[code] OTScanIt logfile created on: 8/13/2008 9:38:46 PM OTScanIt by OldTimer - Version 1.0.16.2 Folder = C:\Documents and Settings\Kory\Desktop\OTScanIt Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy 511.42 Mb Total Physical Memory | 224.14 Mb Available Physical Memory | 43.83% Memory free 1.49 Gb Paging File | 1.10 Gb Available in Paging File | 73.98% Paging File free Paging file location(s): C:\pagefile.sys 0 0; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.90 Gb Total Space | 6.27 Gb Free Space | 11.21% Space Free | Partition Type: FAT32 D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MCCULLOUGH Current User Name: Kory Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] lexbces.exe -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 5,13,00,00 | Size = 311296 bytes | Modified Date = 10/12/2001 2:42:48 AM | Attr = ] mouse32a.exe -> %ProgramFiles%\Browser Mouse\mouse32a.exe -> [Ver = 4.0.0.0 | Size = 356352 bytes | Modified Date = 7/30/2006 3:29:38 PM | Attr = ] verizo~1.exe -> %SystemDrive%\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE -> Verizon Internet Solutions [Ver = 1.2.0.32 | Size = 50744 bytes | Modified Date = 5/23/2005 1:20:28 PM | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 144784 bytes | Modified Date = 6/10/2008 4:27:04 AM | Attr = ] ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 107.0.4.2 | Size = 149864 bytes | Modified Date = 1/25/2008 5:47:02 PM | Attr = ] cmisrv.exe -> %CommonProgramFiles%\Verizon Online\ConnMgr\cmisrv.exe -> Verizon Internet Solutions [Ver = 2.0.2.12 | Size = 357944 bytes | Modified Date = 5/20/2005 10:11:52 AM | Attr = ] dvpapi.exe -> %CommonProgramFiles%\Command Software\dvpapi.exe -> Command Software Systems, Inc. [Ver = 4,93,0,50511 | Size = 142416 bytes | Modified Date = 5/16/2005 7:45:56 PM | Attr = R ] npkcmsvc.exe -> %SystemDrive%\Nexon\Mabinogi\npkcmsvc.exe -> INCA Internet Co., Ltd. [Ver = 2007, 8, 2, 1 | Size = 80528 bytes | Modified Date = 8/2/2007 12:33:50 PM | Attr = ] viewpointservice.exe -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 24652 bytes | Modified Date = 1/4/2007 4:38:10 PM | Attr = ] vzopenuiserver.exe -> %CommonProgramFiles%\Verizon Online\AppMgr\vzOpenUIServer.exe -> Verizon Internet Solutions [Ver = 3.1.1.7 | Size = 108088 bytes | Modified Date = 5/11/2005 12:05:10 PM | Attr = ] nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.8198 | Size = 131139 bytes | Modified Date = 12/10/2005 5:06:00 AM | Attr = ] symlcsvc.exe -> %SystemDrive%\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -> [Ver = | Size = 1245064 bytes | Modified Date = 3/13/2008 1:09:26 PM | Attr = ] ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 107.0.4.2 | Size = 149864 bytes | Modified Date = 1/25/2008 5:47:02 PM | Attr = ] aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.4.1.232 | Size = 238968 bytes | Modified Date = 2/9/2008 4:06:32 PM | Attr = ] ymsgr_tray.exe -> %SystemDrive%\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe -> Yahoo! Inc. [Ver = 8,1,0,0 | Size = 103928 bytes | Modified Date = 11/30/2006 9:49:06 PM | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 7/12/2008 9:29:54 AM | Attr = ] [Win32 Services - Non-Microsoft Only] (ccEvtMgr) Symantec Event Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 107.0.4.2 | Size = 149864 bytes | Modified Date = 1/25/2008 5:47:02 PM | Attr = ] (ccSetMgr) Symantec Settings Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 107.0.4.2 | Size = 149864 bytes | Modified Date = 1/25/2008 5:47:02 PM | Attr = ] (CLTNetCnService) Symantec Lic NetConnect service [Win32_Shared | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 107.0.4.2 | Size = 149864 bytes | Modified Date = 1/25/2008 5:47:02 PM | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 12:56:50 AM | Attr = ] (dvpapi) dvpapi [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Command Software\dvpapi.exe -> Command Software Systems, Inc. [Ver = 4,93,0,50511 | Size = 142416 bytes | Modified Date = 5/16/2005 7:45:56 PM | Attr = R ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 12:41:10 AM | Attr = ] (LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %SystemRoot%\system32\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 