -> File not found [Files/Folders - Created Within 90 days] AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 2/22/2008 5:46:22 PM | Attr = HS] CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Created Date = 2/23/2008 1:33:34 AM | Attr = ] Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 2/22/2008 7:27:08 PM | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = RHS] MSOCache -> %SystemDrive%\MSOCache -> [Folder | Created Date = 2/22/2008 6:23:52 PM | Attr = RH ] Program Files -> %ProgramFiles% -> [Folder | Created Date = 2/23/2008 1:39:00 AM | Attr = R ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 2/22/2008 7:00:10 PM | Attr = HS] sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 268 bytes | Modified Date = 2/22/2008 7:54:43 PM | Attr = H ] sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/22/2008 7:54:42 PM | Attr = H ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 2/23/2008 1:33:34 AM | Attr = HS] WINDOWS -> %SystemRoot% -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 仙剑奇侠传4@末日冰封$圣城家园 -> %SystemDrive%\仙剑奇侠传4@末日冰封$圣城家园 -> [Folder | Created Date = 2/22/2008 7:01:29 PM | Attr = ] big5.nls -> %SystemRoot%\System32\dllcache\big5.nls -> [Ver = | Size = 66728 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] bopomofo.nls -> %SystemRoot%\System32\dllcache\bopomofo.nls -> [Ver = | Size = 82172 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] cap7146.sys -> %SystemRoot%\System32\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] chtskf.dll -> %SystemRoot%\System32\dllcache\chtskf.dll -> [Ver = | Size = 173568 bytes | Modified Date = 8/3/2004 10:31:54 PM | Attr = ] c_10001.nls -> %SystemRoot%\System32\dllcache\c_10001.nls -> [Ver = | Size = 162850 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10002.nls -> %SystemRoot%\System32\dllcache\c_10002.nls -> [Ver = | Size = 195618 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10003.nls -> %SystemRoot%\System32\dllcache\c_10003.nls -> [Ver = | Size = 177698 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10004.nls -> %SystemRoot%\System32\dllcache\c_10004.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10005.nls -> %SystemRoot%\System32\dllcache\c_10005.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10006.nls -> %SystemRoot%\System32\dllcache\c_10006.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10007.nls -> %SystemRoot%\System32\dllcache\c_10007.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10008.nls -> %SystemRoot%\System32\dllcache\c_10008.nls -> [Ver = | Size = 173602 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10010.nls -> %SystemRoot%\System32\dllcache\c_10010.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10017.nls -> %SystemRoot%\System32\dllcache\c_10017.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10021.nls -> %SystemRoot%\System32\dllcache\c_10021.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10029.nls -> %SystemRoot%\System32\dllcache\c_10029.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10081.nls -> %SystemRoot%\System32\dllcache\c_10081.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10082.nls -> %SystemRoot%\System32\dllcache\c_10082.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1047.nls -> %SystemRoot%\System32\dllcache\c_1047.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1140.nls -> %SystemRoot%\System32\dllcache\c_1140.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1141.nls -> %SystemRoot%\System32\dllcache\c_1141.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1142.nls -> %SystemRoot%\System32\dllcache\c_1142.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1143.nls -> %SystemRoot%\System32\dllcache\c_1143.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1144.nls -> %SystemRoot%\System32\dllcache\c_1144.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1145.nls -> %SystemRoot%\System32\dllcache\c_1145.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1146.nls -> %SystemRoot%\System32\dllcache\c_1146.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1147.nls -> %SystemRoot%\System32\dllcache\c_1147.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1148.nls -> %SystemRoot%\System32\dllcache\c_1148.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1149.nls -> %SystemRoot%\System32\dllcache\c_1149.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1361.nls -> %SystemRoot%\System32\dllcache\c_1361.nls -> [Ver = | Size = 189986 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20000.nls -> %SystemRoot%\System32\dllcache\c_20000.nls -> [Ver = | Size = 180258 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20001.nls -> %SystemRoot%\System32\dllcache\c_20001.nls -> [Ver = | Size = 186402 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20002.nls -> %SystemRoot%\System32\dllcache\c_20002.nls -> [Ver = | Size = 173602 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20003.nls -> %SystemRoot%\System32\dllcache\c_20003.nls -> [Ver = | Size = 185378 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20004.nls -> %SystemRoot%\System32\dllcache\c_20004.nls -> [Ver = | Size = 180258 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20005.nls -> %SystemRoot%\System32\dllcache\c_20005.nls -> [Ver = | Size = 187938 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20105.nls -> %SystemRoot%\System32\dllcache\c_20105.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20106.nls -> %SystemRoot%\System32\dllcache\c_20106.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20107.nls -> %SystemRoot%\System32\dllcache\c_20107.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20108.nls -> %SystemRoot%\System32\dllcache\c_20108.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20127.nls -> %SystemRoot%\System32\dllcache\c_20127.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20269.nls -> %SystemRoot%\System32\dllcache\c_20269.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20273.nls -> %SystemRoot%\System32\dllcache\c_20273.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20277.nls -> %SystemRoot%\System32\dllcache\c_20277.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20278.nls -> %SystemRoot%\System32\dllcache\c_20278.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20280.nls -> %SystemRoot%\System32\dllcache\c_20280.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20284.nls -> %SystemRoot%\System32\dllcache\c_20284.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20285.nls -> %SystemRoot%\System32\dllcache\c_20285.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20290.nls -> %SystemRoot%\System32\dllcache\c_20290.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20297.nls -> %SystemRoot%\System32\dllcache\c_20297.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20420.nls -> %SystemRoot%\System32\dllcache\c_20420.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20423.nls -> %SystemRoot%\System32\dllcache\c_20423.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20424.nls -> %SystemRoot%\System32\dllcache\c_20424.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20833.nls -> %SystemRoot%\System32\dllcache\c_20833.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20838.nls -> %SystemRoot%\System32\dllcache\c_20838.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20871.nls -> %SystemRoot%\System32\dllcache\c_20871.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20880.nls -> %SystemRoot%\System32\dllcache\c_20880.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20924.nls -> %SystemRoot%\System32\dllcache\c_20924.