[code] WinPFind35 logfile created on: 3/1/2008 10:53:51 AM WinPFind35U Version 1.0.2.1 Folder = C:\Documents and Settings\user\Desktop\WinPFind35u\WinPFind35u Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 79.97% Memory free 2.60 Gb Paging File | 2.39 Gb Available in Paging File | 92.03% Paging File free Paging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111.79 Gb Total Space | 3.94 Gb Free Space | 3.52% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-73CD16F737 Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - All] smss.exe -> %SystemRoot%\system32\smss.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 50688 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] csrss.exe -> %SystemRoot%\system32\csrss.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6144 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] winlogon.exe -> %SystemRoot%\system32\winlogon.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 502272 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] services.exe -> %SystemRoot%\system32\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] lsass.exe -> %SystemRoot%\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] svchost.exe -> %SystemRoot%\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\rpcss.dll [DcomLaunch] -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 11:39:49 PM | Attr = ] -> %SystemRoot%\system32\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] svchost.exe -> %SystemRoot%\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\rpcss.dll [RpcSs] -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 11:39:49 PM | Attr = ] svchost.exe -> %SystemRoot%\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\System32\appmgmts.dll [AppMgmt] -> File not found -> %SystemRoot%\system32\audiosrv.dll [AudioSrv] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 42496 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\qmgr.dll [BITS] -> Microsoft Corporation [Ver = 6.6.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 382464 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\browser.dll [Browser] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 77312 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\cryptsvc.dll [CryptSvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 60416 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\cryptsvc.dll [CryptSvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 60416 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\dhcpcsvc.dll [Dhcp] -> Microsoft Corporation [Ver = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) | Size = 111616 bytes | Modified Date = 5/19/2006 7:59:41 AM | Attr = ] -> %SystemRoot%\system32\dmserver.dll [dmserver] -> Microsoft Corp. [Ver = 2600.2180.503.0 | Size = 23552 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\ersvc.dll [ERSvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 23040 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\es.dll [EventSystem] -> Microsoft Corporation [Ver = 2001.12.4414.308 | Size = 243200 bytes | Modified Date = 7/25/2005 11:39:45 PM | Attr = ] -> %SystemRoot%\system32\shsvcs.dll [FastUserSwitchingCompatibility] -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 134656 bytes | Modified Date = 12/19/2006 4:52:18 PM | Attr = ] -> %SystemRoot%\pchealth\helpctr\binaries\pchsvc.dll [helpsvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 38912 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\hidserv.dll [HidServ] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 21504 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] -> %SystemRoot%\system32\srvsvc.dll [lanmanserver] -> Microsoft Corporation [Ver = 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729) | Size = 96768 bytes | Modified Date = 12/7/2004 2:32:34 PM | Attr = ] -> %SystemRoot%\system32\wkssvc.dll [lanmanworkstation] -> Microsoft Corporation [Ver = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106) | Size = 132096 bytes | Modified Date = 8/17/2006 7:28:27 AM | Attr = ] -> %SystemRoot%\system32\msgsvc.dll [Messenger] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33792 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\netman.dll [Netman] -> Microsoft Corporation [Ver = 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525) | Size = 197632 bytes | Modified Date = 8/22/2005 1:29:46 PM | Attr = ] -> %SystemRoot%\system32\mswsock.dll [Nla] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\ntmssvc.dll [NtmsSvc] -> Microsoft Corporation [Ver = 5.1.2400.2180 | Size = 435200 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\rasauto.dll [RasAuto] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 89088 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\rasmans.dll [RasMan] -> Microsoft Corporation [Ver = 5.1.2600.2908 (xpsp_sp2_gdr.060513-0343) | Size = 181248 bytes | Modified Date = 5/14/2006 3:44:08 AM | Attr = ] -> %SystemRoot%\system32\mprdim.dll [RemoteAccess] -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 49152 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\schedsvc.dll [Schedule] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 190976 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\seclogon.dll [seclogon] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 18944 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\sens.dll [SENS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 38912 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\ipnathlp.dll [SharedAccess] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\shsvcs.dll [ShellHWDetection] -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 134656 bytes | Modified Date = 12/19/2006 4:52:18 PM | Attr = ] -> %SystemRoot%\system32\srsvc.dll [srservice] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 170496 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\tapisrv.dll [TapiSrv] -> Microsoft Corporation [Ver = 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657) | Size = 249344 bytes | Modified Date = 7/8/2005 11:27:56 AM | Attr = ] -> %SystemRoot%\system32\shsvcs.dll [Themes] -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 134656 bytes | Modified Date = 12/19/2006 4:52:18 PM | Attr = ] -> %SystemRoot%\system32\trkwks.dll [TrkWks] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 90624 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\w32time.dll [W32Time] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 174592 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\wbem\wmisvc.dll [winmgmt] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 144896 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\mspmsnsv.dll [WmdmPmSN] -> Microsoft Corporation [Ver = 11.0.5721.5145 | Size = 27136 bytes | Modified Date = 10/18/2006 9:47:16 PM | Attr = ] -> %SystemRoot%\system32\wscsvc.dll [wscsvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 81408 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\wuauserv.dll [wuauserv] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\wzcsvc.dll [WZCSVC] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 359936 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\xmlprov.dll [xmlprov] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] svchost.exe -> %SystemRoot%\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\dnsrslvr.dll [Dnscache] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 45568 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] svchost.exe -> %SystemRoot%\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\alrsvc.dll [Alerter] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 17408 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\lmhsvc.dll [LmHosts] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13824 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\ssdpsrv.dll [SSDPSRV] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 71680 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\upnphost.dll [upnphost] -> Microsoft Corporation [Ver = 5.1.2600.3077 (xpsp_sp2_gdr.070204-2255) | Size = 185344 bytes | Modified Date = 2/5/2007 3:17:02 PM | Attr = ] -> %SystemRoot%\system32\webclnt.dll [WebClient] -> Microsoft Corporation [Ver = 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536) | Size = 68096 bytes | Modified Date = 1/3/2006 10:35:05 PM | Attr = ] spoolsv.exe -> %SystemRoot%\system32\spoolsv.exe -> Microsoft Corporation [Ver = 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) | Size = 57856 bytes | Modified Date = 6/10/2005 6:53:32 PM | Attr = ] explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Size = 1033216 bytes | Modified Date = 6/13/2007 5:23:07 AM | Attr = ] ctfmon.exe -> %SystemRoot%\system32\ctfmon.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15360 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] setpoint.exe -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> Logitech, Inc. [Ver = 4.40.88 | Size = 789008 bytes | Modified Date = 1/9/2008 12:32:08 PM | Attr = ] khalmnpr.exe -> %CommonProgramFiles%\Logishrd\KHAL2\KHALMNPR.exe -> Logitech, Inc. [Ver = 4.40.53 | Size = 55824 bytes | Modified Date = 1/9/2008 12:28:58 PM | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.12: 2008020121 | Size = 7655024 bytes | Modified Date = 2/8/2008 3:36:28 PM | Attr = ] aolacsd.exe -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> AOL LLC [Ver = 4.6.1.2 | Size = 46640 bytes | Modified Date = 10/23/2006 7:50:35 AM | Attr = R ] aoltsmon.exe -> %CommonProgramFiles%\AOL\TopSpeed\2.0\aoltsmon.exe -> America Online, Inc [Ver = 2, 0, 0, 0 | Size = 100016 bytes | Modified Date = 10/15/2004 3:54:14 PM | Attr = ] lxddserv.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\lxddserv.exe -> Lexmark International, Inc. [Ver = 1.42.0.22 | Size = 99248 bytes | Modified Date = 4/26/2007 12:21:42 AM | Attr = ] lxddcoms.exe -> %SystemRoot%\system32\lxddcoms.exe -> [Ver = 1.62.48.0 | Size = 537520 bytes | Modified Date = 4/26/2007 12:21:22 AM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] aoltpspd.exe -> %CommonProgramFiles%\AOL\TopSpeed\2.0\aoltpspd.exe -> America Online Inc [Ver = 2, 0, 0, 0 | Size = 46768 bytes | Modified Date = 10/15/2004 3:54:12 PM | Attr = ] pnkbstra.exe -> %SystemRoot%\system32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 12/27/2007 12:25:04 PM | Attr = ] svchost.exe -> %SystemRoot%\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] -> %SystemRoot%\system32\wiaservc.dll [stisvc] -> Microsoft Corporation [Ver = 5.1.2600.3051 (xpsp_sp2_gdr.061219-0316) | Size = 333824 bytes | Modified Date = 12/19/2006 1:16:47 PM | Attr = ] wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 218112 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.2.1 | Size = 310272 bytes | Modified Date = 2/27/2008 10:40:40 AM | Attr = ] [Win32 Services - All] (Alerter) Alerter [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ALG) Application Layer Gateway Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\alg.