[code] OTScanIt logfile created on: 6/25/2008 10:42:36 AM OTScanIt by OldTimer - Version 1.0.15.16 Folder = C:\Documents and Settings\Mine\Desktop\OTScanIt Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.72% Memory free 3.85 Gb Paging File | 3.32 Gb Available in Paging File | 86.26% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 232.88 Gb Total Space | 101.05 Gb Free Space | 43.39% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HARVEY Current User Name: Mine Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> Lavasoft [Ver = 7,1,0,12 | Size = 611664 bytes | Modified Date = 6/2/2008 12:26:46 PM | Attr = ] lexbces.exe -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 9.47 | Size = 311296 bytes | Modified Date = 4/17/2006 1:42:14 PM | Attr = ] lexpps.exe -> %SystemRoot%\system32\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 9.47 | Size = 174592 bytes | Modified Date = 4/17/2006 1:41:24 PM | Attr = ] mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 12:42:38 PM | Attr = ] mcmscsvc.exe -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> McAfee, Inc. [Ver = 8,1,159,0 | Size = 767976 bytes | Modified Date = 1/9/2008 4:50:22 PM | Attr = ] mcnasvc.exe -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 2,1,143,0 | Size = 2458128 bytes | Modified Date = 1/25/2008 1:38:12 AM | Attr = ] mcproxy.exe -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> McAfee, Inc. [Ver = 2,0,150,0 | Size = 359248 bytes | Modified Date = 8/15/2007 12:36:04 PM | Attr = ] mcshield.exe -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> McAfee, Inc. [Ver = VSCORE.14.0.0.349.x86 | Size = 144704 bytes | Modified Date = 7/24/2007 12:02:14 PM | Attr = ] mpfsrv.exe -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> McAfee, Inc. [Ver = 9.0.136.0 | Size = 856864 bytes | Modified Date = 7/18/2007 3:54:42 PM | Attr = ] ctsysvol.exe -> %ProgramFiles%\Creative\SBAudigy\Surround Mixer\CTSysVol.exe -> Creative Technology Ltd [Ver = 1.4.2.0 | Size = 57344 bytes | Modified Date = 2/15/2005 4:10:16 PM | Attr = ] mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc. [Ver = 8,0,237,0 | Size = 582992 bytes | Modified Date = 11/1/2007 7:12:38 PM | Attr = ] winampa.exe -> %ProgramFiles%\Winamp\winampa.exe -> [Ver = | Size = 36352 bytes | Modified Date = 4/1/2008 2:49:42 PM | Attr = ] acrotray.exe -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\acrotray.exe -> Adobe Systems Inc. [Ver = 8.1.0.2007051000 | Size = 624248 bytes | Modified Date = 5/10/2007 10:46:20 PM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 159812 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] lxczbmgr.exe -> %ProgramFiles%\Lexmark 1200 Series\lxczbmgr.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 7/13/2006 1:22:50 AM | Attr = ] pd91agent.exe -> %ProgramFiles%\Raxco\PerfectDisk2008\PD91Agent.exe -> Raxco Software, Inc. [Ver = 9, 0, 0, 52 | Size = 689416 bytes | Modified Date = 4/16/2008 1:00:10 PM | Attr = ] nmbgmonitor.exe -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe -> Nero AG [Ver = 2,0,16,0 | Size = 152872 bytes | Modified Date = 6/27/2007 7:03:40 PM | Attr = ] lxczbmon.exe -> %ProgramFiles%\Lexmark 1200 Series\lxczbmon.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 53248 bytes | Modified Date = 7/13/2006 1:33:14 AM | Attr = ] pg2.exe -> %ProgramFiles%\PeerGuardian2\pg2.exe -> Methlabs [Ver = 1, 0, 6, 4 | Size = 1421824 bytes | Modified Date = 9/18/2005 6:40:42 PM | Attr = ] rocketdock.exe -> %ProgramFiles%\RocketDock\RocketDock.exe -> [Ver = | Size = 495616 bytes | Modified Date = 9/2/2007 1:58:52 PM | Attr = ] qbcfmonitorservice.exe -> %CommonProgramFiles%\Intuit\QuickBooks\QBCFMonitorService.exe -> Intuit [Ver = 2.0.2804.16013 | Size = 20480 bytes | Modified Date = 9/5/2007 9:53:48 AM | Attr = ] nmindexingservice.exe -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 2,0,16,0 | Size = 279848 bytes | Modified Date = 6/27/2007 7:04:00 PM | Attr = ] fnplicensingservice.exe -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 654848 bytes | Modified Date = 6/10/2008 6:25:35 PM | Attr = ] nmindexstoresvr.exe -> %CommonProgramFiles%\Ahead\Lib\NMIndexStoreSvr.exe -> Nero AG [Ver = 2,0,16,0 | Size = 1213736 bytes | Modified Date = 6/27/2007 7:04:00 PM | Attr = ] mcsysmon.exe -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 12,1,111,0 | Size = 695624 bytes | Modified Date = 12/5/2007 10:04:10 AM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.15.16 | Size = 397312 bytes | Modified Date = 6/20/2008 1:47:40 PM | Attr = ] [Win32 Services - Non-Microsoft Only] (aawservice) Lavasoft Ad-Aware Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware\aawservice.exe -> Lavasoft [Ver = 7,1,0,12 | Size = 611664 bytes | Modified Date = 6/2/2008 12:26:46 PM | Attr = ] (Bonjour Service) ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 12:42:38 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/3/2004 9:56:50 PM | Attr = ] (FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 654848 bytes | Modified Date = 6/10/2008 6:25:35 PM | Attr = ] (LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 9.47 | Size = 311296 bytes | Modified Date = 4/17/2006 1:42:14 PM | Attr = ] (mcmscsvc) McAfee Services [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> McAfee, Inc. [Ver = 8,1,159,0 | Size = 767976 bytes | Modified Date = 1/9/2008 4:50:22 PM | Attr = ] (McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> McAfee, Inc. [Ver = 2,1,143,0 | Size = 2458128 bytes | Modified Date = 1/25/2008 1:38:12 AM | Attr = ] (McODS) McAfee Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> McAfee, Inc. [Ver = 12,0,172,0 | Size = 378184 bytes | Modified Date = 11/7/2007 9:35:40 AM | Attr = ] (McProxy) McAfee Proxy Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> McAfee, Inc. [Ver = 2,0,150,0 | Size = 359248 bytes | Modified Date = 8/15/2007 12:36:04 PM | Attr = ] (McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> %ProgramFiles%\McAfee\VirusScan\McShield.exe -> McAfee, Inc. [Ver = VSCORE.14.0.0.349.x86 | Size = 144704 bytes | Modified Date = 7/24/2007 12:02:14 PM | Attr = ] (McSysmon) McAfee SystemGuards [Win32_Own | On_Demand | Running] -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> McAfee, Inc. [Ver = 12,1,111,0 | Size = 695624 bytes | Modified Date = 12/5/2007 10:04:10 AM | Attr = ] (MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> McAfee, Inc. [Ver = 9.0.136.0 | Size = 856864 bytes | Modified Date = 7/18/2007 3:54:42 PM | Attr = ] (NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 10, 3, 2 | Size = 800040 bytes | Modified Date = 6/29/2007 7:16:56 PM | Attr = ] (NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> Nero AG [Ver = 2,0,16,0 | Size = 279848 bytes | Modified Date = 6/27/2007 7:04:00 PM | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 159812 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] (PD91Agent) PD91Agent [Win32_Own | Auto | Running] -> %ProgramFiles%\Raxco\PerfectDisk2008\PD91Agent.exe -> Raxco Software, Inc. [Ver = 9, 0, 0, 52 | Size = 689416 bytes | Modified Date = 4/16/2008 1:00:10 PM | Attr = ] (PD91Engine) PD91Engine [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Raxco\PerfectDisk2008\PD91Engine.exe -> Raxco Software, Inc. [Ver = 9, 0, 0, 52 | Size = 894216 bytes | Modified Date = 4/16/2008 1:00:12 PM | Attr = ] (QBCFMonitorService) QBCFMonitorService [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Intuit\QuickBooks\QBCFMonitorService.exe -> Intuit [Ver = 2.0.2804.16013 | Size = 20480 bytes | Modified Date = 9/5/2007 9:53:48 AM | Attr = ] (QBFCService) Intuit QuickBooks FCS [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -> Intuit Inc. [Ver = 1.2.0.5 | Size = 61440 bytes | Modified Date = 5/24/2007 7:08:44 AM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Acrobat Assistant 8.0 -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\acrotray.exe ["C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"] -> Adobe Systems Inc. [Ver = 8.1.0.2007051000 | Size = 624248 bytes | Modified Date = 5/10/2007 10:46:20 PM | Attr = ] BrStsWnd -> %ProgramFiles%\Brownie\BrStsWnd.exe [C:\Program Files\Brownie\BrstsWnd.exe Autorun] -> brother [Ver = 3, 4, 7, 1 | Size = 815104 bytes | Modified Date = 7/31/2007 8:37:34 PM | Attr = ] CTSysVol -> %ProgramFiles%\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r] -> Creative Technology Ltd [Ver = 1.4.2.0 | Size = 57344 bytes | Modified Date = 2/15/2005 4:10:16 PM | Attr = ] Lexmark 1200 Series -> %ProgramFiles%\Lexmark 1200 Series\lxczbmgr.exe ["C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"] -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 7/13/2006 1:22:50 AM | Attr = ] mcagent_exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe [C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey] -> McAfee, Inc. [Ver = 8,0,237,0 | Size = 582992 bytes | Modified Date = 11/1/2007 7:12:38 PM | Attr = ] NeroFilterCheck -> %CommonProgramFiles%\Ahead\Lib\NeroCheck.exe [C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe] -> Nero AG [Ver = 1, 0, 0, 6 | Size = 153136 bytes | Modified Date = 3/1/2007 3:57:24 PM | Attr = ] NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 13529088 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] NvMediaCenter -> %SystemRoot%\system32\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 86016 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nwiz -> %SystemRoot%\system32\nwiz.exe [nwiz.exe /install] -> [Ver = | Size = 1630208 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] P17Helper -> %SystemRoot%\system32\P17.dll [Rundll32 P17.dll,P17Helper] -> [Ver = 1.0.1.41 | Size = 64512 bytes | Modified Date = 5/2/2005 11:38:42 PM | Attr = R ] UpdReg -> %SystemRoot%\Updreg.EXE [C:\WINDOWS\UpdReg.EXE] -> Creative Technology Ltd. [Ver = 1.0.2 | Size = 90112 bytes | Modified Date = 5/11/2000 1:00:00 AM | Attr = ] WinampAgent -> %ProgramFiles%\Winamp\winampa.exe ["C:\Program Files\Winamp\winampa.exe"] -> [Ver = | Size = 36352 bytes | Modified Date = 4/1/2008 2:49:42 PM | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe ["C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"] -> Nero AG [Ver = 2,0,16,0 | Size = 152872 bytes | Modified Date = 6/27/2007 7:03:40 PM | Attr = ] igndlm.exe -> %ProgramFiles%\Download Manager\DLM.exe [C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork] -> IGN Entertainment [Ver = 2.3.6.108 | Size = 1103480 bytes | Modified Date = 3/5/2007 5:57:48 PM | Attr = ] PeerGuardian -> %ProgramFiles%\PeerGuardian2\pg2.exe [C:\Program Files\PeerGuardian2\pg2.exe] -> Methlabs [Ver = 1, 0, 6, 4 | Size = 1421824 bytes | Modified Date = 9/18/2005 6:40:42 PM | Attr = ] RocketDock -> %ProgramFiles%\RocketDock\RocketDock.exe ["C:\Program Files\RocketDock\RocketDock.exe"] -> [Ver = | Size = 495616 bytes | Modified Date = 9/2/2007 1:58:52 PM | Attr = ] uTorrent -> %ProgramFiles%\uTorrent\uTorrent.exe ["C:\Program Files\uTorrent\uTorrent.exe"] -> [Ver = | Size = 219952 bytes | Modified Date = 6/10/2008 2:10:35 PM | Attr = ] < Run [HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\] > -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} -> %CommonProgramFiles%\Ahead\Lib\NMBgMonitor.exe ["C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"] -> Nero AG [Ver = 2,0,16,0 | Size = 152872 bytes | Modified Date = 6/27/2007 7:03:40 PM | Attr = ] igndlm.exe -> %ProgramFiles%\Download Manager\DLM.exe [C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork] -> IGN Entertainment [Ver = 2.3.6.108 | Size = 1103480 bytes | Modified Date = 3/5/2007 5:57:48 PM | Attr = ] PeerGuardian -> %ProgramFiles%\PeerGuardian2\pg2.exe [C:\Program Files\PeerGuardian2\pg2.exe] -> Methlabs [Ver = 1, 0, 6, 4 | Size = 1421824 bytes | Modified Date = 9/18/2005 6:40:42 PM | Attr = ] RocketDock -> %ProgramFiles%\RocketDock\RocketDock.exe ["C:\Program Files\RocketDock\RocketDock.exe"] -> [Ver = | Size = 495616 bytes | Modified Date = 9/2/2007 1:58:52 PM | Attr = ] uTorrent -> %ProgramFiles%\uTorrent\uTorrent.exe ["C:\Program Files\uTorrent\uTorrent.exe"] -> [Ver = | Size = 219952 bytes | Modified Date = 6/10/2008 2:10:35 PM | Attr = ] < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk -> %CommonProgramFiles%\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> Intuit Inc. [Ver = 18.0 R1 | Size = 972064 bytes | Modified Date = 9/11/2007 8:38:44 AM | Attr = ] < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Mine Startup Folder > -> C:\Documents and Settings\Mine\Start Menu\Programs\Startup -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> wbsys.dll -> %SystemRoot%\system32\wbsys.dll -> Stardock.Net, Inc [Ver = 5, 5, 0, 0 | Size = 42672 bytes | Modified Date = 7/11/2007 3:06:58 PM | Attr = ] *MultiFile Done* -> -> < IFEO [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ -> Your Image File Name Here without a path -> [Debugger] -> File not found < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Stardock\MCPCore.dll [0aMCPClient] -> Stardock [Ver = 0, 0, 5, 4 | Size = 86016 bytes | Modified Date = 5/10/2005 1:31:20 PM | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002] > -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> dimsntfy -> -> File not found WBSrv -> %ProgramFiles%\Stardock\Object Desktop\WindowBlinds\WbSrv.dll -> Stardock Corporation [Ver = 6.0 | Size = 229376 bytes | Modified Date = 6/12/2008 5:48:11 AM | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktopCleanupWizard -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideRunAsVerb -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableRegistryTools -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLegacyLogonScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideLogoffScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunLogonScriptSync -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\RunStartupScriptSync -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\HideStartupScripts -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\\NoResolveTrack -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMHelp -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ClearRecentDocsOnExit -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStartBanner -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMConfigurePrograms -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\Shell\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMHelp -> 1 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack -> 1 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 1 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch -> 1 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ClearRecentDocsOnExit -> 1 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStartBanner -> 1 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMConfigurePrograms -> 1 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMHelp -> 1 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack -> 1 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 1 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch -> 1 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ClearRecentDocsOnExit -> 1 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStartBanner -> 1 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMConfigurePrograms -> 1 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMHelp -> 1 -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack -> 1 -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 1 -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch -> 1 -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ClearRecentDocsOnExit -> 1 -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStartBanner -> 1 -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMConfigurePrograms -> 1 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMHelp -> 1 -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack -> 1 -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 1 -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch -> 1 -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ClearRecentDocsOnExit -> 1 -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStartBanner -> 1 -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMConfigurePrograms -> 1 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002] > -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\\NoResolveTrack -> 1 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMHelp -> 1 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack -> 1 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch -> 1 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ClearRecentDocsOnExit -> 1 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStartBanner -> 1 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMConfigurePrograms -> 1 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LinkResolveIgnoreLinkInfo -> 0 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLegacyLogonScripts -> 0 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideLogoffScripts -> 0 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunLogonScriptSync -> 1 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\RunStartupScriptSync -> 0 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideStartupScripts -> 0 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\Shell\ -> -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> SCSI miniport -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 8/3/2004 7:59:54 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found TORiSAN CD-ROM CDR_C36 -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomSAMSUNG_CD-R/RW_SW-248F_________________R605____\5&ded6cc&0&0.0.0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> IDE\CdRomTSSTcorp_CDDVDW_SH-S202H________________SB00____\5&ded6cc&0&0.1.0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\2 -> SCSI\CdRom&Ven_AXV&Prod_CD/DVD-ROM&Rev_2.2a\2&20c8176e&0&000 -> < Drives - Autoruns > -> -> AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 0 bytes | Modified Date = 6/10/2008 7:19:40 AM | Attr = ] < HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.com/ -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> HKEY_CURRENT_USER\: ProxyOverride -> *.local -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: Main\\Start Page -> http://www.google.com/ -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: Main\\Start Page -> http://www.google.com/ -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\] > -> -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\: Main\\Start Page -> http://www.google.com/ -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\: ProxyEnable -> 0 -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\: ProxyOverride -> *.local -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 8 domain(s) found. -> 8 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\] > -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 8 domain(s) found. -> 8 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\] > -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 11:08:42 PM | Attr = ] {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> McAfee, Inc. [Ver = VSCORE.14.0.0.366.x86 | Size = 58688 bytes | Modified Date = 11/9/2007 12:09:08 PM | Attr = ] {AE7CD045-E861-484f-8273-0445EE161910} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF Conversion Toolbar Helper] -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Append to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert link target to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert link target to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert selected links to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert selected links to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert selection to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert selection to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\] > -> HKEY_USERS\S-1-5-21-507921405-179605362-839522115-1002\Software\Microsoft\Internet Explorer\MenuExt\ -> Append to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert link target to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert link target to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert selected links to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert selected links to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert selection to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert selection to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] Convert to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 5/10/2007 10:47:03 PM | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {8D62BD6D-5E6F-49EA-9285-06F05CFB2E61} -> (VIA Compatable Fast Ethernet Adapter) -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 94208 bytes | Modified Date = 2/28/2006 12:42:30 PM | Attr = ] < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> intu-help-qb1:{9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Intuit\QuickBooks Enterprise Solutions 8.0\HelpAsyncPluggableProtocol.dll[Intuit Help System Async Pluggable Protocol (v1) for QuickBooks] -> TODO: [Ver = 1.0.0.1 | Size = 70944 bytes | Modified Date = 9/11/2007 8:38:02 AM | Attr = ] msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0EC4C9E3-EC6A-11CF-8E3B-444553540000}[HKEY_LOCAL_MACHINE] -> file:///G:/setup/RiffLick.cab[WaveTab Control] -> {39B0684F-D7BF-4743-B050-FDC3F48F7E3B}[HKEY_LOCAL_MACHINE] -> http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab[CDownloadCtrl Object] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/DLMControl.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/DLMControl.dll\\.Owner -> {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/DLMControl.dll\\{39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sysreqlab3.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sysreqlab3.dll\\.Owner -> {1E54D648-B804-468d-BC78-4AFFED8E262E} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sysreqlab3.dll\\{1E54D648-B804-468d-BC78-4AFFED8E262E} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/wavetab.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/wavetab.ocx\\.Owner -> {0EC4C9E3-EC6A-11CF-8E3B-444553540000} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/wavetab.ocx\\{0EC4C9E3-EC6A-11CF-8E3B-444553540000} -> -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/3/2004 9:56:44 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> 0 [binary data] -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.3087 (xpsp_sp2_qfe.070219-2253) | Size = 299008 bytes | Modified Date = 4/15/2007 7:22:15 PM | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/3/2004 9:56:44 PM | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 10:21:15 AM | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.3027 (xpsp_sp2_qfe.061105-2318) | Size = 49152 bytes | Modified Date = 4/15/2007 7:23:44 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 800 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/3/2004 9:56:46 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\enabledcom -> y -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> %SystemRoot%\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/3/2004 9:56:46 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> 8A DD F4 C5 BC 75 6A 9E 09 9F 44 D5 70 AF EF C2 37 33 65 62 34 66 32 33 00 FD 07 00 D9 57 00 00 34 FA 07 00 76 92 7C 75 20 FA 07 00 40 FD 07 00 4C FD 07 00 D7 94 F7 DB 65 75 EB 6F 00 71 72 73 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> 8C B0 EB 59 31 54 7F 7A E1 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> C6 E0 2E 7A 41 E9 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> %SystemRoot%\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 8/23/2001 10:00:00 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> F4 0B AC 60 8B EE AA DC 8A 41 0E 33 31 AC 5E B3 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> 64 89 1C D1 51 D6 C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> 00 5D CA C5 13 9E C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> 00 96 E1 4A C6 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> 00 11 8F CA 13 9E C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe [%SystemRoot%\System32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/3/2004 9:56:58 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 11484 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/3/2004 9:56:44 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\DoNotAllowExceptions -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\DisableNotifications -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\DisableUnicastResponsesToMulticastBroadcast -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 4/15/2007 7:23:54 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/3/2004 9:56:58 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System\\SearchIndexer-1 -> V2.0|Action=Block|Dir=In|App=%SystemRoot%\system32\SearchIndexer.exe|Svc=WSearch|Name=Block all inbound traffic to SearchIndexer| -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System\\SearchIndexer-2 -> V2.0|Action=Block|Dir=Out|App=%SystemRoot%\system32\SearchIndexer.exe|Svc=WSearch|Name=Block all outbound traffic from SearchIndexer| -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System\\SearchFilterHost-1 -> V2.0|Action=Block|Dir=In|App=%SystemRoot%\system32\SearchFilterHost.exe|Name=Block all inbound traffic to SearchFilterHost| -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System\\SearchFilterHost-2 -> V2.0|Action=Block|Dir=Out|App=%SystemRoot%\system32\SearchFilterHost.exe|Name=Block all outbound traffic from SearchFilterHost| -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableUnicastResponsesToMulticastBroadcast -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 4/15/2007 7:23:54 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/3/2004 9:56:58 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> %ProgramFiles%\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> Microsoft Corporation [Ver = 12.0.6300.5000 | Size = 12829216 bytes | Modified Date = 12/12/2007 11:56:18 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\GROOVE.EXE -> %ProgramFiles%\Microsoft Office\Office12\GROOVE.EXE [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove] -> Microsoft Corporation [Ver = 12.0.4518.1014 | Size = 338216 bytes | Modified Date = 10/27/2006 3:37:44 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE -> %ProgramFiles%\Microsoft Office\Office12\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> Microsoft Corporation [Ver = 12.0.4518.1014 | Size = 1018664 bytes | Modified Date = 10/27/2006 3:03:04 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent.exe -> %ProgramFiles%\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [Ver = | Size = 219952 bytes | Modified Date = 6/10/2008 2:10:35 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Bonjour\mDNSResponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 12:42:38 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Intuit\QuickBooks Enterprise Solutions 8.0\QBDBMgrN.exe -> %ProgramFiles%\Intuit\QuickBooks Enterprise Solutions 8.0\QBDBMgrN.exe [C:\Program Files\Intuit\QuickBooks Enterprise Solutions 8.0\QBDBMgrN.exe:*:Enabled:QuickBooks Enterprise 8.0 Data Manager] -> iAnywhere Solutions, Inc. [Ver = 9.0.2.3267 | Size = 128536 bytes | Modified Date = 9/13/2006 10:32:12 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> [Files/Folders - Created Within 90 days] AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Created Date = 6/10/2008 7:19:40 AM | Attr = ] bar.emf -> %SystemDrive%\bar.emf -> [Ver = | Size = 1912 bytes | Created Date = 6/11/2008 2:01:03 PM | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Created Date = 6/10/2008 3:08:01 AM | Attr = HS] CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Created Date = 6/10/2008 7:19:40 AM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Created Date = 6/10/2008 3:08:38 AM | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Created Date = 6/10/2008 7:19:40 AM | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Created Date = 6/10/2008 7:19:40 AM | Attr = RHS] MSOCache -> %SystemDrive%\MSOCache -> [Folder | Created Date = 6/10/2008 6:44:46 PM | Attr = RH ] NVIDIA -> %SystemDrive%\NVIDIA -> [Folder | Created Date = 6/10/2008 7:27:29 AM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Created Date = 6/10/2008 3:09:44 AM | Attr = ] QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 6/24/2008 7:22:23 PM | Attr = ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 6/10/2008 7:29:51 AM | Attr = HS] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 6/10/2008 3:08:37 AM | Attr = HS] temp -> %SystemDrive%\temp -> [Folder | Created Date = 6/22/2008 5:09:12 PM | Attr = ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 6/24/2008 3:18:10 PM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Created Date = 6/24/2008 7:20:53 PM | Attr = ] msjetol1.dll -> %SystemRoot%\System32\dllcache\msjetol1.dll -> [Ver = | Size = 355112 bytes | Created Date = 6/10/2008 7:33:35 AM | Attr = ] quartz.dll -> %SystemRoot%\System32\dllcache\quartz.dll -> [Ver = | Size = 1288192 bytes | Created Date = 6/10/2008 1:02:18 PM | Attr = ] a347bus.sys -> %SystemRoot%\System32\drivers\a347bus.sys -> [Ver = 3.47.0.0 built by: WinDDK | Size = 160640 bytes | Created Date = 6/10/2008 9:51:02 PM | Attr = ] a347scsi.sys -> %SystemRoot%\System32\drivers\a347scsi.sys -> [Ver = 3.47.0.0 built by: WinDDK | Size = 5248 bytes | Created Date = 6/10/2008 9:51:02 PM | Attr = ] atapi.sys -> %SystemRoot%\System32\drivers\atapi.sys -> [Ver = | Size = 95360 bytes | Created Date = 6/10/2008 12:42:24 PM | Attr = ] Awrtpd.sys -> %SystemRoot%\System32\drivers\Awrtpd.sys -> Lavasoft AB [Ver = 1.0.0.134 | Size = 12960 bytes | Created Date = 4/29/2008 11:19:50 AM | Attr = ] Awrtrd.sys -> %SystemRoot%\System32\drivers\Awrtrd.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 15648 bytes | Created Date = 4/29/2008 11:19:54 AM | Attr = ] cdr4_xp.sys -> %SystemRoot%\System32\drivers\cdr4_xp.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 9336 bytes | Created Date = 6/10/2008 4:20:58 PM | Attr = ] cdralw2k.sys -> %SystemRoot%\System32\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 9464 bytes | Created Date = 6/10/2008 4:20:58 PM | Attr = ] DefragFS.sys -> %SystemRoot%\System32\drivers\DefragFS.sys -> Raxco Software, Inc. [Ver = 8.0015 built by: WinDDK | Size = 71184 bytes | Created Date = 6/17/2008 10:43:08 AM | Attr = R ] disdn -> %SystemRoot%\System32\drivers\disdn -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] dmboot.sys -> %SystemRoot%\System32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Created Date = 6/10/2008 12:42:24 PM | Attr = ] dmio.sys -> %SystemRoot%\System32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Created Date = 6/10/2008 12:42:24 PM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] fetnd5.sys -> %SystemRoot%\System32\drivers\fetnd5.sys -> VIA Technologies, Inc. [Ver = 2.66 | Size = 27165 bytes | Created Date = 6/10/2008 3:10:40 AM | Attr = ] hdaudbus.sys -> %SystemRoot%\System32\drivers\hdaudbus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Created Date = 6/10/2008 12:42:47 PM | Attr = ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [Ver = | Size = 15864 bytes | Created Date = 6/24/2008 3:04:36 PM | Attr = ] mbamcatchme.sys -> %SystemRoot%\System32\drivers\mbamcatchme.sys -> [Ver = | Size = 34296 bytes | Created Date = 6/24/2008 3:04:36 PM | Attr = ] mfeavfk.sys -> %SystemRoot%\System32\drivers\mfeavfk.sys -> McAfee, Inc. [Ver = SYSCORE.14.0.0.291.x86 | Size = 79304 bytes | Created Date = 6/10/2008 3:09:12 PM | Attr = ] mfebopk.sys -> %SystemRoot%\System32\drivers\mfebopk.sys -> McAfee, Inc. [Ver = SYSCORE.14.0.0.291.x86 | Size = 35240 bytes | Created Date = 6/10/2008 3:09:12 PM | Attr = ] mfehidk.sys -> %SystemRoot%\System32\drivers\mfehidk.sys -> McAfee, Inc. [Ver = SYSCORE.14.0.0.291.x86 | Size = 201320 bytes | Created Date = 6/10/2008 3:09:12 PM | Attr = ] mferkdk.sys -> %SystemRoot%\System32\drivers\mferkdk.sys -> McAfee, Inc. [Ver = SYSCORE.14.0.0.291.x86 | Size = 33832 bytes | Created Date = 6/10/2008 3:09:15 PM | Attr = ] mfesmfk.sys -> %SystemRoot%\System32\drivers\mfesmfk.sys -> McAfee, Inc. [Ver = SYSCORE.14.0.0.284.x86 | Size = 40488 bytes | Created Date = 6/10/2008 3:09:12 PM | Attr = ] Mpfp.sys -> %SystemRoot%\System32\drivers\Mpfp.sys -> McAfee, Inc. [Ver = 9.0.114.0 | Size = 113952 bytes | Created Date = 6/10/2008 3:09:08 PM | Attr = ] NSDriver.sys -> %SystemRoot%\System32\drivers\NSDriver.