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20932.nls -> %SystemRoot%\System32\dllcache\c_20932.nls -> [Ver = | Size = 180770 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20936.nls -> %SystemRoot%\System32\dllcache\c_20936.nls -> [Ver = | Size = 173602 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20949.nls -> %SystemRoot%\System32\dllcache\c_20949.nls -> [Ver = | Size = 177698 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_21025.nls -> %SystemRoot%\System32\dllcache\c_21025.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_21027.nls -> %SystemRoot%\System32\dllcache\c_21027.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_28594.nls -> %SystemRoot%\System32\dllcache\c_28594.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_28595.nls -> %SystemRoot%\System32\dllcache\c_28595.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_28596.nls -> %SystemRoot%\System32\dllcache\c_28596.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_28597.nls -> %SystemRoot%\System32\dllcache\c_28597.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_28599.nls -> %SystemRoot%\System32\dllcache\c_28599.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_28603.nls -> %SystemRoot%\System32\dllcache\c_28603.nls -> [Ver = | Size = 66082 bytes | Modified Date = 7/17/2004 11:48:36 AM | Attr = ] c_708.nls -> %SystemRoot%\System32\dllcache\c_708.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_720.nls -> %SystemRoot%\System32\dllcache\c_720.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_737.nls -> %SystemRoot%\System32\dllcache\c_737.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_852.nls -> %SystemRoot%\System32\dllcache\c_852.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_855.nls -> %SystemRoot%\System32\dllcache\c_855.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_857.nls -> %SystemRoot%\System32\dllcache\c_857.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_858.nls -> %SystemRoot%\System32\dllcache\c_858.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_862.nls -> %SystemRoot%\System32\dllcache\c_862.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_864.nls -> %SystemRoot%\System32\dllcache\c_864.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_866.nls -> %SystemRoot%\System32\dllcache\c_866.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_869.nls -> %SystemRoot%\System32\dllcache\c_869.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_870.nls -> %SystemRoot%\System32\dllcache\c_870.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_875.nls -> %SystemRoot%\System32\dllcache\c_875.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] dgrpsetu.dll -> %SystemRoot%\System32\dllcache\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] dgsetup.dll -> %SystemRoot%\System32\dllcache\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] eqnclass.dll -> %SystemRoot%\System32\dllcache\eqnclass.dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] esucmd.dll -> %SystemRoot%\System32\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] esuimgd.dll -> %SystemRoot%\System32\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] esunid.dll -> %SystemRoot%\System32\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] FP4.CAT -> %SystemRoot%\System32\dllcache\FP4.CAT -> [Ver = | Size = 31281 bytes | Modified Date = 8/4/2004 1:58:46 AM | Attr = ] fpencode.dll -> %SystemRoot%\System32\dllcache\fpencode.dll -> [Ver = | Size = 94208 bytes | Modified Date = 3/24/2003 4:52:04 PM | Attr = ] hanja.lex -> %SystemRoot%\System32\dllcache\hanja.lex -> [Ver = | Size = 108827 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] HPCRDP.CAT -> %SystemRoot%\System32\dllcache\HPCRDP.CAT -> [Ver = | Size = 13472 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] htrn_jis.dll -> %SystemRoot%\System32\dllcache\htrn_jis.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 13312 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] hwxjpn.dll -> %SystemRoot%\System32\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] IASNT4.CAT -> %SystemRoot%\System32\dllcache\IASNT4.CAT -> [Ver = | Size = 8574 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] imekr.lex -> %SystemRoot%\System32\dllcache\imekr.lex -> [Ver = | Size = 134339 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] imjpinst.exe -> %SystemRoot%\System32\dllcache\imjpinst.exe -> [Ver = | Size = 196665 bytes | Modified Date = 8/3/2004 10:31:58 PM | Attr = ] IMS.CAT -> %SystemRoot%\System32\dllcache\IMS.CAT -> [Ver = | Size = 13753 bytes | Modified Date = 8/4/2004 1:58:46 AM | Attr = ] imscinst.exe -> %SystemRoot%\System32\dllcache\imscinst.exe -> [Ver = | Size = 59392 bytes | Modified Date = 8/3/2004 10:31:50 PM | Attr = ] isrdbg32.dll -> %SystemRoot%\System32\dllcache\isrdbg32.dll -> Intel Corporation [Ver = 0.0 | Size = 32768 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] korwbrkr.lex -> %SystemRoot%\System32\dllcache\korwbrkr.lex -> [Ver = | Size = 1158818 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] ksc.nls -> %SystemRoot%\System32\dllcache\ksc.nls -> [Ver = | Size = 47066 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] ltts1033.lxa -> %SystemRoot%\System32\dllcache\ltts1033.lxa -> [Ver = | Size = 643717 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] MAPIMIG.CAT -> %SystemRoot%\System32\dllcache\MAPIMIG.CAT -> [Ver = | Size = 399645 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] mediactr.cat -> %SystemRoot%\System32\dllcache\mediactr.cat -> [Ver = | Size = 31965 bytes | Modified Date = 8/4/2004 1:57:02 AM | Attr = ] mplayer2.exe -> %SystemRoot%\System32\dllcache\mplayer2.exe -> [Ver = | Size = 4639 bytes | Modified Date = 8/4/2004 12:56:54 AM | Attr = ] msinfo.dll -> %SystemRoot%\System32\dllcache\msinfo.dll -> [Ver = 7, 0, 0, 0 | Size = 376320 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] MSMSGS.CAT -> %SystemRoot%\System32\dllcache\MSMSGS.CAT -> [Ver = | Size = 9581 bytes | Modified Date = 8/4/2004 1:58:42 AM | Attr = ] msn7.cat -> %SystemRoot%\System32\dllcache\msn7.cat -> [Ver = | Size = 24209 bytes | Modified Date = 8/4/2004 1:58:16 AM | Attr = ] msn9.cat -> %SystemRoot%\System32\dllcache\msn9.cat -> [Ver = | Size = 11651 bytes | Modified Date = 8/4/2004 1:57:00 AM | Attr = ] MSTSWEB.CAT -> %SystemRoot%\System32\dllcache\MSTSWEB.CAT -> [Ver = | Size = 7245 bytes | Modified Date = 8/4/2004 1:58:10 AM | Attr = ] MW770.CAT -> %SystemRoot%\System32\dllcache\MW770.CAT -> [Ver = | Size = 37484 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] netfx.cat -> %SystemRoot%\System32\dllcache\netfx.cat -> [Ver = | Size = 141702 bytes | Modified Date = 8/4/2004 1:58:22 AM | Attr = ] nls302en.lex -> %SystemRoot%\System32\dllcache\nls302en.lex -> [Ver = | Size = 4399505 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] NT5.CAT -> %SystemRoot%\System32\dllcache\NT5.CAT -> [Ver = | Size = 2012670 bytes | Modified Date = 8/4/2004 1:58:34 AM | Attr = ] NT5IIS.CAT -> %SystemRoot%\System32\dllcache\NT5IIS.CAT -> [Ver = | Size = 797189 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] NT5INF.CAT -> %SystemRoot%\System32\dllcache\NT5INF.CAT -> [Ver = | Size = 502724 bytes | Modified Date = 8/4/2004 1:58:58 AM | Attr = ] NTPRINT.CAT -> %SystemRoot%\System32\dllcache\NTPRINT.CAT -> [Ver = | Size = 1086058 bytes | Modified Date = 8/4/2004 1:57:10 AM | Attr = ] OEMBIOS.CAT -> %SystemRoot%\System32\dllcache\OEMBIOS.CAT -> [Ver = | Size = 7382 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] pinball.exe -> %SystemRoot%\System32\dllcache\pinball.exe -> Cinematronics [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 