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 44544 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> AOL LLC [Ver = 4.6.1.2 | Size = 46640 bytes | Modified Date = 10/23/2006 7:50:35 AM | Attr = R ] (AOL TopSpeedMonitor) AOL TopSpeed Monitor [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\TopSpeed\2.0\aoltsmon.exe -> America Online, Inc [Ver = 2, 0, 0, 0 | Size = 100016 bytes | Modified Date = 10/15/2004 3:54:14 PM | Attr = ] (AppMgmt) Application Management [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> Microsoft Corporation [Ver = 2.0.50727.1433 (REDBITS.050727-1400) | Size = 33800 bytes | Modified Date = 10/24/2007 1:47:22 AM | Attr = ] (AudioSrv) Windows Audio [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Disabled | Stopped] -> %SystemDrive%\PROGRA~1\Grisoft\AVG7\avgamsvr.exe -> File not found (Avg7UpdSvc) AVG7 Update Service [Win32_Own | Disabled | Stopped] -> %SystemDrive%\PROGRA~1\Grisoft\AVG7\avgupsvc.exe -> File not found (AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Stopped] -> %SystemDrive%\PROGRA~1\Grisoft\AVG7\avgemc.exe -> File not found (BITS) Background Intelligent Transfer Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Browser) Computer Browser [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (CiSvc) Indexing Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\cisvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5632 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ClipSrv) ClipBook [Win32_Own | Disabled | Stopped] -> %SystemRoot%\system32\clipsrv.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33280 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> Microsoft Corporation [Ver = 2.0.50727.1433 (REDBITS.050727-1400) | Size = 70144 bytes | Modified Date = 10/24/2007 1:47:40 AM | Attr = ] (COMSysApp) COM+ System Application [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\dllhost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5120 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (CryptSvc) Cryptographic Services [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Dhcp) DHCP Client [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (dmserver) Logical Disk Manager [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Dnscache) DNS Client [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ERSvc) Error Reporting Service [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Eventlog) Event Log [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (EventSystem) COM+ Event System [Win32_Shared | On_Demand | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (FastUserSwitchingCompatibility) Fast User Switching Compatibility [Win32_Shared | On_Demand | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (HidServ) HID Input Service [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (HTTPFilter) HTTP SSL [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 10/22/2004 3:24:18 AM | Attr = ] (ImapiService) IMAPI CD-Burning COM Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\imapi.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 150016 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (lanmanserver) Server [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (lanmanworkstation) Workstation [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (LBTServ) Logitech Bluetooth Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Logishrd\Bluetooth\LBTServ.exe -> Logitech, Inc. [Ver = 4.40.88 | Size = 121360 bytes | Modified Date = 1/9/2008 12:30:08 PM | Attr = ] (LmHosts) TCP/IP NetBIOS Helper [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (lxddCATSCustConnectService) lxddCATSCustConnectService [Win32_Own | Auto | Running] -> %SystemRoot%\system32\spool\drivers\w32x86\3\lxddserv.exe -> Lexmark International, Inc. [Ver = 1.42.0.22 | Size = 99248 bytes | Modified Date = 4/26/2007 12:21:42 AM | Attr = ] (lxdd_device) lxdd_device [Win32_Own | Auto | Running] -> %SystemRoot%\system32\lxddcoms.exe -> [Ver = 1.62.48.0 | Size = 537520 bytes | Modified Date = 4/26/2007 12:21:22 AM | Attr = ] (Messenger) Messenger [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (mnmsrvc) NetMeeting Remote Desktop Sharing [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\mnmsrvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 | Size = 32768 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (MSDTC) Distributed Transaction Coordinator [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\msdtc.exe -> Microsoft Corporation [Ver = 2001.12.4414.258 | Size = 6144 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (MSIServer) Windows Installer [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\msiexec.exe -> Microsoft Corporation [Ver = 3.1.4000.1823 | Size = 78848 bytes | Modified Date = 5/4/2005 1:45:36 PM | Attr = ] (NetDDE) Network DDE [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\system32\netdde.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 111104 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NetDDEdsdm) Network DDE DSDM [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\system32\netdde.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 111104 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Netlogon) Net Logon [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Netman) Network Connections [Win32_Shared | On_Demand | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Nla) Network Location Awareness (NLA) [Win32_Shared | On_Demand | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NtLmSsp) NT LM Security Support Provider [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NtmsSvc) Removable Storage [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] (PlugPlay) Plug and Play [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 12/27/2007 12:25:04 PM | Attr = ] (PolicyAgent) IPSEC Services [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ProtectedStorage) Protected Storage [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (RasAuto) Remote Access Auto Connection Manager [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (RasMan) Remote Access Connection Manager [Win32_Shared | On_Demand | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (RDSessMgr) Remote Desktop Help Session Manager [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\sessmgr.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (RemoteAccess) Routing and Remote Access [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (RpcLocator) Remote Procedure Call (RPC) Locator [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\locator.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 75264 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (RpcSs) Remote Procedure Call (RPC) [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (RSVP) QoS RSVP [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\rsvp.exe -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 132608 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (SamSs) Security Accounts Manager [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (SCardSvr) Smart Card [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\scardsvr.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 95744 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Schedule) Task Scheduler [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (seclogon) Secondary Logon [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (SENS) System Event Notification [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS) [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ShellHWDetection) Shell Hardware Detection [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Spooler) Print Spooler [Win32_Own | Auto | Running] -> %SystemRoot%\system32\spoolsv.exe -> Microsoft Corporation [Ver = 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) | Size = 57856 bytes | Modified Date = 6/10/2005 6:53:32 PM | Attr = ] (srservice) System Restore Service [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (SSDPSRV) SSDP Discovery Service [Win32_Shared | On_Demand | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (stisvc) Windows Image Acquisition (WIA) [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (SwPrv) MS Software Shadow Copy Provider [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\dllhost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5120 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (SysmonLog) Performance Logs and Alerts [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\smlogsvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 89600 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (TapiSrv) Telephony [Win32_Shared | On_Demand | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (TermService) Terminal Services [Win32_Shared | On_Demand | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Themes) Themes [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (TrkWks) Distributed Link Tracking Client [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (upnphost) Universal Plug and Play Device Host [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (UPS) Uninterruptible Power Supply [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\ups.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 18432 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (VSS) Volume Shadow Copy [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\vssvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 289792 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (W32Time) Windows Time [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (WebClient) WebClient [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (winmgmt) Windows Management Instrumentation [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (WmdmPmSN) Portable Media Serial Number Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (WmiApSrv) WMI Performance Adapter [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\wbem\wmiapsrv.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 126464 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> Microsoft Corporation [Ver = 11.0.5721.5145 (WMP_11.061018-2006) | Size = 913408 bytes | Modified Date = 10/18/2006 8:05:24 PM | Attr = ] (wscsvc) Security Center [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (wuauserv) Automatic Updates [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (WZCSVC) Wireless Zero Configuration [Win32_Shared | Auto | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (xmlprov) Network Provisioning Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] [Driver Services - All] (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found (ACPI) Microsoft ACPI Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\acpi.