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 15648 bytes | Created Date = 4/29/2008 11:20:00 AM | Attr = ] nv4_mini.sys -> %SystemRoot%\System32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 6554496 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvport.sys -> %SystemRoot%\System32\drivers\nvport.sys -> NVIDIA Corporation. [Ver = 1.00 | Size = 4608 bytes | Created Date = 6/10/2008 4:07:55 PM | Attr = ] pcouffin.sys -> %SystemRoot%\System32\drivers\pcouffin.sys -> VSO Software [Ver = 1.37 | Size = 47360 bytes | Created Date = 6/12/2008 5:29:19 AM | Attr = ] pfc.sys -> %SystemRoot%\System32\drivers\pfc.sys -> Padus, Inc. [Ver = 2, 5, 0, 201 | Size = 9856 bytes | Created Date = 6/10/2008 4:07:55 PM | Attr = ] PxHelp20.sys -> %SystemRoot%\System32\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.56a | Size = 43528 bytes | Created Date = 6/10/2008 4:20:58 PM | Attr = ] secdrv.sys -> %SystemRoot%\System32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Created Date = 6/10/2008 12:42:23 PM | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 838 bytes | Created Date = 6/10/2008 3:07:59 AM | Attr = ] 1025 -> %SystemRoot%\System32\1025 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1028 -> %SystemRoot%\System32\1028 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 1031 -> %SystemRoot%\System32\1031 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 1033 -> %SystemRoot%\System32\1033 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 1037 -> %SystemRoot%\System32\1037 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 1041 -> %SystemRoot%\System32\1041 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 1042 -> %SystemRoot%\System32\1042 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 1054 -> %SystemRoot%\System32\1054 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 2052 -> %SystemRoot%\System32\2052 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 3076 -> %SystemRoot%\System32\3076 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] ac3filter.acm -> %SystemRoot%\System32\ac3filter.acm -> [Ver = | Size = 380928 bytes | Created Date = 6/10/2008 7:32:21 AM | Attr = ] acXMLParser.dll -> %SystemRoot%\System32\acXMLParser.dll -> Apache Software Foundation [Ver = 2, 7, 0 | Size = 1843200 bytes | Created Date = 6/20/2008 2:21:54 PM | Attr = ] amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Created Date = 6/10/2008 7:19:37 AM | Attr = ] appmgmt -> %SystemRoot%\System32\appmgmt -> [Folder | Created Date = 6/10/2008 3:26:14 PM | Attr = ] AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [Ver = | Size = 1688 bytes | Created Date = 6/10/2008 3:09:36 AM | Attr = ] BASSMOD.dll -> %SystemRoot%\System32\BASSMOD.dll -> [Ver = | Size = 34308 bytes | Created Date = 6/10/2008 8:48:12 PM | Attr = ] BD2140.DAT -> %SystemRoot%\System32\BD2140.DAT -> [Ver = | Size = 34 bytes | Created Date = 6/10/2008 1:49:35 PM | Attr = ] bits -> %SystemRoot%\System32\bits -> [Folder | Created Date = 6/10/2008 12:45:45 PM | Attr = ] bopomofo.uce -> %SystemRoot%\System32\bopomofo.uce -> [Ver = | Size = 22984 bytes | Created Date = 6/10/2008 7:16:46 AM | Attr = ] BRLM03A.DLL -> %SystemRoot%\System32\BRLM03A.DLL -> brother Industries Ltd [Ver = 1, 0, 4, 1 | Size = 24223 bytes | Created Date = 6/10/2008 8:04:53 AM | Attr = ] brlmw03a.dll -> %SystemRoot%\System32\brlmw03a.dll -> Brother Industries, Ltd. [Ver = 1, 0, 0, 182 | Size = 77824 bytes | Created Date = 6/10/2008 8:05:23 AM | Attr = ] brlmw03a.ini -> %SystemRoot%\System32\brlmw03a.ini -> [Ver = | Size = 114 bytes | Created Date = 6/10/2008 8:05:23 AM | Attr = ] BROSNMP.DLL -> %SystemRoot%\System32\BROSNMP.DLL -> Brother Industries, Ltd. [Ver = 1, 0, 0, 1 | Size = 176128 bytes | Created Date = 6/10/2008 8:04:53 AM | Attr = ] BRRBTOOL.EXE -> %SystemRoot%\System32\BRRBTOOL.EXE -> Brother Industries Ltd [Ver = 1.34 | Size = 94208 bytes | Created Date = 6/10/2008 8:04:53 AM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Created Date = 6/10/2008 3:09:01 AM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Created Date = 6/10/2008 3:09:01 AM | Attr = ] cdintf300.dll -> %SystemRoot%\System32\cdintf300.dll -> Amyuni Technologies http://www.amyuni.com [Ver = 3.01a | Size = 3518464 bytes | Created Date = 6/20/2008 2:21:52 PM | Attr = ] cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Created Date = 6/10/2008 7:18:46 AM | Attr = RH ] CDRipperX.ocx -> %SystemRoot%\System32\CDRipperX.ocx -> NUGROOVZ [Ver = 1, 4, 0, 1 | Size = 380928 bytes | Created Date = 6/10/2008 9:39:00 PM | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,223,0 | Size = 107888 bytes | Created Date = 6/20/2008 10:06:28 PM | Attr = ] Com -> %SystemRoot%\System32\Com -> [Folder | Created Date = 6/10/2008 7:16:37 AM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] Config.MPF -> %SystemRoot%\System32\Config.MPF -> [Ver = | Size = 14359 bytes | Created Date = 6/10/2008 3:12:30 PM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2577 bytes | Created Date = 6/10/2008 7:19:40 AM | Attr = ] core.aawdef -> %SystemRoot%\System32\core.aawdef -> [Ver = | Size = 7679876 bytes | Created Date = 6/10/2008 3:25:05 PM | Attr = R ] ct2mgm.sf2 -> %SystemRoot%\System32\ct2mgm.sf2 -> [Ver = | Size = 2167684 bytes | Created Date = 6/10/2008 2:22:34 PM | Attr = R ] CT4MGM.SF2 -> %SystemRoot%\System32\CT4MGM.SF2 -> [Ver = | Size = 4174814 bytes | Created Date = 6/10/2008 2:22:35 PM | Attr = ] CT8MGM.SF2 -> %SystemRoot%\System32\CT8MGM.SF2 -> [Ver = | Size = 7572224 bytes | Created Date = 6/10/2008 2:22:36 PM | Attr = ] CtDvInst.dll -> %SystemRoot%\System32\CtDvInst.dll -> Creative Technology Limited [Ver = 0, 3, 0, 30 | Size = 133632 bytes | Created Date = 6/10/2008 2:23:00 PM | Attr = R ] ctzapxx.ini -> %SystemRoot%\System32\ctzapxx.ini -> [Ver = | Size = 39 bytes | Created Date = 6/10/2008 2:22:46 PM | Attr = R ] c_10006.nls -> %SystemRoot%\System32\c_10006.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_10007.nls -> %SystemRoot%\System32\c_10007.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_10010.nls -> %SystemRoot%\System32\c_10010.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_10017.nls -> %SystemRoot%\System32\c_10017.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_10029.nls -> %SystemRoot%\System32\c_10029.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_10081.nls -> %SystemRoot%\System32\c_10081.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_10082.nls -> %SystemRoot%\System32\c_10082.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_20127.nls -> %SystemRoot%\System32\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:38 AM | Attr = ] C_28594.NLS -> %SystemRoot%\System32\C_28594.NLS -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] C_28595.NLS -> %SystemRoot%\System32\C_28595.NLS -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] C_28597.NLS -> %SystemRoot%\System32\C_28597.NLS -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_28599.nls -> %SystemRoot%\System32\c_28599.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_28603.nls -> %SystemRoot%\System32\c_28603.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_737.nls -> %SystemRoot%\System32\c_737.nls -> [Ver = | Size = 66594 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_852.nls -> %SystemRoot%\System32\c_852.nls -> [Ver = | Size = 66594 bytes | Created Date = 6/10/2008 3:09:41 AM | Attr = ] c_855.nls -> %SystemRoot%\System32\c_855.nls -> [Ver = | Size = 66594 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_857.nls -> %SystemRoot%\System32\c_857.nls -> [Ver = | Size = 66594 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_866.nls -> %SystemRoot%\System32\c_866.nls -> [Ver = | Size = 66594 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_869.nls -> %SystemRoot%\System32\c_869.nls -> [Ver = | Size = 66594 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] c_875.nls -> %SystemRoot%\System32\c_875.nls -> [Ver = | Size = 66082 bytes | Created Date = 6/10/2008 3:09:42 AM | Attr = ] Data -> %SystemRoot%\System32\Data -> [Folder | Created Date = 6/10/2008 2:22:46 PM | Attr = ] desktop.ini -> %SystemRoot%\System32\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 6/10/2008 7:18:15 AM | Attr = ] dhcp -> %SystemRoot%\System32\dhcp -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Created Date = 6/10/2008 7:51:10 AM | Attr = ] DivX.dll -> %SystemRoot%\System32\DivX.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 683520 bytes | Created Date = 5/30/2008 7:22:46 PM | Attr = ] DivXCodecVersionChecker.exe -> %SystemRoot%\System32\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 0,0,0,0 | Size = 161096 bytes | Created Date = 5/22/2008 6:19:12 PM | Attr = ] divxdec.ax -> %SystemRoot%\System32\divxdec.ax -> DivX, Inc. [Ver = 6.3.0.63 | Size = 630784 bytes | Created Date = 5/30/2008 7:22:40 PM | Attr = ] DivXMedia.ax -> %SystemRoot%\System32\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Created Date = 5/22/2008 6:19:30 PM | Attr = ] DivXsm.exe -> %SystemRoot%\System32\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 4 | Size = 524288 bytes | Created Date = 5/22/2008 6:22:22 PM | Attr = ] divxsm.tlb -> %SystemRoot%\System32\divxsm.tlb -> [Ver = | Size = 4816 bytes | Created Date = 5/22/2008 6:22:22 PM | Attr = ] DivXWMPExtType.dll -> %SystemRoot%\System32\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Created Date = 5/22/2008 6:18:54 PM | Attr = ] divx_xx07.dll -> %SystemRoot%\System32\divx_xx07.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 823296 bytes | Created Date = 5/30/2008 7:22:48 PM | Attr = ] divx_xx0a.dll -> %SystemRoot%\System32\divx_xx0a.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 815104 bytes | Created Date = 5/30/2008 7:22:46 PM | Attr = ] divx_xx0c.dll -> %SystemRoot%\System32\divx_xx0c.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 823296 bytes | Created Date = 5/30/2008 7:22:48 PM | Attr = ] divx_xx11.dll -> %SystemRoot%\System32\divx_xx11.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 802816 bytes | Created Date = 5/30/2008 7:22:48 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Created Date = 6/10/2008 7:19:26 AM | Attr = ] DolbyHph.dll -> %SystemRoot%\System32\DolbyHph.dll -> Lake Technology Limited, http://www.lake.com.au [Ver = 1.02.0222 | Size = 671744 bytes | Created Date = 6/10/2008 4:07:55 PM | Attr = ] dpl100.dll -> %SystemRoot%\System32\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 44 | Size = 81920 bytes | Created Date = 5/22/2008 6:19:46 PM | Attr = ] dpl100.dll.manifest -> %SystemRoot%\System32\dpl100.dll.manifest -> [Ver = | Size = 416 bytes | Created Date = 5/22/2008 6:19:46 PM | Attr = ] dpu10.dll -> %SystemRoot%\System32\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 5/30/2008 7:22:54 PM | Attr = ] dpu11.dll -> %SystemRoot%\System32\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Created Date = 5/30/2008 7:22:54 PM | Attr = ] dpuGUI10.dll -> %SystemRoot%\System32\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Created Date = 5/30/2008 7:22:58 PM | Attr = ] dpuGUI11.dll -> %SystemRoot%\System32\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Created Date = 5/30/2008 7:22:54 PM | Attr = ] dpus11.dll -> %SystemRoot%\System32\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Created Date = 5/30/2008 7:22:54 PM | Attr = ] dpv11.dll -> %SystemRoot%\System32\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Created Date = 5/30/2008 7:22:54 PM | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] drv23260.dll -> %SystemRoot%\System32\drv23260.dll -> RealNetworks, Inc. [Ver = 6.0.7.3928 | Size = 176165 bytes | Created Date = 6/12/2008 5:29:13 AM | Attr = ] drv33260.dll -> %SystemRoot%\System32\drv33260.dll -> RealNetworks, Inc. [Ver = 6.0.7.4085 | Size = 208935 bytes | Created Date = 6/12/2008 5:29:13 AM | Attr = ] drv43260.dll -> %SystemRoot%\System32\drv43260.dll -> RealNetworks, Inc. [Ver = 6.0.7.2389 | Size = 217127 bytes | Created Date = 6/12/2008 5:29:13 AM | Attr = ] dtu100.dll -> %SystemRoot%\System32\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 44 | Size = 196608 bytes | Created Date = 5/22/2008 6:19:46 PM | Attr = ] dtu100.dll.manifest -> %SystemRoot%\System32\dtu100.dll.manifest -> [Ver = | Size = 416 bytes | Created Date = 5/22/2008 6:19:46 PM | Attr = ] dunzip32.dll -> %SystemRoot%\System32\dunzip32.dll -> Inner Media, Inc. [Ver = 5.00.06 | Size = 143360 bytes | Created Date = 6/10/2008 3:11:50 PM | Attr = ] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Created Date = 6/10/2008 7:17:23 AM | Attr = ] en -> %SystemRoot%\System32\en -> [Folder | Created Date = 6/10/2008 12:45:45 PM | Attr = ] en-us -> %SystemRoot%\System32\en-us -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] export -> %SystemRoot%\System32\export -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 1561704 bytes | Created Date = 6/10/2008 3:08:37 AM | Attr = ] Font.exe -> %SystemRoot%\System32\Font.exe -> MXZA [Ver = 1.00 | Size = 102400 bytes | Created Date = 6/20/2008 2:22:26 PM | Attr = ] FoxBurner.ocx -> %SystemRoot%\System32\FoxBurner.ocx -> FoxBurner Ltd. [Ver = 3.8 | Size = 1228800 bytes | Created Date = 6/10/2008 9:39:00 PM | Attr = ] FoxDVDImager.ocx -> %SystemRoot%\System32\FoxDVDImager.ocx -> FoxBurner Ltd. [Ver = 1.1.1 | Size = 454656 bytes | Created Date = 6/10/2008 9:39:00 PM | Attr = ] FoxImager.dll -> %SystemRoot%\System32\FoxImager.dll -> [Ver = | Size = 323584 bytes | Created Date = 6/10/2008 9:38:59 PM | Attr = ] gb2312.uce -> %SystemRoot%\System32\gb2312.uce -> [Ver = | Size = 24006 bytes | Created Date = 6/10/2008 7:16:46 AM | Attr = ] history.aaw -> %SystemRoot%\System32\history.aaw -> [Ver = | Size = 896 bytes | Created Date = 6/21/2008 6:50:26 PM | Attr = ] ias -> %SystemRoot%\System32\ias -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] icrav03.rat -> %SystemRoot%\System32\icrav03.rat -> [Ver = | Size = 8798 bytes | Created Date = 6/10/2008 7:16:48 AM | Attr = ] icsxml -> %SystemRoot%\System32\icsxml -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] ideograf.uce -> %SystemRoot%\System32\ideograf.uce -> [Ver = | Size = 60458 bytes | Created Date = 6/10/2008 7:16:47 AM | Attr = ] IE7Eula.rtf -> %SystemRoot%\System32\IE7Eula.rtf -> [Ver = | Size = 74715 bytes | Created Date = 6/10/2008 7:16:48 AM | Attr = ] ime -> %SystemRoot%\System32\ime -> [Folder | Created Date = 6/10/2008 12:49:51 PM | Attr = ] inetsrv -> %SystemRoot%\System32\inetsrv -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] kanji_1.uce -> %SystemRoot%\System32\kanji_1.uce -> [Ver = | Size = 6948 bytes | Created Date = 6/10/2008 7:16:47 AM | Attr = ] kanji_2.uce -> %SystemRoot%\System32\kanji_2.uce -> [Ver = | Size = 8484 bytes | Created Date = 6/10/2008 7:16:47 AM | Attr = ] keystone.exe -> %SystemRoot%\System32\keystone.exe -> [Ver = | Size = 425984 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] korean.uce -> %SystemRoot%\System32\korean.uce -> [Ver = | Size = 12876 bytes | Created Date = 6/10/2008 7:16:47 AM | Attr = ] libdivx.dll -> %SystemRoot%\System32\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Created Date = 5/22/2008 6:20:42 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Created Date = 6/10/2008 7:24:50 AM | Attr = ] logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Created Date = 6/10/2008 7:18:51 AM | Attr = RH ] logs -> %SystemRoot%\System32\logs -> [Folder | Created Date = 6/10/2008 3:24:04 PM | Attr = ] lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Created Date = 5/16/2008 11:58:04 AM | Attr = ] Ludap17.ini -> %SystemRoot%\System32\Ludap17.ini -> [Ver = | Size = 5627 bytes | Created Date = 6/10/2008 2:22:46 PM | Attr = R ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] mcdmsg7.dll -> %SystemRoot%\System32\mcdmsg7.dll -> [Ver = | Size = 7852 bytes | Created Date = 6/12/2008 6:02:19 AM | Attr = ] Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Created Date = 6/10/2008 7:24:12 AM | Attr = S] mpgfiltr.ax -> %SystemRoot%\System32\mpgfiltr.ax -> Essien Research & Development [Ver = 2.51 | Size = 856064 bytes | Created Date = 6/10/2008 9:39:00 PM | Attr = ] MsDtc -> %SystemRoot%\System32\MsDtc -> [Folder | Created Date = 6/10/2008 7:16:38 AM | Attr = ] msdtcprf.h -> %SystemRoot%\System32\msdtcprf.h -> [Ver = | Size = 768 bytes | Created Date = 6/10/2008 7:16:45 AM | Attr = ] msdtcprf.ini -> %SystemRoot%\System32\msdtcprf.ini -> [Ver = | Size = 1931 bytes | Created Date = 6/10/2008 7:16:45 AM | Attr = ] mui -> %SystemRoot%\System32\mui -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 6/10/2008 7:18:46 AM | Attr = RH ] NMSDVDXU.dll -> %SystemRoot%\System32\NMSDVDXU.dll -> NuMedia Soft, Inc. [Ver = 1, 0, 0, 9 | Size = 1164728 bytes | Created Date = 6/10/2008 9:39:00 PM | Attr = ] npp -> %SystemRoot%\System32\npp -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Created Date = 6/10/2008 7:19:37 AM | Attr = ] nv3d.chm -> %SystemRoot%\System32\nv3d.chm -> [Ver = | Size = 116384 bytes | Created Date = 6/10/2008 7:27:42 AM | Attr = ] nv4_disp.dll -> %SystemRoot%\System32\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 6108160 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvapi.dll -> %SystemRoot%\System32\nvapi.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 425984 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvappbar.exe -> %SystemRoot%\System32\nvappbar.exe -> [Ver = | Size = 442368 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 182765 bytes | Created Date = 6/10/2008 7:27:42 AM | Attr = ] nvcod.dll -> %SystemRoot%\System32\nvcod.dll -> NVIDIA Corporation [Ver = 1 , 3 , 0 , 14 | Size = 41984 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvcodins.dll -> %SystemRoot%\System32\nvcodins.dll -> NVIDIA Corporation [Ver = 1 , 3 , 0 , 14 | Size = 41984 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvcolor.exe -> %SystemRoot%\System32\nvcolor.exe -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 147456 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpl.chm -> %SystemRoot%\System32\nvcpl.chm -> [Ver = | Size = 121529 bytes | Created Date = 6/10/2008 7:27:42 AM | Attr = ] nvcpl.cpl -> %SystemRoot%\System32\nvcpl.cpl -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 420384 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpl.dll -> %SystemRoot%\System32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 13529088 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvcplui.exe -> %SystemRoot%\System32\nvcplui.exe -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 768544 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvcuda.dll -> %SystemRoot%\System32\nvcuda.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 1241088 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [Ver = | Size = 18070 bytes | Created Date = 6/10/2008 7:27:42 AM | Attr = ] nvdisps.dll -> %SystemRoot%\System32\nvdisps.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 6582272 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvdsp.chm -> %SystemRoot%\System32\nvdsp.chm -> [Ver = | Size = 181895 bytes | Created Date = 6/10/2008 7:27:42 AM | Attr = ] nvdspsch.exe -> %SystemRoot%\System32\nvdspsch.exe -> [Ver = | Size = 1339392 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvexpbar.dll -> %SystemRoot%\System32\nvexpbar.dll -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 313888 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvgames.dll -> %SystemRoot%\System32\nvgames.