281088 bytes | Modified Date = 8/4/2004 12:56:56 AM | Attr = ] pintlcsa.dll -> %SystemRoot%\System32\dllcache\pintlcsa.dll -> [Ver = | Size = 175104 bytes | Modified Date = 8/3/2004 10:31:50 PM | Attr = ] prc.nls -> %SystemRoot%\System32\dllcache\prc.nls -> [Ver = | Size = 83748 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] prcp.nls -> %SystemRoot%\System32\dllcache\prcp.nls -> [Ver = | Size = 83748 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] r1033tts.lxa -> %SystemRoot%\System32\dllcache\r1033tts.lxa -> [Ver = | Size = 605050 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] rw330ext.dll -> %SystemRoot%\System32\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] rwia001.dll -> %SystemRoot%\System32\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] rwia330.dll -> %SystemRoot%\System32\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] sam.sdf -> %SystemRoot%\System32\dllcache\sam.sdf -> [Ver = | Size = 888 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] sam.spd -> %SystemRoot%\System32\dllcache\sam.spd -> [Ver = | Size = 1685606 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] SP2.CAT -> %SystemRoot%\System32\dllcache\SP2.CAT -> [Ver = | Size = 1042903 bytes | Modified Date = 8/4/2004 2:03:44 AM | Attr = ] spxcoins.dll -> %SystemRoot%\System32\dllcache\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] srframe.mmf -> %SystemRoot%\System32\dllcache\srframe.mmf -> [Ver = | Size = 984 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] tabletpc.cat -> %SystemRoot%\System32\dllcache\tabletpc.cat -> [Ver = | Size = 110116 bytes | Modified Date = 8/4/2004 2:02:58 AM | Attr = ] wmerrenu.cat -> %SystemRoot%\System32\dllcache\wmerrenu.cat -> [Ver = | Size = 7334 bytes | Modified Date = 7/17/2004 11:45:42 AM | Attr = ] xjis.nls -> %SystemRoot%\System32\dllcache\xjis.nls -> [Ver = | Size = 28288 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Modified Date = 12/4/2007 10:49:02 PM | Attr = ] AGRSM.sys -> %SystemRoot%\System32\drivers\AGRSM.sys -> Agere Systems [Ver = 2.1.65 2.1.65 01/25/2006 16:24:23 | Size = 1149888 bytes | Modified Date = 1/25/2006 4:24:30 PM | Attr = R ] aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Modified Date = 12/4/2007 10:56:02 PM | Attr = ] aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Modified Date = 12/4/2007 10:55:46 PM | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Modified Date = 12/4/2007 10:53:39 PM | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Modified Date = 12/4/2007 10:51:52 PM | Attr = ] ativcaxx.cpa -> %SystemRoot%\System32\drivers\ativcaxx.cpa -> [Ver = | Size = 524850 bytes | Modified Date = 9/2/2005 12:51:44 AM | Attr = R ] ativcaxx.vp -> %SystemRoot%\System32\drivers\ativcaxx.vp -> [Ver = | Size = 929 bytes | Modified Date = 9/2/2005 12:51:44 AM | Attr = R ] ativckxx.vp -> %SystemRoot%\System32\drivers\ativckxx.vp -> [Ver = | Size = 58560 bytes | Modified Date = 6/9/2005 3:45:54 AM | Attr = R ] ativvpxx.vp -> %SystemRoot%\System32\drivers\ativvpxx.vp -> [Ver = | Size = 24016 bytes | Modified Date = 10/7/2005 9:54:42 PM | Attr = R ] CSCtl50.sys -> %SystemRoot%\System32\drivers\CSCtl50.sys -> [Ver = | Size = 30224 bytes | Modified Date = 3/21/2000 5:04:28 AM | Attr = ] disdn -> %SystemRoot%\System32\drivers\disdn -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] msaclue.sys -> %SystemRoot%\System32\drivers\msaclue.sys -> [Ver = | Size = 11264 bytes | Modified Date = 2/21/2008 11:39:43 AM | Attr = ] msyecp.sys -> %SystemRoot%\System32\drivers\msyecp.sys -> [Ver = | Size = 12672 bytes | Modified Date = 2/22/2008 7:31:50 PM | Attr = ] RTL8139.sys -> %SystemRoot%\System32\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 8/4/2004 6:31:34 AM | Attr = ] viaudio.sys -> %SystemRoot%\System32\drivers\viaudio.sys -> VIA Technologies, Inc. [Ver = 5.12.01.3820 built by: VIA | Size = 64128 bytes | Modified Date = 9/16/2002 11:20:00 AM | Attr = R ] $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 261 bytes | Modified Date = 2/22/2008 5:59:43 PM | Attr = ] 1025 -> %SystemRoot%\System32\1025 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1028 -> %SystemRoot%\System32\1028 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 1031 -> %SystemRoot%\System32\1031 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 1033 -> %SystemRoot%\System32\1033 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 1037 -> %SystemRoot%\System32\1037 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 1041 -> %SystemRoot%\System32\1041 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 1042 -> %SystemRoot%\System32\1042 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 1054 -> %SystemRoot%\System32\1054 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 2052 -> %SystemRoot%\System32\2052 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 3076 -> %SystemRoot%\System32\3076 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 5.exe -> %SystemRoot%\System32\5.exe -> [Ver = | Size = 14277 bytes | Modified Date = 2/22/2008 7:32:47 PM | Attr = ] a15.tbl -> %SystemRoot%\System32\a15.tbl -> [Ver = | Size = 1460 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] a234.tbl -> %SystemRoot%\System32\a234.tbl -> [Ver = | Size = 44370 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] ac3acm.acm -> %SystemRoot%\System32\ac3acm.acm -> fccHandler [Ver = 1, 31, 0, 0 | Size = 118784 bytes | Modified Date = 5/13/2006 11:16:04 PM | Attr = ] acode.tbl -> %SystemRoot%\System32\acode.tbl -> [Ver = | Size = 44370 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Modified Date = 1/9/2004 5:13:58 PM | Attr = ] amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 2/22/2008 5:55:58 PM | Attr = ] arphr.tbl -> %SystemRoot%\System32\arphr.tbl -> [Ver = | Size = 110566 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] arptr.tbl -> %SystemRoot%\System32\arptr.tbl -> [Ver = | Size = 16312 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] array30.tab -> %SystemRoot%\System32\array30.tab -> [Ver = | Size = 146126 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] arrayhw.tab -> %SystemRoot%\System32\arrayhw.tab -> [Ver = | Size = 18600 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 837496 bytes | Modified Date = 12/4/2007 9:04:28 PM | Attr = ] atgnehz.cfg -> %SystemRoot%\System32\atgnehz.cfg -> [Ver = | Size = 280 bytes | Modified Date = 2/22/2008 7:31:49 PM | Attr = HS] atgnehz.dll -> %SystemRoot%\System32\atgnehz.dll -> [Ver = | Size = 15947 bytes | Modified Date = 2/22/2008 7:31:49 PM | Attr = HS] atifglpf.xml -> %SystemRoot%\System32\atifglpf.xml -> [Ver = | Size = 5607 bytes | Modified Date = 8/17/2005 4:57:20 AM | Attr = R ] atiicdxx.dat -> %SystemRoot%\System32\atiicdxx.dat -> [Ver = | Size = 104376 bytes | Modified Date = 9/14/2005 10:13:38 PM | Attr = R ] atiiiexx.dll -> %SystemRoot%\System32\atiiiexx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4004 | Size = 307200 bytes | Modified Date = 10/7/2005 9:39:02 PM | Attr = R ] AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [Ver = | Size = 1688 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] AVASTSS.scr -> %SystemRoot%\System32\AVASTSS.scr -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 95608 bytes | Modified Date = 12/4/2007 8:54:04 PM | Attr = ] BASSMOD.dll -> %SystemRoot%\System32\BASSMOD.dll -> [Ver = | Size = 34308 bytes | Modified Date = 2/22/2008 7:18:01 PM | Attr = ] big5.nls -> %SystemRoot%\System32\big5.nls -> [Ver = | Size = 66728 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] bitcometres.dll -> %SystemRoot%\System32\bitcometres.