5,13,00,00 | Size = 311296 bytes | Modified Date = 10/12/2001 2:42:48 AM | Attr = ] (LiveUpdate Notice) LiveUpdate Notice [Win32_Shared | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> Symantec Corporation [Ver = 107.0.4.2 | Size = 149864 bytes | Modified Date = 1/25/2008 5:47:02 PM | Attr = ] (lxcg_device) lxcg_device [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\lxcgcoms.exe -> [Ver = 1.154.7.0 | Size = 491520 bytes | Modified Date = 4/15/2005 5:15:30 PM | Attr = ] (npkcmsvc) npkcmsvc [Win32_Own | Auto | Running] -> %SystemDrive%\Nexon\Mabinogi\npkcmsvc.exe -> INCA Internet Co., Ltd. [Ver = 2007, 8, 2, 1 | Size = 80528 bytes | Modified Date = 8/2/2007 12:33:50 PM | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.8198 | Size = 131139 bytes | Modified Date = 12/10/2005 5:06:00 AM | Attr = ] (PictureTaker) PictureTaker [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\PCTKRNT.SYS -> LANovation [Ver = 3.02 | Size = 45056 bytes | Modified Date = 1/31/2006 1:47:02 PM | Attr = ] (Symantec Core LC) Symantec Core LC [Win32_Own | On_Demand | Running] -> %SystemDrive%\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -> [Ver = | Size = 1245064 bytes | Modified Date = 3/13/2008 1:09:26 PM | Attr = ] (Viewpoint Manager Service) Viewpoint Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 24652 bytes | Modified Date = 1/4/2007 4:38:10 PM | Attr = ] (LiveUpdate) LiveUpdate [Win32_Shared | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_4.EXE -> Symantec Corporation [Ver = 3.4.1.238 | Size = 3220856 bytes | Modified Date = 8/4/2008 11:20:16 AM | Attr = ] (Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> Symantec Corporation [Ver = 3.4.1.232 | Size = 238968 bytes | Modified Date = 2/9/2008 4:06:32 PM | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> A Verizon App -> %SystemDrive%\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE [C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE] -> Verizon Internet Solutions [Ver = 1.2.0.32 | Size = 50744 bytes | Modified Date = 5/23/2005 1:20:28 PM | Attr = ] ccApp -> %CommonProgramFiles%\Symantec Shared\ccApp.exe ["C:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> Symantec Corporation [Ver = 107.0.4.2 | Size = 51048 bytes | Modified Date = 1/25/2008 5:47:22 PM | Attr = ] EnvyHFCPL -> %ProgramFiles%\Audio Deck\EnMixCPL.exe [C:\Program Files\Audio Deck\EnMixCPL.exe 1] -> VIA Technologies, Inc [Ver = 5.12.1.3653 | Size = 3895296 bytes | Modified Date = 12/9/2004 3:51:16 AM | Attr = ] FLMOFFICE4DMOUSE -> %ProgramFiles%\Browser Mouse\mouse32a.exe [C:\Program Files\Browser Mouse\mouse32a.exe] -> [Ver = 4.0.0.0 | Size = 356352 bytes | Modified Date = 7/30/2006 3:29:38 PM | Attr = ] KernelFaultCheck -> [%systemroot%\system32\dumprep 0 -k] -> File not found LXCGCATS -> %SystemRoot%\System32\spool\DRIVERS\W32X86\3\LXCGtime.DLL [rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16] -> [Ver = 0.1.11.5 | Size = 69632 bytes | Modified Date = 4/27/2005 10:21:52 AM | Attr = ] NvCplDaemon -> %SystemRoot%\system32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.8198 | Size = 7311360 bytes | Modified Date = 12/10/2005 5:06:00 AM | Attr = ] NvMediaCenter -> %SystemRoot%\system32\NvMcTray.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.8198 | Size = 86016 bytes | Modified Date = 12/10/2005 5:06:00 AM | Attr = ] nwiz -> %SystemRoot%\SYSTEM32\nwiz.exe [nwiz.exe /install] -> [Ver = | Size = 1519616 bytes | Modified Date = 12/10/2005 5:06:00 AM | Attr = ] osCheck -> %ProgramFiles%\Norton AntiVirus\osCheck.exe ["C:\Program Files\Norton AntiVirus\osCheck.exe"] -> Symantec Corporation [Ver = 15.5.0.32 | Size = 718704 bytes | Modified Date = 2/6/2008 10:49:38 PM | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> Apple Inc. [Ver = 7.3 | Size = 286720 bytes | Modified Date = 11/14/2007 9:47:46 PM | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 144784 bytes | Modified Date = 6/10/2008 4:27:04 AM | Attr = ] < RunServices [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices -> Boston -> %ProgramFiles%\Boston Acoustics\Boston USB Audio System\Boston.exe [C:\Program Files\Boston Acoustics\Boston USB Audio