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 3391488 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nview.dll -> %SystemRoot%\System32\nview.dll -> [Ver = | Size = 1486848 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvmccs.dll -> %SystemRoot%\System32\nvmccs.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 229376 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvmccsrs.dll -> %SystemRoot%\System32\nvmccsrs.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 45056 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvmccss.dll -> %SystemRoot%\System32\nvmccss.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 188416 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvmctray.dll -> %SystemRoot%\System32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 86016 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvmob.chm -> %SystemRoot%\System32\nvmob.chm -> [Ver = | Size = 54988 bytes | Created Date = 6/10/2008 7:27:42 AM | Attr = ] nvmobls.dll -> %SystemRoot%\System32\nvmobls.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 1257472 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvnt4cpl.dll -> %SystemRoot%\System32\nvnt4cpl.dll -> [Ver = | Size = 286720 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvoglnt.dll -> %SystemRoot%\System32\nvoglnt.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 8769536 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvshell.dll -> %SystemRoot%\System32\nvshell.dll -> [Ver = | Size = 466944 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvsvc32.exe -> %SystemRoot%\System32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 159812 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvtuicpl.cpl -> %SystemRoot%\System32\nvtuicpl.cpl -> [Ver = | Size = 73728 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Created Date = 6/10/2008 7:27:42 AM | Attr = ] NVUNINST.EXE -> %SystemRoot%\System32\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Created Date = 6/10/2008 7:27:34 AM | Attr = ] nvvitvs.dll -> %SystemRoot%\System32\nvvitvs.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 3776512 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvwddi.dll -> %SystemRoot%\System32\nvwddi.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 81920 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvwdmcpl.dll -> %SystemRoot%\System32\nvwdmcpl.dll -> [Ver = | Size = 1703936 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvwimg.dll -> %SystemRoot%\System32\nvwimg.dll -> [Ver = | Size = 1019904 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nvwss.dll -> %SystemRoot%\System32\nvwss.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 2629632 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 6/10/2008 7:18:46 AM | Attr = RH ] nwiz.exe -> %SystemRoot%\System32\nwiz.exe -> [Ver = | Size = 1630208 bytes | Created Date = 5/2/2008 10:46:00 PM | Attr = ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] PDBoot.exe -> %SystemRoot%\System32\PDBoot.exe -> Raxco Software, Inc. [Ver = 9, 0, 0, 52 | Size = 230664 bytes | Created Date = 4/16/2008 1:00:20 PM | Attr = ] PDBootState -> %SystemRoot%\System32\PDBootState -> [Ver = | Size = 20 bytes | Created Date = 6/17/2008 10:52:41 AM | Attr = ] Pdrvinst.dll -> %SystemRoot%\System32\Pdrvinst.dll -> brother [Ver = 1, 3, 0, 0 | Size = 192512 bytes | Created Date = 6/10/2008 8:04:53 AM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 543600 bytes | Created Date = 6/10/2008 3:09:45 AM | Attr = ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] PTxSCP.ocx -> %SystemRoot%\System32\PTxSCP.ocx -> Plasmatech Software Design [Ver = 2.3.0.167 | Size = 1208320 bytes | Created Date = 6/10/2008 9:38:59 PM | Attr = ] PubKey.key -> %SystemRoot%\System32\PubKey.key -> [Ver = | Size = 84 bytes | Created Date = 6/10/2008 3:24:40 PM | Attr = ] px.dll -> %SystemRoot%\System32\px.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 547576 bytes | Created Date = 6/10/2008 4:20:57 PM | Attr = ] pxafs.dll -> %SystemRoot%\System32\pxafs.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 129784 bytes | Created Date = 6/10/2008 4:20:57 PM | Attr = ] pxcpya64.exe -> %SystemRoot%\System32\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.40a | Size = 64760 bytes | Created Date = 6/10/2008 4:20:58 PM | Attr = ] pxdrv.dll -> %SystemRoot%\System32\pxdrv.dll -> Sonic Solutions [Ver = 1.02.05a | Size = 510712 bytes | Created Date = 6/10/2008 4:20:57 PM | Attr = ] pxhpinst.exe -> %SystemRoot%\System32\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.56a | Size = 72440 bytes | Created Date = 6/10/2008 4:20:58 PM | Attr = ] pxinsa64.exe -> %SystemRoot%\System32\pxinsa64.exe -> Sonic Solutions [Ver = 3.00.56a | Size = 64760 bytes | Created Date = 6/10/2008 4:20:58 PM | Attr = ] pxmas.dll -> %SystemRoot%\System32\pxmas.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 187128 bytes | Created Date = 6/10/2008 4:20:57 PM | Attr = ] pxsfs.dll -> %SystemRoot%\System32\pxsfs.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 1628920 bytes | Created Date = 6/10/2008 4:20:57 PM | Attr = ] pxwave.dll -> %SystemRoot%\System32\pxwave.dll -> Sonic Solutions [Ver = 3.6.36.500 | Size = 379640 bytes | Created Date = 6/10/2008 4:20:57 PM | Attr = ] qt-dx331.dll -> %SystemRoot%\System32\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Created Date = 5/22/2008 6:22:18 PM | Attr = ] QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Inc. [Ver = 7.5 (861) | Size = 57344 bytes | Created Date = 5/27/2008 10:50:34 AM | Attr = ] QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.5 (861) | Size = 90112 bytes | Created Date = 5/27/2008 10:50:34 AM | Attr = ] ras -> %SystemRoot%\System32\ras -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Created Date = 6/10/2008 12:44:02 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Created Date = 6/10/2008 7:18:00 AM | Attr = ] rtl60.bpl -> %SystemRoot%\System32\rtl60.bpl -> Borland Software Corporation [Ver = 6.0.6.240 | Size = 676352 bytes | Created Date = 6/12/2008 5:42:54 AM | Attr = ] sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 6/10/2008 7:18:46 AM | Attr = RH ] scripting -> %SystemRoot%\System32\scripting -> [Folder | Created Date = 6/10/2008 12:45:46 PM | Attr = ] settings.aaw -> %SystemRoot%\System32\settings.aaw -> [Ver = | Size = 3616 bytes | Created Date = 6/10/2008 3:24:25 PM | Attr = ] settings.sfm -> %SystemRoot%\System32\settings.sfm -> [Ver = | Size = 584 bytes | Created Date = 6/10/2008 2:26:14 PM | Attr = ] settingsbkup.sfm -> %SystemRoot%\System32\settingsbkup.sfm -> [Ver = | Size = 584 bytes | Created Date = 6/10/2008 2:26:14 PM | Attr = ] Setup -> %SystemRoot%\System32\Setup -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] ShellExt -> %SystemRoot%\System32\ShellExt -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] shiftjis.uce -> %SystemRoot%\System32\shiftjis.uce -> [Ver = | Size = 16740 bytes | Created Date = 6/10/2008 7:16:47 AM | Attr = ] SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Created Date = 6/10/2008 7:25:10 AM | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] ssldivx.dll -> %SystemRoot%\System32\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Created Date = 5/22/2008 6:20:42 PM | Attr = ] subrange.uce -> %SystemRoot%\System32\subrange.uce -> [Ver = | Size = 93702 bytes | Created Date = 6/10/2008 7:16:47 AM | Attr = ] ticrf.rat -> %SystemRoot%\System32\ticrf.rat -> [Ver = | Size = 1988 bytes | Created Date = 6/10/2008 7:16:52 AM | Attr = ] tslabels.h -> %SystemRoot%\System32\tslabels.h -> [Ver = | Size = 3286 bytes | Created Date = 6/10/2008 7:16:46 AM | Attr = ] tslabels.ini -> %SystemRoot%\System32\tslabels.ini -> [Ver = | Size = 13223 bytes | Created Date = 6/10/2008 7:16:46 AM | Attr = ] URTTemp -> %SystemRoot%\System32\URTTemp -> [Folder | Created Date = 6/10/2008 7:20:28 AM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] usrlogon.cmd -> %SystemRoot%\System32\usrlogon.cmd -> [Ver = | Size = 1161 bytes | Created Date = 6/10/2008 7:16:46 AM | Attr = ] vcl60.bpl -> %SystemRoot%\System32\vcl60.bpl -> Borland Software Corporation [Ver = 6.0.6.240 | Size = 1326080 bytes | Created Date = 6/12/2008 5:42:54 AM | Attr = ] VideoEdit.ocx -> %SystemRoot%\System32\VideoEdit.ocx -> Viscom Software www.viscomsoft.com [Ver = 1.5 | Size = 196608 bytes | Created Date = 6/10/2008 9:39:00 PM | Attr = ] viscomwave.dll -> %SystemRoot%\System32\viscomwave.dll -> Viscom Software [Ver = | Size = 81920 bytes | Created Date = 6/10/2008 9:39:00 PM | Attr = ] vxblock.dll -> %SystemRoot%\System32\vxblock.dll -> Sonic Solutions [Ver = 1.00.74a | Size = 39672 bytes | Created Date = 6/10/2008 4:20:57 PM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] wbsys.dll -> %SystemRoot%\System32\wbsys.dll -> Stardock.Net, Inc [Ver = 5, 5, 0, 0 | Size = 42672 bytes | Created Date = 6/12/2008 5:44:39 AM | Attr = ] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Created Date = 6/10/2008 7:18:51 AM | Attr = RH ] wins -> %SystemRoot%\System32\wins -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] wmimgmt.msc -> %SystemRoot%\System32\wmimgmt.msc -> [Ver = | Size = 63488 bytes | Created Date = 6/10/2008 7:16:41 AM | Attr = ] wodFtpDLX.OCX -> %SystemRoot%\System32\wodFtpDLX.OCX -> WeOnlyDo! Inc. [Ver = 2, 5, 4, 204 | Size = 938272 bytes | Created Date = 6/10/2008 9:42:34 PM | Attr = ] wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Created Date = 6/10/2008 7:18:46 AM | Attr = RH ] xircom -> %SystemRoot%\System32\xircom -> [Folder | Created Date = 6/10/2008 12:49:51 PM | Attr = ] XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Created Date = 6/10/2008 1:09:41 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Created Date = 6/10/2008 12:52:49 PM | Attr = H ] 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> addins -> %SystemRoot%\addins -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Created Date = 6/10/2008 7:20:28 AM | Attr = R S] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Created Date = 6/10/2008 7:22:56 AM | Attr = S] brmx2001.ini -> %SystemRoot%\brmx2001.ini -> [Ver = | Size = 0 bytes | Created Date = 6/10/2008 8:05:29 AM | Attr = ] Brownie.ini -> %SystemRoot%\Brownie.ini -> [Ver = | Size = 188 bytes | Created Date = 6/10/2008 8:04:42 AM | Attr = ] BRVIDEO.INI -> %SystemRoot%\BRVIDEO.INI -> [Ver = | Size = 145 bytes | Created Date = 6/10/2008 8:05:29 AM | Attr = ] BRWMARK.INI -> %SystemRoot%\BRWMARK.INI -> [Ver = | Size = 410 bytes | Created Date = 6/10/2008 1:49:35 PM | Attr = ] Build in Time -> %SystemRoot%\Build in Time -> [Folder | Created Date = 6/19/2008 11:19:20 AM | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Created Date = 6/10/2008 7:19:40 AM | Attr = ] Ctregrun.exe -> %SystemRoot%\Ctregrun.exe -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 41984 bytes | Created Date = 6/10/2008 2:24:13 PM | Attr = ] Cursors -> %SystemRoot%\Cursors -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] dellstat.ini -> %SystemRoot%\dellstat.ini -> [Ver = | Size = 76 bytes | Created Date = 6/22/2008 5:01:43 PM | Attr = ] desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 2 bytes | Created Date = 6/10/2008 7:18:15 AM | Attr = ] Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Created Date = 6/13/2008 6:23:32 AM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Created Date = 6/10/2008 7:16:52 AM | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] EHome -> %SystemRoot%\EHome -> [Folder | Created Date = 6/10/2008 12:42:11 PM | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 6/24/2008 7:22:51 PM | Attr = ] eReg.dat -> %SystemRoot%\eReg.dat -> [Ver = | Size = 663 bytes | Created Date = 6/10/2008 10:35:25 PM | Attr = ] fdsv.exe -> %SystemRoot%\fdsv.exe -> Smallfrogs Studio [Ver = 1, 2, 0, 22 | Size = 89504 bytes | Created Date = 6/24/2008 7:22:20 PM | Attr = ] Fitness Frenzy -> %SystemRoot%\Fitness Frenzy -> [Folder | Created Date = 6/23/2008 11:04:20 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = R S] grep.exe -> %SystemRoot%\grep.exe -> [Ver = | Size = 80412 bytes | Created Date = 6/24/2008 7:22:20 PM | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] HL-2140.INI -> %SystemRoot%\HL-2140.INI -> [Ver = | Size = 9853 bytes | Created Date = 6/10/2008 8:05:22 AM | Attr = ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 6/10/2008 12:53:17 PM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Created Date = 6/10/2008 3:09:47 AM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] INRES.DLL -> %SystemRoot%\INRES.DLL -> Creative Technology Limited [Ver = 1, 0, 9, 0 | Size = 11264 bytes | Created Date = 6/10/2008 2:22:46 PM | Attr = ] Installer -> %SystemRoot%\Installer -> [Folder | Created Date = 6/10/2008 3:09:44 AM | Attr = HS] IsUninst.exe -> %SystemRoot%\IsUninst.exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Created Date = 6/10/2008 10:02:18 PM | Attr = ] java -> %SystemRoot%\java -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] l2schemas -> %SystemRoot%\l2schemas -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] lexstat.ini -> %SystemRoot%\lexstat.ini -> [Ver = | Size = 215 bytes | Created Date = 6/22/2008 5:01:46 PM | Attr = ] Logs -> %SystemRoot%\Logs -> [Folder | Created Date = 6/10/2008 7:51:04 AM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Created Date = 6/10/2008 7:20:28 AM | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1160 bytes | Created Date = 6/10/2008 3:26:37 PM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] mui -> %SystemRoot%\mui -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Created Date = 6/10/2008 1:44:24 PM | Attr = ] Network Diagnostic -> %SystemRoot%\Network Diagnostic -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.10 | Size = 28672 bytes | Created Date = 6/24/2008 7:22:21 PM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 6/10/2008 7:27:07 AM | Attr = ] nvidia icons -> %SystemRoot%\nvidia icons -> [Folder | Created Date = 6/10/2008 7:27:52 AM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Created Date = 6/10/2008 7:27:42 AM | Attr = ] ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 162 bytes | Created Date = 6/10/2008 7:49:41 PM | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Created Date = 6/10/2008 3:09:44 AM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Created Date = 6/10/2008 7:16:53 AM | Attr = ] PCHealth -> %SystemRoot%\PCHealth -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] PeerNet -> %SystemRoot%\PeerNet -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 6/10/2008 7:27:17 PM | Attr = ] Provisioning -> %SystemRoot%\Provisioning -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Created Date = 6/10/2008 7:17:10 AM | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Created Date = 6/10/2008 7:23:57 AM | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] Resources -> %SystemRoot%\Resources -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] SDAddressBox1633cb8581916.ini -> %SystemRoot%\SDAddressBox1633cb8581916.ini -> [Ver = | Size = 27 bytes | Created Date = 6/12/2008 6:09:18 AM | Attr = ] SDAddressBox16827d0561119.ini -> %SystemRoot%\SDAddressBox16827d0561119.ini -> [Ver = | Size = 27 bytes | Created Date = 6/12/2008 6:04:18 AM | Attr = ] security -> %SystemRoot%\security -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] sed.exe -> %SystemRoot%\sed.exe -> [Ver = | Size = 98816 bytes | Created Date = 6/24/2008 7:22:20 PM | Attr = ] SHELLNEW -> %SystemRoot%\SHELLNEW -> [Folder | Created Date = 6/10/2008 7:37:48 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] srchasst -> %SystemRoot%\srchasst -> [Folder | Created Date = 6/10/2008 12:49:51 PM | Attr = ] swreg.exe -> %SystemRoot%\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 6/24/2008 7:22:20 PM | Attr = ] swsc.exe -> %SystemRoot%\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 6/24/2008 7:22:20 PM | Attr = ] swxcacls.exe -> %SystemRoot%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 6/24/2008 7:22:20 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Created Date = 6/10/2008 7:18:09 AM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] uninst.exe -> %SystemRoot%\uninst.exe -> InstallShield Corporation, Inc. [Ver = 2.20.924.0 | Size = 299520 bytes | Created Date = 6/10/2008 4:03:10 PM | Attr = ] Updreg.EXE -> %SystemRoot%\Updreg.EXE -> Creative Technology Ltd. [Ver = 1.0.2 | Size = 90112 bytes | Created Date = 6/10/2008 2:23:38 PM | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Created Date = 6/10/2008 7:17:13 AM | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 63 bytes | Created Date = 6/10/2008 7:17:13 AM | Attr = ] VFind.exe -> %SystemRoot%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 6/24/2008 7:22:20 PM | Attr = ] WB.ini -> %SystemRoot%\WB.ini -> [Ver = | Size = 0 bytes | Created Date = 6/13/2008 4:33:42 PM | Attr = ] wbem -> %SystemRoot%\wbem -> [Folder | Created Date = 6/10/2008 7:16:51 AM | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Created Date = 6/10/2008 7:18:46 AM | Attr = RH ] WinRAR -> %SystemRoot%\WinRAR -> [Folder | Created Date = 6/10/2008 7:35:57 