[code] OTScanIt logfile created on: 4/8/2008 8:57:05 PM OTScanIt by OldTimer - Version 1.0.9.0 Folder = F:\Documents and Settings\Jonathan Moore\Desktop\OTScanIt Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): F:\pagefile.sys 2046 4092; %SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files Drive C: | 76.68 Gb Total Space | 37.23 Gb Free Space | 48.55% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 316.37 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive F: | 149.04 Gb Total Space | 90.14 Gb Free Space | 60.48% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NUMARK-905C9AD9 Current User Name: Jonathan Moore Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.2.0.21 | Size = 108648 bytes | Modified Date = 1/9/2007 5:59:00 PM | Attr = ] appsvc32.exe -> %CommonProgramFiles%\Symantec Shared\AppCore\AppSvc32.exe -> Symantec Corporation [Ver = 1.1.1.2 | Size = 47712 bytes | Modified Date = 1/4/2007 8:19:00 PM | Attr = ] smax4pnp.exe -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 6,0,6000,81 | Size = 868352 bytes | Modified Date = 12/18/2006 9:34:36 AM | Attr = R ] smax4.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 30 | Size = 729088 bytes | Modified Date = 7/13/2006 8:12:26 AM | Attr = ] ainap.exe -> %ProgramFiles%\ASUS\Ai Suite\AiNap\AiNap.exe -> [Ver = | Size = 1423360 bytes | Modified Date = 4/9/2007 3:49:00 PM | Attr = ] ccapp.exe -> %CommonProgramFiles%\Symantec Shared\ccApp.exe -> Symantec Corporation [Ver = 106.2.0.21 | Size = 115816 bytes | Modified Date = 1/9/2007 5:59:00 PM | Attr = ] ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 267048 bytes | Modified Date = 12/11/2007 1:10:26 PM | Attr = ] googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [Ver = | Size = 120320 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 1/12/2008 1:37:45 PM | Attr = ] rtwlan.exe -> %ProgramFiles%\ASUS WiFi-AP Solo\RtWLan.exe -> ASUSTek Computer Inc. [Ver = 6, 6, 16, 1 | Size = 987136 bytes | Modified Date = 6/16/2006 1:28:36 AM | Attr = ] wincinemamgr.exe -> %ProgramFiles%\InterVideo\Common\Bin\WinCinemaMgr.exe -> InterVideo Inc. [Ver = IVI_MAJOR_VERSION.IVI_MINOR_VERSION | Size = 303104 bytes | Modified Date = 6/6/2006 7:53:46 AM | Attr = ] applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 10/31/2007 3:09:16 PM | Attr = ] aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.2.0.68 | Size = 554352 bytes | Modified Date = 9/12/2007 7:27:24 PM | Attr = ] ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.2.0.21 | Size = 108648 bytes | Modified Date = 1/9/2007 5:59:00 PM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr = ] pnkbstra.exe -> %SystemRoot%\system32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 1/14/2008 1:18:33 AM | Attr = ] pnkbstrb.exe -> %SystemRoot%\system32\PnkBstrB.exe -> [Ver = | Size = 107832 bytes | Modified Date = 2/1/2008 12:47:07 AM | Attr = ] ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 12/11/2007 1:10:16 PM | Attr = ] googledesktopindex.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopIndex.exe -> [Ver = | Size = 382976 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] googledesktopcrawl.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopCrawl.exe -> [Ver = | Size = 129536 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [Ver = | Size = 1251720 bytes | Modified Date = 3/22/2008 1:58:17 PM | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.13: 2008031114 | Size = 7660656 bytes | Modified Date = 4/3/2008 12:36:55 AM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.9.0 | Size = 369152 bytes | Modified Date = 4/4/2008 12:24:38 PM | Attr = ] googledesktopoe.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopOE.exe -> [Ver = | Size = 57856 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 10/31/2007 3:09:16 PM | Attr = ] (Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.2.0.68 | Size = 554352 bytes | Modified Date = 9/12/2007 7:27:24 PM | Attr = ] (ccEvtMgr) Symantec Event Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.2.0.21 | Size = 108648 bytes | Modified Date = 1/9/2007 5:59:00 PM | Attr = ] (ccSetMgr) Symantec Settings Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.2.0.21 | Size = 108648 bytes | Modified Date = 1/9/2007 5:59:00 PM | Attr = ] (CLTNetCnService) Symantec Lic NetConnect service [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.2.0.21 | Size = 108648 bytes | Modified Date = 1/9/2007 5:59:00 PM | Attr = ] (comHost) COM Host [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\VAScanner\comHost.exe -> Symantec Corporation [Ver = 1.2.0.28 | Size = 49248 bytes | Modified Date = 1/12/2007 3:40:00 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 1/12/2008 1:37:42 PM | Attr = ] (iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 12/11/2007 1:10:16 PM | Attr = ] (ISPwdSvc) Symantec IS Password Validation [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\isPwdSvc.exe -> Symantec Corporation [Ver = 10.2.0.50 | Size = 80504 bytes | Modified Date = 1/13/2007 7:11:00 PM | Attr = ] (LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_2.EXE -> Symantec Corporation [Ver = 3.2.0.68 | Size = 2999664 bytes | Modified Date = 9/12/2007 7:27:24 PM | Attr = ] (LiveUpdate Notice Ex) LiveUpdate Notice Service Ex [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 106.2.0.21 | Size = 108648 bytes | Modified Date = 1/9/2007 5:59:00 PM | Attr = ] (LiveUpdate Notice Service) LiveUpdate Notice Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> Symantec Corporation [Ver = 1.4.5.83 | Size = 583048 bytes | Modified Date = 1/29/2008 5:38:31 PM | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 155716 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr = ] (PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 1/14/2008 1:18:33 AM | Attr = ] (PnkBstrB) PnkBstrB [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrB.exe -> [Ver = | Size = 107832 bytes | Modified Date = 2/1/2008 12:47:07 AM | Attr = ] (Symantec Core LC) Symantec Core LC [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [Ver = | Size = 1251720 bytes | Modified Date = 3/22/2008 1:58:17 PM | Attr = ] (SymAppCore) Symantec AppCore Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\AppCore\AppSvc32.exe -> Symantec Corporation [Ver = 1.1.1.2 | Size = 47712 bytes | Modified Date = 1/4/2007 8:19:00 PM | Attr = ] [Driver Services - Non-Microsoft Only] (ADIHdAudAddService) ADI UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ADIHdAud.sys -> Analog Devices, Inc. [Ver = 5.10.01.6110 built by: WinDDK | Size = 293888 bytes | Modified Date = 1/15/2007 9:09:06 PM | Attr = R ] (AEAudio) AE Audio Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aeaudio.sys -> Andrea Electronics Corporation [Ver = 4.2.32.5 | Size = 93952 bytes | Modified Date = 8/6/2006 6:57:30 PM | Attr = R ] (AegisP) AEGIS Protocol (IEEE 802.1x) v3.4.5.0 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.4.5.0 | Size = 21035 bytes | Modified Date = 1/10/2008 11:01:25 PM | Attr = ] (AlesisFirewire) Alesis Firewire [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\AlesisFirewire.sys -> Alesis [Ver = 3.0.0.56 | Size = 127488 bytes | Modified Date = 7/3/2007 12:49:22 PM | Attr = ] (AlesisFirewireAudio) Alesis Firewire Audio [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\AlesisFirewireAudio.sys -> Alesis [Ver = 3.0.0.56 | Size = 22528 bytes | Modified Date = 7/3/2007 12:33:56 PM | Attr = ] (AlesisFirewireMidi) Alesis Firewire MIDI [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\AlesisFirewireMidi.sys -> Alesis [Ver = 3.0.0.56 | Size = 23040 bytes | Modified Date = 7/3/2007 12:33:52 PM | Attr = ] (AsIO) AsIO [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AsIO.sys -> [Ver = | Size = 12664 bytes | Modified Date = 10/18/2006 3:12:16 PM | Attr = R ] (DELTA) Service for Delta Driver (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\delta.sys -> Midiman/M-Audio [Ver = 5.10.00.5057 | Size = 302336 bytes | Modified Date = 1/25/2007 12:12:22 PM | Attr = ] (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] (dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] (dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] (eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\eeCtrl.sys -> Symantec Corporation [Ver = 107.4.1.2 | Size = 385072 bytes | Modified Date = 1/18/2008 5:00:00 AM | Attr = ] (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> Symantec Corporation [Ver = 107.4.1.2 | Size = 109616 bytes | Modified Date = 1/22/2008 5:00:00 AM | Attr = ] (GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 9/19/2006 3:44:04 PM | Attr = ] (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Hdaudbus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5012 built by: WinDDK | Size = 138240 bytes | Modified Date = 10/27/2004 4:21:36 PM | Attr = ] (Iviaspi) IVI ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\iviaspi.sys -> InterVideo, Inc. [Ver = 1, 0, 0, 0 | Size = 10368 bytes | Modified Date = 9/20/2005 3:27:20 AM | Attr = ] (JGOGO) JMicron Hot-Plug Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\JGOGO.sys -> JMicron [Ver = 5.0.3790.1 | Size = 6912 bytes | Modified Date = 2/7/2006 7:52:58 AM | Attr = R ] (JRAID) JRAID [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\jraid.sys -> JMicron Technology Corp. [Ver = 1.17.14.03 built by: WinDDK | Size = 46208 bytes | Modified Date = 3/23/2007 11:20:24 PM | Attr = R ] (MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ASACPI.sys -> [Ver = 1043, 2, 15, 37 | Size = 5810 bytes | Modified Date = 8/13/2004 6:56:20 AM | Attr = R ] (NAVENG) NAVENG [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20080408.005\NAVENG.SYS -> Symantec Corporation [Ver = 20071.4.3.10 | Size = 82256 bytes | Modified Date = 3/18/2008 4:00:00 AM | Attr = ] (NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20080408.005\NAVEX15.SYS -> Symantec Corporation [Ver = 20071.4.3.10 | Size = 895408 bytes | Modified Date = 3/18/2008 4:00:00 AM | Attr = ] (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 7435392 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr = ] (oreans32) oreans32 [Kernel | System | Running] -> %SystemRoot%\system32\drivers\oreans32.sys -> [Ver = | Size = 33824 bytes | Modified Date = 1/20/2008 2:00:02 PM | Attr = ] (PnkBstrK) PnkBstrK [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Modified Date = 2/1/2008 12:48:17 AM | Attr = ] (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] (RDID1042) EDIROL PCR-1 WAVE [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Rdwm1042.sys -> Roland Corporation [Ver = 5, 0, 3, 0 | Size = 140001 bytes | Modified Date = 9/28/2006 12:53:36 AM | Attr = ] (RDID1043) EDIROL PCR-1 MIDI [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Rdwm1043.sys -> Roland Corporation [Ver = 5, 0, 3, 0 | Size = 80241 bytes | Modified Date = 9/28/2006 12:54:14 AM | Attr = ] (RTLWUSB) Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RTL8187.sys -> Realtek Semiconductor Corporation [Ver = 5.1230.0530.2006 built by: WinDDK | Size = 176128 bytes | Modified Date = 6/16/2006 3:30:16 AM | Attr = ] (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 11/13/2007 6:25:53 AM | Attr = ] (SenFiltService) SenFilt Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\senfilt.sys -> Sensaura [Ver = 5.10.00.3524 | Size = 392960 bytes | Modified Date = 3/17/2006 5:18:58 AM | Attr = R ] (SPBBCDrv) SPBBCDrv [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCDrv.sys -> Symantec Corporation [Ver = 3.3.1.3 | Size = 418104 bytes | Modified Date = 4/14/2007 2:49:32 AM | Attr = ] (SRTSP) SRTSP [File_System | System | Running] -> %SystemRoot%\system32\drivers\srtsp.sys -> Symantec Corporation [Ver = 10.2.2.5 | Size = 279088 bytes | Modified Date = 11/30/2007 11:57:12 PM | Attr = ] (SRTSPL) SRTSPL [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\srtspl.sys -> Symantec Corporation [Ver = 10.2.2.5 | Size = 317616 bytes | Modified Date = 11/30/2007 11:57:12 PM | Attr = ] (SRTSPX) SRTSPX [Kernel | System | Running] -> %SystemRoot%\system32\drivers\srtspx.sys -> Symantec Corporation [Ver = 10.2.2.5 | Size = 43696 bytes | Modified Date = 11/30/2007 11:57:12 PM | Attr = ] (SYMDNS) SYMDNS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symdns.sys -> Symantec Corporation [Ver = 7.2.0.14 | Size = 12984 bytes | Modified Date = 1/9/2007 10:32:00 AM | Attr = ] (SymEvent) SymEvent [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.5.2.1 | Size = 123952 bytes | Modified Date = 3/22/2008 1:59:17 PM | Attr = ] (SYMFW) SYMFW [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symfw.sys -> Symantec Corporation [Ver = 7.2.0.14 | Size = 145976 bytes | Modified Date = 1/9/2007 10:32:00 AM | Attr = ] (SYMIDS) SYMIDS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symids.sys -> Symantec Corporation [Ver = 7.2.0.14 | Size = 40120 bytes | Modified Date = 1/9/2007 10:32:00 AM | Attr = ] (SYMIDSCO) SYMIDSCO [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20080407.003\SymIDSCo.sys -> Symantec Corporation [Ver = 8.2.1.2 | Size = 240496 bytes | Modified Date = 2/13/2008 12:18:19 PM | Attr = ] (SYMNDIS) SYMNDIS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symndis.sys -> Symantec Corporation [Ver = 7.2.0.14 | Size = 35256 bytes | Modified Date = 1/9/2007 10:32:00 AM | Attr = ] (SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symredrv.sys -> Symantec Corporation [Ver = 7.2.0.14 | Size = 27576 bytes | Modified Date = 1/9/2007 10:32:00 AM | Attr = ] (SYMTDI) SYMTDI [Kernel | System | Running] -> %SystemRoot%\system32\drivers\symtdi.sys -> Symantec Corporation [Ver = 7.2.0.14 | Size = 191544 bytes | Modified Date = 1/9/2007 10:32:00 AM | Attr = ] (TPkd) TPkd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\TPkd.sys -> PACE Anti-Piracy, Inc. [Ver = 5.2.0.2208 | Size = 70048 bytes | Modified Date = 1/12/2005 6:31:12 PM | Attr = ] (USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaapl.sys -> Apple, Inc. [Ver = 1, 25, 0, 0 | Size = 30464 bytes | Modified Date = 10/31/2007 3:09:14 PM | Attr = ] (yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\yk51x86.sys -> Marvell [Ver = 8.56.4.3 built by: WinDDK | Size = 248832 bytes | Modified Date = 7/26/2006 9:56:00 AM | Attr = ] (SjyPkt) SjyPkt [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SjyPkt.sys -> Windows (R) 2000 DDK provider [Ver = 5.00.2195.1 | Size = 13532 bytes | Modified Date = 3/31/2006 5:39:54 AM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 36X Raid Configurer -> %SystemRoot%\system32\xRaidSetup.exe [F:\WINDOWS\system32\xRaidSetup.exe boot] -> JMicron Technology Corp. [Ver = 1.17.14.02 | Size = 1953792 bytes | Modified Date = 3/21/2007 4:23:08 AM | Attr = R ] Ai Nap -> %ProgramFiles%\ASUS\Ai Suite\AiNap\AiNap.exe ["F:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"] -> [Ver = | Size = 1423360 bytes | Modified Date = 4/9/2007 3:49:00 PM | Attr = ] ccApp -> %CommonProgramFiles%\Symantec Shared\ccApp.exe ["F:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> Symantec Corporation [Ver = 106.2.0.21 | Size = 115816 bytes | Modified Date = 1/9/2007 5:59:00 PM | Attr = ] iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe ["F:\Program Files\iTunes\iTunesHelper.exe"] -> Apple Inc. [Ver = 7.5.0.20 | Size = 267048 bytes | Modified Date = 12/11/2007 1:10:26 PM | Attr = ] JMB36X IDE Setup -> %SystemRoot%\RaidTool\xInsIDE.exe [F:\WINDOWS\RaidTool\xInsIDE.exe] -> [Ver = | Size = 36864 bytes | Modified Date = 3/20/2007 2:36:18 AM | Attr = R ] M-Audio Taskbar Icon -> %SystemRoot%\System32\M-AudioTaskBarIcon.exe [F:\WINDOWS\System32\M-AudioTaskBarIcon.exe] -> File not found NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 8523776 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr = ] NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll [RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.11.6921 | Size = 81920 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr = ] nwiz -> %SystemRoot%\system32\nwiz.exe [nwiz.exe /install] -> [Ver = | Size = 1626112 bytes | Modified Date = 12/5/2007 2:41:00 AM | Attr = ] osCheck -> %ProgramFiles%\Norton Internet Security\osCheck.exe ["F:\Program Files\Norton Internet Security\osCheck.exe"] -> Symantec Corporation [Ver = 10.2.0.50 | Size = 771704 bytes | Modified Date = 1/13/2007 7:11:00 PM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe ["F:\Program Files\QuickTime\QTTask.exe" -atboottime] -> Apple Inc. [Ver = 7.3.1 | Size = 286720 bytes | Modified Date = 12/11/2007 11:56:54 AM | Attr = ] SoundMAX -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4.exe ["F:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray] -> Analog Devices, Inc. [Ver = 5, 2, 0, 30 | Size = 729088 bytes | Modified Date = 7/13/2006 8:12:26 AM | Attr = ] SoundMAXPnP -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe [F:\Program Files\Analog Devices\Core\smax4pnp.exe] -> Analog Devices, Inc. [Ver = 6,0,6000,81 | Size = 868352 bytes | Modified Date = 12/18/2006 9:34:36 AM | Attr = R ] Symantec PIF AlertEng -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe ["F:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "F:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"] -> Symantec Corporation [Ver = 1.4.5.83 | Size = 583048 bytes | Modified Date = 1/29/2008 5:38:31 PM | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Google Desktop Search -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe ["F:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> [Ver = | Size = 120320 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 1/12/2008 1:37:45 PM | Attr = ] < Run [HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\] > -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Google Desktop Search -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe ["F:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> [Ver = | Size = 120320 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 1/12/2008 1:37:45 PM | Attr = ] < All Users Startup Folder > -> F:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 29696 bytes | Modified Date = 12/14/2004 5:44:06 AM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\ASUS WiFi-AP Solo.lnk -> %ProgramFiles%\ASUS WiFi-AP Solo\RtWLan.exe -> ASUSTek Computer Inc. [Ver = 6, 6, 16, 1 | Size = 987136 bytes | Modified Date = 6/16/2006 1:28:36 AM | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk -> %ProgramFiles%\InterVideo\Common\Bin\WinCinemaMgr.exe -> InterVideo Inc. [Ver = IVI_MAJOR_VERSION.IVI_MINOR_VERSION | Size = 303104 bytes | Modified Date = 6/6/2006 7:53:46 AM | Attr = ] < Default User Startup Folder > -> F:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Jonathan Moore Startup Folder > -> F:\Documents and Settings\Jonathan Moore\Start Menu\Programs\Startup -> < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003] > -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003] > -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < HOSTS File > (734 bytes) -> F:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> F:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Bar -> http://www.google.com/ie -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.yahoo.com/ -> HKEY_CURRENT_USER\: Search\\SearchAssistant -> http://www.google.com/ie -> HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/search?q=%s[gogl] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\] > -> -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\: Main\\Local Page -> F:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\: Main\\Search Bar -> http://www.google.com/ie -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\: Main\\Search Page -> http://www.google.com -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\: Main\\Start Page -> http://www.yahoo.com/ -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\: Search\\SearchAssistant -> http://www.google.com/ie -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\: SearchURL\\ -> http://www.google.com/search?q=%s[gogl] -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\] > -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\] > -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 63136 bytes | Modified Date = 12/14/2004 2:56:50 AM | Attr = ] {1E8A6170-7264-4D0F-BEAE-D42A53123C75} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Symantec Shared\coShared\Browser\1.5\NppBHO.dll [Reg Error: Value does not exist or could not be read.] -> Symantec Corporation [Ver = 2007.1.5.29 | Size = 96936 bytes | Modified Date = 1/11/2007 7:04:00 PM | Attr = R ] {38E4618F-E3E4-42E9-925F-6B02C798BD94} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\cndr32a.dll [FLW Viewer] -> [Ver = 2.4.0.0 | Size = 202752 bytes | Modified Date = 4/5/2008 3:21:01 PM | Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R ] {90222687-F593-4738-B738-FBEE9C7B26DF} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [Show Norton Toolbar] -> Symantec Corporation [Ver = 2007.1.5.29 | Size = 607888 bytes | Modified Date = 1/11/2007 7:05:00 PM | Attr = R ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R ] < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\] > -> HKEY_USERS\S-1-5-21-606747145-688789844-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/20/2007 12:55:32 AM | Attr = R ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> SV1 -> -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {C3AB83C1-CD52-44D6-B506-16F8C5EA385A} -> (1394 Net Adapter) -> {C869A57E-4C19-4D36-8656-A374BC09CFC9} -> (Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter) -> {F7D6F0F8-B41E-4823-BA23-CB352F2D6ECC} -> (Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller) -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> Protocol_Catalog9\Catalog_Entries\000000000001 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000002 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000003 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000004 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000005 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000006 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000007 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000008 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000009 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000010 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000011 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000012 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000013 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000014 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000015 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000016 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000017 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] Protocol_Catalog9\Catalog_Entries\000000000018 -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork1.dll -> [Ver = | Size = 9216 bytes | Modified Date = 1/11/2008 12:06:41 PM | Attr = ] < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ not found. -> -> [Registry - Additional Scans - Non-Microsoft Only] < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> AcroRd32.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AcroRd32.exe [F:\Program Files\Adobe\Acrobat 7.0\Reader\] -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 65536 bytes | Modified Date = 12/14/2004 5:44:30 AM | Attr = ] AiSuite.exe -> %ProgramFiles%\ASUS\Ai Suite\AiSuite.exe [F:\Program Files\ASUS\Ai Suite] -> [Ver = | Size = 3381760 bytes | Modified Date = 4/13/2007 10:53:44 PM | Attr = ] assistant.exe -> %ProgramFiles%\Marvell\VCT\assistant.exe [F:\Program Files\Marvell\VCT\;F:\Program Files\Marvell\VCT\Doc] -> [Ver = | Size = 2539520 bytes | Modified Date = 3/5/2004 1:55:12 PM | Attr = ] ccApp.exe -> %CommonProgramFiles%\Symantec Shared\ccApp.exe [F:\Program Files\Common Files\Symantec Shared\;] -> Symantec Corporation [Ver = 106.2.0.21 | Size = 115816 bytes | Modified Date = 1/9/2007 5:59:00 PM | Attr = ] cmmgr32.exe -> %SystemRoot%\system32\cmmgr32.exe [F:\WINDOWS\system32] -> File not found D: -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found DVDCopy.exe -> %ProgramFiles%\InterVideo\DVDCopy5\DVDCopy.exe [F:\Program Files\InterVideo\DVDCopy5] -> InterVideo Inc. [Ver = 5.0.4.24 | Size = 1478744 bytes | Modified Date = 6/6/2006 7:55:26 AM | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe [F:\Program Files\Mozilla Firefox] -> Mozilla Corporation [Ver = 1.8.1.13: 2008031114 | Size = 7660656 bytes | Modified Date = 4/3/2008 12:36:55 AM | Attr = ] HijackThis.exe -> %ProgramFiles%\Trend Micro\HijackThis\HijackThis.exe [F:\PROGRA~1\TRENDM~1\HIJACK~1] -> Trend Micro Inc. [Ver = 2.00.0002 | Size = 396288 bytes | Modified Date = 4/7/2008 3:49:51 PM | Attr = ] hypertrm.exe -> %ProgramFiles%\Windows NT\hypertrm.exe [Reg Error: Value Path does not exist or could not be read.] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 28160 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] install.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found iTunes.exe -> %ProgramFiles%\iTunes\iTunes.exe [Reg Error: Value Path does not exist or could not be read.] -> Apple Inc. [Ver = 7.5.0.20 | Size = 17152808 bytes | Modified Date = 12/11/2007 1:10:18 PM | Attr = ] LUALL.EXE -> %ProgramFiles%\Symantec\LiveUpdate\LUALL.EXE [F:\Program Files\Symantec\LiveUpdate] -> Symantec Corporation [Ver = 3.2.0.68 | Size = 1353072 bytes | Modified Date = 9/12/2007 7:27:24 PM | Attr = ] MCUI32.exe -> %CommonProgramFiles%\Symantec Shared\SecurityHistory\MCUI32.exe [F:\Program Files\Common Files\Symantec Shared\SecurityHistory\;F:\Program Files\Common Files\Symantec Shared\;] -> Symantec Corporation [Ver = 10.2.0.50 | Size = 706168 bytes | Modified Date = 1/13/2007 7:11:00 PM | Attr = ] mplayer2.exe -> %ProgramFiles%\Windows Media Player\mplayer2.exe ["F:\Program Files\Windows Media Player"] -> [Ver = | Size = 4639 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] msimn.exe -> [%ProgramFiles%\Outlook Express] -> File not found NAVStub.exe -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVStub.exe [F:\Program Files\Norton Internet Security\Norton AntiVirus\] -> Symantec Corporation [Ver = 14.2.0.29 | Size = 452208 bytes | Modified Date = 1/13/2007 9:09:00 PM | Attr = ] NAVW32.EXE -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\Navw32.exe [Reg Error: Value Path does not exist or could not be read.] -> Symantec Corporation [Ver = 14.2.0.29 | Size = 226928 bytes | Modified Date = 1/13/2007 9:09:00 PM | Attr = ] NAVWNT.EXE -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\Navwnt.exe [Reg Error: Value Path does not exist or could not be read.] -> Symantec Corporation [Ver = 14.2.0.29 | Size = 41072 bytes | Modified Date = 1/13/2007 9:09:00 PM | Attr = ] PictureViewer.exe -> %ProgramFiles%\QuickTime\PictureViewer.exe [F:\Program Files\QuickTime\] -> Apple Inc. [Ver = 7.3.1 | Size = 483328 bytes | Modified Date = 12/11/2007 11:56:42 AM | Attr = ] pinball.exe -> %ProgramFiles%\Windows NT\Pinball\PINBALL.EXE [F:\Program Files\Windows NT\Pinball] -> Cinematronics [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 281088 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] QuickTimePlayer.exe -> %ProgramFiles%\QuickTime\QuickTimePlayer.exe [F:\Program Files\QuickTime\] -> Apple Inc. [Ver = 7.3.1 | Size = 6948144 bytes | Modified Date = 12/11/2007 11:57:36 AM | Attr = ] setup.exe -> %ProgramFiles%\ASUS WiFi-AP Solo\setup.exe [F:\Program Files\ASUS WiFi-AP Solo] -> File not found smax4.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4.exe [F:\Program Files\Analog Devices\Core] -> Analog Devices, Inc. [Ver = 5, 2, 0, 30 | Size = 729088 bytes | Modified Date = 7/13/2006 8:12:26 AM | Attr = ] smax4pnp.exe -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe [F:\Program Files\Analog Devices\Core] -> Analog Devices, Inc. [Ver = 6,0,6000,81 | Size = 868352 bytes | Modified Date = 12/18/2006 9:34:36 AM | Attr = R ] smax4wiz.exe -> %ProgramFiles%\Analog Devices\SoundMAX\SMax4Wiz.exe [F:\Program Files\Analog Devices\Core] -> Analog Devices, Inc. [Ver = 6, 0, 0, 14 | Size = 925696 bytes | Modified Date = 6/22/2006 1:25:20 PM | Attr = ] SMaxCore -> %ProgramFiles%\Analog Devices\Core [F:\Program Files\Analog Devices\Core] -> [Folder | Modified Date = 1/10/2008 10:55:33 PM | Attr = ] smwdmif.dll -> %ProgramFiles%\Analog Devices\Core\smwdmif.dll [F:\Program Files\Analog Devices\Core] -> Analog Devices, Inc. [Ver = 6, 0, 6000, 003 | Size = 303104 bytes | Modified Date = 1/15/2007 9:16:00 PM | Attr = R ] SoundMAX -> %ProgramFiles%\Analog Devices\SoundMAX [F:\Program Files\Analog Devices\SoundMAX] -> [Folder | Modified Date = 1/10/2008 11:00:59 PM | Attr = ] table30.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found uiStub.exe -> %CommonProgramFiles%\Symantec Shared\NPC\UISTUB.EXE [F:\Program Files\Common Files\Symantec Shared\NPC\] -> Symantec Corporation [Ver = 2007.4.00.2 | Size = 445816 bytes | Modified Date = 7/6/2007 2:24:20 PM | Attr = ] Update.exe -> %ProgramFiles%\ASUS\ASUSUpdate\Update.exe [F:\Program Files\ASUS\ASUSUpdate] -> ASUSTek Computer Inc. [Ver = 7, 9, 0, 3 | Size = 1417216 bytes | Modified Date = 1/8/2007 10:45:10 AM | Attr = ] VCTWin.exe -> %ProgramFiles%\Marvell\VCT\VCTWin.exe [F:\Program Files\Marvell\VCT\;F:\Program Files\Marvell\VCT\Doc] -> Marvell [Ver = 2.13.2.3 | Size = 1994752 bytes | Modified Date = 8/4/2005 3:13:00 AM | Attr = ] wab.exe -> [%ProgramFiles%\Outlook Express] -> File not found wabmig.exe -> [%ProgramFiles%\Outlook Express] -> File not found winnt32.exe -> Reg Error: Value does not exist or could not be read. [Reg Error: Value Path does not exist or could not be read.] -> File not found WORDPAD.EXE -> [Reg Error: Value Path does not exist or could not be read.] -> File not found WRITE.EXE -> [Reg Error: Value Path does not exist or could not be read.] -> File not found < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 6/15/2005 1:49:30 PM | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 10:21:15 AM | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49152 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 932 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> F:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> F:\WINDOWS\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> F:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 2396 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> F:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> F:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> F:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\F:\Program Files\iTunes\iTunes.exe -> F:\Program Files\iTunes\iTunes.exe [F:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> Apple Inc. [Ver = 7.5.0.20 | Size = 17152808 bytes | Modified Date = 12/11/2007 1:10:18 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\F:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe -> F:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe [F:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2] -> [Ver = | Size = 8409716 bytes | Modified Date = 10/24/2007 4:32:04 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> F:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> F:\WINDOWS\system32\wuauserv.dll [F:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Description -> Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/26/2005 12:39:49 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DisplayName -> Remote Registry -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ImagePath -> F:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k LocalService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ObjectName -> NT AUTHORITY\LocalService -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Group -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\FailureActions -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\\ServiceDll -> F:\WINDOWS\system32\regsvc.dll [%SystemRoot%\system32\regsvc.