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 187776 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ACPIEC) ACPIEC [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\acpiec.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 11648 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found (aec) Microsoft Kernel Acoustic Echo Canceller [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\aec.sys -> Microsoft Corporation [Ver = 5.1.2601.2180 | Size = 142464 bytes | Modified Date = 2/14/2006 7:22:26 PM | Attr = ] (AFD) AFD [Kernel | System | Running] -> %SystemRoot%\system32\drivers\afd.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 138496 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found (ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5750 built by: WinDDK | Size = 2297664 bytes | Modified Date = 11/17/2004 6:05:38 AM | Attr = ] (AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found (AmdK8) AMD Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AmdK8.sys -> Advanced Micro Devices [Ver = 1.3.2 (dnsrv(wmbla).060701-2226) | Size = 36864 bytes | Modified Date = 7/1/2006 10:39:40 PM | Attr = ] (amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found (Arp1394) 1394 ARP Client Protocol [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\arp1394.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 60800 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (asc) asc [Kernel | Disabled | Stopped] -> -> File not found (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found (asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found (ASCTRM) ASCTRM [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\asctrm.sys -> Windows (R) 2000 DDK provider [Ver = 5.00.2195.1 | Size = 8552 bytes | Modified Date = 7/15/2007 8:50:30 AM | Attr = ] (AsyncMac) RAS Asynchronous Media Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\asyncmac.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (atapi) Standard IDE/ESDI Hard Disk Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\atapi.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 95360 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found (ATI Remote Wonder II) ATI Remote Wonder II [Kernel | On_Demand | Stopped] -> system32\drivers\ATIRWVD.SYS -> File not found (Atmarpc) ATM ARP Client Protocol [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\atmarpc.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (audstub) Audio Stub Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\audstub.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 3072 bytes | Modified Date = 8/17/2001 8:59:44 AM | Attr = ] (Avg7Core) AVG7 Kernel [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.498 | Size = 821856 bytes | Modified Date = 1/4/2008 8:25:11 PM | Attr = ] (Avg7RsW) AVG7 Wrap Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 1/4/2008 8:25:14 PM | Attr = ] (Avg7RsXP) AVG7 Resident Driver XP [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 1/4/2008 8:25:14 PM | Attr = ] (AvgClean) AVG7 Clean Driver [Kernel | System | Stopped] -> %SystemRoot%\System32\Drivers\avgclean.sys -> File not found (AvgTdi) AVG Network Redirector [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 1/4/2008 8:25:16 PM | Attr = ] (Beep) Beep [Kernel | System | Running] -> %SystemRoot%\system32\drivers\beep.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 4224 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (cbidf2k) cbidf2k [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cbidf2k.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 13952 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (CCDECODE) Closed Caption Decoder [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\CCDECODE.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 17024 bytes | Modified Date = 8/3/2004 11:10:18 PM | Attr = ] (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found (Cdaudio) Cdaudio [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\cdaudio.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 18688 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Cdfs) Cdfs [File_System | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cdfs.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 63744 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Cdrom) CD-ROM Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cdrom.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Changer) Changer [Kernel | System | Stopped] -> -> File not found (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found (cusbohcn) cusbohcn [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\user\LOCALS~1\Temp\cusbohcn.sys -> File not found (CxLPT) Logitech QuickCam VC [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\cxlpt.sys -> Logitech Inc. [Ver = 4.1.5.1143 | Size = 21840 bytes | Modified Date = 4/9/1999 2:17:32 PM | Attr = ] (CxUSB) Logitech QuickCam VC USB [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\CxUSB.sys -> Logitech Inc. [Ver = 4.1.5.1143 | Size = 18944 bytes | Modified Date = 4/9/1999 9:16:58 AM | Attr = R ] (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found (Disk) Disk Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\disk.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 36352 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (dmio) dmio [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (DMusic) Microsoft Kernel DLS Syntheiszer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\DMusic.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 52864 bytes | Modified Date = 8/3/2004 6:07:40 PM | Attr = ] (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found (drmkaud) Microsoft Kernel DRM Audio Descrambler [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\drmkaud.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 2944 bytes | Modified Date = 8/3/2004 6:07:58 PM | Attr = ] (ENTECH) ENTECH [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Entech.sys -> EnTech Taiwan [Ver = 1.0 | Size = 21664 bytes | Modified Date = 10/25/2004 8:02:00 PM | Attr = ] (Fastfat) Fastfat [File_System | Disabled | Stopped] -> %SystemRoot%\system32\drivers\fastfat.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 143360 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Fdc) Floppy Disk Controller Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\fdc.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 27392 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Fips) Fips [Kernel | System | Running] -> %SystemRoot%\system32\drivers\fips.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 34944 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Flpydisk) Floppy Disk Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\flpydisk.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 20480 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (FltMgr) FltMgr [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\fltmgr.sys -> Microsoft Corporation [Ver = 5.1.2600.2978 (xpsp_sp2_gdr.060821-0039) | Size = 128896 bytes | Modified Date = 8/21/2006 4:14:58 AM | Attr = ] (Ftdisk) Volume Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ftdisk.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 125056 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (gameenum) Game Port Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\gameenum.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 10624 bytes | Modified Date = 8/3/2004 6:08:22 PM | Attr = ] (Gpc) Generic Packet Classifier [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\msgpc.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 35072 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (HidUsb) Microsoft HID Class Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hidusb.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 9600 bytes | Modified Date = 8/17/2001 2:02:20 PM | Attr = ] (hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found (HTTP) HTTP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\http.sys -> Microsoft Corporation [Ver = 5.1.2600.2869 (xpsp_sp2_gdr.060316-1512) | Size = 262784 bytes | Modified Date = 3/16/2006 7:33:10 PM | Attr = ] (i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found (i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found (i8042prt) i8042 Keyboard and PS/2 Mouse Port Driver [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\i8042prt.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 52736 bytes | Modified Date = 8/3/2004 11:14:38 PM | Attr = ] (IKFileSec) File Security Driver [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\ikfilesec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1039 built by: WinDDK | Size = 42376 bytes | Modified Date = 2/1/2008 12:55:52 PM | Attr = ] (IKSysFlt) System Filter Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\iksysflt.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1029 | Size = 66952 bytes | Modified Date = 12/10/2007 2:53:28 PM | Attr = ] (Imapi) CD-Burning Filter Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\imapi.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 41856 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found (IntelC51) IntelC51 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\IntelC51.sys -> Intel Corporation [Ver = 1.6.14.86 | Size = 2166454 bytes | Modified Date = 8/30/2002 7:58:04 AM | Attr = R ] (IntelC52) Intel(R) 537 Data Fax Voice V.92 Modem [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\IntelC52.sys -> Intel Corporation [Ver = 4.44 | Size = 447921 bytes | Modified Date = 8/30/2002 7:49:48 AM | Attr = R ] (IntelC53) IntelC53 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\IntelC53.sys -> Intel Corporation [Ver = 1.6.14.86 | Size = 26921 bytes | Modified Date = 8/30/2002 7:58:32 AM | Attr = R ] (IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found (Ip6Fw) IPv6 Windows Firewall Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ip6fw.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 29056 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (IPFilter) Microsoft IntelliPoint Features driver [Kernel | On_Demand | Stopped] -> system32\DRIVERS\IPFilter.sys -> File not found (IpFilterDriver) IP Traffic Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ipfltdrv.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 32896 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ipinip.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 20992 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (IpNat) IP Network Address Translator [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ipnat.sys -> Microsoft Corporation [Ver = 5.1.2600.2524 (xpsp_sp2_gdr.040919-1056) | Size = 134912 bytes | Modified Date = 9/29/2004 5:28:37 PM | Attr = ] (IPSec) IPSEC driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ipsec.