AM | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Created Date = 6/10/2008 3:06:19 AM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 6/10/2008 7:19:36 AM | Attr = ] zip.exe -> %SystemRoot%\zip.exe -> [Ver = | Size = 68096 bytes | Created Date = 6/24/2008 7:22:20 PM | Attr = ] _delis43.ini -> %SystemRoot%\_delis43.ini -> [Ver = | Size = 588 bytes | Created Date = 6/22/2008 11:33:58 PM | Attr = ] desktop.ini -> %SystemRoot%\tasks\desktop.ini -> [Ver = | Size = 65 bytes | Created Date = 6/10/2008 7:18:09 AM | Attr = RH ] McDefragTask.job -> %SystemRoot%\tasks\McDefragTask.job -> [Ver = | Size = 338 bytes | Created Date = 6/10/2008 3:08:56 PM | Attr = ] McQcTask.job -> %SystemRoot%\tasks\McQcTask.job -> [Ver = | Size = 330 bytes | Created Date = 6/10/2008 3:08:54 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Created Date = 6/10/2008 7:24:12 AM | Attr = H ] [Files Created - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Application Data\Adobe -> [Folder | Created Date = 6/10/2008 6:15:50 PM | Attr = ] Ahead -> %AllUsersProfile%\Application Data\Ahead -> [Folder | Created Date = 6/10/2008 8:01:45 AM | Attr = ] Apple -> %AllUsersProfile%\Application Data\Apple -> [Folder | Created Date = 6/13/2008 3:57:42 AM | Attr = ] Apple Computer -> %AllUsersProfile%\Application Data\Apple Computer -> [Folder | Created Date = 6/13/2008 3:58:09 AM | Attr = ] Avg8 -> %AllUsersProfile%\Application Data\Avg8 -> [Folder | Created Date = 6/10/2008 2:49:21 PM | Attr = ] COMMON FILES -> %AllUsersProfile%\Application Data\COMMON FILES -> [Folder | Created Date = 6/20/2008 2:15:38 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 6/10/2008 3:09:28 AM | Attr = HS] Fitn17 -> %AllUsersProfile%\Application Data\Fitn17 -> [Folder | Created Date = 6/23/2008 11:04:50 PM | Attr = ] FLEXnet -> %AllUsersProfile%\Application Data\FLEXnet -> [Folder | Created Date = 6/10/2008 6:25:40 PM | Attr = ] Intuit -> %AllUsersProfile%\Application Data\Intuit -> [Folder | Created Date = 6/20/2008 2:17:58 PM | Attr = ] Laconic Software -> %AllUsersProfile%\Application Data\Laconic Software -> [Folder | Created Date = 6/10/2008 5:14:48 PM | Attr = ] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Created Date = 6/10/2008 3:24:03 PM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Created Date = 6/24/2008 3:04:37 PM | Attr = ] McAfee -> %AllUsersProfile%\Application Data\McAfee -> [Folder | Created Date = 6/10/2008 2:52:50 PM | Attr = ] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Created Date = 6/10/2008 3:08:56 AM | Attr = S] Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help -> [Folder | Created Date = 6/10/2008 6:45:02 PM | Attr = ] Nero -> %AllUsersProfile%\Application Data\Nero -> [Folder | Created Date = 6/10/2008 8:00:39 AM | Attr = ] NVIDIA Corporation -> %AllUsersProfile%\Application Data\NVIDIA Corporation -> [Folder | Created Date = 6/10/2008 4:08:05 PM | Attr = ] Raxco -> %AllUsersProfile%\Application Data\Raxco -> [Folder | Created Date = 6/17/2008 10:43:05 AM | Attr = ] TEMP -> %AllUsersProfile%\Application Data\TEMP -> [Folder | Created Date = 6/14/2008 10:59:59 PM | Attr = ] @Alternate Data Stream - 110 bytes -> %AllUsersProfile%\Application Data\TEMP:466F9D5D Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Created Date = 6/10/2008 7:39:59 AM | Attr = ] .purple -> %AppData%\.purple -> [Folder | Created Date = 6/24/2008 10:49:39 PM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Created Date = 6/10/2008 3:26:45 PM | Attr = ] Ahead -> %AppData%\Ahead -> [Folder | Created Date = 6/10/2008 8:01:57 AM | Attr = ] Anthropics -> %AppData%\Anthropics -> [Folder | Created Date = 6/10/2008 5:55:23 PM | Attr = ] Blumentals -> %AppData%\Blumentals -> [Folder | Created Date = 6/10/2008 8:15:13 PM | Attr = ] Brother -> %AppData%\Brother -> [Folder | Created Date = 6/10/2008 1:50:00 PM | Attr = R ] desktop.ini -> %AppData%\desktop.ini -> [Ver = | Size = 62 bytes | Created Date = 6/10/2008 7:25:52 AM | Attr = HS] DivX -> %AppData%\DivX -> [Folder | Created Date = 6/10/2008 1:47:36 PM | Attr = ] GlobalSCAPE -> %AppData%\GlobalSCAPE -> [Folder | Created Date = 6/10/2008 2:39:26 PM | Attr = ] Help -> %AppData%\Help -> [Folder | Created Date = 6/22/2008 11:41:21 PM | Attr = ] Identities -> %AppData%\Identities -> [Folder | Created Date = 6/10/2008 4:52:28 PM | Attr = ] IGN_DLM -> %AppData%\IGN_DLM -> [Folder | Created Date = 6/13/2008 6:03:24 AM | Attr = ] InstallShield -> %AppData%\InstallShield -> [Folder | Created Date = 6/18/2008 3:08:27 PM | Attr = ] Leadertech -> %AppData%\Leadertech -> [Folder | Created Date = 6/23/2008 12:07:12 AM | Attr = ] Likno -> %AppData%\Likno -> [Folder | Created Date = 6/10/2008 6:29:27 PM | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Created Date = 6/10/2008 2:51:42 PM | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Created Date = 6/24/2008 3:04:51 PM | Attr = ] Media Player Classic -> %AppData%\Media Player Classic -> [Folder | Created Date = 6/10/2008 7:51:59 AM | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Created Date = 6/10/2008 7:25:52 AM | Attr = S] Mozilla -> %AppData%\Mozilla -> [Folder | Created Date = 6/10/2008 7:27:05 AM | Attr = ] pcouffin.cat -> %AppData%\pcouffin.cat -> [Ver = | Size = 7887 bytes | Created Date = 6/12/2008 5:29:19 AM | Attr = ] pcouffin.inf -> %AppData%\pcouffin.inf -> [Ver = | Size = 1144 bytes | Created Date = 6/12/2008 5:29:19 AM | Attr = ] pcouffin.sys -> %AppData%\pcouffin.sys -> VSO Software [Ver = 1.37 | Size = 47360 bytes | Created Date = 6/12/2008 5:29:19 AM | Attr = ] Talkback -> %AppData%\Talkback -> [Folder | Created Date = 6/10/2008 7:27:12 AM | Attr = ] Texture Maker -> %AppData%\Texture Maker -> [Folder | Created Date = 6/17/2008 12:33:27 PM | Attr = ] Uniblue -> %AppData%\Uniblue -> [Folder | Created Date = 6/10/2008 2:33:45 PM | Attr = ] uTorrent -> %AppData%\uTorrent -> [Folder | Created Date = 6/10/2008 2:10:29 PM | Attr = ] ViStart -> %AppData%\ViStart -> [Folder | Created Date = 6/10/2008 1:58:36 PM | Attr = ] Vso -> %AppData%\Vso -> [Folder | Created Date = 6/12/2008 5:29:18 AM | Attr = ] Winamp -> %AppData%\Winamp -> [Folder | Created Date = 6/10/2008 4:20:53 PM | Attr = ] Windows Desktop Search -> %AppData%\Windows Desktop Search -> [Folder | Created Date = 6/11/2008 2:01:10 PM | Attr = ] WinRAR -> %AppData%\WinRAR -> [Folder | Created Date = 6/10/2008 7:36:01 AM | Attr = ] WinWay -> %AppData%\WinWay -> [Folder | Created Date = 6/10/2008 5:57:44 PM | Attr = ] Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [Folder | Created Date = 6/10/2008 6:20:31 PM | Attr = ] Ahead -> %UserProfile%\Local Settings\Application Data\Ahead -> [Folder | Created Date = 6/10/2008 8:02:57 AM | Attr = ] Apple -> %UserProfile%\Local Settings\Application Data\Apple -> [Folder | Created Date = 6/13/2008 3:57:51 AM | Attr = ] Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer -> [Folder | Created Date = 6/13/2008 3:57:30 AM | Attr = ] ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory -> [Folder | Created Date = 6/10/2008 7:26:06 AM | Attr = ] Collectorz.com -> %UserProfile%\Local Settings\Application Data\Collectorz.com -> [Folder | Created Date = 6/11/2008 5:50:40 AM | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 3584 bytes | Created Date = 6/11/2008 5:33:03 AM | Attr = ] Downloaded Installations -> %UserProfile%\Local Settings\Application Data\Downloaded Installations -> [Folder | Created Date = 6/13/2008 6:25:24 AM | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 70976 bytes | Created Date = 6/10/2008 7:52:04 AM | Attr = ] GlobalSCAPE -> %UserProfile%\Local Settings\Application Data\GlobalSCAPE -> [Folder | Created Date = 6/10/2008 2:40:25 PM | Attr = ] Help -> %UserProfile%\Local Settings\Application Data\Help -> [Folder | Created Date = 6/22/2008 11:41:21 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 6436820 bytes | Created Date = 6/10/2008 7:27:57 AM | Attr = H ] Identities -> %UserProfile%\Local Settings\Application Data\Identities -> [Folder | Created Date = 6/10/2008 4:52:28 PM | Attr = ] Intuit -> %UserProfile%\Local Settings\Application Data\Intuit -> [Folder | Created Date = 6/20/2008 2:25:23 PM | Attr = ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Created Date = 6/10/2008 7:25:52 AM | Attr = S] Microsoft Help -> %UserProfile%\Local Settings\Application Data\Microsoft Help -> [Folder | Created Date = 6/10/2008 6:45:08 PM | Attr = ] Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [Folder | Created Date = 6/10/2008 7:27:05 AM | Attr = ] Stardock -> %UserProfile%\Local Settings\Application Data\Stardock -> [Folder | Created Date = 6/12/2008 6:02:30 AM | Attr = ] desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [Ver = | Size = 129 bytes | Created Date = 6/10/2008 3:09:28 AM | Attr = HS] Intuit -> %AllUsersProfile%\Documents\Intuit -> [Folder | Created Date = 6/20/2008 2:17:59 PM | Attr = ] My Music -> %AllUsersProfile%\Documents\My Music -> [Folder | Created Date = 6/10/2008 3:09:48 AM | Attr = R ] My Pictures -> %AllUsersProfile%\Documents\My Pictures -> [Folder | Created Date = 6/10/2008 7:18:46 AM | Attr = R ] My Videos -> %AllUsersProfile%\Documents\My Videos -> [Folder | Created Date = 6/11/2008 5:13:30 AM | Attr = R ] Stardock -> %AllUsersProfile%\Documents\Stardock -> [Folder | Created Date = 6/12/2008 5:44:40 AM | Attr = ] Burn later -> %UserProfile%\My Documents\Burn later -> [Folder | Created Date = 6/10/2008 4:10:45 PM | Attr = ] desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [Ver = | Size = 75 bytes | Created Date = 6/10/2008 7:25:58 AM | Attr = HS] Downloaded Installations -> %UserProfile%\My Documents\Downloaded Installations -> [Folder | Created Date = 6/10/2008 9:26:47 PM | Attr = ] Downloads -> %UserProfile%\My Documents\Downloads -> [Folder | Created Date = 6/10/2008 3:19:52 PM | Attr = ] EMU ROMS -> %UserProfile%\My Documents\EMU ROMS -> [Folder | Created Date = 6/10/2008 8:47:02 AM | Attr = ] Fitday -> %UserProfile%\My Documents\Fitday -> [Folder | Created Date = 6/20/2008 1:36:19 PM | Attr = ] Game Cheats -> %UserProfile%\My Documents\Game Cheats -> [Folder | Created Date = 6/10/2008 2:47:44 PM | Attr = ] Game Collection -> %UserProfile%\My Documents\Game Collection -> [Folder | Created Date = 6/10/2008 8:25:27 AM | Attr = ] Harvey's Art -> %UserProfile%\My Documents\Harvey's Art -> [Folder | Created Date = 6/10/2008 8:45:35 AM | Attr = ] Harvey's Pictures -> %UserProfile%\My Documents\Harvey's Pictures -> [Folder | Created Date = 6/10/2008 8:43:30 AM | Attr = ] Max Exposure -> %UserProfile%\My Documents\Max Exposure -> [Folder | Created Date = 6/12/2008 7:51:16 PM | Attr = ] maxex.docx -> %UserProfile%\My Documents\maxex.docx -> [Ver = | Size = 30978 bytes | Created Date = 6/17/2008 2:28:00 PM | Attr = ] Movie Collector -> %UserProfile%\My Documents\Movie Collector -> [Folder | Created Date = 6/10/2008 9:44:58 PM | Attr = ] My Downloads -> %UserProfile%\My Documents\My Downloads -> [Folder | Created Date = 6/13/2008 6:03:46 AM | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Created Date = 6/10/2008 7:25:58 AM | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Created Date = 6/10/2008 7:25:58 AM | Attr = R ] My Shapes -> %UserProfile%\My Documents\My Shapes -> [Folder | Created Date = 6/10/2008 7:56:20 PM | Attr = S] My Videos -> %UserProfile%\My Documents\My Videos -> [Folder | Created Date = 6/10/2008 1:24:19 PM | Attr = R ] NeroVision -> %UserProfile%\My Documents\NeroVision -> [Folder | Created Date = 6/11/2008 8:09:54 PM | Attr = ] Office Templates -> %UserProfile%\My Documents\Office Templates -> [Folder | Created Date = 6/10/2008 2:44:27 PM | Attr = ] PcSetup -> %UserProfile%\My Documents\PcSetup -> [Folder | Created Date = 6/12/2008 5:29:18 AM | Attr = ] Resumes -> %UserProfile%\My Documents\Resumes -> [Folder | Created Date = 6/10/2008 8:29:40 AM | Attr = ] Scanned Stuff -> %UserProfile%\My Documents\Scanned Stuff -> [Folder | Created Date = 6/10/2008 8:29:37 AM | Attr = ] shadowbaneinstaller -> %UserProfile%\My Documents\shadowbaneinstaller -> [Folder | Created Date = 6/13/2008 4:44:34 PM | Attr = ] t2625estimate.docx -> %UserProfile%\My Documents\t2625estimate.docx -> [Ver = | Size = 16401 bytes | Created Date = 6/17/2008 5:20:50 PM | Attr = ] Updater5 -> %UserProfile%\My Documents\Updater5 -> [Folder | Created Date = 6/10/2008 6:26:26 PM | Attr = ] Virus tools -> %UserProfile%\My Documents\Virus tools -> [Folder | Created Date = 6/24/2008 8:13:59 PM | Attr = ] Websites -> %UserProfile%\My Documents\Websites -> [Folder | Created Date = 6/10/2008 8:17:48 AM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 6/25/2008 10:39:28 AM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568483 bytes | Created Date = 6/25/2008 10:38:20 AM | Attr = ] desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Created Date = 6/10/2008 3:09:28 AM | Attr = HS] QuickBooks Update Agent.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk -> [Ver = | Size = 2111 bytes | Created Date = 6/20/2008 2:21:43 PM | Attr = ] desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Created Date = 6/10/2008 7:25:52 AM | Attr = HS] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Created Date = 6/10/2008 6:15:50 PM | Attr = ] Ahead -> %CommonProgramFiles%\Ahead -> [Folder | Created Date = 6/10/2008 8:00:39 AM | Attr = ] DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Created Date = 6/10/2008 7:43:00 PM | Attr = ] Download Manager -> %CommonProgramFiles%\Download Manager -> [Folder | Created Date = 6/24/2008 3:04:19 PM | Attr = ] GTK -> %CommonProgramFiles%\GTK -> [Folder | Created Date = 6/24/2008 10:48:45 PM | Attr = ] InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Created Date = 6/10/2008 7:27:32 AM | Attr = ] Intuit -> %CommonProgramFiles%\Intuit -> [Folder | Created Date = 6/20/2008 2:17:59 PM | Attr = ] Macrovision Shared -> %CommonProgramFiles%\Macrovision Shared -> [Folder | Created Date = 6/10/2008 6:25:34 PM | Attr = ] McAfee -> %CommonProgramFiles%\McAfee -> [Folder | Created Date = 6/10/2008 3:08:38 PM | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Created Date = 6/10/2008 7:17:53 AM | Attr = ] MSSoap -> %CommonProgramFiles%\MSSoap -> [Folder | Created Date = 6/10/2008 7:18:09 AM | Attr = ] ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Created Date = 6/10/2008 3:09:44 AM | Attr = ] Services -> %CommonProgramFiles%\Services -> [Folder | Created Date = 6/10/2008 7:18:11 AM | Attr = ] speechengines -> %CommonProgramFiles%\speechengines -> [Folder | Created Date = 6/10/2008 12:49:51 PM | Attr = ] Stardock -> %CommonProgramFiles%\Stardock -> [Folder | Created Date = 6/12/2008 5:42:52 AM | Attr = ] System -> %CommonProgramFiles%\System -> [Folder | Created Date = 6/10/2008 7:17:54 AM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 6/10/2008 3:31:42 PM | Attr = ] ABBYY FineReader 5.0 Sprint -> %ProgramFiles%\ABBYY FineReader 5.0 Sprint -> [Folder | Created Date = 6/22/2008 5:04:29 PM | Attr = ] ABBYY FineReader 6.0 -> %ProgramFiles%\ABBYY FineReader 6.0 -> [Folder | Created Date = 6/22/2008 5:04:29 PM | Attr = ] Adobe -> %ProgramFiles%\Adobe -> [Folder | Created Date = 6/10/2008 6:15:50 PM | Attr = ] Alcohol Soft -> %ProgramFiles%\Alcohol Soft -> [Folder | Created Date = 6/10/2008 9:50:59 PM | Attr = ] Alien Skin -> %ProgramFiles%\Alien Skin -> [Folder | Created Date = 6/10/2008 9:16:43 PM | Attr = ] AllWebMenus4 -> %ProgramFiles%\AllWebMenus4 -> [Folder | Created Date = 6/10/2008 6:28:45 PM | Attr = ] Apple Software Update -> %ProgramFiles%\Apple Software Update -> [Folder | Created Date = 6/13/2008 3:57:42 AM | Attr = ] Audio Phonics, Inc -> %ProgramFiles%\Audio Phonics, Inc -> [Folder | Created Date = 6/10/2008 4:04:21 PM | Attr = ] AVG -> %ProgramFiles%\AVG -> [Folder | Created Date = 6/10/2008 1:31:31 PM | Attr = ] Bonjour -> %ProgramFiles%\Bonjour -> [Folder | Created Date = 6/10/2008 8:43:22 PM | Attr = ] Brother -> %ProgramFiles%\Brother -> [Folder | Created Date = 6/10/2008 8:04:53 AM | Attr = ] Brownie -> %ProgramFiles%\Brownie -> [Folder | Created Date = 6/10/2008 8:05:22 AM | Attr = ] Cheetah Burner -> %ProgramFiles%\Cheetah Burner -> [Folder | Created Date = 6/10/2008 9:38:58 PM | Attr = ] Codemasters -> %ProgramFiles%\Codemasters -> [Folder | Created Date = 6/10/2008 6:32:04 PM | Attr = ] CoffeeCup Software -> %ProgramFiles%\CoffeeCup Software -> [Folder | Created Date = 6/10/2008 9:42:31 PM | Attr = ] Collectorz.com -> %ProgramFiles%\Collectorz.com -> [Folder | Created Date = 6/10/2008 9:44:56 PM | Attr = ] Combined Community Codec Pack -> %ProgramFiles%\Combined Community Codec Pack -> [Folder | Created Date = 6/10/2008 7:22:29 AM | Attr = ] Common Files -> %CommonProgramFiles% -> [Folder | Created Date = 6/10/2008 3:09:44 AM | Attr = ] ComPlus Applications -> %ProgramFiles%\ComPlus Applications -> [Folder | Created Date = 6/10/2008 7:17:15 AM | Attr = ] Creative -> %ProgramFiles%\Creative -> [Folder | Created Date = 6/10/2008 2:20:40 PM | Attr = ] DivX -> %ProgramFiles%\DivX -> [Folder | Created Date = 6/10/2008 1:47:19 PM | Attr = ] Download Manager -> %ProgramFiles%\Download Manager -> [Folder | Created Date = 6/13/2008 6:03:38 AM | Attr = ] Elaborate Bytes -> %ProgramFiles%\Elaborate Bytes -> [Folder | Created Date = 6/13/2008 8:56:52 PM | Attr = ] FitDay -> %ProgramFiles%\FitDay -> [Folder | Created Date = 6/20/2008 1:35:10 PM | Attr = ] Free Fire Screensaver -> %ProgramFiles%\Free Fire Screensaver -> [Folder | Created Date = 6/10/2008 5:14:54 PM | Attr = ] Frets on Fire -> %ProgramFiles%\Frets on Fire -> [Folder | Created Date = 6/14/2008 11:00:26 PM | Attr = ] GameShadow -> %ProgramFiles%\GameShadow -> [Folder | Created Date = 6/13/2008 6:23:55 AM | Attr = ] GlobalSCAPE -> %ProgramFiles%\GlobalSCAPE -> [Folder | Created Date = 6/10/2008 2:39:18 PM | Attr = ] InstallShield Installation Information -> %ProgramFiles%\InstallShield Installation Information -> [Folder | Created Date = 6/10/2008 8:04:52 AM | Attr = H ] Internet Explorer -> %ProgramFiles%\Internet Explorer -> [Folder | Created Date = 6/10/2008 7:16:47 AM | Attr = ] Intuit -> %ProgramFiles%\Intuit -> [Folder | Created Date = 6/20/2008 2:17:58 PM | Attr = ] IObit -> %ProgramFiles%\IObit -> [Folder | Created Date = 6/13/2008 9:26:06 PM | Attr = ] Lavasoft -> %ProgramFiles%\Lavasoft -> [Folder | Created Date = 6/10/2008 3:32:07 PM | Attr = ] Lexmark 1200 Series -> %ProgramFiles%\Lexmark 1200 Series -> [Folder | Created Date = 6/22/2008 5:00:35 PM | Attr = ] MagicISO -> %ProgramFiles%\MagicISO -> [Folder | Created Date = 6/10/2008 9:54:08 PM | Attr = ] Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [Folder | Created Date = 6/24/2008 3:04:36 PM | Attr = ] McAfee -> %ProgramFiles%\McAfee -> [Folder | Created Date = 6/10/2008 3:08:29 PM | Attr = ] McAfee.com -> %ProgramFiles%\McAfee.com -> [Folder | Created Date = 6/10/2008 3:08:43 PM | Attr = ] Messenger -> %ProgramFiles%\Messenger -> [Folder | Created Date = 6/10/2008 12:45:52 PM | Attr = ] microsoft frontpage -> %ProgramFiles%\microsoft frontpage -> [Folder | Created Date = 6/10/2008 12:49:50 PM | Attr = ] Microsoft Office -> %ProgramFiles%\Microsoft Office -> [Folder | Created Date = 6/10/2008 7:37:17 PM | Attr = ] Microsoft Visual Studio -> %ProgramFiles%\Microsoft Visual Studio -> [Folder | Created Date = 6/10/2008 7:43:01 PM | Attr = ] Microsoft Visual Studio 8 -> %ProgramFiles%\Microsoft Visual Studio 8 -> [Folder | Created Date = 6/10/2008 7:38:27 PM | Attr = ] Microsoft Works -> %ProgramFiles%\Microsoft Works -> [Folder | Created Date = 6/10/2008 7:44:01 PM | Attr = ] Microsoft.NET -> %ProgramFiles%\Microsoft.NET -> [Folder | Created Date = 6/10/2008 7:41:42 PM | Attr = ] movie maker -> %ProgramFiles%\movie maker -> [Folder | Created Date = 6/10/2008 12:45:45 PM | Attr = ] Mozilla Firefox -> %ProgramFiles%\Mozilla Firefox -> [Folder | Created Date = 6/10/2008 7:19:53 AM | Attr = ] MSBuild -> %ProgramFiles%\MSBuild -> [Folder | Created Date = 6/10/2008 1:13:05 PM | Attr = ] msn -> %ProgramFiles%\msn -> [Folder | Created Date = 6/10/2008 12:45:45 PM | Attr = ] msn gaming zone -> %ProgramFiles%\msn gaming zone -> [Folder | Created Date = 6/10/2008 12:49:51 PM | Attr = ] MSXML 4.0 -> %ProgramFiles%\MSXML 4.0 -> [Folder | Created Date = 6/12/2008 8:24:31 PM | Attr = ] MSXML 6.0 -> %ProgramFiles%\MSXML 6.0 -> [Folder | Created Date = 6/12/2008 8:28:42 PM | Attr = ] Nero -> %ProgramFiles%\Nero -> [Folder | Created Date = 6/10/2008 8:00:39 AM | Attr = ] netmeeting -> %ProgramFiles%\netmeeting -> [Folder | Created Date = 6/10/2008 12:49:51 PM | Attr = ] nLite -> %ProgramFiles%\nLite -> [Folder | Created Date = 6/10/2008 5:47:56 PM | Attr = ] NovaLogic -> %ProgramFiles%\NovaLogic -> [Folder | Created Date = 6/23/2008 12:05:07 AM | Attr = ] NVIDIA Corporation -> %ProgramFiles%\NVIDIA Corporation -> [Folder | Created Date = 6/10/2008 4:07:55 PM | Attr = ] Outlook Express -> %ProgramFiles%\Outlook Express -> [Folder | Created Date = 6/10/2008 7:17:57 AM | Attr = ] PeerGuardian2 -> %ProgramFiles%\PeerGuardian2 -> [Folder | Created Date = 6/10/2008 2:08:47 PM | Attr = ] Pidgin -> %ProgramFiles%\Pidgin -> [Folder | Created Date = 6/24/2008 10:49:01 PM | Attr = ] Portrait Professional Max 6 -> %ProgramFiles%\Portrait Professional Max 6 -> [Folder | Created Date = 6/10/2008 5:55:21 PM | Attr = ] PowerISO -> %ProgramFiles%\PowerISO -> [Folder | Created Date = 6/10/2008 9:51:52 PM | Attr = ] QuickTime -> %ProgramFiles%\QuickTime -> [Folder | Created Date = 6/13/2008 3:58:10 AM | Attr = ] Raxco -> %ProgramFiles%\Raxco -> [Folder | Created Date = 6/17/2008 10:43:04 AM | Attr = ] Reference Assemblies -> %ProgramFiles%\Reference Assemblies -> [Folder | Created Date = 6/10/2008 1:09:19 PM | Attr = ] RocketDock -> %ProgramFiles%\RocketDock -> [Folder | Created Date = 6/10/2008 7:31:02 AM | Attr = ] Screensaver Factory 4 Enterprise -> %ProgramFiles%\Screensaver Factory 4 Enterprise -> [Folder | Created Date = 6/10/2008 8:15:13 PM | Attr = ] SEGA -> %ProgramFiles%\SEGA -> [Folder | Created Date = 6/17/2008 10:12:38 PM | Attr = ] Stardock -> %ProgramFiles%\Stardock -> [Folder | Created Date = 6/12/2008 5:42:52 AM | Attr = ] Switlle -> %ProgramFiles%\Switlle -> [Folder | Created Date = 6/23/2008 8:35:44 PM | Attr = ] Texture Maker -> %ProgramFiles%\Texture Maker -> [Folder | Created Date = 6/17/2008 12:32:52 PM | Attr = ] TGTSoft -> %ProgramFiles%\TGTSoft -> [Folder | Created Date = 6/10/2008 1:39:18 PM | Attr = ] Total War -> %ProgramFiles%\Total War -> [Folder | Created Date = 6/10/2008 10:07:50 PM | Attr = ] Trend Micro -> %ProgramFiles%\Trend Micro -> [Folder | Created Date = 6/24/2008 2:36:36 PM | Attr = ] Trillian -> %ProgramFiles%\Trillian -> [Folder | Created Date = 6/13/2008 5:08:39 PM | Attr = ] Ubisoft -> %ProgramFiles%\Ubisoft -> [Folder | Created Date = 6/13/2008 6:49:01 AM | Attr = ] Uniblue -> %ProgramFiles%\Uniblue -> [Folder | Created Date = 6/10/2008 2:33:00 PM | Attr = ] Uninstall Information -> %ProgramFiles%\Uninstall Information -> [Folder | Created Date = 6/10/2008 7:25:58 AM | Attr = H ] uTorrent -> %ProgramFiles%\uTorrent -> [Folder | Created Date = 6/10/2008 2:10:35 PM | Attr = ] Vision Video Games -> %ProgramFiles%\Vision Video Games -> [Folder | Created Date = 6/19/2008 3:27:02 PM | Attr = ] ViStart -> %ProgramFiles%\ViStart -> [Folder | Created Date = 6/10/2008 1:58:35 PM | Attr = ] VSO -> %ProgramFiles%\VSO -> [Folder | Created Date = 6/12/2008 5:29:11 AM | Attr = ] Winamp -> %ProgramFiles%\Winamp -> [Folder | Created Date = 6/10/2008 4:20:53 PM | Attr = ] Windows Desktop Search -> %ProgramFiles%\Windows Desktop Search -> [Folder | Created Date = 6/11/2008 1:57:09 PM | Attr = ] Windows Media Connect 2 -> %ProgramFiles%\Windows Media Connect 2 -> [Folder | Created Date = 6/10/2008 7:16:54 AM | Attr = ] Windows Media Player -> %ProgramFiles%\Windows Media Player -> [Folder | Created Date = 6/10/2008 7:16:53 AM | Attr = ] windows nt -> %ProgramFiles%\windows nt -> [Folder | Created Date = 6/10/2008 12:45:45 PM | Attr = ] WindowsUpdate -> %ProgramFiles%\WindowsUpdate -> [Folder | Created Date = 6/10/2008 7:18:42 AM | Attr = H ] WinRAR -> %ProgramFiles%\WinRAR -> [Folder | Created Date = 6/10/2008 7:35:56 AM | Attr = ] WinWay Resume -> %ProgramFiles%\WinWay Resume -> [Folder | Created Date = 6/10/2008 5:56:56 PM | Attr = ] xerox -> %ProgramFiles%\xerox -> [Folder | Created Date = 6/10/2008 12:49:52 PM | Attr = ] XP Codec Pack -> %ProgramFiles%\XP Codec Pack -> [Folder | Created Date = 6/10/2008 7:32:15 AM | Attr = ] Zero G Registry -> %ProgramFiles%\Zero G Registry -> [Folder | Created Date = 6/13/2008 4:10:24 AM | Attr = H ] [Files/Folders - Modified Within 90 days] AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Modified Date = 6/10/2008 7:19:40 AM | Attr = ] bar.emf -> %SystemDrive%\bar.emf -> [Ver = | Size = 1912 bytes | Modified Date = 6/11/2008 2:01:03 PM | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 6/10/2008 7:14:17 AM | Attr = HS] CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Modified Date = 6/10/2008 7:19:40 AM | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 6/10/2008 10:23:01 AM | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 6/10/2008 7:19:40 AM | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 6/10/2008 7:19:40 AM | Attr = RHS] MSOCache -> %SystemDrive%\MSOCache -> [Folder | Modified Date = 6/10/2008 6:44:46 PM | Attr = RH ] ntldr -> %SystemDrive%\ntldr -> [Ver = | Size = 250032 bytes | Modified Date = 6/10/2008 7:20:36 PM | Attr = RHS] NVIDIA -> %SystemDrive%\NVIDIA -> [Folder | Modified Date = 6/10/2008 7:27:29 AM | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 6/24/2008 10:49:01 PM | Attr = ] QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 6/24/2008 7:32:20 PM | Attr = ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 6/10/2008 7:29:51 AM | Attr = HS] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 6/24/2008 3:00:37 PM | Attr = HS] temp -> %SystemDrive%\temp -> [Folder | Modified Date = 6/22/2008 8:08:25 PM | Attr = ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 6/24/2008 3:18:10 PM | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 6/24/2008 7:27:37 PM | Attr = ] _OTMoveIt -> %SystemDrive%\_OTMoveIt -> [Folder | Modified Date = 6/24/2008 7:20:53 PM | Attr = ] quartz.dll -> %SystemRoot%\System32\dllcache\quartz.dll -> [Ver = | Size = 1288192 bytes | Modified Date = 5/7/2008 1:12:40 AM | Attr = ] Awrtpd.sys -> %SystemRoot%\System32\drivers\Awrtpd.sys -> Lavasoft AB [Ver = 1.0.0.134 | Size = 12960 bytes | Modified Date = 4/29/2008 11:19:50 AM | Attr = ] Awrtrd.sys -> %SystemRoot%\System32\drivers\Awrtrd.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 15648 bytes | Modified Date = 4/29/2008 11:19:54 AM | Attr = ] DefragFS.sys -> %SystemRoot%\System32\drivers\DefragFS.sys -> Raxco Software, Inc. [Ver = 8.0015 built by: WinDDK | Size = 71184 bytes | Modified Date = 4/10/2008 12:08:42 PM | Attr = R ] disdn -> %SystemRoot%\System32\drivers\disdn -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 6/24/2008 7:27:17 PM | Attr = ] hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 27 bytes | Modified Date = 6/24/2008 7:27:17 PM | Attr = ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [Ver = | Size = 15864 bytes | Modified Date = 6/10/2008 7:02:40 PM | Attr = ] mbamcatchme.sys -> %SystemRoot%\System32\drivers\mbamcatchme.sys -> [Ver = | Size = 34296 bytes | Modified Date = 6/10/2008 7:02:44 PM | Attr = ] NSDriver.sys -> %SystemRoot%\System32\drivers\NSDriver.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 15648 bytes | Modified Date = 4/29/2008 11:20:00 AM | Attr = ] nv4_mini.sys -> %SystemRoot%\System32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 6554496 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] pcouffin.sys -> %SystemRoot%\System32\drivers\pcouffin.sys -> VSO Software [Ver = 1.37 | Size = 47360 bytes | Modified Date = 6/12/2008 5:29:19 AM | Attr = ] UMDF -> %SystemRoot%\System32\drivers\UMDF -> [Folder | Modified Date = 6/10/2008 3:08:34 AM | Attr = ] $winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [Ver = | Size = 838 bytes | Modified Date = 6/10/2008 7:23:04 AM | Attr = ] 1025 -> %SystemRoot%\System32\1025 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 1028 -> %SystemRoot%\System32\1028 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 1031 -> %SystemRoot%\System32\1031 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 1033 -> %SystemRoot%\System32\1033 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 1037 -> %SystemRoot%\System32\1037 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 1041 -> %SystemRoot%\System32\1041 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 1042 -> %SystemRoot%\System32\1042 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 1054 -> %SystemRoot%\System32\1054 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 2052 -> %SystemRoot%\System32\2052 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 3076 -> %SystemRoot%\System32\3076 -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] 3com_dmi -> %SystemRoot%\System32\3com_dmi -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 6/10/2008 7:30:33 PM | Attr = ] appmgmt -> %SystemRoot%\System32\appmgmt -> [Folder | Modified Date = 6/10/2008 3:26:14 PM | Attr = ] BASSMOD.dll -> %SystemRoot%\System32\BASSMOD.dll -> [Ver = | Size = 34308 bytes | Modified Date = 6/10/2008 8:48:12 PM | Attr = ] BD2140.DAT -> %SystemRoot%\System32\BD2140.DAT -> [Ver = | Size = 34 bytes | Modified Date = 6/10/2008 1:49:35 PM | Attr = ] bits -> %SystemRoot%\System32\bits -> [Folder | Modified Date = 6/10/2008 7:20:35 PM | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 6/12/2008 8:30:15 PM | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 6/24/2008 7:30:57 PM | Attr = ] cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [Ver = | Size = 749 bytes | Modified Date = 6/10/2008 7:18:46 AM | Attr = RH ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,223,0 | Size = 107888 bytes | Modified Date = 6/20/2008 10:06:28 PM | Attr = ] Com -> %SystemRoot%\System32\Com -> [Folder | Modified Date = 6/10/2008 7:22:54 PM | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 6/24/2008 7:25:55 PM | Attr = ] Config.MPF -> %SystemRoot%\System32\Config.MPF -> [Ver = | Size = 14359 bytes | Modified Date = 6/24/2008 7:29:13 PM | Attr = ] CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2577 bytes | Modified Date = 6/10/2008 7:19:40 AM | Attr = ] core.aawdef -> %SystemRoot%\System32\core.aawdef -> [Ver = | Size = 7679876 bytes | Modified Date = 6/10/2008 3:25:05 PM | Attr = R ] Data -> %SystemRoot%\System32\Data -> [Folder | Modified Date = 6/10/2008 2:22:46 PM | Attr = ] dhcp -> %SystemRoot%\System32\dhcp -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] DirectX -> %SystemRoot%\System32\DirectX -> [Folder | Modified Date = 6/17/2008 10:52:09 PM | Attr = ] DivX.dll -> %SystemRoot%\System32\DivX.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 683520 bytes | Modified Date = 5/30/2008 7:22:46 PM | Attr = ] DivXCodecVersionChecker.exe -> %SystemRoot%\System32\DivXCodecVersionChecker.exe -> DivX, Inc. [Ver = 0,0,0,0 | Size = 161096 bytes | Modified Date = 5/22/2008 6:19:12 PM | Attr = ] divxdec.ax -> %SystemRoot%\System32\divxdec.ax -> DivX, Inc. [Ver = 6.3.0.63 | Size = 630784 bytes | Modified Date = 5/30/2008 7:22:40 PM | Attr = ] DivXMedia.ax -> %SystemRoot%\System32\DivXMedia.ax -> DivXNetworks [Ver = 0.0.0.028 | Size = 352401 bytes | Modified Date = 5/22/2008 6:19:30 PM | Attr = ] DivXsm.exe -> %SystemRoot%\System32\DivXsm.exe -> DivX Inc. [Ver = 6, 6, 1, 4 | Size = 524288 bytes | Modified Date = 5/22/2008 6:22:22 PM | Attr = ] divxsm.tlb -> %SystemRoot%\System32\divxsm.tlb -> [Ver = | Size = 4816 bytes | Modified Date = 5/22/2008 6:22:22 PM | Attr = ] DivXWMPExtType.dll -> %SystemRoot%\System32\DivXWMPExtType.dll -> [Ver = | Size = 12288 bytes | Modified Date = 5/22/2008 6:18:54 PM | Attr = ] divx_xx07.dll -> %SystemRoot%\System32\divx_xx07.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 823296 bytes | Modified Date = 5/30/2008 7:22:48 PM | Attr = ] divx_xx0a.dll -> %SystemRoot%\System32\divx_xx0a.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 815104 bytes | Modified Date = 5/30/2008 7:22:46 PM | Attr = ] divx_xx0c.dll -> %SystemRoot%\System32\divx_xx0c.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 823296 bytes | Modified Date = 5/30/2008 7:22:48 PM | Attr = ] divx_xx11.dll -> %SystemRoot%\System32\divx_xx11.dll -> DivX, Inc. [Ver = 6.8.3.13 | Size = 802816 bytes | Modified Date = 5/30/2008 7:22:48 PM | Attr = ] dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 6/24/2008 10:22:32 PM | Attr = ] dpl100.dll -> %SystemRoot%\System32\dpl100.dll -> DivX, Inc. [Ver = 1, 2, 0, 44 | Size = 81920 bytes | Modified Date = 5/22/2008 6:19:46 PM | Attr = ] dpl100.dll.manifest -> %SystemRoot%\System32\dpl100.dll.manifest -> [Ver = | Size = 416 bytes | Modified Date = 5/22/2008 6:19:46 PM | Attr = ] dpu10.dll -> %SystemRoot%\System32\dpu10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 5/30/2008 7:22:54 PM | Attr = ] dpu11.dll -> %SystemRoot%\System32\dpu11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 294912 bytes | Modified Date = 5/30/2008 7:22:54 PM | Attr = ] dpuGUI10.dll -> %SystemRoot%\System32\dpuGUI10.