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Modified Date = 2/22/2008 7:27:09 PM | Attr = ] bopomofo.nls -> %SystemRoot%\System32\bopomofo.nls -> [Ver = | Size = 82172 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] bopomofo.uce -> %SystemRoot%\System32\bopomofo.uce -> [Ver = | Size = 22984 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Created Date = 2/23/2008 1:38:00 AM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Created Date = 2/23/2008 1:38:00 AM | Attr = ] cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] chinese.dll -> %SystemRoot%\System32\chinese.dll -> [Ver = | Size = 28672 bytes | Modified Date = 11/28/2001 11:18:12 AM | Attr = ] Com -> %SystemRoot%\System32\Com -> [Folder | Created Date = 2/22/2008 5:49:19 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2626 bytes | Modified Date = 2/22/2008 7:56:34 PM | Attr = ] c_10001.nls -> %SystemRoot%\System32\c_10001.nls -> [Ver = | Size = 162850 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10002.nls -> %SystemRoot%\System32\c_10002.nls -> [Ver = | Size = 195618 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10003.nls -> %SystemRoot%\System32\c_10003.nls -> [Ver = | Size = 177698 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10006.nls -> %SystemRoot%\System32\c_10006.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10007.nls -> %SystemRoot%\System32\c_10007.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10008.nls -> %SystemRoot%\System32\c_10008.nls -> [Ver = | Size = 173602 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10010.nls -> %SystemRoot%\System32\c_10010.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10017.nls -> %SystemRoot%\System32\c_10017.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10029.nls -> %SystemRoot%\System32\c_10029.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10081.nls -> %SystemRoot%\System32\c_10081.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_10082.nls -> %SystemRoot%\System32\c_10082.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_1361.nls -> %SystemRoot%\System32\c_1361.nls -> [Ver = | Size = 189986 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20000.nls -> %SystemRoot%\System32\c_20000.nls -> [Ver = | Size = 180258 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20127.nls -> %SystemRoot%\System32\c_20127.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20290.nls -> %SystemRoot%\System32\c_20290.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20932.nls -> %SystemRoot%\System32\c_20932.nls -> [Ver = | Size = 180770 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20936.nls -> %SystemRoot%\System32\c_20936.nls -> [Ver = | Size = 173602 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_20949.nls -> %SystemRoot%\System32\c_20949.nls -> [Ver = | Size = 177698 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_21027.nls -> %SystemRoot%\System32\c_21027.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] C_28594.NLS -> %SystemRoot%\System32\C_28594.NLS -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] C_28595.NLS -> %SystemRoot%\System32\C_28595.NLS -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] C_28597.NLS -> %SystemRoot%\System32\C_28597.NLS -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_28599.nls -> %SystemRoot%\System32\c_28599.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_28603.nls -> %SystemRoot%\System32\c_28603.nls -> [Ver = | Size = 66082 bytes | Modified Date = 7/17/2004 11:48:36 AM | Attr = ] c_737.nls -> %SystemRoot%\System32\c_737.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_852.nls -> %SystemRoot%\System32\c_852.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_855.nls -> %SystemRoot%\System32\c_855.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_857.nls -> %SystemRoot%\System32\c_857.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_866.nls -> %SystemRoot%\System32\c_866.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_869.nls -> %SystemRoot%\System32\c_869.nls -> [Ver = | Size = 66594 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] c_875.nls -> %SystemRoot%\System32\c_875.nls -> [Ver = | Size = 66082 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] dayiphr.tbl -> %SystemRoot%\System32\dayiphr.tbl -> [Ver = | Size = 520 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] dayiptr.tbl -> %SystemRoot%\System32\dayiptr.tbl -> [Ver = | Size = 700 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] desktop.ini -> %SystemRoot%\System32\desktop.ini -> [Ver = | Size = 2 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] dgrpsetu.dll -> %SystemRoot%\System32\dgrpsetu.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 176157 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] dgsetup.dll -> %SystemRoot%\System32\dgsetup.dll -> Digi International [Ver = v3.7.3.0 | Size = 85020 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] dhcp -> %SystemRoot%\System32\dhcp -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Created Date = 2/22/2008 5:53:32 PM | Attr = ] divx.dll -> %SystemRoot%\System32\divx.dll -> DivX, Inc. [Ver = 6.4.0.51 | Size = 635486 bytes | Modified Date = 10/2/2006 9:04:40 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = RHS] dpl100.dll -> %SystemRoot%\System32\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 73728 bytes | Modified Date = 8/11/2006 1:04:00 AM | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Created Date = 2/22/2008 7:54:20 PM | Attr = ] dtu100.dll -> %SystemRoot%\System32\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 12 | Size = 196608 bytes | Modified Date = 8/11/2006 1:03:58 AM | Attr = ] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Modified Date = 2/22/2008 5:51:10 PM | Attr = ] EqnClass.Dll -> %SystemRoot%\System32\EqnClass.Dll -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 103424 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] export -> %SystemRoot%\System32\export -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] ff_vfw.dll -> %SystemRoot%\System32\ff_vfw.dll -> [Ver = | Size = 10752 bytes | Modified Date = 1/9/2007 6:46:02 PM | Attr = ] ff_vfw.dll.manifest -> %SystemRoot%\System32\ff_vfw.dll.manifest -> [Ver = | Size = 547 bytes | Modified Date = 2/24/2005 6:56:46 PM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 118952 bytes | Modified Date = 2/22/2008 7:33:39 PM | Attr = ] gb2312.uce -> %SystemRoot%\System32\gb2312.uce -> [Ver = | Size = 24006 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] gnolnait.cfg -> %SystemRoot%\System32\gnolnait.cfg -> [Ver = | Size = 280 bytes | Modified Date = 2/22/2008 7:32:04 PM | Attr = HS] hticons.dll -> %SystemRoot%\System32\hticons.