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 74752 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (IRENUM) IR Enumerator Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\irenum.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 11264 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (isapnp) PnP ISA/EISA Bus Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\isapnp.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 35840 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Kbdclass) Keyboard Class Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\kbdclass.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (kbdhid) Keyboard HID Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\kbdhid.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14848 bytes | Modified Date = 8/3/2004 10:58:36 PM | Attr = ] (kmixer) Microsoft Kernel Wave Audio Mixer [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\kmixer.sys -> Microsoft Corporation [Ver = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) | Size = 172416 bytes | Modified Date = 6/14/2006 3:47:45 AM | Attr = ] (KSecDD) KSecDD [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ksecdd.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 92032 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (L8042Kbd) Logitech SetPoint Keyboard Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\L8042Kbd.sys -> Logitech, Inc. [Ver = 4.40.53.00 | Size = 20240 bytes | Modified Date = 11/29/2007 2:17:28 AM | Attr = ] (L8042mou) SetPoint PS/2 Mouse Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\L8042mou.Sys -> Logitech, Inc. [Ver = 4.40.53.00 | Size = 63120 bytes | Modified Date = 11/29/2007 2:17:34 AM | Attr = ] (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found (LHidFilt) Logitech SetPoint KMDF HID Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LHidFilt.Sys -> Logitech, Inc. [Ver = 4.40.53.00 | Size = 35088 bytes | Modified Date = 11/29/2007 2:17:48 AM | Attr = ] (LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LMouFilt.Sys -> Logitech, Inc. [Ver = 4.40.53.00 | Size = 36368 bytes | Modified Date = 11/29/2007 2:17:56 AM | Attr = ] (LMouKE) SetPoint Mouse Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LMouKE.Sys -> Logitech, Inc. [Ver = 4.40.53.00 | Size = 78992 bytes | Modified Date = 11/29/2007 2:18:04 AM | Attr = ] (mnmdd) mnmdd [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mnmdd.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 4224 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Modem) Modem [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\modem.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 30080 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MODEMCSA.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 16128 bytes | Modified Date = 8/17/2001 12:57:38 PM | Attr = ] (Mouclass) Mouse Class Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mouclass.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 23040 bytes | Modified Date = 8/3/2004 10:58:34 PM | Attr = ] (mouhid) Mouse HID Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mouhid.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 12160 bytes | Modified Date = 8/17/2001 1:48:00 PM | Attr = ] (MountMgr) MountMgr [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\mountmgr.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 42240 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found (MRxDAV) WebDav Client Redirector [File_System | On_Demand | Running] -> %SystemRoot%\system32\drivers\mrxdav.sys -> Microsoft Corporation [Ver = 5.1.2600.3276 (xpsp_sp2_gdr.071218-1250) | Size = 179584 bytes | Modified Date = 12/18/2007 4:51:35 AM | Attr = ] (MRxSmb) MRxSmb [File_System | System | Running] -> %SystemRoot%\system32\drivers\mrxsmb.sys -> Microsoft Corporation [Ver = 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036) | Size = 453120 bytes | Modified Date = 5/5/2006 4:41:45 AM | Attr = ] (Msfs) Msfs [File_System | System | Running] -> %SystemRoot%\system32\drivers\msfs.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 19072 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (MSKSSRV) Microsoft Streaming Service Proxy [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MSKSSRV.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 7552 bytes | Modified Date = 8/3/2004 5:58:42 PM | Attr = ] (MSPCLOCK) Microsoft Streaming Clock Proxy [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MSPCLOCK.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5376 bytes | Modified Date = 8/3/2004 5:58:40 PM | Attr = ] (MSPQM) Microsoft Streaming Quality Manager Proxy [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MSPQM.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 4992 bytes | Modified Date = 8/3/2004 5:58:42 PM | Attr = ] (mssmbios) Microsoft System Management BIOS Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mssmbios.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15488 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (MSTEE) Microsoft Streaming Tee/Sink-to-Sink Converter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MSTEE.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5504 bytes | Modified Date = 8/3/2004 10:58:40 PM | Attr = ] (ms_mpu401) Microsoft MPU-401 MIDI UART Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\msmpu401.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 2944 bytes | Modified Date = 8/17/2001 9:00:04 AM | Attr = ] (MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ASACPI.sys -> [Ver = 1043, 2, 15, 37 | Size = 5810 bytes | Modified Date = 8/12/2004 9:56:20 PM | Attr = R ] (Mup) Mup [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\mup.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 107904 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NABTSFEC) NABTS/FEC VBI Codec [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NABTSFEC.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 85376 bytes | Modified Date = 8/3/2004 11:10:30 PM | Attr = ] (NDIS) NDIS System Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ndis.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 182912 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NdisIP) Microsoft TV/Video Connection [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NdisIP.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 10880 bytes | Modified Date = 8/3/2004 11:10:14 PM | Attr = ] (NdisTapi) Remote Access NDIS TAPI Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ndistapi.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 9600 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Ndisuio) NDIS Usermode I/O Protocol [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ndisuio.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 12928 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NdisWan) Remote Access NDIS WAN Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ndiswan.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 91776 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NDProxy) NDIS Proxy [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ndproxy.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 38016 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NetBIOS) NetBIOS Interface [File_System | System | Running] -> %SystemRoot%\system32\drivers\netbios.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 34560 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NetBT) NetBios over Tcpip [Kernel | System | Running] -> %SystemRoot%\system32\drivers\netbt.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 162816 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NIC1394) 1394 Net Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nic1394.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 61824 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Npfs) Npfs [File_System | System | Running] -> %SystemRoot%\system32\drivers\npfs.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 30848 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Ntfs) Ntfs [File_System | Disabled | Running] -> %SystemRoot%\system32\drivers\ntfs.sys -> Microsoft Corporation [Ver = 5.1.2600.3081 (xpsp_sp2_gdr.070209-0028) | Size = 574464 bytes | Modified Date = 2/9/2007 6:10:35 AM | Attr = ] (Null) Null [Kernel | System | Running] -> %SystemRoot%\system32\drivers\null.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 2944 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] (nvax) Service for NVIDIA(R) nForce(TM) Audio Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nvax.sys -> NVIDIA Corporation [Ver = 6.14.0465.0 built by: NVIDIA | Size = 53376 bytes | Modified Date = 7/26/2005 5:58:30 AM | Attr = ] (NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NVENETFD.sys -> NVIDIA Corporation [Ver = 1.00.00.0466 | Size = 33408 bytes | Modified Date = 11/24/2004 4:42:46 AM | Attr = R ] (nvnetbus) NVIDIA Network Bus Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nvnetbus.sys -> NVIDIA Corporation [Ver = 1.00.00.0467 | Size = 12928 bytes | Modified Date = 12/16/2004 6:14:28 AM | Attr = R ] (nvnforce) Service for NVIDIA(R) nForce(TM) Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nvapu.sys -> NVIDIA Corporation [Ver = 6.14.0465.0 built by: NVIDIA | Size = 415360 bytes | Modified Date = 7/26/2005 6:01:56 AM | Attr = ] (NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nwlnkflt.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 12416 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nwlnkfwd.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 32512 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ohci1394) Texas Instruments OHCI Compliant IEEE 1394 Host Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ohci1394.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 61056 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Parport) Parallel port driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\parport.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 80128 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (PartMgr) PartMgr [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\partmgr.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 18688 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ParVdm) ParVdm [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\parvdm.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 6784 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (PCI) PCI Bus Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pci.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68224 bytes | Modified Date = 8/3/2004 10:07:48 PM | Attr = ] (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found (PCIIde) PCIIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pciide.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 3328 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Pcmcia) Pcmcia [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\pcmcia.