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\0 -> Root\LEGACY_REMOTEREGISTRY\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Type -> 16 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 4 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ImagePath -> F:\WINDOWS\system32\tlntsvr.exe [F:\WINDOWS\system32\tlntsvr.exe] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73216 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DisplayName -> Telnet -> *DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnService -> RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/26/2005 12:39:49 AM | Attr = ] TCPIP -> -> File not found NTLMSSP -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Description -> Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ -> 0 -> [Key] -> 0 -> FriendlyName = My Current Home Page -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> [Files/Folders - Created Within 90 days] Cakewalk Projects -> %SystemDrive%\Cakewalk Projects -> [Folder | Created Date = 1/11/2008 7:15:55 PM | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 4/6/2008 11:30:03 PM | Attr = ] Intel -> %SystemDrive%\Intel -> [Folder | Created Date = 1/10/2008 10:46:39 PM | Attr = ] RaidTool -> %SystemDrive%\RaidTool -> [Folder | Created Date = 1/10/2008 10:59:44 PM | Attr = ] a3d.dll -> %SystemRoot%\System32\dllcache\a3d.dll -> Sensaura Ltd [Ver = 4.12.01.2009 | Size = 65536 bytes | Created Date = 1/10/2008 10:55:33 PM | Attr = ] jgdw400.dll -> %SystemRoot%\System32\dllcache\jgdw400.dll -> America Online [Ver = 106 | Size = 163840 bytes | Created Date = 1/11/2008 12:45:17 PM | Attr = ] jgpl400.dll -> %SystemRoot%\System32\dllcache\jgpl400.dll -> Johnson-Grace Company [Ver = 054 | Size = 27648 bytes | Created Date = 1/11/2008 12:45:17 PM | Attr = ] ADIHdAud.sys -> %SystemRoot%\System32\drivers\ADIHdAud.sys -> Analog Devices, Inc. [Ver = 5.10.01.6110 built by: WinDDK | Size = 293888 bytes | Created Date = 1/10/2008 10:55:31 PM | Attr = R ] aeaudio.sys -> %SystemRoot%\System32\drivers\aeaudio.sys -> Andrea Electronics Corporation [Ver = 4.2.32.5 | Size = 93952 bytes | Created Date = 1/10/2008 10:55:32 PM | Attr = R ] AegisP.sys -> %SystemRoot%\System32\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.4.5.0 | Size = 21035 bytes | Created Date = 1/10/2008 11:01:25 PM | Attr = ] AlesisFirewire -> %SystemRoot%\System32\drivers\AlesisFirewire -> [Folder | Created Date = 2/7/2008 9:40:43 PM | Attr = ] AlesisFirewire.sys -> %SystemRoot%\System32\drivers\AlesisFirewire.sys -> Alesis [Ver = 3.0.0.56 | Size = 127488 bytes | Created Date = 1/14/2008 7:24:15 PM | Attr = ] AlesisFirewireAudio.sys -> %SystemRoot%\System32\drivers\AlesisFirewireAudio.sys -> Alesis [Ver = 3.0.0.56 | Size = 22528 bytes | Created Date = 1/14/2008 7:24:15 PM | Attr = ] AlesisFirewireMidi.sys -> %SystemRoot%\System32\drivers\AlesisFirewireMidi.sys -> Alesis [Ver = 3.0.0.56 | Size = 23040 bytes | Created Date = 1/14/2008 7:24:15 PM | Attr = ] ASACPI.sys -> %SystemRoot%\System32\drivers\ASACPI.sys -> [Ver = 1043, 2, 15, 37 | Size = 5810 bytes | Created Date = 1/10/2008 10:37:41 PM | Attr = R ] AsInsHelp32.sys -> %SystemRoot%\System32\drivers\AsInsHelp32.sys -> [Ver = | Size = 10304 bytes | Created Date = 1/10/2008 11:16:06 PM | Attr = ] AsInsHelp64.sys -> %SystemRoot%\System32\drivers\AsInsHelp64.sys -> [Ver = | Size = 12096 bytes | Created Date = 1/10/2008 11:16:06 PM | Attr = ] AsIO.sys -> %SystemRoot%\System32\drivers\AsIO.sys -> [Ver = | Size = 12664 bytes | Created Date = 1/10/2008 11:16:08 PM | Attr = R ] ASUSHWIO.SYS -> %SystemRoot%\System32\drivers\ASUSHWIO.SYS -> [Ver = | Size = 10288 bytes | Created Date = 1/10/2008 10:37:27 PM | Attr = ] iLokDrvr.sys -> %SystemRoot%\System32\drivers\iLokDrvr.sys -> PACE Anti-Piracy, Inc. [Ver = 5.2.0.2208 | Size = 27264 bytes | Created Date = 2/7/2008 8:26:58 PM | Attr = ] INF -> %SystemRoot%\System32\drivers\INF -> [Folder | Created Date = 1/10/2008 10:47:26 PM | Attr = ] oem2.inf -> %SystemRoot%\System32\drivers\INF\oem2.inf -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem2.PNF -> %SystemRoot%\System32\drivers\INF\oem2.PNF -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem3.inf -> %SystemRoot%\System32\drivers\INF\oem3.inf -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem3.PNF -> %SystemRoot%\System32\drivers\INF\oem3.PNF -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem4.inf -> %SystemRoot%\System32\drivers\INF\oem4.inf -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem4.PNF -> %SystemRoot%\System32\drivers\INF\oem4.PNF -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem5.inf -> %SystemRoot%\System32\drivers\INF\oem5.inf -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem5.PNF -> %SystemRoot%\System32\drivers\INF\oem5.PNF -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem6.inf -> %SystemRoot%\System32\drivers\INF\oem6.inf -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem6.PNF -> %SystemRoot%\System32\drivers\INF\oem6.PNF -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem7.inf -> %SystemRoot%\System32\drivers\INF\oem7.inf -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] oem7.PNF -> %SystemRoot%\System32\drivers\INF\oem7.PNF -> [Ver = | Size = 0 bytes | Created Date = 1/10/2008 10:47:26 PM | Attr = H ] iviaspi.sys -> %SystemRoot%\System32\drivers\iviaspi.sys -> InterVideo, Inc. [Ver = 1, 0, 0, 0 | Size = 10368 bytes | Created Date = 1/11/2008 12:04:22 PM | Attr = ] JGOGO.sys -> %SystemRoot%\System32\drivers\JGOGO.sys -> JMicron [Ver = 5.0.3790.1 | Size = 6912 bytes | Created Date = 1/10/2008 10:59:42 PM | Attr = R ] jraid.sys -> %SystemRoot%\System32\drivers\jraid.sys -> JMicron Technology Corp. [Ver = 1.17.14.03 built by: WinDDK | Size = 46208 bytes | Created Date = 1/10/2008 10:59:42 PM | Attr = R ] oreans32.sys -> %SystemRoot%\System32\drivers\oreans32.sys -> [Ver = | Size = 33824 bytes | Created Date = 1/20/2008 2:00:02 PM | Attr = ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Created Date = 1/15/2008 2:01:04 AM | Attr = ] Rdwm1042.sys -> %SystemRoot%\System32\drivers\Rdwm1042.sys -> Roland Corporation [Ver = 5, 0, 3, 0 | Size = 140001 bytes | Created Date = 1/13/2008 2:28:44 AM | Attr = ] Rdwm1043.sys -> %SystemRoot%\System32\drivers\Rdwm1043.sys -> Roland Corporation [Ver = 5, 0, 3, 0 | Size = 80241 bytes | Created Date = 1/13/2008 2:28:44 AM | Attr = ] RTL8187.sys -> %SystemRoot%\System32\drivers\RTL8187.sys -> Realtek Semiconductor Corporation [Ver = 5.1230.0530.2006 built by: WinDDK | Size = 176128 bytes | Created Date = 1/10/2008 11:01:15 PM | Attr = ] senfilt.sys -> %SystemRoot%\System32\drivers\senfilt.sys -> Sensaura [Ver = 5.10.00.3524 | Size = 392960 bytes | Created Date = 1/10/2008 10:55:31 PM | Attr = R ] SjyPkt.sys -> %SystemRoot%\System32\drivers\SjyPkt.sys -> Windows (R) 2000 DDK provider [Ver = 5.00.2195.1 | Size = 13532 bytes | Created Date = 1/10/2008 11:01:13 PM | Attr = ] SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [Ver = | Size = 10740 bytes | Created Date = 1/11/2008 11:49:21 AM | Attr = ] SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [Ver = | Size = 805 bytes | Created Date = 1/11/2008 11:49:21 AM | Attr = ] SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.5.2.1 | Size = 123952 bytes | Created Date = 1/11/2008 11:49:21 AM | Attr = ] system32 -> %SystemRoot%\System32\drivers\system32 -> [Folder | Created Date = 1/10/2008 10:47:26 PM | Attr = ] DRIVERS -> %SystemRoot%\System32\drivers\system32\DRIVERS -> [Folder | Created Date = 1/10/2008 10:47:26 PM | Attr = ] TPkd.sys -> %SystemRoot%\System32\drivers\TPkd.sys -> PACE Anti-Piracy, Inc. [Ver = 5.2.0.2208 | Size = 70048 bytes | Created Date = 2/7/2008 8:26:58 PM | Attr = ] usbaapl.sys -> %SystemRoot%\System32\drivers\usbaapl.sys -> Apple, Inc. [Ver = 1, 25, 0, 0 | Size = 30464 bytes | Created Date = 1/11/2008 12:37:40 PM | Attr = ] a3d.dll -> %SystemRoot%\System32\a3d.dll -> Sensaura Ltd [Ver = 4.12.01.2009 | Size = 65536 bytes | Created Date = 1/10/2008 10:55:33 PM | Attr = R ] AC3ACM.acm -> %SystemRoot%\System32\AC3ACM.acm -> fccHandler [Ver = 0, 7, 0, 0 | Size = 81920 bytes | Created Date = 1/20/2008 1:59:03 PM | Attr = ] AlesisFirewireAsio.dll -> %SystemRoot%\System32\AlesisFirewireAsio.dll -> Alesis [Ver = 3.0.0.56 | Size = 106496 bytes | Created Date = 1/14/2008 7:24:15 PM | Attr = ] alf2cd.acm -> %SystemRoot%\System32\alf2cd.acm -> NCT Company [Ver = 2.03 | Size = 38912 bytes | Created Date = 1/20/2008 1:59:03 PM | Attr = ] appmgmt -> %SystemRoot%\System32\appmgmt -> [Folder | Created Date = 1/30/2008 7:17:45 PM | Attr = ] 1 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ArtFfct.dll -> %SystemRoot%\System32\ArtFfct.dll -> [Ver = 1, 0, 0, 1 | Size = 163840 bytes | Created Date = 1/26/2008 3:09:21 PM | Attr = ] AsIO.dll -> %SystemRoot%\System32\AsIO.dll -> [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Created Date = 1/10/2008 11:16:08 PM | Attr = R ] CleanUp.exe -> %SystemRoot%\System32\CleanUp.exe -> adi [Ver = 1, 0, 0, 2 | Size = 45056 bytes | Created Date = 1/10/2008 10:55:22 PM | Attr = ] coh.cache -> %SystemRoot%\System32\coh.cache -> [Ver = | Size = 16 bytes | Created Date = 1/11/2008 12:32:15 PM | Attr = ] divx.dll -> %SystemRoot%\System32\divx.dll -> DivXNetworks, Inc. [Ver = 5.0.5.830 | Size = 638976 bytes | Created Date = 1/20/2008 1:59:02 PM | Attr = ] divxdec.ax -> %SystemRoot%\System32\divxdec.ax -> DivXNetworks, Inc. [Ver = 5.0.5.830 | Size = 221215 bytes | Created Date = 1/20/2008 1:59:03 PM | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Created Date = 1/10/2008 10:46:52 PM | Attr = ] DSndUp.exe -> %SystemRoot%\System32\DSndUp.exe -> Analog Devices Inc. [Ver = 1, 0, 0, 16 | Size = 49152 bytes | Created Date = 1/10/2008 10:55:22 PM | Attr = ] ilinet.dll -> %SystemRoot%\System32\ilinet.dll -> PACE Anti-Piracy [Ver = 5.2.0.2208 | Size = 679936 bytes | Created Date = 2/7/2008 8:26:58 PM | Attr = ] iviaspi.sys -> %SystemRoot%\System32\iviaspi.sys -> InterVideo, Inc. [Ver = 1, 0, 0, 0 | Size = 10368 bytes | Created Date = 1/11/2008 12:04:14 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Created Date = 1/14/2008 1:18:34 AM | Attr = ] mcdvd_32.dll -> %SystemRoot%\System32\mcdvd_32.dll -> MainConcept [Ver = 2.0.4 | Size = 261632 bytes | Created Date = 1/20/2008 1:59:02 PM | Attr = ] PnkBstrA.exe -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Created Date = 1/14/2008 1:18:33 AM | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 107832 bytes | Created Date = 1/14/2008 1:18:45 AM | Attr = ] PostProc.dll -> %SystemRoot%\System32\PostProc.dll -> Analog Devices, Inc. [Ver = 6.00.01.1040 built by: WinDDK | Size = 28160 bytes | Created Date = 1/10/2008 10:55:33 PM | Attr = R ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Created Date = 1/11/2008 12:41:22 PM | Attr = ] qtmlClient.dll -> %SystemRoot%\System32\qtmlClient.dll -> [Ver = | Size = 217088 bytes | Created Date = 2/7/2008 8:24:51 PM | Attr = ] Rd3t1042.DAT -> %SystemRoot%\System32\Rd3t1042.DAT -> [Ver = | Size = 4088 bytes | Created Date = 1/13/2008 2:28:44 AM | Attr = ] rdas1042.dll -> %SystemRoot%\System32\rdas1042.dll -> Roland Corporation [Ver = 5, 0, 3, 0 | Size = 81920 bytes | Created Date = 1/13/2008 2:28:44 AM | Attr = ] RdCi1042.dll -> %SystemRoot%\System32\RdCi1042.dll -> [Ver = | Size = 31862 bytes | Created Date = 1/13/2008 2:28:44 AM | Attr = ] RDCP1042.CPL -> %SystemRoot%\System32\RDCP1042.CPL -> [Ver = | Size = 57344 bytes | Created Date = 1/13/2008 2:28:44 AM | Attr = ] RDDP1042.DAT -> %SystemRoot%\System32\RDDP1042.DAT -> Roland Corporation [Ver = 5, 0, 3, 0 | Size = 221184 bytes | Created Date = 1/13/2008 2:28:44 AM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Created Date = 1/10/2008 10:46:54 PM | Attr = ] ReWire.dll -> %SystemRoot%\System32\ReWire.dll -> Propellerhead Software AB [Ver = 1.7 | Size = 368640 bytes | Created Date = 1/11/2008 2:40:18 PM | Attr = ] REX Shared Library.dll -> %SystemRoot%\System32\REX Shared Library.dll -> Propellerhead Software AB [Ver = 1.6 | Size = 233472 bytes | Created Date = 1/11/2008 2:40:18 PM | Attr = ] S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> Symantec Corporation [Ver = 12.5.2.2 | Size = 60800 bytes | Created Date = 1/11/2008 11:49:21 AM | Attr = ] Scg726.acm -> %SystemRoot%\System32\Scg726.acm -> SHARP Corporation [Ver = 1, 0, 0, 3 | Size = 13239 bytes | Created Date = 1/20/2008 1:59:03 PM | Attr = ] SMMedia.dll -> %SystemRoot%\System32\SMMedia.dll -> Analog Devices [Ver = 1, 0, 0, 8 | Size = 1285632 bytes | Created Date = 1/10/2008 10:55:24 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Created Date = 1/10/2008 11:16:05 PM | Attr = ] vct3216.acm -> %SystemRoot%\System32\vct3216.acm -> Voxware, Inc. [Ver = 1.6.0.17 | Size = 82944 bytes | Created Date = 1/20/2008 1:59:03 PM | Attr = ] wdmioctl.dll -> %SystemRoot%\System32\wdmioctl.dll -> Analog Devices Inc. [Ver = 6, 0, 0, 0 | Size = 53248 bytes | Created Date = 1/10/2008 10:55:24 PM | Attr = ] wpa.bak -> %SystemRoot%\System32\wpa.bak -> [Ver = | Size = 2422 bytes | Created Date = 1/12/2008 1:59:46 PM | Attr = ] xRaidAPI.dll -> %SystemRoot%\System32\xRaidAPI.dll -> JMicron Technology Corp. [Ver = 1.17.14.02 | Size = 143360 bytes | Created Date = 1/10/2008 10:59:45 PM | Attr = R ] xRaidSetup.exe -> %SystemRoot%\System32\xRaidSetup.exe -> JMicron Technology Corp. [Ver = 1.17.14.02 | Size = 1953792 bytes | Created Date = 1/10/2008 10:59:44 PM | Attr = R ] xvid.ax -> %SystemRoot%\System32\xvid.ax -> [Ver = | Size = 53248 bytes | Created Date = 1/20/2008 1:59:03 PM | Attr = ] xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [Ver = | Size = 524288 bytes | Created Date = 1/20/2008 1:59:02 PM | Attr = ] xvidvfw.dll -> %SystemRoot%\System32\xvidvfw.dll -> [Ver = | Size = 139264 bytes | Created Date = 1/20/2008 1:59:02 PM | Attr = ] crlds3d.dll -> %SystemRoot%\System\crlds3d.dll -> Sensaura Ltd [Ver = 4.12.01.2002 | Size = 765952 bytes | Created Date = 1/10/2008 10:55:33 PM | Attr = R ] $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Created Date = 1/11/2008 11:47:40 AM | Attr = H ] 4 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> Ascd_log.ini -> %SystemRoot%\Ascd_log.ini -> [Ver = | Size = 19645 bytes | Created Date = 1/10/2008 10:46:11 PM | Attr = ] Ascd_tmp.ini -> %SystemRoot%\Ascd_tmp.ini -> [Ver = | Size = 13265 bytes | Created Date = 1/10/2008 10:37:41 PM | Attr = ] ASUSInstAll -> %SystemRoot%\ASUSInstAll -> [Folder | Created Date = 1/10/2008 10:52:36 PM | Attr = ] cndr32a.dll -> %SystemRoot%\cndr32a.dll -> [Ver = 2.4.0.0 | Size = 202752 bytes | Created Date = 4/5/2008 3:19:42 PM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 4/6/2008 11:30:41 PM | Attr = ] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Created Date = 2/15/2008 7:59:17 PM | Attr = HS] game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 287 bytes | Created Date = 2/15/2008 8:40:38 PM | Attr = ] LastGood -> %SystemRoot%\LastGood -> [Folder | Created Date = 4/8/2008 7:36:18 PM | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 1/15/2008 3:23:19 AM | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 2566 bytes | Created Date = 1/13/2008 2:15:00 AM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 1/12/2008 1:45:52 PM | Attr = ] OPTIONS -> %SystemRoot%\OPTIONS -> [Folder | Created Date = 1/10/2008 11:01:12 PM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 1/11/2008 12:39:02 PM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 1/11/2008 12:39:02 PM | Attr = H ] RaidTool -> %SystemRoot%\RaidTool -> [Folder | Created Date = 1/10/2008 10:59:41 PM | Attr = ] setup.iss -> %SystemRoot%\setup.iss -> [Ver = | Size = 666 bytes | Created Date = 1/10/2008 11:15:27 PM | Attr = ] unvise32.exe -> %SystemRoot%\unvise32.exe -> MindVision Software [Ver = 3.6.0 | Size = 90112 bytes | Created Date = 1/26/2008 3:14:04 PM | Attr = ] WMSysPr8.prx -> %SystemRoot%\WMSysPr8.prx -> [Ver = | Size = 156910 bytes | Created Date = 1/20/2008 1:59:02 PM | Attr = ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Created Date = 1/11/2008 12:37:56 PM | Attr = ] Norton Internet Security - Run Full System Scan - Jonathan Moore.job -> %SystemRoot%\tasks\Norton Internet Security - Run Full System Scan - Jonathan Moore.job -> [Ver = | Size = 640 bytes | Created Date = 1/11/2008 11:58:41 AM | Attr = ] [Files Created - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Application Data\Adobe -> [Folder | Created Date = 1/11/2008 12:12:07 PM | Attr = ] Apple -> %AllUsersProfile%\Application Data\Apple -> [Folder | Created Date = 1/11/2008 12:37:25 PM | Attr = ] Apple Computer -> %AllUsersProfile%\Application Data\Apple Computer -> [Folder | Created Date = 1/11/2008 12:38:11 PM | Attr = ] Cakewalk -> %AllUsersProfile%\Application Data\Cakewalk -> [Folder | Created Date = 1/11/2008 7:15:55 PM | Attr = ] Google -> %AllUsersProfile%\Application Data\Google -> [Folder | Created Date = 1/12/2008 1:37:50 PM | Attr = ] Identities -> %AllUsersProfile%\Application Data\Identities -> [Folder | Created Date = 1/11/2008 7:28:45 PM | Attr = ] PACE Anti-Piracy -> %AllUsersProfile%\Application Data\PACE Anti-Piracy -> [Folder | Created Date = 2/7/2008 8:26:31 PM | Attr = ] Propellerhead Software -> %AllUsersProfile%\Application Data\Propellerhead Software -> [Folder | Created Date = 1/11/2008 2:36:59 PM | Attr = ] Symantec -> %AllUsersProfile%\Application Data\Symantec -> [Folder | Created Date = 1/11/2008 11:49:08 AM | Attr = ] Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Created Date = 1/26/2008 2:51:30 PM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Created Date = 1/13/2008 2:15:03 AM | Attr = ] AdobeUM -> %AppData%\AdobeUM -> [Folder | Created Date = 1/30/2008 7:14:34 PM | Attr = ] Apple Computer -> %AppData%\Apple Computer -> [Folder | Created Date = 1/11/2008 12:39:03 PM | Attr = ] AVSDVDPlayer.m3u -> %AppData%\AVSDVDPlayer.m3u -> [Ver = | Size = 0 bytes | Created Date = 1/20/2008 2:01:24 PM | Attr = ] Cakewalk -> %AppData%\Cakewalk -> [Folder | Created Date = 1/11/2008 7:31:58 PM | Attr = ] Google -> %AppData%\Google -> [Folder | Created Date = 4/5/2008 3:19:43 PM | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Created Date = 1/11/2008 12:47:22 PM | Attr = ] Mozilla -> %AppData%\Mozilla -> [Folder | Created Date = 1/12/2008 1:45:48 PM | Attr = ] PACE Anti-Piracy -> %AppData%\PACE Anti-Piracy -> [Folder | Created Date = 2/7/2008 8:26:31 PM | Attr = ] Propellerhead Software -> %AppData%\Propellerhead Software -> [Folder | Created Date = 1/11/2008 2:36:58 PM | Attr = ] Talkback -> %AppData%\Talkback -> [Folder | Created Date = 1/12/2008 1:46:05 PM | Attr = ] Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [Folder | Created Date = 1/14/2008 7:26:53 PM | Attr = ] Apple -> %UserProfile%\Local Settings\Application Data\Apple -> [Folder | Created Date = 1/11/2008 12:37:55 PM | Attr = ] Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer -> [Folder | Created Date = 1/11/2008 12:36:31 PM | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 13824 bytes | Created Date = 1/11/2008 12:28:24 PM | Attr = ] Google -> %UserProfile%\Local Settings\Application Data\Google -> [Folder | Created Date = 1/11/2008 12:06:32 PM | Attr = ] Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [Folder | Created Date = 1/12/2008 1:45:48 PM | Attr = ] PACE Anti-Piracy -> %UserProfile%\Local Settings\Application Data\PACE Anti-Piracy -> [Folder | Created Date = 2/7/2008 8:26:31 PM | Attr = ] Battlefield 2142 -> %UserProfile%\My Documents\Battlefield 2142 -> [Folder | Created Date = 1/12/2008 2:15:08 PM | Attr = ] Cakewalk -> %UserProfile%\My Documents\Cakewalk -> [Folder | Created Date = 1/11/2008 7:32:18 PM | Attr = ] Adobe Reader 7.0.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 7.0.lnk -> [Ver = | Size = 1740 bytes | Created Date = 1/11/2008 12:12:12 PM | Attr = ] ASUS WiFi-AP Solo.lnk -> %AllUsersProfile%\Desktop\ASUS WiFi-AP Solo.lnk -> [Ver = | Size = 1543 bytes | Created Date = 1/10/2008 11:01:13 PM | Attr = ] AVS DVD Player.lnk -> %AllUsersProfile%\Desktop\AVS DVD Player.lnk -> [Ver = | Size = 908 bytes | Created Date = 1/20/2008 1:59:11 PM | Attr = ] Call of Duty(R) 2 Multiplayer.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 2 Multiplayer.lnk -> [Ver = | Size = 1563 bytes | Created Date = 2/15/2008 8:40:39 PM | Attr = ] Call of Duty(R) 2 Single Player.