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 53248 bytes | Modified Date = 5/30/2008 7:22:58 PM | Attr = ] dpuGUI11.dll -> %SystemRoot%\System32\dpuGUI11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 593920 bytes | Modified Date = 5/30/2008 7:22:54 PM | Attr = ] dpus11.dll -> %SystemRoot%\System32\dpus11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 344064 bytes | Modified Date = 5/30/2008 7:22:54 PM | Attr = ] dpv11.dll -> %SystemRoot%\System32\dpv11.dll -> DivXNetworks [Ver = 1, 1, 1, 3 | Size = 57344 bytes | Modified Date = 5/30/2008 7:22:54 PM | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 6/24/2008 10:22:32 PM | Attr = ] dtu100.dll -> %SystemRoot%\System32\dtu100.dll -> DivX, Inc. [Ver = 1, 2, 0, 44 | Size = 196608 bytes | Modified Date = 5/22/2008 6:19:46 PM | Attr = ] dtu100.dll.manifest -> %SystemRoot%\System32\dtu100.dll.manifest -> [Ver = | Size = 416 bytes | Modified Date = 5/22/2008 6:19:46 PM | Attr = ] emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [Ver = | Size = 21640 bytes | Modified Date = 6/10/2008 7:17:23 AM | Attr = ] en -> %SystemRoot%\System32\en -> [Folder | Modified Date = 6/10/2008 12:45:45 PM | Attr = ] en-us -> %SystemRoot%\System32\en-us -> [Folder | Modified Date = 6/11/2008 1:57:12 PM | Attr = ] export -> %SystemRoot%\System32\export -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 1561704 bytes | Modified Date = 6/21/2008 7:16:52 PM | Attr = ] Font.exe -> %SystemRoot%\System32\Font.exe -> MXZA [Ver = 1.00 | Size = 102400 bytes | Modified Date = 6/20/2008 4:37:34 AM | Attr = ] history.aaw -> %SystemRoot%\System32\history.aaw -> [Ver = | Size = 896 bytes | Modified Date = 6/21/2008 6:50:26 PM | Attr = ] ias -> %SystemRoot%\System32\ias -> [Folder | Modified Date = 6/10/2008 7:19:16 AM | Attr = ] icsxml -> %SystemRoot%\System32\icsxml -> [Folder | Modified Date = 6/10/2008 3:06:44 AM | Attr = ] ime -> %SystemRoot%\System32\ime -> [Folder | Modified Date = 6/10/2008 12:49:51 PM | Attr = ] inetsrv -> %SystemRoot%\System32\inetsrv -> [Folder | Modified Date = 6/10/2008 7:20:35 PM | Attr = ] keystone.exe -> %SystemRoot%\System32\keystone.exe -> [Ver = | Size = 425984 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] libdivx.dll -> %SystemRoot%\System32\libdivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 1044480 bytes | Modified Date = 5/22/2008 6:20:42 PM | Attr = ] LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 6/10/2008 7:24:50 AM | Attr = ] logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [Ver = | Size = 488 bytes | Modified Date = 6/10/2008 7:18:51 AM | Attr = RH ] logs -> %SystemRoot%\System32\logs -> [Folder | Modified Date = 6/10/2008 3:26:09 PM | Attr = ] lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [Ver = | Size = 12632 bytes | Modified Date = 5/16/2008 11:58:04 AM | Attr = ] Macromed -> %SystemRoot%\System32\Macromed -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] mcdmsg7.dll -> %SystemRoot%\System32\mcdmsg7.dll -> [Ver = | Size = 7852 bytes | Modified Date = 6/12/2008 6:02:19 AM | Attr = ] Microsoft -> %SystemRoot%\System32\Microsoft -> [Folder | Modified Date = 6/10/2008 7:24:12 AM | Attr = S] MsDtc -> %SystemRoot%\System32\MsDtc -> [Folder | Modified Date = 6/10/2008 7:17:09 AM | Attr = ] mui -> %SystemRoot%\System32\mui -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 6/10/2008 7:18:46 AM | Attr = RH ] npp -> %SystemRoot%\System32\npp -> [Folder | Modified Date = 6/10/2008 7:22:54 PM | Attr = ] nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 6/10/2008 7:30:33 PM | Attr = ] nv3d.chm -> %SystemRoot%\System32\nv3d.chm -> [Ver = | Size = 116384 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nv4_disp.dll -> %SystemRoot%\System32\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 6108160 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvapi.dll -> %SystemRoot%\System32\nvapi.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 425984 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvappbar.exe -> %SystemRoot%\System32\nvappbar.exe -> [Ver = | Size = 442368 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 182765 bytes | Modified Date = 6/24/2008 7:27:26 PM | Attr = ] nvcod.dll -> %SystemRoot%\System32\nvcod.dll -> NVIDIA Corporation [Ver = 1 , 3 , 0 , 14 | Size = 41984 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcodins.dll -> %SystemRoot%\System32\nvcodins.dll -> NVIDIA Corporation [Ver = 1 , 3 , 0 , 14 | Size = 41984 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcolor.exe -> %SystemRoot%\System32\nvcolor.exe -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 147456 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpl.chm -> %SystemRoot%\System32\nvcpl.chm -> [Ver = | Size = 121529 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpl.cpl -> %SystemRoot%\System32\nvcpl.cpl -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 420384 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcpl.dll -> %SystemRoot%\System32\nvcpl.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 13529088 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcplui.exe -> %SystemRoot%\System32\nvcplui.exe -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 768544 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvcuda.dll -> %SystemRoot%\System32\nvcuda.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 1241088 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [Ver = | Size = 18070 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvdisps.dll -> %SystemRoot%\System32\nvdisps.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 6582272 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvdsp.chm -> %SystemRoot%\System32\nvdsp.chm -> [Ver = | Size = 181895 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvdspsch.exe -> %SystemRoot%\System32\nvdspsch.exe -> [Ver = | Size = 1339392 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvexpbar.dll -> %SystemRoot%\System32\nvexpbar.dll -> NVIDIA Corporation [Ver = 1.5.2400.10 | Size = 313888 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvgames.dll -> %SystemRoot%\System32\nvgames.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 3391488 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nview.dll -> %SystemRoot%\System32\nview.dll -> [Ver = | Size = 1486848 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvmccs.dll -> %SystemRoot%\System32\nvmccs.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 229376 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvmccsrs.dll -> %SystemRoot%\System32\nvmccsrs.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 45056 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvmccss.dll -> %SystemRoot%\System32\nvmccss.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 188416 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvmctray.dll -> %SystemRoot%\System32\nvmctray.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 86016 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvmob.chm -> %SystemRoot%\System32\nvmob.chm -> [Ver = | Size = 54988 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvmobls.dll -> %SystemRoot%\System32\nvmobls.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 1257472 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvnt4cpl.dll -> %SystemRoot%\System32\nvnt4cpl.dll -> [Ver = | Size = 286720 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvoglnt.dll -> %SystemRoot%\System32\nvoglnt.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 8769536 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvshell.dll -> %SystemRoot%\System32\nvshell.dll -> [Ver = | Size = 466944 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvsvc32.exe -> %SystemRoot%\System32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 159812 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvtuicpl.cpl -> %SystemRoot%\System32\nvtuicpl.cpl -> [Ver = | Size = 73728 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] NVUNINST.EXE -> %SystemRoot%\System32\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Modified Date = 4/30/2008 5:27:42 PM | Attr = ] nvvitvs.dll -> %SystemRoot%\System32\nvvitvs.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 3776512 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvwddi.dll -> %SystemRoot%\System32\nvwddi.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 81920 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvwdmcpl.dll -> %SystemRoot%\System32\nvwdmcpl.dll -> [Ver = | Size = 1703936 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvwimg.dll -> %SystemRoot%\System32\nvwimg.dll -> [Ver = | Size = 1019904 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nvwss.dll -> %SystemRoot%\System32\nvwss.dll -> NVIDIA Corporation [Ver = 6.14.11.7516 | Size = 2629632 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 6/10/2008 7:18:46 AM | Attr = RH ] nwiz.exe -> %SystemRoot%\System32\nwiz.exe -> [Ver = | Size = 1630208 bytes | Modified Date = 5/2/2008 10:46:00 PM | Attr = ] oobe -> %SystemRoot%\System32\oobe -> [Folder | Modified Date = 6/10/2008 7:22:55 PM | Attr = ] PDBoot.exe -> %SystemRoot%\System32\PDBoot.exe -> Raxco Software, Inc. [Ver = 9, 0, 0, 52 | Size = 230664 bytes | Modified Date = 4/16/2008 1:00:20 PM | Attr = ] PDBootState -> %SystemRoot%\System32\PDBootState -> [Ver = | Size = 20 bytes | Modified Date = 6/24/2008 2:07:37 PM | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 77936 bytes | Modified Date = 6/11/2008 1:57:15 PM | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 463062 bytes | Modified Date = 6/11/2008 1:57:15 PM | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 543600 bytes | Modified Date = 6/11/2008 1:57:15 PM | Attr = ] PreInstall -> %SystemRoot%\System32\PreInstall -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] PubKey.key -> %SystemRoot%\System32\PubKey.key -> [Ver = | Size = 84 bytes | Modified Date = 6/10/2008 3:24:40 PM | Attr = ] qt-dx331.dll -> %SystemRoot%\System32\qt-dx331.dll -> [Ver = | Size = 3596288 bytes | Modified Date = 5/22/2008 6:22:18 PM | Attr = ] quartz.dll -> %SystemRoot%\System32\quartz.dll -> [Ver = | Size = 1288192 bytes | Modified Date = 5/7/2008 12:55:40 AM | Attr = ] QuickTime.qts -> %SystemRoot%\System32\QuickTime.qts -> Apple Inc. [Ver = 7.5 (861) | Size = 57344 bytes | Modified Date = 5/27/2008 10:50:34 AM | Attr = ] QuickTimeVR.qtx -> %SystemRoot%\System32\QuickTimeVR.qtx -> Apple Inc. [Ver = 7.5 (861) | Size = 90112 bytes | Modified Date = 5/27/2008 10:50:34 AM | Attr = ] ras -> %SystemRoot%\System32\ras -> [Folder | Modified Date = 6/10/2008 3:06:47 AM | Attr = ] ReinstallBackups -> %SystemRoot%\System32\ReinstallBackups -> [Folder | Modified Date = 6/10/2008 12:44:02 PM | Attr = ] Restore -> %SystemRoot%\System32\Restore -> [Folder | Modified Date = 6/24/2008 3:00:37 PM | Attr = ] sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 6/10/2008 7:18:46 AM | Attr = RH ] scripting -> %SystemRoot%\System32\scripting -> [Folder | Modified Date = 6/10/2008 12:45:46 PM | Attr = ] settings.aaw -> %SystemRoot%\System32\settings.aaw -> [Ver = | Size = 3616 bytes | Modified Date = 6/21/2008 6:50:26 PM | Attr = ] settings.sfm -> %SystemRoot%\System32\settings.sfm -> [Ver = | Size = 584 bytes | Modified Date = 6/10/2008 2:26:19 PM | Attr = ] settingsbkup.sfm -> %SystemRoot%\System32\settingsbkup.sfm -> [Ver = | Size = 584 bytes | Modified Date = 6/10/2008 2:26:19 PM | Attr = ] Setup -> %SystemRoot%\System32\Setup -> [Folder | Modified Date = 6/10/2008 7:26:53 PM | Attr = ] ShellExt -> %SystemRoot%\System32\ShellExt -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [Folder | Modified Date = 6/10/2008 7:25:10 AM | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Modified Date = 6/10/2008 1:09:10 PM | Attr = ] ssldivx.dll -> %SystemRoot%\System32\ssldivx.dll -> The OpenSSL Project, http://www.openssl.org/ [Ver = 0.9.8b | Size = 200704 bytes | Modified Date = 5/22/2008 6:20:42 PM | Attr = ] URTTemp -> %SystemRoot%\System32\URTTemp -> [Folder | Modified Date = 6/10/2008 7:20:30 AM | Attr = ] usmt -> %SystemRoot%\System32\usmt -> [Folder | Modified Date = 6/10/2008 7:22:58 PM | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 6/10/2008 8:19:20 PM | Attr = ] WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [Ver = | Size = 488 bytes | Modified Date = 6/10/2008 7:18:51 AM | Attr = RH ] wins -> %SystemRoot%\System32\wins -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 6/24/2008 1:42:53 PM | Attr = ] wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [Ver = | Size = 749 bytes | Modified Date = 6/10/2008 7:18:46 AM | Attr = RH ] xircom -> %SystemRoot%\System32\xircom -> [Folder | Modified Date = 6/10/2008 12:49:51 PM | Attr = ] XPSViewer -> %SystemRoot%\System32\XPSViewer -> [Folder | Modified Date = 6/10/2008 1:16:29 PM | Attr = ] $hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 6/12/2008 8:31:52 PM | Attr = H ] 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> addins -> %SystemRoot%\addins -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 6/10/2008 7:26:53 PM | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 6/20/2008 2:20:35 PM | Attr = R S] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 6/24/2008 7:27:07 PM | Attr = S] brmx2001.ini -> %SystemRoot%\brmx2001.ini -> [Ver = | Size = 0 bytes | Modified Date = 6/10/2008 8:05:29 AM | Attr = ] Brownie.ini -> %SystemRoot%\Brownie.ini -> [Ver = | Size = 188 bytes | Modified Date = 6/24/2008 7:32:05 PM | Attr = ] BRVIDEO.INI -> %SystemRoot%\BRVIDEO.INI -> [Ver = | Size = 145 bytes | Modified Date = 6/10/2008 8:05:29 AM | Attr = ] BRWMARK.INI -> %SystemRoot%\BRWMARK.INI -> [Ver = | Size = 410 bytes | Modified Date = 6/10/2008 1:49:35 PM | Attr = ] Build in Time -> %SystemRoot%\Build in Time -> [Folder | Modified Date = 6/19/2008 11:19:20 AM | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Modified Date = 6/10/2008 7:19:40 AM | Attr = ] Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 6/10/2008 12:51:29 PM | Attr = ] dellstat.ini -> %SystemRoot%\dellstat.ini -> [Ver = | Size = 76 bytes | Modified Date = 6/22/2008 5:01:43 PM | Attr = ] Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Modified Date = 6/13/2008 6:23:32 AM | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 6/24/2008 4:11:06 PM | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] EHome -> %SystemRoot%\EHome -> [Folder | Modified Date = 6/10/2008 12:42:11 PM | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 6/24/2008 7:25:40 PM | Attr = ] eReg.dat -> %SystemRoot%\eReg.dat -> [Ver = | Size = 663 bytes | Modified Date = 6/10/2008 10:35:25 PM | Attr = ] Fitness Frenzy -> %SystemRoot%\Fitness Frenzy -> [Folder | Modified Date = 6/23/2008 11:04:20 PM | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 6/20/2008 2:19:15 PM | Attr = R S] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 6/10/2008 7:20:52 PM | Attr = ] HL-2140.INI -> %SystemRoot%\HL-2140.INI -> [Ver = | Size = 9853 bytes | Modified Date = 6/10/2008 8:05:29 AM | Attr = ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 6/10/2008 12:53:17 PM | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Modified Date = 6/10/2008 12:49:51 PM | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 6/12/2008 8:31:43 PM | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 6/24/2008 1:59:01 PM | Attr = ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 6/24/2008 1:53:41 PM | Attr = HS] java -> %SystemRoot%\java -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] l2schemas -> %SystemRoot%\l2schemas -> [Folder | Modified Date = 6/10/2008 12:45:45 PM | Attr = ] lexstat.ini -> %SystemRoot%\lexstat.ini -> [Ver = | Size = 215 bytes | Modified Date = 6/22/2008 5:07:34 PM | Attr = ] Logs -> %SystemRoot%\Logs -> [Folder | Modified Date = 6/10/2008 7:51:04 AM | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 6/10/2008 12:45:45 PM | Attr = ] Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 6/10/2008 5:39:16 PM | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1160 bytes | Modified Date = 6/10/2008 3:26:38 PM | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 6/10/2008 7:20:54 PM | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] mui -> %SystemRoot%\mui -> [Folder | Modified Date = 6/10/2008 7:20:55 PM | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 6/24/2008 11:53:27 AM | Attr = ] Network Diagnostic -> %SystemRoot%\Network Diagnostic -> [Folder | Modified Date = 6/10/2008 7:20:56 PM | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 6/10/2008 7:27:07 AM | Attr = ] nvidia icons -> %SystemRoot%\nvidia icons -> [Folder | Modified Date = 6/10/2008 7:27:52 AM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Modified Date = 6/10/2008 7:27:42 AM | Attr = ] ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 162 bytes | Modified Date = 6/10/2008 7:49:41 PM | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4161 bytes | Modified Date = 6/10/2008 7:19:28 AM | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Modified Date = 6/10/2008 7:16:53 AM | Attr = ] PCHealth -> %SystemRoot%\PCHealth -> [Folder | Modified Date = 6/10/2008 12:49:51 PM | Attr = ] PeerNet -> %SystemRoot%\PeerNet -> [Folder | Modified Date = 6/10/2008 7:20:27 PM | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 6/25/2008 10:40:44 AM | Attr = ] Provisioning -> %SystemRoot%\Provisioning -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 6/10/2008 7:20:42 AM | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Modified Date = 6/10/2008 7:23:57 AM | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Modified Date = 6/10/2008 3:06:19 AM | Attr = ] Resources -> %SystemRoot%\Resources -> [Folder | Modified Date = 6/10/2008 1:39:33 PM | Attr = ] SDAddressBox1633cb8581916.ini -> %SystemRoot%\SDAddressBox1633cb8581916.ini -> [Ver = | Size = 27 bytes | Modified Date = 6/12/2008 6:09:18 AM | Attr = ] SDAddressBox16827d0561119.ini -> %SystemRoot%\SDAddressBox16827d0561119.ini -> [Ver = | Size = 27 bytes | Modified Date = 6/12/2008 6:09:44 AM | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 6/10/2008 7:33:08 PM | Attr = ] SHELLNEW -> %SystemRoot%\SHELLNEW -> [Folder | Modified Date = 6/10/2008 7:42:53 PM | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 6/10/2008 7:38:32 AM | Attr = ] srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 6/10/2008 12:49:51 PM | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 6/10/2008 7:20:57 PM | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 6/24/2008 7:27:37 PM | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 6/24/2008 7:34:09 PM | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 6/10/2008 7:20:24 PM | Attr = S] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 6/25/2008 10:34:25 AM | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 6/22/2008 5:00:46 PM | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Modified Date = 6/10/2008 7:17:13 AM | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 63 bytes | Modified Date = 6/12/2008 8:25:40 PM | Attr = ] WB.ini -> %SystemRoot%\WB.ini -> [Ver = | Size = 0 bytes | Modified Date = 6/13/2008 4:33:42 PM | Attr = ] wbem -> %SystemRoot%\wbem -> [Folder | Modified Date = 6/10/2008 7:16:51 AM | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Modified Date = 6/10/2008 7:18:14 AM | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 582 bytes | Modified Date = 6/10/2008 7:37:58 PM | Attr = ] WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [Ver = | Size = 749 bytes | Modified Date = 6/10/2008 7:18:46 AM | Attr = RH ] WinRAR -> %SystemRoot%\WinRAR -> [Folder | Modified Date = 6/10/2008 7:35:57 AM | Attr = ] WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 6/12/2008 8:24:35 PM | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 6/10/2008 7:19:36 AM | Attr = ] _delis43.ini -> %SystemRoot%\_delis43.ini -> [Ver = | Size = 588 bytes | Modified Date = 6/22/2008 11:55:42 PM | Attr = ] McDefragTask.job -> %SystemRoot%\tasks\McDefragTask.job -> [Ver = | Size = 338 bytes | Modified Date = 6/15/2008 1:00:01 AM | Attr = ] McQcTask.job -> %SystemRoot%\tasks\McQcTask.job -> [Ver = | Size = 330 bytes | Modified Date = 6/10/2008 3:08:55 PM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 6/24/2008 7:27:14 PM | Attr = H ] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 6/10/2008 7:27:32 PM | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 13808 bytes | Modified Date = 6/12/2008 8:36:44 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 13808 bytes | Modified Date = 6/12/2008 8:36:44 PM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 6/10/2008 7:56:18 PM | Attr = ] opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8206 bytes | Modified Date = 6/10/2008 7:56:18 PM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc -> [Folder | Modified Date = 6/24/2008 7:28:53 PM | Attr = ] Perflib_Perfdata_d78.