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 119936 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found (pepifilter) Volume Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\lv302af.sys -> Labtec Inc. [Ver = 8.1.7.1018 | Size = 5915 bytes | Modified Date = 1/20/2004 8:14:46 PM | Attr = ] (perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found (PID_08A0) Labtec WebCam Pro(PID_08A0) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LV302AV.SYS -> Labtec Inc. [Ver = 8.1.7.1018 | Size = 271360 bytes | Modified Date = 1/20/2004 8:14:42 PM | Attr = ] (PptpMiniport) WAN Miniport (PPTP) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\raspptp.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 48384 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Processor) Processor Driver [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\processr.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 35328 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (prodrv06) StarForce Protection Environment Driver v6 [Kernel | System | Running] -> %SystemRoot%\system32\drivers\prodrv06.sys -> Protection Technology [Ver = 6.38 | Size = 77184 bytes | Modified Date = 3/9/2004 4:45:49 AM | Attr = ] (prohlp02) StarForce Protection Helper Driver v2 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\prohlp02.sys -> Protection Technology [Ver = 2.38 | Size = 65504 bytes | Modified Date = 3/9/2004 5:18:09 AM | Attr = ] (prosync1) StarForce Protection Synchronization Driver v1 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\prosync1.sys -> Protection Technology [Ver = 1.5 | Size = 6944 bytes | Modified Date = 9/6/2003 7:22:08 AM | Attr = ] (PSched) QoS Packet Scheduler [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\psched.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69120 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found (ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found (ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found (ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found (RasAcd) Remote Access Auto Connection Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\rasacd.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 8832 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Rasl2tp) WAN Miniport (L2TP) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rasl2tp.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 51328 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (RasPppoe) Remote Access PPPOE Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\raspppoe.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 41472 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Raspti) Direct Parallel [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\raspti.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 16512 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Rdbss) Rdbss [File_System | System | Running] -> %SystemRoot%\system32\drivers\rdbss.sys -> Microsoft Corporation [Ver = 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036) | Size = 174592 bytes | Modified Date = 5/5/2006 4:47:57 AM | Attr = ] (RDPCDD) RDPCDD [Kernel | System | Running] -> %SystemRoot%\system32\drivers\rdpcdd.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 4224 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (RDPWD) RDPWD [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\rdpwd.sys -> Microsoft Corporation [Ver = 5.1.2600.2695 (xpsp_sp2_gdr.050609-1528) | Size = 139528 bytes | Modified Date = 6/9/2005 11:09:46 PM | Attr = ] (redbook) Digital CD Audio Playback Filter Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\redbook.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 57472 bytes | Modified Date = 8/3/2004 5:59:38 PM | Attr = ] (SANDRA) SANDRA [Kernel | On_Demand | Stopped] -> %ProgramFiles%\SiSoftware\SiSoftware Sandra Lite XI\Sandra.sys -> File not found (Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 11/13/2007 5:25:53 AM | Attr = ] (serenum) Serenum Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\serenum.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15488 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Serial) Serial port driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\serial.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 64896 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (sfdrv01) StarForce Protection Environment Driver (version 1.x) [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sfdrv01.sys -> Protection Technology [Ver = 1.37 | Size = 50688 bytes | Modified Date = 8/10/2005 7:44:04 AM | Attr = ] (sfhlp01) StarForce Protection Helper Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sfhlp01.sys -> Protection Technology [Ver = 1.5 | Size = 4832 bytes | Modified Date = 12/1/2003 10:20:52 AM | Attr = ] (sfhlp02) StarForce Protection Helper Driver (version 2.x) [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sfhlp02.sys -> Protection Technology [Ver = 2.3 | Size = 6656 bytes | Modified Date = 5/16/2005 8:20:39 AM | Attr = ] (Sfloppy) Sfloppy [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\sfloppy.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 11392 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (sfvfs02) StarForce Protection VFS Driver (version 2.x) [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sfvfs02.sys -> Protection Technology [Ver = 2.13 | Size = 63488 bytes | Modified Date = 11/3/2005 9:40:07 AM | Attr = ] (Si3114r5) SiI-3114 SoftRaid 5 Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\Si3114r5.sys -> Silicon Image, Inc [Ver = 1, 3, 0, 9 | Size = 185856 bytes | Modified Date = 10/18/2005 12:58:56 PM | Attr = ] (SiFilter) SATALink driver accelerator [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\SiWinAcc.sys -> Silicon Image, Inc. [Ver = 1.0.0.11 | Size = 10368 bytes | Modified Date = 11/1/2004 12:21:32 PM | Attr = ] (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found (SLIP) BDA Slip De-Framer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SLIP.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 11136 bytes | Modified Date = 8/3/2004 11:10:18 PM | Attr = ] (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found (splitter) Microsoft Kernel Audio Splitter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\splitter.sys -> Microsoft Corporation [Ver = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) | Size = 6400 bytes | Modified Date = 6/14/2006 3:47:46 AM | Attr = ] (sr) System Restore Filter Driver [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\sr.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73472 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (srosa) Megadrv3 [Kernel | System | Running] -> %SystemRoot%\system32\drivers\srosa.sys -> [Ver = | Size = 124890 bytes | Modified Date = 3/1/2008 10:52:16 AM | Attr = ] (Srv) Srv [File_System | On_Demand | Running] -> %SystemRoot%\system32\drivers\srv.sys -> Microsoft Corporation [Ver = 5.1.2600.2974 (xpsp_sp2_gdr.060814-0101) | Size = 332928 bytes | Modified Date = 8/14/2006 5:34:41 AM | Attr = ] (STEAMDVR) STEAMDVR [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Valve\Steam\bin\x86\SteamDvr.sys -> File not found (streamip) BDA IPSink [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\StreamIP.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15360 bytes | Modified Date = 8/3/2004 11:10:14 PM | Attr = ] (swenum) Software Bus Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\swenum.sys -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 4352 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (swmidi) Microsoft Kernel GS Wavetable Synthesizer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\swmidi.sys -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 54272 bytes | Modified Date = 8/17/2001 9:00:52 AM | Attr = ] (symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found (sysaudio) Microsoft Kernel System Audio Device [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sysaudio.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 60800 bytes | Modified Date = 8/3/2004 6:15:56 PM | Attr = ] (szkg) szkg [Kernel | Boot | Stopped] -> %SystemRoot%\system32\DRIVERS\szkg.sys -> File not found (Tcpip) TCP/IP Protocol Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\tcpip.sys -> Microsoft Corporation [Ver = 5.1.2600.3244 (xpsp_sp2_gdr.071030-1259) | Size = 360064 bytes | Modified Date = 10/30/2007 12:20:55 PM | Attr = ] (TDPIPE) TDPIPE [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\tdpipe.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 12040 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (TDTCP) TDTCP [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\tdtcp.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 21896 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (TermDD) Terminal Device Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\termdd.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 40840 bytes | Modified Date = 8/4/2004 12:01:08 AM | Attr = ] (TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found (Udfs) Udfs [File_System | Disabled | Stopped] -> %SystemRoot%\system32\drivers\udfs.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 66176 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found (Update) Microcode Update Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\update.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 209408 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\USBAUDIO.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59264 bytes | Modified Date = 8/3/2004 11:07:56 PM | Attr = ] (usbccgp) Microsoft USB Generic Parent Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbccgp.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 31616 bytes | Modified Date = 8/3/2004 11:08:48 PM | Attr = ] (usbehci) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbehci.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 26624 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (usbhub) USB2 Enabled Hub [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbhub.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 57600 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (usbohci) Microsoft USB Open Host Controller Miniport Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbohci.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 17024 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (usbprint) Microsoft USB PRINTER Class [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbprint.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 25856 bytes | Modified Date = 8/3/2004 10:01:26 PM | Attr = ] (usbscan) USB Scanner Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbscan.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15104 bytes | Modified Date = 8/3/2004 9:58:46 PM | Attr = ] (USBSTOR) USB Mass Storage Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\USBSTOR.SYS -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 26496 bytes | Modified Date = 8/3/2004 10:08:48 PM | Attr = ] (VgaSave) VgaSave [Kernel | System | Running] -> %SystemRoot%\system32\drivers\vga.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 20992 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (ViaIde) ViaIde [Kernel | Disabled | Stopped] -> -> File not found (VolSnap) VolSnap [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\volsnap.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 52352 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (Wanarp) Remote Access IP ARP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\wanarp.sys -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 34560 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] (wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\wanatw4.sys -> America Online, Inc. [Ver = 8.3.0.0 | Size = 33588 bytes | Modified Date = 1/10/2003 4:13:04 PM | Attr = ] (Wdf01000) Wdf01000 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\wdf01000.sys -> Microsoft Corporation [Ver = 1.5.6000.0 (vista_rtm.061101-2205) | Size = 492000 bytes | Modified Date = 11/2/2006 7:22:54 AM | Attr = ] (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found (wdmaud) Microsoft WINMM WDM Audio Compatibility Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\wdmaud.sys -> Microsoft Corporation [Ver = 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359) | Size = 82944 bytes | Modified Date = 6/14/2006 4:00:45 AM | Attr = ] (WSTCODEC) World Standard Teletext Codec [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\WSTCODEC.SYS -> Microsoft Corporation [Ver = 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 19328 bytes | Modified Date = 8/3/2004 11:10:22 PM | Attr = ] (WudfPf) Windows Driver Foundation - User-mode Driver Framework Platform Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\WudfPf.sys -> Microsoft Corporation [Ver = 6.0.5716.32 (winmain(wmbla).060928-1756) | Size = 77568 bytes | Modified Date = 9/28/2006 6:55:50 PM | Attr = ] (WudfRd) Windows Driver Foundation - User-mode Driver Framework Reflector [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\WudfRd.sys -> Microsoft Corporation [Ver = 6.0.5716.32 (winmain(wmbla).060928-1756) | Size = 82944 bytes | Modified Date = 9/28/2006 7:00:34 PM | Attr = ] [Registry - All] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AVG7_CC -> %SystemDrive%\PROGRA~1\Grisoft\AVG7\avgcc.exe -> File not found Kernel and Hardware Abstraction Layer -> %SystemRoot%\KHALMNPR.Exe -> Logitech, Inc. [Ver = 4.40.53 | Size = 55824 bytes | Modified Date = 11/29/2007 2:17:20 AM | Attr = ] LogitechGalleryRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Labtec Inc. [Ver = 8.1.7.1036 | Size = 188416 bytes | Modified Date = 2/12/2004 4:57:20 PM | Attr = ] LogitechVideoTray -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> File not found NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 8523776 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nwiz -> %SystemRoot%\system32\nwiz.exe -> [Ver = | Size = 1626112 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Inc. [Ver = 7.1.6 | Size = 282624 bytes | Modified Date = 4/27/2007 8:41:54 AM | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> ctfmon.exe -> %SystemRoot%\system32\ctfmon.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15360 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] MSMSGS -> %ProgramFiles%\Messenger\msmsgs.exe -> Microsoft Corporation [Ver = 4.7.3001 | Size = 1694208 bytes | Modified Date = 10/13/2004 11:24:37 AM | Attr = ] NBJ -> %ProgramFiles%\Ahead\Nero BackItUp\NBJ.exe -> Ahead Software AG [Ver = 1, 2, 0, 53 | Size = 1957888 bytes | Modified Date = 6/2/2005 3:03:08 PM | Attr = ] SpybotSD TeaTimer -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 5, 2, 16 | Size = 2097488 bytes | Modified Date = 1/28/2008 11:43:40 AM | Attr = RHS] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> Logitech, Inc. [Ver = 4.40.88 | Size = 789008 bytes | Modified Date = 1/9/2008 12:32:08 PM | Attr = ] < user Startup Folder > -> C:\Documents and Settings\user\Start Menu\Programs\Startup -> -> %UserProfile%\Start Menu\Programs\Startup\PowerReg SchedulerV2.exe -> [Ver = 2, 0, 0, 1 | Size = 256000 bytes | Modified Date = 3/2/2007 1:37:44 PM | Attr = ] %UserProfile%\Start Menu\Programs\Startup\Webshots.lnk -> %ProgramFiles%\Webshots\Launcher.exe -> [Ver = | Size = 45056 bytes | Modified Date = 9/16/2004 8:46:18 AM | Attr = ] < IFEO [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ -> Your Image File Name Here without a path -> %SystemRoot%\system32\ntsd.exe [Debugger] -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 31744 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> {fbeb8a05-beee-4442-804e-409d6c4515e9} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shell32.dll [CDBurn] -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 10/25/2007 10:34:01 PM | Attr = ] {7849596a-48ea-486e-8937-a2a3009f31a9} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shell32.dll [PostBootReminder] -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 10/25/2007 10:34:01 PM | Attr = ] {35CEC8A3-2BE6-11D2-8773-92E220524153} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\stobject.dll [SysTray] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 121856 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\webcheck.dll [WebCheck] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 233472 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] {AAA288BA-9A4C-45B0-95D7-94D524869DB5} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\WPDShServiceObj.dll [WPDShServiceObj] -> Microsoft Corporation [Ver = 5.2.5721.5145 (WMP_11.061018-2006) | Size = 133632 bytes | Modified Date = 10/18/2006 9:47:22 PM | Attr = ] < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {AEB6717E-7E19-11d0-97EE-00C04FD91972} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found < SharedTaskScheduler [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler -> {438755C2-A8BA-11D1-B96B-00A0C90312E1} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\browseui.dll [Browseui preloader] -> Microsoft Corporation [Ver = 6.00.2900.2995 (xpsp_sp2_gdr.060913-0010) | Size = 1022976 bytes | Modified Date = 9/14/2006 3:39:49 AM | Attr = ] {8C7461EF-2B13-11d2-BE35-3078302C2030} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\browseui.dll [Component Categories cache daemon] -> Microsoft Corporation [Ver = 6.00.2900.2995 (xpsp_sp2_gdr.060913-0010) | Size = 1022976 bytes | Modified Date = 9/14/2006 3:39:49 AM | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> *SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> msapsspc.dll -> %SystemRoot%\system32\msapsspc.dll -> Microsoft Corporation [Ver = 6.00.7755 | Size = 86016 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] schannel.dll -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 9:21:15 AM | Attr = ] digest.dll -> %SystemRoot%\system32\digest.dll -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 68608 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] msnsspc.dll -> %SystemRoot%\system32\msnsspc.dll -> Microsoft Corporation [Ver = 6.1.1825.0 | Size = 290816 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Size = 1033216 bytes | Modified Date = 6/13/2007 5:23:07 AM | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 514560 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\system32\rundll32.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33280 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AtiExtEvent -> -> File not found crypt32chain -> %SystemRoot%\system32\crypt32.dll -> Microsoft Corporation [Ver = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 597504 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] cryptnet -> %SystemRoot%\system32\cryptnet.dll -> Microsoft Corporation [Ver = 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 63488 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] cscdll -> %SystemRoot%\system32\cscdll.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 101888 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] LBTWlgn -> %CommonProgramFiles%\Logishrd\Bluetooth\LBTWLgn.dll -> Logitech, Inc. [Ver = 4.40.88 | Size = 72208 bytes | Modified Date = 1/9/2008 12:30:32 PM | Attr = ] ScCertProp -> %SystemRoot%\system32\wlnotify.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 92672 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Schedule -> %SystemRoot%\system32\wlnotify.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 92672 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] sclgntfy -> %SystemRoot%\system32\sclgntfy.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 20992 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] SensLogn -> %SystemRoot%\system32\wlnotify.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 92672 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] termsrv -> %SystemRoot%\system32\wlnotify.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 92672 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] WgaLogon -> %SystemRoot%\system32\WgaLogon.dll -> Microsoft Corporation [Ver = 1.7.0017.0 | Size = 236928 bytes | Modified Date = 2/15/2007 6:00:26 PM | Attr = ] wlballoon -> %SystemRoot%\system32\wlnotify.