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 2 Single Player.lnk -> [Ver = | Size = 1563 bytes | Created Date = 2/15/2008 8:40:39 PM | Attr = ] InterVideo DVDCopy5.lnk -> %AllUsersProfile%\Desktop\InterVideo DVDCopy5.lnk -> [Ver = | Size = 1684 bytes | Created Date = 1/11/2008 12:04:16 PM | Attr = ] iTunes.lnk -> %AllUsersProfile%\Desktop\iTunes.lnk -> [Ver = | Size = 2137 bytes | Created Date = 1/11/2008 12:38:59 PM | Attr = ] Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [Ver = | Size = 1602 bytes | Created Date = 1/12/2008 1:45:08 PM | Attr = ] Norton Internet Security.lnk -> %AllUsersProfile%\Desktop\Norton Internet Security.lnk -> [Ver = | Size = 1946 bytes | Created Date = 1/11/2008 11:52:13 AM | Attr = ] QuickTime Player.lnk -> %AllUsersProfile%\Desktop\QuickTime Player.lnk -> [Ver = | Size = 1604 bytes | Created Date = 1/11/2008 12:38:31 PM | Attr = ] Reason.lnk -> %AllUsersProfile%\Desktop\Reason.lnk -> [Ver = | Size = 722 bytes | Created Date = 1/11/2008 2:36:44 PM | Attr = ] SONAR 7 Producer Edition.lnk -> %AllUsersProfile%\Desktop\SONAR 7 Producer Edition.lnk -> [Ver = | Size = 1819 bytes | Created Date = 1/11/2008 7:28:11 PM | Attr = ] Unlocksv1.20c.lnk -> %AllUsersProfile%\Desktop\Unlocksv1.20c.lnk -> [Ver = | Size = 1966 bytes | Created Date = 2/5/2008 10:31:11 PM | Attr = ] Alesis Direct Monitoring.lnk -> %UserProfile%\Desktop\Alesis Direct Monitoring.lnk -> [Ver = | Size = 1974 bytes | Created Date = 2/7/2008 9:40:45 PM | Attr = ] Alesis Firewire Control Panel.lnk -> %UserProfile%\Desktop\Alesis Firewire Control Panel.lnk -> [Ver = | Size = 2060 bytes | Created Date = 2/7/2008 9:40:45 PM | Attr = ] ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Created Date = 4/7/2008 4:07:03 PM | Attr = ] AW10 Info -> %UserProfile%\Desktop\AW10 Info -> [Folder | Created Date = 2/6/2008 10:16:45 PM | Attr = ] dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Created Date = 4/8/2008 7:39:04 PM | Attr = ] esl -> %UserProfile%\Desktop\esl -> [Folder | Created Date = 1/18/2008 10:23:53 PM | Attr = ] EWI test 1 Trumpet.rns -> %UserProfile%\Desktop\EWI test 1 Trumpet.rns -> [Ver = | Size = 105422 bytes | Created Date = 2/6/2008 11:22:24 PM | Attr = ] FixIEDef.exe -> %UserProfile%\Desktop\FixIEDef.exe -> [Ver = 1.3.10.3351 | Size = 472741 bytes | Created Date = 4/7/2008 2:00:54 PM | Attr = ] Google Desktop Search.lnk -> %UserProfile%\Desktop\Google Desktop Search.lnk -> [Ver = | Size = 963 bytes | Created Date = 1/11/2008 12:06:45 PM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Created Date = 4/7/2008 3:49:51 PM | Attr = ] HJTInstall.exe -> %UserProfile%\Desktop\HJTInstall.exe -> Trend Micro Inc. [Ver = 2.00.2 | Size = 812344 bytes | Created Date = 4/7/2008 2:36:28 PM | Attr = ] Librarian.lnk -> %UserProfile%\Desktop\Librarian.lnk -> [Ver = | Size = 787 bytes | Created Date = 1/10/2008 12:56:35 AM | Attr = ] MIDI Works -> %UserProfile%\Desktop\MIDI Works -> [Folder | Created Date = 1/13/2008 1:27:49 PM | Attr = ] NSMO -> %UserProfile%\Desktop\NSMO -> [Folder | Created Date = 1/11/2008 12:40:11 PM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 4/8/2008 8:54:23 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 540250 bytes | Created Date = 4/8/2008 8:53:36 PM | Attr = ] PC Probe II V1.04.19.lnk -> %UserProfile%\Desktop\PC Probe II V1.04.19.lnk -> [Ver = | Size = 1664 bytes | Created Date = 1/17/2008 7:24:30 PM | Attr = ] Premier beats -> %UserProfile%\Desktop\Premier beats -> [Folder | Created Date = 3/19/2008 7:18:28 PM | Attr = ] Reason Refills -> %UserProfile%\Desktop\Reason Refills -> [Folder | Created Date = 1/11/2008 6:12:50 PM | Attr = ] Recording Files -> %UserProfile%\Desktop\Recording Files -> [Folder | Created Date = 1/13/2008 1:35:47 PM | Attr = ] RegistryEasy.exe -> %UserProfile%\Desktop\RegistryEasy.exe -> RegistryEasy, Inc. [Ver = 4.2 | Size = 2524584 bytes | Created Date = 2/4/2008 11:40:48 PM | Attr = ] Sounds and Audio Devices.lnk -> %UserProfile%\Desktop\Sounds and Audio Devices.lnk -> [Ver = | Size = 301 bytes | Created Date = 2/5/2008 11:20:15 PM | Attr = ] Windows Media Player.lnk -> %UserProfile%\Desktop\Windows Media Player.lnk -> [Ver = | Size = 786 bytes | Created Date = 2/6/2008 10:19:12 PM | Attr = ] Adobe Reader Speed Launch.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> [Ver = | Size = 1757 bytes | Created Date = 1/11/2008 12:12:12 PM | Attr = ] ASUS WiFi-AP Solo.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\ASUS WiFi-AP Solo.lnk -> [Ver = | Size = 1385 bytes | Created Date = 1/10/2008 11:01:13 PM | Attr = ] InterVideo WinCinema Manager.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk -> [Ver = | Size = 1785 bytes | Created Date = 1/11/2008 12:04:16 PM | Attr = ] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Created Date = 1/11/2008 12:12:10 PM | Attr = ] Apple -> %CommonProgramFiles%\Apple -> [Folder | Created Date = 1/11/2008 12:37:26 PM | Attr = ] AVSMedia -> %CommonProgramFiles%\AVSMedia -> [Folder | Created Date = 1/20/2008 1:59:03 PM | Attr = ] Digidesign -> %CommonProgramFiles%\Digidesign -> [Folder | Created Date = 2/7/2008 8:24:20 PM | Attr = ] PACE Anti-Piracy -> %CommonProgramFiles%\PACE Anti-Piracy -> [Folder | Created Date = 2/7/2008 8:26:31 PM | Attr = ] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Created Date = 1/11/2008 11:48:21 AM | Attr = ] [Files/Folders - Modified Within 90 days] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 214 bytes | Modified Date = 4/7/2008 3:41:28 PM | Attr = HS] Cakewalk Projects -> %SystemDrive%\Cakewalk Projects -> [Folder | Modified Date = 2/9/2008 3:40:08 PM | Attr = ] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 4/6/2008 11:30:03 PM | Attr = ] Intel -> %SystemDrive%\Intel -> [Folder | Modified Date = 1/10/2008 10:46:39 PM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 4/7/2008 4:12:53 PM | Attr = R ] RaidTool -> %SystemDrive%\RaidTool -> [Folder | Modified Date = 1/10/2008 10:59:44 PM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 4/8/2008 7:36:38 PM | Attr = ] AegisP.sys -> %SystemRoot%\System32\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.4.5.0 | Size = 21035 bytes | Modified Date = 1/10/2008 11:01:25 PM | Attr = ] AlesisFirewire -> %SystemRoot%\System32\drivers\AlesisFirewire -> [Folder | Modified Date = 2/7/2008 9:40:43 PM | Attr = ] INF -> %SystemRoot%\System32\drivers\INF -> [Folder | Modified Date = 1/10/2008 10:47:26 PM | Attr = ] oem2.inf -> %SystemRoot%\System32\drivers\INF\oem2.inf -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:37:40 PM | Attr = H ] oem2.PNF -> %SystemRoot%\System32\drivers\INF\oem2.PNF -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:37:41 PM | Attr = H ] oem3.inf -> %SystemRoot%\System32\drivers\INF\oem3.inf -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:46:52 PM | Attr = H ] oem3.PNF -> %SystemRoot%\System32\drivers\INF\oem3.PNF -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:46:52 PM | Attr = H ] oem4.inf -> %SystemRoot%\System32\drivers\INF\oem4.inf -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:46:57 PM | Attr = H ] oem4.PNF -> %SystemRoot%\System32\drivers\INF\oem4.PNF -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:46:57 PM | Attr = H ] oem5.inf -> %SystemRoot%\System32\drivers\INF\oem5.inf -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:47:06 PM | Attr = H ] oem5.PNF -> %SystemRoot%\System32\drivers\INF\oem5.PNF -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:47:06 PM | Attr = H ] oem6.inf -> %SystemRoot%\System32\drivers\INF\oem6.inf -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:47:18 PM | Attr = H ] oem6.PNF -> %SystemRoot%\System32\drivers\INF\oem6.PNF -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:47:18 PM | Attr = H ] oem7.inf -> %SystemRoot%\System32\drivers\INF\oem7.inf -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:47:20 PM | Attr = H ] oem7.PNF -> %SystemRoot%\System32\drivers\INF\oem7.PNF -> [Ver = | Size = 0 bytes | Modified Date = 1/10/2008 10:47:20 PM | Attr = H ] oreans32.sys -> %SystemRoot%\System32\drivers\oreans32.sys -> [Ver = | Size = 33824 bytes | Modified Date = 1/20/2008 2:00:02 PM | Attr = ] PnkBstrK.sys -> %SystemRoot%\System32\drivers\PnkBstrK.sys -> [Ver = | Size = 22328 bytes | Modified Date = 2/1/2008 12:48:17 AM | Attr = ] SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [Ver = | Size = 10740 bytes | Modified Date = 3/22/2008 1:59:17 PM | Attr = ] SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [Ver = | Size = 805 bytes | Modified Date = 3/22/2008 1:59:17 PM | Attr = ] SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.5.2.1 | Size = 123952 bytes | Modified Date = 3/22/2008 1:59:17 PM | Attr = ] system32 -> %SystemRoot%\System32\drivers\system32 -> [Folder | Modified Date = 1/10/2008 10:47:26 PM | Attr = ] DRIVERS -> %SystemRoot%\System32\drivers\system32\DRIVERS -> [Folder | Modified Date = 1/10/2008 10:47:26 PM | Attr = ] appmgmt -> %SystemRoot%\System32\appmgmt -> [Folder | Modified Date = 1/30/2008 7:17:45 PM | Attr = ] 1 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 1/11/2008 7:18:04 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 4/8/2008 7:36:17 PM | Attr = ] coh.cache -> %SystemRoot%\System32\coh.cache -> [Ver = | Size = 16 bytes | Modified Date = 3/22/2008 2:03:17 PM | Attr = ] Com -> %SystemRoot%\System32\Com -> [Folder | Modified Date = 1/11/2008 6:03:33 PM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 1/12/2008 2:07:37 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 4/7/2008 12:16:51 AM | Attr = RHS] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 4/7/2008 4:16:57 PM | Attr = ] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 2/7/2008 9:40:44 PM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 93480 bytes | Modified Date = 1/26/2008 2:47:34 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 1/14/2008 1:18:34 AM | Attr = ] NtmsData -> %SystemRoot%\System32\NtmsData -> [Folder | Modified Date = 4/7/2008 4:03:21 PM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 40196 bytes | Modified Date = 3/15/2008 6:04:20 PM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 311934 bytes | Modified Date = 3/15/2008 6:04:20 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 356120 bytes | Modified Date = 3/15/2008 6:04:20 PM | Attr = ] PnkBstrA.exe -> %SystemRoot%\System32\PnkBstrA.exe -> [Ver = | Size = 66872 bytes | Modified Date = 1/14/2008 1:18:33 AM | Attr = ] PnkBstrB.exe -> %SystemRoot%\System32\PnkBstrB.exe -> [Ver = | Size = 107832 bytes | Modified Date = 2/1/2008 12:47:07 AM | Attr = ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Modified Date = 1/11/2008 12:41:22 PM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 2/7/2008 8:26:09 PM | Attr = ] ReWire.dll -> %SystemRoot%\System32\ReWire.dll -> Propellerhead Software AB [Ver = 1.7 | Size = 368640 bytes | Modified Date = 1/11/2008 2:40:18 PM | Attr = ] REX Shared Library.dll -> %SystemRoot%\System32\REX Shared Library.dll -> Propellerhead Software AB [Ver = 1.6 | Size = 233472 bytes | Modified Date = 1/11/2008 2:40:18 PM | Attr = ] S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> Symantec Corporation [Ver = 12.5.2.2 | Size = 60800 bytes | Modified Date = 3/22/2008 1:59:16 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Modified Date = 1/10/2008 11:16:05 PM | Attr = ] wpa.bak -> %SystemRoot%\System32\wpa.bak -> [Ver = | Size = 2422 bytes | Modified Date = 1/12/2008 1:59:46 PM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2422 bytes | Modified Date = 4/8/2008 7:34:37 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 4/8/2008 7:36:39 PM | Attr = H ] 4 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> $MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Modified Date = 1/11/2008 11:47:46 AM | Attr = H ] Ascd_log.ini -> %SystemRoot%\Ascd_log.ini -> [Ver = | Size = 19645 bytes | Modified Date = 1/10/2008 11:15:26 PM | Attr = ] Ascd_tmp.ini -> %SystemRoot%\Ascd_tmp.ini -> [Ver = | Size = 13265 bytes | Modified Date = 1/11/2008 12:10:50 PM | Attr = ] ASUSInstAll -> %SystemRoot%\ASUSInstAll -> [Folder | Modified Date = 1/10/2008 10:52:38 PM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 4/8/2008 7:33:57 PM | Attr = S] cndr32a.dll -> %SystemRoot%\cndr32a.dll -> [Ver = 2.4.0.0 | Size = 202752 bytes | Modified Date = 4/5/2008 3:21:01 PM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 1/14/2008 8:07:03 PM | Attr = ] ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 4/6/2008 11:30:41 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 1/20/2008 1:59:08 PM | Attr = R S] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Modified Date = 2/15/2008 7:59:17 PM | Attr = HS] game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 287 bytes | Modified Date = 2/15/2008 8:40:38 PM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 1/10/2008 11:16:44 PM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 2/12/2008 6:27:16 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 4/8/2008 7:37:07 PM | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 3/22/2008 2:12:27 PM | Attr = HS] LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 4/8/2008 7:36:18 PM | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 2/10/2008 3:39:11 PM | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 2566 bytes | Modified Date = 4/7/2008 4:12:53 PM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 1/11/2008 6:11:57 PM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 1/12/2008 1:45:52 PM | Attr = ] OPTIONS -> %SystemRoot%\OPTIONS -> [Folder | Modified Date = 1/10/2008 11:01:12 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 4/8/2008 8:54:39 PM | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 1/11/2008 12:39:15 PM | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 4/8/2008 7:34:12 PM | Attr = H ] RaidTool -> %SystemRoot%\RaidTool -> [Folder | Modified Date = 1/10/2008 10:59:47 PM | Attr = ] setup.iss -> %SystemRoot%\setup.iss -> [Ver = | Size = 666 bytes | Modified Date = 1/10/2008 11:16:23 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 1/10/2008 11:16:44 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 1/10/2008 10:55:33 PM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 4/5/2008 2:48:19 PM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 1/11/2008 12:37:56 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 4/8/2008 8:42:39 PM | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 1/11/2008 7:16:54 PM | Attr = ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 1/11/2008 12:37:56 PM | Attr = ] Norton Internet Security - Run Full System Scan - Jonathan Moore.job -> %SystemRoot%\tasks\Norton Internet Security - Run Full System Scan - Jonathan Moore.job -> [Ver = | Size = 640 bytes | Modified Date = 4/7/2008 8:13:23 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 4/8/2008 7:34:02 PM | Attr = H ] qmgr0.dat -> F:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4232 bytes | Modified Date = 4/8/2008 7:37:02 PM | Attr = ] qmgr1.dat -> F:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4617 bytes | Modified Date = 4/8/2008 7:37:02 PM | Attr = ] md5deep.exe -> F:\Documents and Settings\Jonathan Moore\Local Settings\Temp\~fuumrfd.tmp\md5deep.exe -> [Ver = | Size = 21504 bytes | Modified Date = 7/29/2007 10:23:07 PM | Attr = ] sed.exe -> F:\Documents and Settings\Jonathan Moore\Local Settings\Temp\~fuumrfd.tmp\sed.exe -> [Ver = | Size = 37376 bytes | Modified Date = 7/29/2007 10:23:07 PM | Attr = ] swreg.exe -> F:\Documents and Settings\Jonathan Moore\Local Settings\Temp\~fuumrfd.tmp\swreg.exe -> SteelWerX [Ver = 2.0.2.0 | Size = 119296 bytes | Modified Date = 7/29/2007 10:23:07 PM | Attr = ] dss.dll -> F:\Documents and Settings\Jonathan Moore\Local Settings\Temp\~fuumrfd.tmp\dss.dll -> [Ver = | Size = 37888 bytes | Modified Date = 10/14/2007 2:42:28 AM | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Application Data\Adobe -> [Folder | Modified Date = 1/11/2008 12:12:07 PM | Attr = ] Apple -> %AllUsersProfile%\Application Data\Apple -> [Folder | Modified Date = 1/11/2008 12:37:25 PM | Attr = ] Apple Computer -> %AllUsersProfile%\Application Data\Apple Computer -> [Folder | Modified Date = 1/11/2008 12:38:48 PM | Attr = ] Cakewalk -> %AllUsersProfile%\Application Data\Cakewalk -> [Folder | Modified Date = 1/11/2008 7:27:48 PM | Attr = ] Google -> %AllUsersProfile%\Application Data\Google -> [Folder | Modified Date = 1/12/2008 1:37:50 PM | Attr = ] Identities -> %AllUsersProfile%\Application Data\Identities -> [Folder | Modified Date = 1/11/2008 7:28:45 PM | Attr = ] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Modified Date = 4/7/2008 4:02:28 PM | Attr = S] PACE Anti-Piracy -> %AllUsersProfile%\Application Data\PACE Anti-Piracy -> [Folder | Modified Date = 2/7/2008 8:26:31 PM | Attr = ] Propellerhead Software -> %AllUsersProfile%\Application Data\Propellerhead Software -> [Folder | Modified Date = 1/11/2008 2:36:59 PM | Attr = ] Symantec -> %AllUsersProfile%\Application Data\Symantec -> [Folder | Modified Date = 4/5/2008 3:21:02 PM | Attr = ] Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 1/26/2008 2:51:30 PM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 1/14/2008 7:26:53 PM | Attr = ] AdobeUM -> %AppData%\AdobeUM -> [Folder | Modified Date = 1/30/2008 7:14:34 PM | Attr = ] Apple Computer -> %AppData%\Apple Computer -> [Folder | Modified Date = 1/11/2008 12:39:03 PM | Attr = ] AVSDVDPlayer.m3u -> %AppData%\AVSDVDPlayer.m3u -> [Ver = | Size = 0 bytes | Modified Date = 1/20/2008 2:01:24 PM | Attr = ] Cakewalk -> %AppData%\Cakewalk -> [Folder | Modified Date = 1/11/2008 7:32:18 PM | Attr = ] Google -> %AppData%\Google -> [Folder | Modified Date = 4/5/2008 3:19:56 PM | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Modified Date = 1/11/2008 12:47:22 PM | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Modified Date = 2/7/2008 9:40:47 PM | Attr = S] Mozilla -> %AppData%\Mozilla -> [Folder | Modified Date = 1/12/2008 1:45:48 PM | Attr = ] PACE Anti-Piracy -> %AppData%\PACE Anti-Piracy -> [Folder | Modified Date = 2/7/2008 8:26:31 PM | Attr = ] Propellerhead Software -> %AppData%\Propellerhead Software -> [Folder | Modified Date = 1/11/2008 2:41:23 PM | Attr = ] Talkback -> %AppData%\Talkback -> [Folder | Modified Date = 1/12/2008 1:46:05 PM | Attr = ] Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [Folder | Modified Date = 1/14/2008 7:27:04 PM | Attr = ] Apple -> %UserProfile%\Local Settings\Application Data\Apple -> [Folder | Modified Date = 1/11/2008 12:37:55 PM | Attr = ] Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer -> [Folder | Modified Date = 1/11/2008 12:39:03 PM | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 13824 bytes | Modified Date = 4/6/2008 11:31:07 PM | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 13496 bytes | Modified Date = 1/12/2008 6:01:32 PM | Attr = ] Google -> %UserProfile%\Local Settings\Application Data\Google -> [Folder | Modified Date = 4/5/2008 3:19:43 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 5853838 bytes | Modified Date = 1/12/2008 3:22:45 PM | Attr = H ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 4/7/2008 4:02:28 PM | Attr = ] Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [Folder | Modified Date = 1/12/2008 1:45:48 PM | Attr = ] PACE Anti-Piracy -> %UserProfile%\Local Settings\Application Data\PACE Anti-Piracy -> [Folder | Modified Date = 2/7/2008 8:26:31 PM | Attr = ] Battlefield 2142 -> %UserProfile%\My Documents\Battlefield 2142 -> [Folder | Modified Date = 1/13/2008 11:53:33 PM | Attr = ] Cakewalk -> %UserProfile%\My Documents\Cakewalk -> [Folder | Modified Date = 1/11/2008 7:32:18 PM | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 1/11/2008 2:26:41 PM | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 4/5/2008 2:58:53 PM | Attr = R ] Adobe Reader 7.0.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 7.0.lnk -> [Ver = | Size = 1740 bytes | Modified Date = 1/11/2008 12:12:12 PM | Attr = ] ASUS WiFi-AP Solo.lnk -> %AllUsersProfile%\Desktop\ASUS WiFi-AP Solo.lnk -> [Ver = | Size = 1543 bytes | Modified Date = 1/10/2008 11:01:13 PM | Attr = ] AVS DVD Player.lnk -> %AllUsersProfile%\Desktop\AVS DVD Player.lnk -> [Ver = | Size = 908 bytes | Modified Date = 1/20/2008 1:59:11 PM | Attr = ] Call of Duty(R) 2 Multiplayer.