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_d78.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/24/2008 7:28:53 PM | Attr = ] 2 C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\*.tmp files -> C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\*.tmp -> C:\Documents and Settings\Mine\Local Settings\Temp\ -> C:\Documents and Settings\Mine\Local Settings\Temp -> [Folder | Modified Date = 6/25/2008 10:38:20 AM | Attr = ] rtdrvmon.exe -> C:\Documents and Settings\Mine\Local Settings\Temp\rtdrvmon.exe -> Realtek [Ver = 1, 0, 0, 3 | Size = 40960 bytes | Modified Date = 6/24/2008 10:55:52 PM | Attr = ] C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 6/25/2008 10:34:25 AM | Attr = ] Perflib_Perfdata_634.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_634.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/25/2008 1:02:14 AM | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] Adobe -> %AllUsersProfile%\Application Data\Adobe -> [Folder | Modified Date = 6/10/2008 6:25:32 PM | Attr = ] Ahead -> %AllUsersProfile%\Application Data\Ahead -> [Folder | Modified Date = 6/10/2008 8:01:45 AM | Attr = ] Apple -> %AllUsersProfile%\Application Data\Apple -> [Folder | Modified Date = 6/13/2008 3:57:42 AM | Attr = ] Apple Computer -> %AllUsersProfile%\Application Data\Apple Computer -> [Folder | Modified Date = 6/13/2008 3:58:09 AM | Attr = ] Avg8 -> %AllUsersProfile%\Application Data\Avg8 -> [Folder | Modified Date = 6/10/2008 2:49:21 PM | Attr = ] COMMON FILES -> %AllUsersProfile%\Application Data\COMMON FILES -> [Folder | Modified Date = 6/20/2008 2:15:38 PM | Attr = ] desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 6/10/2008 3:09:28 AM | Attr = HS] Fitn17 -> %AllUsersProfile%\Application Data\Fitn17 -> [Folder | Modified Date = 6/23/2008 11:04:50 PM | Attr = ] FLEXnet -> %AllUsersProfile%\Application Data\FLEXnet -> [Folder | Modified Date = 6/10/2008 6:25:40 PM | Attr = ] Intuit -> %AllUsersProfile%\Application Data\Intuit -> [Folder | Modified Date = 6/21/2008 7:17:36 PM | Attr = ] Laconic Software -> %AllUsersProfile%\Application Data\Laconic Software -> [Folder | Modified Date = 6/10/2008 5:14:48 PM | Attr = ] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Modified Date = 6/10/2008 3:24:46 PM | Attr = ] Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [Folder | Modified Date = 6/24/2008 3:04:37 PM | Attr = ] McAfee -> %AllUsersProfile%\Application Data\McAfee -> [Folder | Modified Date = 6/10/2008 3:11:27 PM | Attr = ] Microsoft -> %AllUsersProfile%\Application Data\Microsoft -> [Folder | Modified Date = 6/20/2008 10:06:13 PM | Attr = S] Microsoft Help -> %AllUsersProfile%\Application Data\Microsoft Help -> [Folder | Modified Date = 6/12/2008 8:33:04 PM | Attr = ] Nero -> %AllUsersProfile%\Application Data\Nero -> [Folder | Modified Date = 6/10/2008 8:00:39 AM | Attr = ] NVIDIA Corporation -> %AllUsersProfile%\Application Data\NVIDIA Corporation -> [Folder | Modified Date = 6/10/2008 4:08:05 PM | Attr = ] Raxco -> %AllUsersProfile%\Application Data\Raxco -> [Folder | Modified Date = 6/17/2008 10:43:05 AM | Attr = ] TEMP -> %AllUsersProfile%\Application Data\TEMP -> [Folder | Modified Date = 6/24/2008 4:06:21 PM | Attr = ] @Alternate Data Stream - 110 bytes -> %AllUsersProfile%\Application Data\TEMP:466F9D5D Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 6/10/2008 7:39:59 AM | Attr = ] .purple -> %AppData%\.purple -> [Folder | Modified Date = 6/25/2008 10:39:39 AM | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 6/17/2008 1:37:00 PM | Attr = ] Ahead -> %AppData%\Ahead -> [Folder | Modified Date = 6/11/2008 10:46:38 PM | Attr = ] Anthropics -> %AppData%\Anthropics -> [Folder | Modified Date = 6/10/2008 5:55:23 PM | Attr = ] Blumentals -> %AppData%\Blumentals -> [Folder | Modified Date = 6/10/2008 8:15:13 PM | Attr = ] Brother -> %AppData%\Brother -> [Folder | Modified Date = 6/10/2008 1:50:00 PM | Attr = R ] desktop.ini -> %AppData%\desktop.ini -> [Ver = | Size = 62 bytes | Modified Date = 6/10/2008 3:09:28 AM | Attr = HS] DivX -> %AppData%\DivX -> [Folder | Modified Date = 6/10/2008 1:47:36 PM | Attr = ] GlobalSCAPE -> %AppData%\GlobalSCAPE -> [Folder | Modified Date = 6/10/2008 2:39:26 PM | Attr = ] Help -> %AppData%\Help -> [Folder | Modified Date = 6/22/2008 11:41:21 PM | Attr = ] Identities -> %AppData%\Identities -> [Folder | Modified Date = 6/10/2008 4:52:28 PM | Attr = ] IGN_DLM -> %AppData%\IGN_DLM -> [Folder | Modified Date = 6/13/2008 6:43:38 AM | Attr = ] InstallShield -> %AppData%\InstallShield -> [Folder | Modified Date = 6/18/2008 3:08:27 PM | Attr = ] Leadertech -> %AppData%\Leadertech -> [Folder | Modified Date = 6/23/2008 12:07:12 AM | Attr = ] Likno -> %AppData%\Likno -> [Folder | Modified Date = 6/10/2008 6:29:36 PM | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Modified Date = 6/10/2008 2:51:42 PM | Attr = ] Malwarebytes -> %AppData%\Malwarebytes -> [Folder | Modified Date = 6/24/2008 3:04:51 PM | Attr = ] Media Player Classic -> %AppData%\Media Player Classic -> [Folder | Modified Date = 6/10/2008 7:52:01 AM | Attr = ] Microsoft -> %AppData%\Microsoft -> [Folder | Modified Date = 6/24/2008 1:53:41 PM | Attr = S] Mozilla -> %AppData%\Mozilla -> [Folder | Modified Date = 6/10/2008 7:27:05 AM | Attr = ] pcouffin.cat -> %AppData%\pcouffin.cat -> [Ver = | Size = 7887 bytes | Modified Date = 6/12/2008 6:28:05 AM | Attr = ] pcouffin.inf -> %AppData%\pcouffin.inf -> [Ver = | Size = 1144 bytes | Modified Date = 6/12/2008 6:28:05 AM | Attr = ] pcouffin.sys -> %AppData%\pcouffin.sys -> VSO Software [Ver = 1.37 | Size = 47360 bytes | Modified Date = 6/12/2008 6:28:05 AM | Attr = ] Talkback -> %AppData%\Talkback -> [Folder | Modified Date = 6/10/2008 7:27:12 AM | Attr = ] Texture Maker -> %AppData%\Texture Maker -> [Folder | Modified Date = 6/17/2008 12:33:28 PM | Attr = ] Uniblue -> %AppData%\Uniblue -> [Folder | Modified Date = 6/10/2008 2:33:45 PM | Attr = ] uTorrent -> %AppData%\uTorrent -> [Folder | Modified Date = 6/25/2008 10:39:45 AM | Attr = ] ViStart -> %AppData%\ViStart -> [Folder | Modified Date = 6/10/2008 1:58:48 PM | Attr = ] Vso -> %AppData%\Vso -> [Folder | Modified Date = 6/12/2008 6:28:08 AM | Attr = ] Winamp -> %AppData%\Winamp -> [Folder | Modified Date = 6/10/2008 4:29:59 PM | Attr = ] Windows Desktop Search -> %AppData%\Windows Desktop Search -> [Folder | Modified Date = 6/11/2008 2:01:10 PM | Attr = ] WinRAR -> %AppData%\WinRAR -> [Folder | Modified Date = 6/10/2008 7:36:01 AM | Attr = ] WinWay -> %AppData%\WinWay -> [Folder | Modified Date = 6/10/2008 5:57:44 PM | Attr = ] Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [Folder | Modified Date = 6/17/2008 2:15:56 PM | Attr = ] Ahead -> %UserProfile%\Local Settings\Application Data\Ahead -> [Folder | Modified Date = 6/10/2008 8:02:57 AM | Attr = ] Apple -> %UserProfile%\Local Settings\Application Data\Apple -> [Folder | Modified Date = 6/13/2008 3:57:51 AM | Attr = ] Apple Computer -> %UserProfile%\Local Settings\Application Data\Apple Computer -> [Folder | Modified Date = 6/13/2008 3:57:30 AM | Attr = ] ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory -> [Folder | Modified Date = 6/18/2008 3:06:47 PM | Attr = ] Collectorz.com -> %UserProfile%\Local Settings\Application Data\Collectorz.com -> [Folder | Modified Date = 6/11/2008 5:50:40 AM | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 3584 bytes | Modified Date = 6/23/2008 11:44:33 AM | Attr = ] Downloaded Installations -> %UserProfile%\Local Settings\Application Data\Downloaded Installations -> [Folder | Modified Date = 6/13/2008 6:25:24 AM | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 70976 bytes | Modified Date = 6/20/2008 2:24:51 PM | Attr = ] GlobalSCAPE -> %UserProfile%\Local Settings\Application Data\GlobalSCAPE -> [Folder | Modified Date = 6/10/2008 2:40:25 PM | Attr = ] Help -> %UserProfile%\Local Settings\Application Data\Help -> [Folder | Modified Date = 6/22/2008 11:41:21 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 6436820 bytes | Modified Date = 6/24/2008 3:09:44 PM | Attr = H ] Identities -> %UserProfile%\Local Settings\Application Data\Identities -> [Folder | Modified Date = 6/10/2008 4:52:28 PM | Attr = ] Intuit -> %UserProfile%\Local Settings\Application Data\Intuit -> [Folder | Modified Date = 6/20/2008 2:25:45 PM | Attr = ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 6/13/2008 4:36:10 AM | Attr = S] Microsoft Help -> %UserProfile%\Local Settings\Application Data\Microsoft Help -> [Folder | Modified Date = 6/10/2008 6:45:08 PM | Attr = ] Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [Folder | Modified Date = 6/10/2008 7:27:05 AM | Attr = ] Stardock -> %UserProfile%\Local Settings\Application Data\Stardock -> [Folder | Modified Date = 6/12/2008 6:02:30 AM | Attr = ] desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [Ver = | Size = 129 bytes | Modified Date = 6/10/2008 1:51:04 PM | Attr = HS] Intuit -> %AllUsersProfile%\Documents\Intuit -> [Folder | Modified Date = 6/20/2008 2:17:59 PM | Attr = ] My Music -> %AllUsersProfile%\Documents\My Music -> [Folder | Modified Date = 6/10/2008 7:16:54 AM | Attr = R ] My Pictures -> %AllUsersProfile%\Documents\My Pictures -> [Folder | Modified Date = 6/10/2008 5:44:41 PM | Attr = R ] My Videos -> %AllUsersProfile%\Documents\My Videos -> [Folder | Modified Date = 6/11/2008 5:13:30 AM | Attr = R ] Stardock -> %AllUsersProfile%\Documents\Stardock -> [Folder | Modified Date = 6/12/2008 5:44:40 AM | Attr = ] Burn later -> %UserProfile%\My Documents\Burn later -> [Folder | Modified Date = 6/10/2008 4:24:12 PM | Attr = ] desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [Ver = | Size = 75 bytes | Modified Date = 6/10/2008 7:26:04 AM | Attr = HS] Downloaded Installations -> %UserProfile%\My Documents\Downloaded Installations -> [Folder | Modified Date = 6/10/2008 9:26:47 PM | Attr = ] Downloads -> %UserProfile%\My Documents\Downloads -> [Folder | Modified Date = 6/24/2008 10:08:54 PM | Attr = ] EMU ROMS -> %UserProfile%\My Documents\EMU ROMS -> [Folder | Modified Date = 6/10/2008 6:02:09 AM | Attr = ] Fitday -> %UserProfile%\My Documents\Fitday -> [Folder | Modified Date = 6/20/2008 2:08:23 PM | Attr = ] Game Cheats -> %UserProfile%\My Documents\Game Cheats -> [Folder | Modified Date = 6/10/2008 4:13:41 PM | Attr = ] Game Collection -> %UserProfile%\My Documents\Game Collection -> [Folder | Modified Date = 6/10/2008 2:46:23 PM | Attr = ] Harvey's Art -> %UserProfile%\My Documents\Harvey's Art -> [Folder | Modified Date = 6/10/2008 6:03:54 AM | Attr = ] Harvey's Pictures -> %UserProfile%\My Documents\Harvey's Pictures -> [Folder | Modified Date = 6/10/2008 6:04:26 AM | Attr = ] Max Exposure -> %UserProfile%\My Documents\Max Exposure -> [Folder | Modified Date = 6/22/2008 11:10:45 PM | Attr = ] maxex.docx -> %UserProfile%\My Documents\maxex.docx -> [Ver = | Size = 30978 bytes | Modified Date = 6/22/2008 12:55:13 PM | Attr = ] Movie Collector -> %UserProfile%\My Documents\Movie Collector -> [Folder | Modified Date = 6/24/2008 1:33:14 PM | Attr = ] My Downloads -> %UserProfile%\My Documents\My Downloads -> [Folder | Modified Date = 6/13/2008 6:43:38 AM | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 6/13/2008 6:35:16 AM | Attr = R ] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 6/22/2008 5:11:09 PM | Attr = R ] My Shapes -> %UserProfile%\My Documents\My Shapes -> [Folder | Modified Date = 6/10/2008 7:56:22 PM | Attr = S] My Videos -> %UserProfile%\My Documents\My Videos -> [Folder | Modified Date = 6/13/2008 10:19:42 PM | Attr = R ] NeroVision -> %UserProfile%\My Documents\NeroVision -> [Folder | Modified Date = 6/12/2008 6:36:18 AM | Attr = ] Office Templates -> %UserProfile%\My Documents\Office Templates -> [Folder | Modified Date = 6/10/2008 4:16:52 PM | Attr = ] PcSetup -> %UserProfile%\My Documents\PcSetup -> [Folder | Modified Date = 6/12/2008 5:29:18 AM | Attr = ] Resumes -> %UserProfile%\My Documents\Resumes -> [Folder | Modified Date = 6/10/2008 5:22:34 AM | Attr = ] Scanned Stuff -> %UserProfile%\My Documents\Scanned Stuff -> [Folder | Modified Date = 6/22/2008 5:16:37 PM | Attr = ] shadowbaneinstaller -> %UserProfile%\My Documents\shadowbaneinstaller -> [Folder | Modified Date = 6/13/2008 4:45:38 PM | Attr = ] t2625estimate.docx -> %UserProfile%\My Documents\t2625estimate.docx -> [Ver = | Size = 16401 bytes | Modified Date = 6/17/2008 5:20:58 PM | Attr = ] Updater5 -> %UserProfile%\My Documents\Updater5 -> [Folder | Modified Date = 6/10/2008 6:26:26 PM | Attr = ] Virus tools -> %UserProfile%\My Documents\Virus tools -> [Folder | Modified Date = 6/24/2008 8:14:09 PM | Attr = ] Websites -> %UserProfile%\My Documents\Websites -> [Folder | Modified Date = 6/13/2008 4:21:30 AM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 6/25/2008 10:39:29 AM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568483 bytes | Modified Date = 6/25/2008 10:39:19 AM | Attr = ] desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 6/10/2008 7:19:44 AM | Attr = HS] QuickBooks Update Agent.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk -> [Ver = | Size = 2111 bytes | Modified Date = 6/20/2008 2:21:43 PM | Attr = ] desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 6/10/2008 7:19:44 AM | Attr = HS] Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 6/10/2008 9:29:34 PM | Attr = ] Ahead -> %CommonProgramFiles%\Ahead -> [Folder | Modified Date = 6/10/2008 8:01:15 AM | Attr = ] DESIGNER -> %CommonProgramFiles%\DESIGNER -> [Folder | Modified Date = 6/10/2008 7:43:00 PM | Attr = ] Download Manager -> %CommonProgramFiles%\Download Manager -> [Folder | Modified Date = 6/24/2008 3:04:19 PM | Attr = ] GTK -> %CommonProgramFiles%\GTK -> [Folder | Modified Date = 6/24/2008 10:48:45 PM | Attr = ] InstallShield -> %CommonProgramFiles%\InstallShield -> [Folder | Modified Date = 6/14/2008 11:40:37 PM | Attr = ] Intuit -> %CommonProgramFiles%\Intuit -> [Folder | Modified Date = 6/20/2008 2:19:36 PM | Attr = ] Macrovision Shared -> %CommonProgramFiles%\Macrovision Shared -> [Folder | Modified Date = 6/10/2008 6:25:34 PM | Attr = ] McAfee -> %CommonProgramFiles%\McAfee -> [Folder | Modified Date = 6/10/2008 3:09:10 PM | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 6/13/2008 6:24:00 AM | Attr = ] MSSoap -> %CommonProgramFiles%\MSSoap -> [Folder | Modified Date = 6/10/2008 7:18:09 AM | Attr = ] ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Modified Date = 6/10/2008 3:09:44 AM | Attr = ] Services -> %CommonProgramFiles%\Services -> [Folder | Modified Date = 6/10/2008 7:18:11 AM | Attr = ] speechengines -> %CommonProgramFiles%\speechengines -> [Folder | Modified Date = 6/10/2008 12:49:51 PM | Attr = ] Stardock -> %CommonProgramFiles%\Stardock -> [Folder | Modified Date = 6/12/2008 5:59:18 AM | Attr = ] System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 6/12/2008 8:28:09 PM | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 6/10/2008 3:31:42 PM | Attr = ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]