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 92672 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\EnableLUA -> 0 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\Shell\ -> -> < HOSTS File > (232053 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.msn.com/access/allinone.asp -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.com/ -> HKEY_CURRENT_USER\: URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\ieframe.dll [Microsoft Url Search Hook] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 6066176 bytes | Modified Date = 12/6/2007 9:21:46 PM | Attr = ] HKEY_CURRENT_USER\: URLSearchHooks\\{EA756889-2338-43DB-8F07-D1CA6FB9C90D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 3.0\aoltb.dll [AOLTBSearch Class] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:05 PM | Attr = ] HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4190 domain(s) found. -> 33 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6535 domain(s) found. -> objects_aol.com [*] -> Out of zone range - ( 5 ) -> 38 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 11:02:04 AM | Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 1/28/2008 11:43:28 AM | Attr = ] {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar Launcher] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:05 PM | Attr = ] < Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {4D5C8C25-D075-11d0-B416-00C04FB90376} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shdocvw.dll [&Tip of the Day] -> Microsoft Corporation [Ver = 6.00.2900.2987 (xpsp.060901-0211) | Size = 1497088 bytes | Modified Date = 9/23/2006 1:12:50 PM | Attr = ] {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shdocvw.dll [Real.com] -> Microsoft Corporation [Ver = 6.00.2900.2987 (xpsp.060901-0211) | Size = 1497088 bytes | Modified Date = 9/23/2006 1:12:50 PM | Attr = ] < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shell32.dll [File Search Explorer Band] -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 10/25/2007 10:34:01 PM | Attr = ] {EFA24E64-B078-11D0-89E4-00C04FC9E26E} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shdocvw.dll [Explorer Band] -> Microsoft Corporation [Ver = 6.00.2900.2987 (xpsp.060901-0211) | Size = 1497088 bytes | Modified Date = 9/23/2006 1:12:50 PM | Attr = ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:05 PM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\browseui.dll [&Address] -> Microsoft Corporation [Ver = 6.00.2900.2995 (xpsp_sp2_gdr.060913-0010) | Size = 1022976 bytes | Modified Date = 9/14/2006 3:39:49 AM | Attr = ] ShellBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shell32.dll [&Links] -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 10/25/2007 10:34:01 PM | Attr = ] WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\browseui.dll [&Address] -> Microsoft Corporation [Ver = 6.00.2900.2995 (xpsp_sp2_gdr.060913-0010) | Size = 1022976 bytes | Modified Date = 9/14/2006 3:39:49 AM | Attr = ] WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shell32.dll [&Links] -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 10/25/2007 10:34:01 PM | Attr = ] WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> America Online, Inc. [Ver = 3.0.43.1 | Size = 585728 bytes | Modified Date = 11/30/2005 1:17:05 PM | Attr = ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}:BandCLSID -> %SystemRoot%\system32\shdocvw.dll [Real.com] -> Microsoft Corporation [Ver = 6.00.2900.2987 (xpsp.060901-0211) | Size = 1497088 bytes | Modified Date = 9/23/2006 1:12:50 PM | Attr = ] {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 11 | Size = 1554256 bytes | Modified Date = 1/28/2008 11:43:28 AM | Attr = ] {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 7:44:50 AM | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value does not exist or could not be read.] -> File not found CmdMapping\\{3369AF0D-62E9-4bda-8103-B4C75499B578} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shdocvw.dll [Real.com] -> Microsoft Corporation [Ver = 6.00.2900.2987 (xpsp.060901-0211) | Size = 1497088 bytes | Modified Date = 9/23/2006 1:12:50 PM | Attr = ] CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 7:44:50 AM | Attr = ] CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &AOL Toolbar Search -> %ProgramFiles%\aol\aol toolbar 3.0\resources\en-US\local\search.htm -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> Extension\.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 12:56:24 PM | Attr = ] < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {23EEF0CB-1FA5-44DB-B507-54FED837F497} -> (1394 Net Adapter) -> {4A8F70A4-C9BB-4007-9B6D-F42332B2ADDF} -> () -> {762FE9ED-5C86-4F1C-A872-2C3BFA6EF131} -> () -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] -> %SystemRoot%\system32\winrnr.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 16896 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000001 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000002 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000003 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000004 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000005 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000006 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000007 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000008 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000009 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000010 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000011 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000012 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000013 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000014 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000015 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000016 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000017 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000018 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000019 -> %SystemRoot%\system32\mswsock.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> about:{3050F406-98B5-11CF-BB82-00AA00BDCE0B} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mshtml.dll[Microsoft HTML About Pluggable Protocol] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 3592192 bytes | Modified Date = 12/8/2007 12:21:48 AM | Attr = ] cdl:{3dd53d40-7b8b-11D0-b013-00aa0059ce02} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[CDL: Asychronous Pluggable Protocol Handler] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] dvd:{12D51199-0DB5-46FE-A120-47A3D7D937CC} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\msvidctl.dll[DVD: Pluggable Protocol] -> Microsoft Corporation [Ver = 6.05.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1428480 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] file:{79eac9e7-baf9-11ce-8c82-00aa004ba90b} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[file:, local: Asychronous Pluggable Protocol Handler] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] ftp:{79eac9e3-baf9-11ce-8c82-00aa004ba90b} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[ftp: Asychronous Pluggable Protocol Handler] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] gopher:{79eac9e4-baf9-11ce-8c82-00aa004ba90b} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[gopher: Asychronous Pluggable Protocol Handler] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] http:{79eac9e2-baf9-11ce-8c82-00aa004ba90b} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[http: Asychronous Pluggable Protocol Handler] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] http\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\System\Ole DB\MSDAIPP.DLL[Microsoft OLE DB Moniker Binder for Internet Publishing] -> Microsoft Corporation [Ver = 8.103.5219.0 | Size = 532480 bytes | Modified Date = 5/24/2002 11:22:16 AM | Attr = ] http\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\System\Ole DB\MSDAIPP.DLL[MSDAIPP.BINDER] -> Microsoft Corporation [Ver = 8.103.5219.0 | Size = 532480 bytes | Modified Date = 5/24/2002 11:22:16 AM | Attr = ] https:{79eac9e5-baf9-11ce-8c82-00aa004ba90b} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[https: Asychronous Pluggable Protocol Handler] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] https\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\System\Ole DB\MSDAIPP.DLL[Microsoft OLE DB Moniker Binder for Internet Publishing] -> Microsoft Corporation [Ver = 8.103.5219.0 | Size = 532480 bytes | Modified Date = 5/24/2002 11:22:16 AM | Attr = ] https\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\System\Ole DB\MSDAIPP.DLL[MSDAIPP.BINDER] -> Microsoft Corporation [Ver = 8.103.5219.0 | Size = 532480 bytes | Modified Date = 5/24/2002 11:22:16 AM | Attr = ] ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\System\Ole DB\MSDAIPP.DLL[Microsoft OLE DB Moniker Binder for Internet Publishing] -> Microsoft Corporation [Ver = 8.103.5219.0 | Size = 532480 bytes | Modified Date = 5/24/2002 11:22:16 AM | Attr = ] its:{9D148291-B9C8-11D0-A4CC-0000F80149F6} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\itss.dll[Microsoft InfoTech Protocols for IE 4.0] -> Microsoft Corporation [Ver = 5.2.3790.2453 (srv03_sp1_gdr.050525-1542) | Size = 137216 bytes | Modified Date = 5/26/2005 9:04:27 PM | Attr = ] javascript:{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mshtml.dll[Microsoft HTML Javascript Pluggable Protocol] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 3592192 bytes | Modified Date = 12/8/2007 12:21:48 AM | Attr = ] local:{79eac9e7-baf9-11ce-8c82-00aa004ba90b} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[file:, local: Asychronous Pluggable Protocol Handler] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] mailto:{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mshtml.dll[Microsoft HTML Mailto Pluggable Protocol] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 3592192 bytes | Modified Date = 12/8/2007 12:21:48 AM | Attr = ] mhtml:{05300401-BCBC-11d0-85E3-00C04FD85AB4} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\inetcomm.dll[MHTML Asychronous Pluggable Protocol Handler] -> Microsoft Corporation [Ver = 6.00.2900.3198 (xpsp_sp2_gdr.070820-1448) | Size = 683520 bytes | Modified Date = 8/21/2007 1:15:44 AM | Attr = ] mk:{79eac9e6-baf9-11ce-8c82-00aa004ba90b} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[mk: Asychronous Pluggable Protocol Handler] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\System\Ole DB\MSDAIPP.DLL[Microsoft OLE DB Moniker Binder for Internet Publishing] -> Microsoft Corporation [Ver = 8.103.5219.0 | Size = 532480 bytes | Modified Date = 5/24/2002 11:22:16 AM | Attr = ] msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\System\Ole DB\MSDAIPP.DLL[MSDAIPP.BINDER] -> Microsoft Corporation [Ver = 8.103.5219.0 | Size = 532480 bytes | Modified Date = 5/24/2002 11:22:16 AM | Attr = ] ms-its:{9D148291-B9C8-11D0-A4CC-0000F80149F6} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\itss.dll[Microsoft InfoTech Protocols for IE 4.0] -> Microsoft Corporation [Ver = 5.2.3790.2453 (srv03_sp1_gdr.050525-1542) | Size = 137216 bytes | Modified Date = 5/26/2005 9:04:27 PM | Attr = ] res:{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mshtml.dll[Microsoft HTML Resource Pluggable Protocol] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 3592192 bytes | Modified Date = 12/8/2007 12:21:48 AM | Attr = ] skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 27, 1 | Size = 1828440 bytes | Modified Date = 6/8/2007 2:22:38 PM | Attr = R ] sysimage:{76E67A63-06E9-11D2-A840-006008059382} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mshtml.dll[Microsoft HTML Resource Pluggable Protocol] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 3592192 bytes | Modified Date = 12/8/2007 12:21:48 AM | Attr = ] tv:{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\msvidctl.dll[TV: Pluggable Protocol] -> Microsoft Corporation [Ver = 6.05.