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 2 Multiplayer.lnk -> [Ver = | Size = 1563 bytes | Modified Date = 2/15/2008 8:40:39 PM | Attr = ] Call of Duty(R) 2 Single Player.lnk -> %AllUsersProfile%\Desktop\Call of Duty(R) 2 Single Player.lnk -> [Ver = | Size = 1563 bytes | Modified Date = 2/15/2008 8:40:39 PM | Attr = ] InterVideo DVDCopy5.lnk -> %AllUsersProfile%\Desktop\InterVideo DVDCopy5.lnk -> [Ver = | Size = 1684 bytes | Modified Date = 1/11/2008 12:04:16 PM | Attr = ] iTunes.lnk -> %AllUsersProfile%\Desktop\iTunes.lnk -> [Ver = | Size = 2137 bytes | Modified Date = 1/13/2008 1:13:21 AM | Attr = ] Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [Ver = | Size = 1602 bytes | Modified Date = 1/12/2008 1:45:08 PM | Attr = ] Norton Internet Security.lnk -> %AllUsersProfile%\Desktop\Norton Internet Security.lnk -> [Ver = | Size = 1946 bytes | Modified Date = 1/11/2008 11:52:13 AM | Attr = ] QuickTime Player.lnk -> %AllUsersProfile%\Desktop\QuickTime Player.lnk -> [Ver = | Size = 1604 bytes | Modified Date = 1/11/2008 12:38:31 PM | Attr = ] Reason.lnk -> %AllUsersProfile%\Desktop\Reason.lnk -> [Ver = | Size = 722 bytes | Modified Date = 1/11/2008 2:36:44 PM | Attr = ] SONAR 7 Producer Edition.lnk -> %AllUsersProfile%\Desktop\SONAR 7 Producer Edition.lnk -> [Ver = | Size = 1819 bytes | Modified Date = 1/11/2008 7:28:11 PM | Attr = ] Unlocksv1.20c.lnk -> %AllUsersProfile%\Desktop\Unlocksv1.20c.lnk -> [Ver = | Size = 1966 bytes | Modified Date = 2/5/2008 10:31:11 PM | Attr = ] Alesis Direct Monitoring.lnk -> %UserProfile%\Desktop\Alesis Direct Monitoring.lnk -> [Ver = | Size = 1974 bytes | Modified Date = 2/7/2008 9:40:45 PM | Attr = ] Alesis Firewire Control Panel.lnk -> %UserProfile%\Desktop\Alesis Firewire Control Panel.lnk -> [Ver = | Size = 2060 bytes | Modified Date = 2/7/2008 9:40:45 PM | Attr = ] ATF_Cleaner.exe -> %UserProfile%\Desktop\ATF_Cleaner.exe -> Atribune.org [Ver = 3.00.0002 | Size = 50688 bytes | Modified Date = 4/7/2008 4:07:01 PM | Attr = ] AW10 Info -> %UserProfile%\Desktop\AW10 Info -> [Folder | Modified Date = 2/6/2008 10:16:45 PM | Attr = ] dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Modified Date = 4/8/2008 7:38:20 PM | Attr = ] esl -> %UserProfile%\Desktop\esl -> [Folder | Modified Date = 1/18/2008 10:24:15 PM | Attr = ] EWI test 1 Trumpet.rns -> %UserProfile%\Desktop\EWI test 1 Trumpet.rns -> [Ver = | Size = 105422 bytes | Modified Date = 2/7/2008 5:00:56 PM | Attr = ] FixIEDef.exe -> %UserProfile%\Desktop\FixIEDef.exe -> [Ver = 1.3.10.3351 | Size = 472741 bytes | Modified Date = 4/7/2008 2:00:15 PM | Attr = ] Google Desktop Search.lnk -> %UserProfile%\Desktop\Google Desktop Search.lnk -> [Ver = | Size = 963 bytes | Modified Date = 1/11/2008 12:06:45 PM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1734 bytes | Modified Date = 4/7/2008 3:49:51 PM | Attr = ] HJTInstall.exe -> %UserProfile%\Desktop\HJTInstall.exe -> Trend Micro Inc. [Ver = 2.00.2 | Size = 812344 bytes | Modified Date = 4/7/2008 2:34:47 PM | Attr = ] Home PC stuff -> %UserProfile%\Desktop\Home PC stuff -> [Folder | Modified Date = 4/7/2008 2:23:24 PM | Attr = ] Librarian.lnk -> %UserProfile%\Desktop\Librarian.lnk -> [Ver = | Size = 787 bytes | Modified Date = 1/10/2008 12:56:35 AM | Attr = ] MIDI Works -> %UserProfile%\Desktop\MIDI Works -> [Folder | Modified Date = 1/13/2008 1:28:37 PM | Attr = ] Notepad.lnk -> %UserProfile%\Desktop\Notepad.lnk -> [Ver = | Size = 1519 bytes | Modified Date = 3/22/2008 8:10:50 PM | Attr = ] NSMO -> %UserProfile%\Desktop\NSMO -> [Folder | Modified Date = 2/15/2008 8:41:43 PM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 4/8/2008 8:54:23 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 540250 bytes | Modified Date = 4/8/2008 8:52:29 PM | Attr = ] PC Probe II V1.04.19.lnk -> %UserProfile%\Desktop\PC Probe II V1.04.19.lnk -> [Ver = | Size = 1664 bytes | Modified Date = 1/17/2008 7:24:30 PM | Attr = ] PlugIns -> %UserProfile%\Desktop\PlugIns -> [Folder | Modified Date = 1/16/2008 1:47:18 AM | Attr = ] Premier beats -> %UserProfile%\Desktop\Premier beats -> [Folder | Modified Date = 3/19/2008 8:50:44 PM | Attr = ] Reason Refills -> %UserProfile%\Desktop\Reason Refills -> [Folder | Modified Date = 1/11/2008 6:15:06 PM | Attr = ] Recording Files -> %UserProfile%\Desktop\Recording Files -> [Folder | Modified Date = 2/15/2008 8:42:15 PM | Attr = ] RegistryEasy.exe -> %UserProfile%\Desktop\RegistryEasy.exe -> RegistryEasy, Inc. [Ver = 4.2 | Size = 2524584 bytes | Modified Date = 2/4/2008 11:41:08 PM | Attr = ] Sounds and Audio Devices.lnk -> %UserProfile%\Desktop\Sounds and Audio Devices.lnk -> [Ver = | Size = 301 bytes | Modified Date = 2/5/2008 11:20:15 PM | Attr = ] Windows Media Player.lnk -> %UserProfile%\Desktop\Windows Media Player.lnk -> [Ver = | Size = 786 bytes | Modified Date = 2/6/2008 10:19:12 PM | Attr = ] Adobe Reader Speed Launch.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> [Ver = | Size = 1757 bytes | Modified Date = 1/11/2008 12:12:12 PM | Attr = ] ASUS WiFi-AP Solo.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\ASUS WiFi-AP Solo.lnk -> [Ver = | Size = 1385 bytes | Modified Date = 1/10/2008 11:01:13 PM | Attr = ] InterVideo WinCinema Manager.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk -> [Ver = | Size = 1785 bytes | Modified Date = 1/11/2008 12:04:16 PM | Attr = ] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 1/11/2008 12:12:10 PM | Attr = ] Apple -> %CommonProgramFiles%\Apple -> [Folder | Modified Date = 1/11/2008 12:37:26 PM | Attr = ] AVSMedia -> %CommonProgramFiles%\AVSMedia -> [Folder | Modified Date = 1/20/2008 1:59:25 PM | Attr = ] Digidesign -> %CommonProgramFiles%\Digidesign -> [Folder | Modified Date = 2/9/2008 3:30:39 PM | Attr = ] InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Modified Date = 1/10/2008 11:01:07 PM | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 1/11/2008 7:16:54 PM | Attr = ] PACE Anti-Piracy -> %CommonProgramFiles%\PACE Anti-Piracy -> [Folder | Modified Date = 2/7/2008 8:26:31 PM | Attr = ] Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 4/8/2008 7:41:27 PM | Attr = ] System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 1/11/2008 6:03:59 PM | Attr = ] [File - Lop Check: Additional Folder Scans - Non-Microsoft Only] F:\Documents and Settings\All Users\Application Data\ -> F:\Documents and Settings\All Users\Application Data -> [Folder | Modified Date = 2/7/2008 8:26:31 PM | Attr = RH ] Adobe -> F:\Documents and Settings\All Users\Application Data\Adobe -> [Folder | Modified Date = 1/11/2008 12:12:07 PM | Attr = ] Apple -> F:\Documents and Settings\All Users\Application Data\Apple -> [Folder | Modified Date = 1/11/2008 12:37:25 PM | Attr = ] Apple Computer -> F:\Documents and Settings\All Users\Application Data\Apple Computer -> [Folder | Modified Date = 1/11/2008 12:38:48 PM | Attr = ] Cakewalk -> F:\Documents and Settings\All Users\Application Data\Cakewalk -> [Folder | Modified Date = 1/11/2008 7:27:48 PM | Attr = ] Google -> F:\Documents and Settings\All Users\Application Data\Google -> [Folder | Modified Date = 1/12/2008 1:37:50 PM | Attr = ] Identities -> F:\Documents and Settings\All Users\Application Data\Identities -> [Folder | Modified Date = 1/11/2008 7:28:45 PM | Attr = ] Microsoft -> F:\Documents and Settings\All Users\Application Data\Microsoft -> [Folder | Modified Date = 4/7/2008 4:02:28 PM | Attr = S] PACE Anti-Piracy -> F:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy -> [Folder | Modified Date = 2/7/2008 8:26:31 PM | Attr = ] Propellerhead Software -> F:\Documents and Settings\All Users\Application Data\Propellerhead Software -> [Folder | Modified Date = 1/11/2008 2:36:59 PM | Attr = ] Symantec -> F:\Documents and Settings\All Users\Application Data\Symantec -> [Folder | Modified Date = 4/5/2008 3:21:02 PM | Attr = ] Windows Genuine Advantage -> F:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 1/26/2008 2:51:30 PM | Attr = ] F:\Documents and Settings\Default User\Application Data\ -> F:\Documents and Settings\Default User\Application Data -> [Folder | Modified Date = 1/11/2008 7:25:41 PM | Attr = RH ] Apple Computer -> F:\Documents and Settings\Default User\Application Data\Apple Computer -> [Folder | Modified Date = 1/11/2008 7:25:41 PM | Attr = ] Microsoft -> F:\Documents and Settings\Default User\Application Data\Microsoft -> [Folder | Modified Date = 1/9/2008 8:27:01 AM | Attr = S] F:\Documents and Settings\Jonathan Moore\Application Data\ -> F:\Documents and Settings\Jonathan Moore\Application Data -> [Folder | Modified Date = 4/5/2008 3:19:43 PM | Attr = RH ] Adobe -> F:\Documents and Settings\Jonathan Moore\Application Data\Adobe -> [Folder | Modified Date = 1/14/2008 7:26:53 PM | Attr = ] AdobeUM -> F:\Documents and Settings\Jonathan Moore\Application Data\AdobeUM -> [Folder | Modified Date = 1/30/2008 7:14:34 PM | Attr = ] Apple Computer -> F:\Documents and Settings\Jonathan Moore\Application Data\Apple Computer -> [Folder | Modified Date = 1/11/2008 12:39:03 PM | Attr = ] Cakewalk -> F:\Documents and Settings\Jonathan Moore\Application Data\Cakewalk -> [Folder | Modified Date = 1/11/2008 7:32:18 PM | Attr = ] Google -> F:\Documents and Settings\Jonathan Moore\Application Data\Google -> [Folder | Modified Date = 4/5/2008 3:19:56 PM | Attr = ] Identities -> F:\Documents and Settings\Jonathan Moore\Application Data\Identities -> [Folder | Modified Date = 1/9/2008 8:33:09 AM | Attr = ] Macromedia -> F:\Documents and Settings\Jonathan Moore\Application Data\Macromedia -> [Folder | Modified Date = 1/11/2008 12:47:22 PM | Attr = ] Microsoft -> F:\Documents and Settings\Jonathan Moore\Application Data\Microsoft -> [Folder | Modified Date = 2/7/2008 9:40:47 PM | Attr = S] Mozilla -> F:\Documents and Settings\Jonathan Moore\Application Data\Mozilla -> [Folder | Modified Date = 1/12/2008 1:45:48 PM | Attr = ] PACE Anti-Piracy -> F:\Documents and Settings\Jonathan Moore\Application Data\PACE Anti-Piracy -> [Folder | Modified Date = 2/7/2008 8:26:31 PM | Attr = ] Propellerhead Software -> F:\Documents and Settings\Jonathan Moore\Application Data\Propellerhead Software -> [Folder | Modified Date = 1/11/2008 2:41:23 PM | Attr = ] Talkback -> F:\Documents and Settings\Jonathan Moore\Application Data\Talkback -> [Folder | Modified Date = 1/12/2008 1:46:05 PM | Attr = ] F:\Documents and Settings\LocalService\Application Data\ -> F:\Documents and Settings\LocalService\Application Data -> [Folder | Modified Date = 1/9/2008 8:31:40 AM | Attr = ] Microsoft -> F:\Documents and Settings\LocalService\Application Data\Microsoft -> [Folder | Modified Date = 1/9/2008 8:31:40 AM | Attr = S] F:\Documents and Settings\NetworkService\Application Data\ -> F:\Documents and Settings\NetworkService\Application Data -> [Folder | Modified Date = 1/9/2008 8:31:11 AM | Attr = ] Microsoft -> F:\Documents and Settings\NetworkService\Application Data\Microsoft -> [Folder | Modified Date = 1/9/2008 8:31:11 AM | Attr = S] F:\WINDOWS\Tasks\ -> F:\WINDOWS\Tasks -> [Folder | Modified Date = 1/11/2008 12:37:56 PM | Attr = S] AppleSoftwareUpdate.job -> F:\WINDOWS\Tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 1/11/2008 12:37:56 PM | Attr = ] desktop.ini -> F:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 2/28/2006 8:00:00 AM | Attr = RH ] Norton Internet Security - Run Full System Scan - Jonathan Moore.job -> F:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Jonathan Moore.job -> [Ver = | Size = 640 bytes | Modified Date = 4/7/2008 8:13:23 PM | Attr = ] SA.DAT -> F:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 4/8/2008 7:34:02 PM | Attr = H ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]