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] hypertrm.dll -> %SystemRoot%\System32\hypertrm.dll -> Hilgraeve, Inc. [Ver = 5.1.2600.2180 | Size = 345088 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] ias -> %SystemRoot%\System32\ias -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] icsxml -> %SystemRoot%\System32\icsxml -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] ideograf.uce -> %SystemRoot%\System32\ideograf.uce -> [Ver = | Size = 60458 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] IME -> %SystemRoot%\System32\IME -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] inetsrv -> %SystemRoot%\System32\inetsrv -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] isrdbg32.dll -> %SystemRoot%\System32\isrdbg32.dll -> Intel Corporation [Ver = 0.0 | Size = 32768 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 49248 bytes | Modified Date = 8/26/2005 3:55:46 PM | Attr = ] javasup.vxd -> %SystemRoot%\System32\javasup.vxd -> [Ver = | Size = 7315 bytes | Modified Date = 2/18/2002 7:55:22 AM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 49250 bytes | Modified Date = 8/26/2005 3:55:58 PM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 127078 bytes | Modified Date = 8/26/2005 6:14:46 PM | Attr = ] jpicpl32.cpl -> %SystemRoot%\System32\jpicpl32.cpl -> Sun Microsystems, Inc. [Ver = 5.0.50.5 | Size = 49265 bytes | Modified Date = 8/26/2005 6:14:42 PM | Attr = ] kanji_1.uce -> %SystemRoot%\System32\kanji_1.uce -> [Ver = | Size = 6948 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] kanji_2.uce -> %SystemRoot%\System32\kanji_2.uce -> [Ver = | Size = 8484 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] korean.uce -> %SystemRoot%\System32\korean.uce -> [Ver = | Size = 12876 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] korwbrkr.lex -> %SystemRoot%\System32\korwbrkr.lex -> [Ver = | Size = 1158818 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] ksc.nls -> %SystemRoot%\System32\ksc.nls -> [Ver = | Size = 47066 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] lcphrase.tbl -> %SystemRoot%\System32\lcphrase.tbl -> [Ver = | Size = 211938 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] lcptr.tbl -> %SystemRoot%\System32\lcptr.tbl -> [Ver = | Size = 24114 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] libdivx.dll -> %SystemRoot%\System32\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Modified Date = 7/12/2006 1:40:02 AM | Attr = ] logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Modified Date = 2/22/2008 5:54:15 PM | Attr = RH ] LYLOADER.EXE -> %SystemRoot%\System32\LYLOADER.EXE -> [Ver = | Size = 12216 bytes | Modified Date = 2/22/2008 7:31:42 PM | Attr = ] LYMANGR.DLL -> %SystemRoot%\System32\LYMANGR.DLL -> [Ver = | Size = 3560 bytes | Modified Date = 2/22/2008 7:31:42 PM | Attr = ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Created Date = 2/22/2008 5:52:36 PM | Attr = ] Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Created Date = 2/22/2008 6:01:31 PM | Attr = S] msdayi.tbl -> %SystemRoot%\System32\msdayi.tbl -> [Ver = | Size = 116285 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] MSDEG32.DLL -> %SystemRoot%\System32\MSDEG32.DLL -> [Ver = | Size = 6197 bytes | Modified Date = 2/22/2008 7:31:42 PM | Attr = ] MsDtc -> %SystemRoot%\System32\MsDtc -> [Folder | Created Date = 2/22/2008 5:49:22 PM | Attr = ] msdtcprf.h -> %SystemRoot%\System32\msdtcprf.h -> [Ver = | Size = 768 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] msdtcprf.ini -> %SystemRoot%\System32\msdtcprf.ini -> [Ver = | Size = 1931 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] mui -> %SystemRoot%\System32\mui -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] noise.jpn -> %SystemRoot%\System32\noise.jpn -> [Ver = | Size = 2060 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] noise.kor -> %SystemRoot%\System32\noise.kor -> [Ver = | Size = 1486 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] npp -> %SystemRoot%\System32\npp -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 2/22/2008 5:55:58 PM | Attr = ] nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 356120 bytes | Modified Date = 2/22/2008 6:10:31 PM | Attr = ] phon.tbl -> %SystemRoot%\System32\phon.tbl -> [Ver = | Size = 4071 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] phoncode.tbl -> %SystemRoot%\System32\phoncode.tbl -> [Ver = | Size = 43242 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] phonptr.tbl -> %SystemRoot%\System32\phonptr.tbl -> [Ver = | Size = 2714 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] PINTLPAD.HLP -> %SystemRoot%\System32\PINTLPAD.HLP -> [Ver = | Size = 14821 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] PINTLPAE.HLP -> %SystemRoot%\System32\PINTLPAE.HLP -> [Ver = | Size = 16254 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Modified Date = 6/23/2001 1:31:20 AM | Attr = ] pndx5016.dll -> %SystemRoot%\System32\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Modified Date = 3/26/1998 4:57:34 AM | Attr = ] pndx5032.dll -> %SystemRoot%\System32\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Modified Date = 5/12/1998 8:36:44 PM | Attr = ] prc.nls -> %SystemRoot%\System32\prc.nls -> [Ver = | Size = 83748 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] prcp.nls -> %SystemRoot%\System32\prcp.nls -> [Ver = | Size = 83748 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] qt-dx331.dll -> %SystemRoot%\System32\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Modified Date = 7/27/2006 7:28:44 PM | Attr = ] QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 49152 bytes | Modified Date = 9/1/2006 4:14:48 PM | Attr = ] QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 65536 bytes | Modified Date = 9/1/2006 4:14:54 PM | Attr = ] ras -> %SystemRoot%\System32\ras -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Created Date = 2/22/2008 5:52:12 PM | Attr = ] rmoc3260.dll -> %SystemRoot%\System32\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 10/7/2006 5:18:32 AM | Attr = ] sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] Setup -> %SystemRoot%\System32\Setup -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] ShellExt -> %SystemRoot%\System32\ShellExt -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] shiftjis.uce -> %SystemRoot%\System32\shiftjis.uce -> [Ver = | Size = 16740 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] spxcoins.dll -> %SystemRoot%\System32\spxcoins.dll -> Perle Systems Ltd. [Ver = 1.0.0.0007 | Size = 24661 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] ssldivx.dll -> %SystemRoot%\System32\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Modified Date = 7/12/2006 1:40:02 AM | Attr = ] subrange.uce -> %SystemRoot%\System32\subrange.uce -> [Ver = | Size = 93702 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] TIMPlatform.exe -> %SystemRoot%\System32\TIMPlatform.exe -> [Ver = | Size = 10837 bytes | Modified Date = 2/22/2008 7:30:22 PM | Attr = ] tslabels.h -> %SystemRoot%\System32\tslabels.h -> [Ver = | Size = 3286 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] tslabels.ini -> %SystemRoot%\System32\tslabels.ini -> [Ver = | Size = 13223 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] usrlogon.cmd -> %SystemRoot%\System32\usrlogon.cmd -> [Ver = | Size = 1161 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] WIN.INI -> %SystemRoot%\System32\WIN.INI -> [Ver = | Size = 903 bytes | Modified Date = 2/22/2008 7:31:37 PM | Attr = ] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Modified Date = 2/22/2008 5:54:15 PM | Attr = RH ] WINPY.MB -> %SystemRoot%\System32\WINPY.MB -> [Ver = | Size = 1783864 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] wins -> %SystemRoot%\System32\wins -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] WINSP.MB -> %SystemRoot%\System32\WINSP.MB -> [Ver = | Size = 1564868 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] winsrv32.dll -> %SystemRoot%\System32\winsrv32.dll -> [Ver = | Size = 6144 bytes | Modified Date = 2/22/2008 7:31:23 PM | Attr = ] WINZM.MB -> %SystemRoot%\System32\WINZM.MB -> [Ver = | Size = 1223500 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] wmimgmt.msc -> %SystemRoot%\System32\wmimgmt.msc -> [Ver = | Size = 63488 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] xircom -> %SystemRoot%\System32\xircom -> [Folder | Created Date = 2/22/2008 5:56:35 PM | Attr = ] xjis.nls -> %SystemRoot%\System32\xjis.nls -> [Ver = | Size = 28288 