System\Boston.exe] -> File not found < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Uniblue RegistryBooster 2 -> %ProgramFiles%\Uniblue\RegistryBooster 2\RegistryBooster.exe [C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S] -> File not found Yahoo! Pager -> %SystemDrive%\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE ["C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet] -> Yahoo! Inc. [Ver = 8,1,0,209 | Size = 4662776 bytes | Modified Date = 11/30/2006 9:49:04 PM | Attr = ] < Run [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\] > -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Uniblue RegistryBooster 2 -> %ProgramFiles%\Uniblue\RegistryBooster 2\RegistryBooster.exe [C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S] -> File not found Yahoo! Pager -> %SystemDrive%\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE ["C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet] -> Yahoo! Inc. [Ver = 8,1,0,209 | Size = 4662776 bytes | Modified Date = 11/30/2006 9:49:04 PM | Attr = ] < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Kory Startup Folder > -> C:\Documents and Settings\Kory\Start Menu\Programs\Startup -> < Guest Startup Folder > -> C:\Documents and Settings\Guest\Start Menu\Programs\Startup -> < CDM Startup Folder > -> C:\Documents and Settings\CDM\Start Menu\Programs\Startup -> < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [0aMCPClient] -> File not found < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> %SystemRoot%\Explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Size = 1033216 bytes | Modified Date = 6/13/2007 6:23:08 AM | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\WINDOWS\system32\Userinit.exe -> %SystemRoot%\system32\Userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> logonui.exe -> %SystemRoot%\SYSTEM32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 514560 bytes | Modified Date = 8/4/2004 12:56:52 AM | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\System32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 10/25/2007 10:34:02 PM | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\SYSTEM32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon settings [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005] > -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoDriveAutoRun -> 96 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoCDBurning -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WinOldApp\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WinOldApp\\NoRealMode -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 95 00 00 00 [binary data] -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 95 00 00 00 [binary data] -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005] > -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> SCSI miniport -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\System32\DRIVERS\cdrom.sys [System32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 8/3/2004 10:59:54 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found TORiSAN CD-ROM CDR_C36 -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomHITACHI_DVD-ROM_GD-8000_________________0008____\5&33940829&0&0.0.0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> IDE\CdRomBTC_BCE1610IM___________________________A.20____\5&33940829&0&0.1.0 -> < Drives - Autoruns > -> -> AUTOEXEC.BAT [SET windir=C:\WINDOWS | SET winbootdir=C:\WINDOWS | SET COMSPEC=C:\WINDOWS\COMMAND.COM | SET PATH=C:\WINDOWS;C:\WINDOWS\COMMAND | SET PROMPT=$p$g | SET TEMP=C:\WINDOWS\TEMP | SET TMP=C:\WINDOWS\TEMP | ] -> %SystemDrive%\AUTOEXEC.BAT [ FAT32 ] -> [Ver = | Size = 194 bytes | Modified Date = 2/23/2005 4:15:36 PM | Attr = H ] < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.neopets.com/ -> HKEY_CURRENT_USER\: Search\\CustomizeSearch -> http://ie.search.msn.com -> HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 10/26/2006 10:28:40 AM | Attr = ] HKEY_CURRENT_USER\: ProxyEnable -> 0 -> HKEY_CURRENT_USER\: ProxyOverride -> 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pogo.com;*.worldwinner.