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1428480 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] vbscript:{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mshtml.dll[Microsoft HTML Javascript Pluggable Protocol] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 3592192 bytes | Modified Date = 12/8/2007 12:21:48 AM | Attr = ] wia:{13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\wiascr.dll[WiaProtocol Class] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 75776 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr = ] < Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> application/octet-stream:{1E66F26B-79EE-11D2-8710-00C04F79ED0D}[HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mscoree.dll[Cor MIME Filter, CorFltr, CorFltr 1] -> Microsoft Corporation [Ver = 2.0.50727.1433 (REDBITS.050727-1400) | Size = 282112 bytes | Modified Date = 10/24/2007 1:47:38 AM | Attr = ] application/x-complus:{1E66F26B-79EE-11D2-8710-00C04F79ED0D}[HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mscoree.dll[Cor MIME Filter, CorFltr, CorFltr 1] -> Microsoft Corporation [Ver = 2.0.50727.1433 (REDBITS.050727-1400) | Size = 282112 bytes | Modified Date = 10/24/2007 1:47:38 AM | Attr = ] application/x-msdownload:{1E66F26B-79EE-11D2-8710-00C04F79ED0D}[HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\mscoree.dll[Cor MIME Filter, CorFltr, CorFltr 1] -> Microsoft Corporation [Ver = 2.0.50727.1433 (REDBITS.050727-1400) | Size = 282112 bytes | Modified Date = 10/24/2007 1:47:38 AM | Attr = ] Class Install Handler:{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}[HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[AP Class Install Handler filter] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] deflate:{8f6b0360-b80d-11d0-a9b3-006097942311}[HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[AP encoding/decoding Filters] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] gzip:{8f6b0360-b80d-11d0-a9b3-006097942311}[HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[AP encoding/decoding Filters] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] lzdhtml:{8f6b0360-b80d-11d0-a9b3-006097942311}[HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\urlmon.dll[AP encoding/decoding Filters] -> Microsoft Corporation [Ver = 7.00.6000.16608 (vista_gdr.071204-1500) | Size = 1159680 bytes | Modified Date = 12/6/2007 9:21:48 PM | Attr = ] text/webviewhtml:{733AC4CB-F1A4-11d0-B951-00A0C90312E1}[HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\shell32.dll[WebView MIME Filter] -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 10/25/2007 10:34:01 PM | Attr = ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}[HKEY_LOCAL_MACHINE] -> http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab[CKAVWebScan Object] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[Shockwave Flash Object] -> [Files/Folders - Created Within 30 days] Combo-Fix -> %SystemDrive%\Combo-Fix -> [Folder | Created Date = 2/28/2008 9:04:59 PM | Attr = ] NVIDIA -> %SystemDrive%\NVIDIA -> [Folder | Created Date = 2/1/2008 6:28:59 PM | Attr = ] AmdK8.sys -> %SystemRoot%\System32\drivers\AmdK8.sys -> Advanced Micro Devices [Ver = 1.3.2 (dnsrv(wmbla).060701-2226) | Size = 36864 bytes | Modified Date = 7/1/2006 10:39:40 PM | Attr = ] ikfilesec.sys -> %SystemRoot%\System32\drivers\ikfilesec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1039 built by: WinDDK | Size = 42376 bytes | Modified Date = 2/1/2008 12:55:52 PM | Attr = ] iksysflt.sys -> %SystemRoot%\System32\drivers\iksysflt.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1029 | Size = 66952 bytes | Modified Date = 12/10/2007 2:53:28 PM | Attr = ] iksyssec.sys -> %SystemRoot%\System32\drivers\iksyssec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1031 | Size = 81288 bytes | Modified Date = 12/10/2007 2:53:28 PM | Attr = ] kcom.sys -> %SystemRoot%\System32\drivers\kcom.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1008 | Size = 29576 bytes | Modified Date = 12/10/2007 2:53:30 PM | Attr = ] rspsc32.sys -> %SystemRoot%\System32\drivers\rspsc32.sys -> Resplendence Software Projects Sp. [Ver = 3.01 built by: WinDDK | Size = 19248 bytes | Modified Date = 2/28/2008 9:01:53 AM | Attr = ] Kaspersky Lab -> %SystemRoot%\System32\Kaspersky Lab -> [Folder | Created Date = 2/25/2008 3:37:25 PM | Attr = ] mdelk.exe -> %SystemRoot%\System32\mdelk.exe -> [Ver = | Size = 58884 bytes | Modified Date = 3/1/2008 10:52:21 AM | Attr = ] nvapps.nvb -> %SystemRoot%\System32\nvapps.nvb -> [Ver = | Size = 159458 bytes | Modified Date = 12/10/2007 2:24:06 PM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 168207 bytes | Modified Date = 2/5/2008 9:37:27 PM | Attr = ] nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [Ver = | Size = 17737 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 1 , 1 , 0 | Size = 356352 bytes | Modified Date = 12/5/2007 1:41:00 AM | Attr = ] iun6002ev.exe -> %SystemRoot%\iun6002ev.exe -> Indigo Rose Corporation [Ver = 6.0.1.0 | Size = 720896 bytes | Modified Date = 2/10/2008 2:15:32 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Created Date = 2/1/2008 2:14:43 PM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 2/17/2008 9:14:24 PM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 2/29/2008 3:39:23 PM | Attr = H ] [Files/Folders - Modified Within 30 days] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 223 bytes | Modified Date = 2/11/2008 4:50:13 PM | Attr = RHS] Combo-Fix -> %SystemDrive%\Combo-Fix -> [Folder | Modified Date = 2/28/2008 9:05:00 PM | Attr = ] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 3/1/2008 10:22:53 AM | Attr = ] Fraps -> %SystemDrive%\Fraps -> [Folder | Modified Date = 2/10/2008 4:23:51 PM | Attr = ] NVIDIA -> %SystemDrive%\NVIDIA -> [Folder | Modified Date = 2/1/2008 6:28:59 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2/29/2008 2:56:01 PM | Attr = R ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 3/1/2008 10:47:56 AM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 3/1/2008 10:47:56 AM | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 232053 bytes | Modified Date = 2/16/2008 11:15:06 PM | Attr = R ] ikfilesec.sys -> %SystemRoot%\System32\drivers\ikfilesec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1039 built by: WinDDK | Size = 42376 bytes | Modified Date = 2/1/2008 12:55:52 PM | Attr = ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Modified Date = 2/26/2008 5:19:31 PM | Attr = ] rspsc32.sys -> %SystemRoot%\System32\drivers\rspsc32.sys -> Resplendence Software Projects Sp. [Ver = 3.01 built by: WinDDK | Size = 19248 bytes | Modified Date = 3/1/2008 10:54:03 AM | Attr = ] AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [Ver = | Size = 1688 bytes | Modified Date = 2/17/2008 10:31:02 AM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 2/18/2008 3:50:16 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 2/29/2008 5:28:32 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 2/19/2008 11:11:25 AM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2577 bytes | Modified Date = 2/17/2008 10:31:02 AM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 2/11/2008 4:50:13 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 2/12/2008 3:20:29 PM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 2/27/2008 6:40:46 PM | Attr = H ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 2/11/2008 4:50:38 PM | Attr = ] Kaspersky Lab -> %SystemRoot%\System32\Kaspersky Lab -> [Folder | Modified Date = 2/25/2008 3:37:25 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 2/17/2008 11:36:16 AM | Attr = ] mdelk.exe -> %SystemRoot%\System32\mdelk.exe -> [Ver = | Size = 58884 bytes | Modified Date = 3/1/2008 10:52:21 AM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 168207 bytes | Modified Date = 2/5/2008 9:37:27 PM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 63732 bytes | Modified Date = 2/27/2008 6:34:22 PM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 406658 bytes | Modified Date = 2/27/2008 6:34:22 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 477846 bytes | Modified Date = 2/27/2008 6:34:22 PM | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 107832 bytes | Modified Date = 2/26/2008 5:19:24 PM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 2/11/2008 4:50:41 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 2/7/2008 10:00:01 PM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 2/19/2008 11:11:14 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 13646 bytes | Modified Date = 3/1/2008 10:52:42 AM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2/12/2008 3:12:23 PM | Attr = H ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 2/3/2008 11:34:14 AM | Attr = R S] BlendSettings.ini -> %SystemRoot%\BlendSettings.ini -> [Ver = | Size = 23 bytes | Modified Date = 2/19/2008 8:06:40 PM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 3/1/2008 10:50:31 AM | Attr = S] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 2/17/2008 11:31:58 AM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2/25/2008 3:37:26 PM | Attr = S] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 2/1/2008 6:29:33 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2/25/2008 3:37:25 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/1/2008 10:22:53 AM | Attr = HS] iun6002ev.exe -> %SystemRoot%\iun6002ev.exe -> Indigo Rose Corporation [Ver = 6.0.1.0 | Size = 720896 bytes | Modified Date = 2/10/2008 2:15:32 PM | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 2/24/2008 2:05:42 PM | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 2/25/2008 9:58:45 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Modified Date = 2/1/2008 6:31:28 PM | Attr = ] popcinfo.dat -> %SystemRoot%\popcinfo.dat -> [Ver = | Size = 152 bytes | Modified Date = 2/28/2008 5:58:14 PM | Attr = ] popcinfot.dat -> %SystemRoot%\popcinfot.dat -> [Ver = | Size = 39 bytes | Modified Date = 2/28/2008 3:45:37 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 3/1/2008 10:52:28 AM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 2/17/2008 9:14:24 PM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 2/29/2008 3:39:23 PM | Attr = H ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2/19/2008 11:11:14 AM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 2/16/2008 11:03:35 PM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 3/1/2008 10:47:56 AM | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 3/1/2008 10:52:44 AM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 758 bytes | Modified Date = 2/29/2008 12:29:24 PM | Attr = ] WININIT.INI -> %SystemRoot%\WININIT.INI -> [Ver = | Size = 164 bytes | Modified Date = 2/1/2008 2:08:06 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 3/1/2008 10:50:32 AM | Attr = H ] SmartDefrag.job -> %SystemRoot%\tasks\SmartDefrag.job -> [Ver = | Size = 344 bytes | Modified Date = 2/24/2008 10:00:05 PM | Attr = ] hhcolreg.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [Ver = | Size = 1303 bytes | Modified Date = 5/12/2007 3:38:48 PM | Attr = ] < End of report > [/code]