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [Ver = | Size = 765952 bytes | Modified Date = 11/1/2006 2:52:38 PM | Attr = ] xvidvfw.dll -> %SystemRoot%\System32\xvidvfw.dll -> [Ver = | Size = 180224 bytes | Modified Date = 11/1/2006 2:54:30 PM | Attr = ] zonedoff.reg -> %SystemRoot%\System32\zonedoff.reg -> [Ver = | Size = 113 bytes | Modified Date = 2/18/2002 7:38:34 AM | Attr = ] zonedon.reg -> %SystemRoot%\System32\zonedon.reg -> [Ver = | Size = 113 bytes | Modified Date = 2/18/2002 7:38:34 AM | Attr = ] addins -> %SystemRoot%\addins -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> agrsmdel.exe -> %SystemRoot%\agrsmdel.exe -> Agere Systems [Ver = 1.70 | Size = 68096 bytes | Modified Date = 1/26/2006 2:35:18 PM | Attr = R ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] Blue Lace 16.bmp -> %SystemRoot%\Blue Lace 16.bmp -> [Ver = | Size = 1272 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2/21/2008 11:29:25 AM | Attr = S] CDSETUP.INI -> %SystemRoot%\CDSETUP.INI -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 6:11:32 PM | Attr = ] Coffee Bean.bmp -> %SystemRoot%\Coffee Bean.bmp -> [Ver = | Size = 17062 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] Config -> %SystemRoot%\Config -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = ] Cursors -> %SystemRoot%\Cursors -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 2 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Created Date = 2/22/2008 5:54:15 PM | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] ehome -> %SystemRoot%\ehome -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] FeatherTexture.bmp -> %SystemRoot%\FeatherTexture.bmp -> [Ver = | Size = 16730 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = R S] fxgvweoi.dat -> %SystemRoot%\fxgvweoi.dat -> [Ver = | Size = 256 bytes | Modified Date = 2/22/2008 7:31:45 PM | Attr = ] Gone Fishing.bmp -> %SystemRoot%\Gone Fishing.bmp -> [Ver = | Size = 17336 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] Greenstone.bmp -> %SystemRoot%\Greenstone.bmp -> [Ver = | Size = 26582 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Created Date = 2/23/2008 1:39:06 AM | Attr = HS] IsUninst.exe -> %SystemRoot%\IsUninst.exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Modified Date = 10/29/1998 4:45:06 PM | Attr = ] jautoexp.dat -> %SystemRoot%\jautoexp.dat -> [Ver = | Size = 6550 bytes | Modified Date = 2/18/2002 7:35:32 AM | Attr = ] java -> %SystemRoot%\java -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] lnytjehsw.exe -> %SystemRoot%\lnytjehsw.exe -> [Ver = | Size = 10125 bytes | Modified Date = 2/22/2008 7:31:45 PM | Attr = HS] lnytjehsw.exe.hiv -> %SystemRoot%\lnytjehsw.exe.hiv -> [Ver = | Size = 8192 bytes | Modified Date = 2/22/2008 8:14:37 PM | Attr = HS] Media -> %SystemRoot%\Media -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] mui -> %SystemRoot%\mui -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 376 bytes | Modified Date = 2/22/2008 6:28:29 PM | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Modified Date = 2/22/2008 5:55:44 PM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Created Date = 2/22/2008 5:54:15 PM | Attr = R ] pchealth -> %SystemRoot%\pchealth -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] PeerNet -> %SystemRoot%\PeerNet -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] Prairie Wind.bmp -> %SystemRoot%\Prairie Wind.bmp -> [Ver = | Size = 65954 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 2/22/2008 6:01:32 PM | Attr = ] Provisioning -> %SystemRoot%\Provisioning -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Created Date = 2/22/2008 5:50:51 PM | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Modified Date = 2/22/2008 6:00:47 PM | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] Resources -> %SystemRoot%\Resources -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp -> [Ver = | Size = 17362 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] River Sumida.bmp -> %SystemRoot%\River Sumida.bmp -> [Ver = | Size = 26680 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] Santa Fe Stucco.bmp -> %SystemRoot%\Santa Fe Stucco.bmp -> [Ver = | Size = 65832 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] security -> %SystemRoot%\security -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] SHELLNEW -> %SystemRoot%\SHELLNEW -> [Folder | Created Date = 2/22/2008 6:26:59 PM | Attr = ] Soap Bubbles.bmp -> %SystemRoot%\Soap Bubbles.bmp -> [Ver = | Size = 65978 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 2/22/2008 6:01:41 PM | Attr = ] srchasst -> %SystemRoot%\srchasst -> [Folder | Created Date = 2/22/2008 5:52:37 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Created Date = 2/22/2008 5:52:44 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Modified Date = 2/22/2008 5:50:56 PM | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Modified Date = 2/22/2008 5:50:56 PM | Attr = ] vefeoxli.exe -> %SystemRoot%\vefeoxli.exe -> [Ver = | Size = 10125 bytes | Modified Date = 2/22/2008 7:31:45 PM | Attr = HS] Web -> %SystemRoot%\Web -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = R ] wfosxpet.dat -> %SystemRoot%\wfosxpet.dat -> [Ver = | Size = 42 bytes | Modified Date = 2/22/2008 8:14:37 PM | Attr = ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] winnt.bmp -> %SystemRoot%\winnt.bmp -> [Ver = | Size = 48680 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = HS] winnt256.bmp -> %SystemRoot%\winnt256.bmp -> [Ver = | Size = 48680 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = HS] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Created Date = 2/23/2008 1:28:43 AM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 2/22/2008 5:55:59 PM | Attr = ] Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [Ver = | Size = 9522 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = ] desktop.ini -> %SystemRoot%\tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = RH ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2/21/2008 11:29:35 AM | Attr = H ] [Files/Folders - Modified Within 90 days] AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 2/22/2008 5:46:22 PM | Attr = HS] CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 2/22/2008 6:02:35 PM | Attr = ] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 2/22/2008 7:27:08 PM | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = RHS] MSOCache -> %SystemDrive%\MSOCache -> [Folder | Modified Date = 2/22/2008 6:23:52 PM | Attr = RH ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2/22/2008 10:39:51 PM | Attr = R ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 2/22/2008 7:00:10 PM | Attr = HS] sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 268 bytes | Modified Date = 2/22/2008 7:54:43 PM | Attr = H ] sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 2/22/2008 7:54:42 PM | Attr = H ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 2/22/2008 6:01:41 PM | Attr = HS] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2/22/2008 8:28:18 PM | Attr = ] 仙剑奇侠传4@末日冰封$圣城家园 -> %SystemDrive%\仙剑奇侠传4@末日冰封$圣城家园 -> [Folder | Modified Date = 2/22/2008 7:05:42 PM | Attr = ] aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 26624 bytes | Modified Date = 12/4/2007 10:49:02 PM | Attr = ] aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 93264 bytes | Modified Date = 12/4/2007 10:56:02 PM | Attr = ] aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 94544 bytes | Modified Date = 12/4/2007 10:55:46 PM | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 23152 bytes | Modified Date = 12/4/2007 10:53:39 PM | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1098.0 | Size = 42912 bytes | Modified Date = 12/4/2007 10:51:52 PM | Attr = ] disdn -> %SystemRoot%\System32\drivers\disdn -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 2/23/2008 1:29:58 AM | Attr = ] msaclue.sys -> %SystemRoot%\System32\drivers\msaclue.sys -> [Ver = | Size = 11264 bytes | Modified Date = 2/21/2008 11:39:43 AM | Attr = ] msyecp.sys -> %SystemRoot%\System32\drivers\msyecp.sys -> [Ver = | Size = 12672 bytes | Modified Date = 2/22/2008 7:31:50 PM | Attr = ] $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 261 bytes | Modified Date = 2/22/2008 5:59:43 PM | Attr = ] 1025 -> %SystemRoot%\System32\1025 -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1028 -> %SystemRoot%\System32\1028 -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 1031 -> %SystemRoot%\System32\1031 -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 1033 -> %SystemRoot%\System32\1033 -> [Folder | Modified Date = 2/23/2008 1:29:36 AM | Attr = ] 1037 -> %SystemRoot%\System32\1037 -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 1041 -> %SystemRoot%\System32\1041 -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 1042 -> %SystemRoot%\System32\1042 -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 1054 -> %SystemRoot%\System32\1054 -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 2052 -> %SystemRoot%\System32\2052 -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 3076 -> %SystemRoot%\System32\3076 -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 5.exe -> %SystemRoot%\System32\5.exe -> [Ver = | Size = 14277 bytes | Modified Date = 2/22/2008 7:32:47 PM | Attr = ] amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 2/22/2008 5:55:58 PM | Attr = ] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 837496 bytes | Modified Date = 12/4/2007 9:04:28 PM | Attr = ] atgnehz.cfg -> %SystemRoot%\System32\atgnehz.cfg -> [Ver = | Size = 280 bytes | Modified Date = 2/22/2008 7:31:49 PM | Attr = HS] atgnehz.dll -> %SystemRoot%\System32\atgnehz.dll -> [Ver = | Size = 15947 bytes | Modified Date = 2/22/2008 7:31:49 PM | Attr = HS] AVASTSS.scr -> %SystemRoot%\System32\AVASTSS.scr -> ALWIL Software [Ver = 4, 7, 1098, 0 | Size = 95608 bytes | Modified Date = 12/4/2007 8:54:04 PM | Attr = ] BASSMOD.dll -> %SystemRoot%\System32\BASSMOD.dll -> [Ver = | Size = 34308 bytes | Modified Date = 2/22/2008 7:18:01 PM | Attr = ] bitcometres.dll -> %SystemRoot%\System32\bitcometres.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Modified Date = 2/22/2008 7:27:09 PM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 2/23/2008 1:38:01 AM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 2/22/2008 8:27:05 PM | Attr = ] cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] Com -> %SystemRoot%\System32\Com -> [Folder | Modified Date = 2/22/2008 5:51:12 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 2/22/2008 8:14:22 PM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2626 bytes | Modified Date = 2/22/2008 7:56:34 PM | Attr = ] dhcp -> %SystemRoot%\System32\dhcp -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 2/22/2008 5:53:32 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 2/22/2008 8:40:26 PM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 2/21/2008 11:39:43 AM | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 2/22/2008 7:54:20 PM | Attr = ] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Modified Date = 2/22/2008 5:51:10 PM | Attr = ] export -> %SystemRoot%\System32\export -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 118952 bytes | Modified Date = 2/22/2008 7:33:39 PM | Attr = ] gnolnait.cfg -> %SystemRoot%\System32\gnolnait.cfg -> [Ver = | Size = 280 bytes | Modified Date = 2/22/2008 7:32:04 PM | Attr = HS] ias -> %SystemRoot%\System32\ias -> [Folder | Modified Date = 2/22/2008 5:55:21 PM | Attr = ] icsxml -> %SystemRoot%\System32\icsxml -> [Folder | Modified Date = 2/23/2008 1:29:55 AM | Attr = ] IME -> %SystemRoot%\System32\IME -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] inetsrv -> %SystemRoot%\System32\inetsrv -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Modified Date = 2/22/2008 5:54:15 PM | Attr = RH ] LYLOADER.EXE -> %SystemRoot%\System32\LYLOADER.EXE -> [Ver = | Size = 12216 bytes | Modified Date = 2/22/2008 7:31:42 PM | Attr = ] LYMANGR.DLL -> %SystemRoot%\System32\LYMANGR.DLL -> [Ver = | Size = 3560 bytes | Modified Date = 2/22/2008 7:31:42 PM | Attr = ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Modified Date = 2/22/2008 5:52:36 PM | Attr = ] Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Modified Date = 2/22/2008 6:01:31 PM | Attr = S] MSDEG32.DLL -> %SystemRoot%\System32\MSDEG32.DLL -> [Ver = | Size = 6197 bytes | Modified Date = 2/22/2008 7:31:42 PM | Attr = ] MsDtc -> %SystemRoot%\System32\MsDtc -> [Folder | Modified Date = 2/22/2008 5:50:50 PM | Attr = ] mui -> %SystemRoot%\System32\mui -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] npp -> %SystemRoot%\System32\npp -> [Folder | Modified Date = 2/23/2008 1:31:51 AM | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 2/22/2008 5:55:58 PM | Attr = ] nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Modified Date = 2/22/2008 5:53:20 PM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 39992 bytes | Modified Date = 2/22/2008 6:10:31 PM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 311604 bytes | Modified Date = 2/22/2008 6:10:31 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 356120 bytes | Modified Date = 2/22/2008 6:10:31 PM | Attr = ] ras -> %SystemRoot%\System32\ras -> [Folder | Modified Date = 2/23/2008 1:30:01 AM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 2/22/2008 6:01:41 PM | Attr = ] sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] Setup -> %SystemRoot%\System32\Setup -> [Folder | Modified Date = 2/23/2008 1:32:32 AM | Attr = ] ShellExt -> %SystemRoot%\System32\ShellExt -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Modified Date = 2/22/2008 5:46:47 PM | Attr = ] TIMPlatform.exe -> %SystemRoot%\System32\TIMPlatform.exe -> [Ver = | Size = 10837 bytes | Modified Date = 2/22/2008 7:30:22 PM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Modified Date = 2/23/2008 1:32:25 AM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 2/22/2008 5:56:35 PM | Attr = ] WIN.INI -> %SystemRoot%\System32\WIN.INI -> [Ver = | Size = 903 bytes | Modified Date = 2/22/2008 7:31:37 PM | Attr = ] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Modified Date = 2/22/2008 5:54:15 PM | Attr = RH ] wins -> %SystemRoot%\System32\wins -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] winsrv32.dll -> %SystemRoot%\System32\winsrv32.dll -> [Ver = | Size = 6144 bytes | Modified Date = 2/22/2008 7:31:23 PM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 2/21/2008 11:29:27 AM | Attr = ] wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] xircom -> %SystemRoot%\System32\xircom -> [Folder | Modified Date = 2/22/2008 5:56:35 PM | Attr = ] addins -> %SystemRoot%\addins -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] 3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 2/23/2008 1:32:19 AM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2/21/2008 11:29:25 AM | Attr = S] CDSETUP.INI -> %SystemRoot%\CDSETUP.INI -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 6:11:32 PM | Attr = ] Config -> %SystemRoot%\Config -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Modified Date = 2/22/2008 5:56:09 PM | Attr = ] Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 2/22/2008 7:10:59 PM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 2/23/2008 1:33:38 AM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2/22/2008 7:08:17 PM | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] ehome -> %SystemRoot%\ehome -> [Folder | Modified Date = 2/23/2008 1:32:13 AM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 2/22/2008 6:59:56 PM | Attr = R S] fxgvweoi.dat -> %SystemRoot%\fxgvweoi.dat -> [Ver = | Size = 256 bytes | Modified Date = 2/22/2008 7:31:45 PM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 2/22/2008 7:28:43 PM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Modified Date = 2/23/2008 1:44:55 AM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2/22/2008 7:54:21 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 2/22/2008 7:54:26 PM | Attr = HS] java -> %SystemRoot%\java -> [Folder | Modified Date = 2/22/2008 7:08:11 PM | Attr = ] lnytjehsw.exe -> %SystemRoot%\lnytjehsw.exe -> [Ver = | Size = 10125 bytes | Modified Date = 2/22/2008 7:31:45 PM | Attr = HS] lnytjehsw.exe.hiv -> %SystemRoot%\lnytjehsw.exe.hiv -> [Ver = | Size = 8192 bytes | Modified Date = 2/22/2008 8:14:37 PM | Attr = HS] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 2/23/2008 1:32:12 AM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 2/23/2008 1:31:46 AM | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] mui -> %SystemRoot%\mui -> [Folder | Modified Date = 2/23/2008 1:32:13 AM | Attr = ] ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 376 bytes | Modified Date = 2/22/2008 6:28:29 PM | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Modified Date = 2/22/2008 5:55:44 PM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Modified Date = 2/22/2008 5:54:15 PM | Attr = R ] pchealth -> %SystemRoot%\pchealth -> [Folder | Modified Date = 2/22/2008 6:26:57 PM | Attr = ] PeerNet -> %SystemRoot%\PeerNet -> [Folder | Modified Date = 2/23/2008 1:32:03 AM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2/21/2008 11:36:04 AM | Attr = ] Provisioning -> %SystemRoot%\Provisioning -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2/22/2008 5:55:38 PM | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Modified Date = 2/22/2008 6:00:47 PM | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Modified Date = 2/22/2008 5:56:34 PM | Attr = ] Resources -> %SystemRoot%\Resources -> [Folder | Modified Date = 2/23/2008 1:28:43 AM | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 2/22/2008 7:33:05 PM | Attr = ] SHELLNEW -> %SystemRoot%\SHELLNEW -> [Folder | Modified Date = 2/22/2008 6:27:22 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 2/22/2008 6:06:29 PM | Attr = ] srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 2/22/2008 5:53:41 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 2/22/2008 6:23:59 PM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 231 bytes | Modified Date = 2/23/2008 1:45:01 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 2/21/2008 11:34:03 AM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2/22/2008 6:01:32 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 2/21/2008 11:40:34 AM | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 2/23/2008 1:30:08 AM | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Modified Date = 2/22/2008 5:50:56 PM | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Modified Date = 2/22/2008 5:50:56 PM | Attr = ] vefeoxli.exe -> %SystemRoot%\vefeoxli.exe -> [Ver = | Size = 10125 bytes | Modified Date = 2/22/2008 7:31:45 PM | Attr = HS] Web -> %SystemRoot%\Web -> [Folder | Modified Date = 2/22/2008 5:54:19 PM | Attr = R ] wfosxpet.dat -> %SystemRoot%\wfosxpet.dat -> [Ver = | Size = 42 bytes | Modified Date = 2/22/2008 8:14:37 PM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 477 bytes | Modified Date = 2/22/2008 5:56:08 PM | Attr = ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 2/22/2008 5:54:06 PM | Attr = RH ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 2/22/2008 7:40:45 PM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 2/22/2008 5:55:59 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2/21/2008 11:29:35 AM | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4096 bytes | Modified Date = 2/22/2008 8:13:11 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4096 bytes | Modified Date = 2/22/2008 8:13:11 PM | Attr = ] Perflib_Perfdata_14c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_14c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2/22/2008 7:34:30 PM | Attr = ] [File - Lop Check: Additional Folder Scans - Non-Microsoft Only] C:\Documents and Settings\All Users\Application Data\ -> C:\Documents and Settings\All Users\Application Data -> [Folder | Modified Date = 2/22/2008 7:11:18 PM | Attr = RH ] Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [Folder | Modified Date = 2/22/2008 7:41:35 PM | Attr = ] Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer -> [Folder | Modified Date = 2/22/2008 7:10:07 PM | Attr = ] Babylon -> C:\Documents and Settings\All Users\Application Data\Babylon -> [Folder | Modified Date = 2/22/2008 7:11:42 PM | Attr = ] Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [Folder | Modified Date = 2/22/2008 6:26:57 PM | Attr = S] Real -> C:\Documents and Settings\All Users\Application Data\Real -> [Folder | Modified Date = 2/22/2008 7:09:42 PM | Attr = ] C:\Documents and Settings\Default User\Application Data\ -> C:\Documents and Settings\Default User\Application Data -> [Folder | Modified Date = 2/23/2008 1:38:20 AM | Attr = RH ] Microsoft -> C:\Documents and Settings\Default User\Application Data\Microsoft -> [Folder | Modified Date = 2/22/2008 5:55:59 PM | Attr = S] C:\Documents and Settings\Ken\Application Data\ -> C:\Documents and Settings\Ken\Application Data -> [Folder | Modified Date = 2/22/2008 8:14:54 PM | Attr = RH ] Adobe -> C:\Documents and Settings\Ken\Application Data\Adobe -> [Folder | Modified Date = 2/22/2008 8:14:54 PM | Attr = ] Babylon -> C:\Documents and Settings\Ken\Application Data\Babylon -> [Folder | Modified Date = 2/22/2008 8:17:01 PM | Attr = ] Help -> C:\Documents and Settings\Ken\Application Data\Help -> [Folder | Modified Date = 2/22/2008 7:28:43 PM | Attr = ] Identities -> C:\Documents and Settings\Ken\Application Data\Identities -> [Folder | Modified Date = 2/22/2008 6:02:45 PM | Attr = ] Microsoft -> C:\Documents and Settings\Ken\Application Data\Microsoft -> [Folder | Modified Date = 2/22/2008 7:20:50 PM | Attr = S] MxBoost -> C:\Documents and Settings\Ken\Application Data\MxBoost -> [Folder | Modified Date = 2/22/2008 7:21:03 PM | Attr = ] Real -> C:\Documents and Settings\Ken\Application Data\Real -> [Folder | Modified Date = 2/22/2008 7:09:42 PM | Attr = ] C:\Documents and Settings\LocalService\Application Data\ -> C:\Documents and Settings\LocalService\Application Data -> [Folder | Modified Date = 2/22/2008 6:01:30 PM | Attr = ] Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [Folder | Modified Date = 2/22/2008 6:01:31 PM | Attr = S] C:\Documents and Settings\NetworkService\Application Data\ -> C:\Documents and Settings\NetworkService\Application Data -> [Folder | Modified Date = 2/22/2008 6:00:43 PM | Attr = ] Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [Folder | Modified Date = 2/22/2008 6:00:44 PM | Attr = S] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [Folder | Modified Date = 2/22/2008 6:01:32 PM | Attr = S] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 8/23/2001 8:00:00 PM | Attr = RH ] SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2/21/2008 11:29:35 AM | Attr = H ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]