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;*photosite.com;*.dir.untd.com; -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\Default_Page_URL -> -> HKEY_USERS\.DEFAULT\: Main\\Default_Search_URL -> http://ie.search.msn.com -> HKEY_USERS\.DEFAULT\: Main\\Local Page -> C:\WINDOWS\System32\blank.htm -> HKEY_USERS\.DEFAULT\: Main\\Search Bar -> http://my.netzero.net/s/search?r=minisearch -> HKEY_USERS\.DEFAULT\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: Main\\Start Page -> http://securityresponse.symantec.com/avcenter/fix_homepage/ -> HKEY_USERS\.DEFAULT\: Search\\CustomizeSearch -> http://ie.search.msn.com -> HKEY_USERS\.DEFAULT\: SearchURL\\ -> http://my.netzero.net/s/search?r=minisearch[intranet] -> HKEY_USERS\.DEFAULT\: URLSearchHooks\\{37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> HKEY_USERS\.DEFAULT\: ProxyOverride -> 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pogo.com;*.worldwinner.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;*photosite.com;*.dir.untd.com; -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\Default_Page_URL -> -> HKEY_USERS\S-1-5-18\: Main\\Default_Search_URL -> http://ie.search.msn.com -> HKEY_USERS\S-1-5-18\: Main\\Local Page -> C:\WINDOWS\System32\blank.htm -> HKEY_USERS\S-1-5-18\: Main\\Search Bar -> http://my.netzero.net/s/search?r=minisearch -> HKEY_USERS\S-1-5-18\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: Main\\Start Page -> http://securityresponse.symantec.com/avcenter/fix_homepage/ -> HKEY_USERS\S-1-5-18\: Search\\CustomizeSearch -> http://ie.search.msn.com -> HKEY_USERS\S-1-5-18\: SearchURL\\ -> http://my.netzero.net/s/search?r=minisearch[intranet] -> HKEY_USERS\S-1-5-18\: URLSearchHooks\\{37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> HKEY_USERS\S-1-5-18\: ProxyOverride -> 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pogo.com;*.worldwinner.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;*photosite.com;*.dir.untd.com; -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: Main\\Local Page -> C:\WINDOWS\SYSTEM\blank.htm -> HKEY_USERS\S-1-5-19\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-19\: Main\\Start Page -> http://securityresponse.symantec.com/avcenter/fix_homepage/ -> HKEY_USERS\S-1-5-19\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: Main\\Local Page -> C:\WINDOWS\SYSTEM\blank.htm -> HKEY_USERS\S-1-5-20\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-20\: Main\\Start Page -> http://securityresponse.symantec.com/avcenter/fix_homepage/ -> HKEY_USERS\S-1-5-20\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\] > -> -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\: Main\\Local Page -> C:\windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\: Main\\Start Page -> http://www.neopets.com/ -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\: Search\\CustomizeSearch -> http://ie.search.msn.com -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 10/26/2006 10:28:40 AM | Attr = ] HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\: ProxyEnable -> 0 -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\: ProxyOverride -> 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pogo.com;*.worldwinner.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;*photosite.com;*.dir.untd.com; -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1033 domain(s) found. -> www_neopets.com [https] -> Trusted sites -> 72 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 18 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1031 domain(s) found. -> 71 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 18 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1031 domain(s) found. -> 71 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 18 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1031 domain(s) found. -> 71 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 18 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1031 domain(s) found. -> 71 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 18 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\] > -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1033 domain(s) found. -> www_neopets.com [https] -> Trusted sites -> 72 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\] > -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 18 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 10/26/2006 10:28:40 AM | Attr = ] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 12/18/2006 4:16:42 AM | Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Reg Error: Value does not exist or could not be read.] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 1:04:00 AM | Attr = ] {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:29:16 PM | Attr = ] {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [Symantec Intrusion Prevention] -> Symantec Corporation [Ver = 8.2.0.81 | Size = 116088 bytes | Modified Date = 3/13/2008 1:10:50 PM | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr = ] {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {CD292324-974F-4224-D074-CACA427AA030} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Neopets\Toolbar\Toolbar.dll [Neopets] -> Velocity Services, Inc. [Ver = 4.0.2496.19628 | Size = 640552 bytes | Modified Date = 11/14/2006 7:04:50 AM | Attr = ] < Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Bars [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\] > -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {0BF43445-2F28-4351-9252-17FE6E806AA0} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {CD292324-974F-4224-D074-CACA427AA030} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Neopets\Toolbar\Toolbar.dll [Neopets] -> Velocity Services, Inc. [Ver = 4.0.2496.19628 | Size = 640552 bytes | Modified Date = 11/14/2006 7:04:50 AM | Attr = ] {E0E899AB-F487-11D5-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 10/26/2006 10:28:40 AM | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{CD292324-974F-4224-D074-CACA427AA030} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Neopets\Toolbar\Toolbar.dll [Neopets] -> Velocity Services, Inc. [Ver = 4.0.2496.19628 | Size = 640552 bytes | Modified Date = 11/14/2006 7:04:50 AM | Attr = ] WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{CD292324-974F-4224-D074-CACA427AA030} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Neopets\Toolbar\Toolbar.dll [Neopets] -> Velocity Services, Inc. [Ver = 4.0.2496.19628 | Size = 640552 bytes | Modified Date = 11/14/2006 7:04:50 AM | Attr = ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 10/26/2006 10:28:40 AM | Attr = ] WebBrowser\\{F0F8ECBE-D460-4B34-B007-56A92E8F84A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{F5735C15-1FB2-41FE-BA12-242757E69DDE} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{CD292324-974F-4224-D074-CACA427AA030} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Neopets\Toolbar\Toolbar.dll [Neopets] -> Velocity Services, Inc. [Ver = 4.0.2496.19628 | Size = 640552 bytes | Modified Date = 11/14/2006 7:04:50 AM | Attr = ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 10/26/2006 10:28:40 AM | Attr = ] WebBrowser\\{F0F8ECBE-D460-4B34-B007-56A92E8F84A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{F5735C15-1FB2-41FE-BA12-242757E69DDE} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{CD292324-974F-4224-D074-CACA427AA030} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Neopets\Toolbar\Toolbar.dll [Neopets] -> Velocity Services, Inc. [Ver = 4.0.2496.19628 | Size = 640552 bytes | Modified Date = 11/14/2006 7:04:50 AM | Attr = ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 10/26/2006 10:28:40 AM | Attr = ] WebBrowser\\{F0F8ECBE-D460-4B34-B007-56A92E8F84A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{F5735C15-1FB2-41FE-BA12-242757E69DDE} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\] > -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\{CD292324-974F-4224-D074-CACA427AA030} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Neopets\Toolbar\Toolbar.dll [Neopets] -> Velocity Services, Inc. [Ver = 4.0.2496.19628 | Size = 640552 bytes | Modified Date = 11/14/2006 7:04:50 AM | Attr = ] WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{CD292324-974F-4224-D074-CACA427AA030} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Neopets\Toolbar\Toolbar.dll [Neopets] -> Velocity Services, Inc. [Ver = 4.0.2496.19628 | Size = 640552 bytes | Modified Date = 11/14/2006 7:04:50 AM | Attr = ] WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 10/26/2006 10:28:40 AM | Attr = ] WebBrowser\\{F0F8ECBE-D460-4B34-B007-56A92E8F84A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{F5735C15-1FB2-41FE-BA12-242757E69DDE} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 6/10/2008 4:27:02 AM | Attr = ] {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! Services] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:29:16 PM | Attr = ] {6224f700-cba3-4071-b251-47cb894244cd}:Exec -> %SystemDrive%\PROGRA~1\ICQ\ICQ.exe [ICQ Pro] -> ICQ Inc. [Ver = 5,5,6,3916 | Size = 1880639 bytes | Modified Date = 10/14/2003 1:03:50 PM | Attr = ] {d9288080-1baa-4bc4-9cf8-a92d743db949}:Exec -> %UserProfile%\Start Menu\Programs\IMVU\Run IMVU.lnk [Run IMVU] -> File not found {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}:Exec -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe [Yahoo! Messenger] -> Yahoo! Inc. [Ver = 8,1,0,209 | Size = 4662776 bytes | Modified Date = 11/30/2006 9:49:04 PM | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:29:16 PM | Attr = ] CmdMapping\\{6224f700-cba3-4071-b251-47cb894244cd} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\ICQ\ICQ.exe [ICQ Pro] -> ICQ Inc. [Ver = 5,5,6,3916 | Size = 1880639 bytes | Modified Date = 10/14/2003 1:03:50 PM | Attr = ] CmdMapping\\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [Messenger Class] -> Yahoo! Inc. [Ver = 8,1,0,209 | Size = 4662776 bytes | Modified Date = 11/30/2006 9:49:04 PM | Attr = ] < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &Search -> -> File not found &Yahoo! Search -> -> File not found Display All Images with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll -> File not found Display Image with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll -> File not found Yahoo! &Dictionary -> -> File not found Yahoo! &Maps -> -> File not found Yahoo! &SMS -> -> File not found < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:29:16 PM | Attr = ] CmdMapping\\{6224f700-cba3-4071-b251-47cb894244cd} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\ICQ\ICQ.exe [ICQ Pro] -> ICQ Inc. [Ver = 5,5,6,3916 | Size = 1880639 bytes | Modified Date = 10/14/2003 1:03:50 PM | Attr = ] CmdMapping\\{B863453A-26C3-4e1f-A54D-A2CD196348E9} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [Messenger Class] -> Yahoo! Inc. [Ver = 8,1,0,209 | Size = 4662776 bytes | Modified Date = 11/30/2006 9:49:04 PM | Attr = ] < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> &Yahoo! Search -> -> File not found Display All Images with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll -> File not found Display Image with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll -> File not found Yahoo! &Dictionary -> -> File not found Yahoo! &Maps -> -> File not found Yahoo! &SMS -> -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:29:16 PM | Attr = ] CmdMapping\\{6224f700-cba3-4071-b251-47cb894244cd} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\ICQ\ICQ.exe [ICQ Pro] -> ICQ Inc. [Ver = 5,5,6,3916 | Size = 1880639 bytes | Modified Date = 10/14/2003 1:03:50 PM | Attr = ] CmdMapping\\{B863453A-26C3-4e1f-A54D-A2CD196348E9} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [Messenger Class] -> Yahoo! Inc. [Ver = 8,1,0,209 | Size = 4662776 bytes | Modified Date = 11/30/2006 9:49:04 PM | Attr = ] < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> &Yahoo! Search -> -> File not found Display All Images with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll -> File not found Display Image with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll -> File not found Yahoo! &Dictionary -> -> File not found Yahoo! &Maps -> -> File not found Yahoo! &SMS -> -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\] > -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:29:16 PM | Attr = ] CmdMapping\\{6224f700-cba3-4071-b251-47cb894244cd} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\ICQ\ICQ.exe [ICQ Pro] -> ICQ Inc. [Ver = 5,5,6,3916 | Size = 1880639 bytes | Modified Date = 10/14/2003 1:03:50 PM | Attr = ] CmdMapping\\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [Messenger Class] -> Yahoo! Inc. [Ver = 8,1,0,209 | Size = 4662776 bytes | Modified Date = 11/30/2006 9:49:04 PM | Attr = ] < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\] > -> HKEY_USERS\S-1-5-21-448539723-688789844-1202660629-1005\Software\Microsoft\Internet Explorer\MenuExt\ -> &Search -> -> File not found &Yahoo! Search -> -> File not found Display All Images with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll -> File not found Display Image with Full Quality -> %ProgramFiles%\NetZero\qsacc\appres.dll -> File not found Yahoo! &Dictionary -> -> File not found Yahoo! &Maps -> -> File not found Yahoo! &SMS -> -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {0E891372-9927-406C-8234-DAA2C2F5D0E8} -> () -> {2A7E682E-D0B9-4EEB-B2CD-B880D195661B} -> (Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4)) -> {A046E699-1313-4AB1-BE18-83FC00769EC3} -> () -> {B2B2A19A-DA2E-40F5-BEC5-8245740FB161} -> (Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4)) -> {C9EB16AC-D2DF-4549-B438-8AF04F85A1E0} -> (Broadcom 4211 iLine10(tm) Network Adapter) -> < Default Protocols [HKEY_USERS\.DEFAULT\] - Select to Repair > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-18\] - Select to Repair > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> shell -> shell protocol not assigned -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {01113300-3E00-11D2-8470-0060089874ED}[HKEY_LOCAL_MACHINE] -> https://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab[Support.com Configuration Class] -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}[HKEY_LOCAL_MACHINE] -> http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab[QuickTime Object] -> {0E5F0222-96B9-11D3-8997-00104BD12D94}[HKEY_LOCAL_MACHINE] -> http://support.gateway.com/support/profiler/PCPitStop.CAB[PCPitstop Utility] -> {17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab[Windows Genuine Advantage Validation Tool] -> {1E54D648-B804-468d-BC78-4AFFED8E262E}[HKEY_LOCAL_MACHINE] -> http://www.srtest.com/srl_bin/sysreqlab3.cab[System Requirements Lab Class] -> {3107C2A8-9F0B-4404-A58B-21BD85268FBC}[HKEY_LOCAL_MACHINE] -> http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB[PogoWebLauncher Control] -> {3DCEC959-378A-4922-AD7E-FD5C925D927F}[HKEY_LOCAL_MACHINE] -> http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab[Disney Online Games ActiveX Control] -> {48DD0448-9209-4F81-9F6D-D83562940134}[HKEY_LOCAL_MACHINE] -> http://lads.myspace.com/upload/MySpaceUploader1006.cab[MySpace Uploader Control] -> {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}[HKEY_LOCAL_MACHINE] -> http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab[Reg Error: Key does not exist or could not be opened.] -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537}[HKEY_LOCAL_MACHINE] -> http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab[MSN Photo Upload Tool] -> {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE}[HKEY_LOCAL_MACHINE] -> http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab[Reg Error: Key does not exist or could not be opened.] -> {775879E2-7309-4619-BB02-AADE41F4B690}[HKEY_LOCAL_MACHINE] -> http://download.playfirst.com/play/game/dreamchronicles/dreamweb.1.0.0.10.cab[CPlayFirstdreamControl Object] -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {91F71D75-A73B-4E3B-8A14-F03557B82B29}[HKEY_LOCAL_MACHINE] -> http://www.graalonline.com/downloads/plugin/graalplugin.cab[Cax3DPlugin Object] -> {B8BE5E93-A60C-4D26-A2DC-220313175592}[HKEY_LOCAL_MACHINE] -> http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab[MSN Games - Installer] -> {BCC0FF27-31D9-4614-A68E-C18E1ADA4389}[HKEY_LOCAL_MACHINE] -> http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab[Reg Error: Key does not exist or could not be opened.] -> {C02226EB-A5D7-4B1F-BD7E-635E46C2288D}[HKEY_LOCAL_MACHINE] -> http://a.download.toontown.com/sv1.0.30.14/ttinst.cab[Toontown Installer ActiveX Control] -> {CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2_16] -> {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab[Java Plug-in 1.6.0_01] -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab[Java Plug-in 1.6.0_02] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> {D4323BF2-006A-4440-A2F5-27E3E7AB25F8}[HKEY_LOCAL_MACHINE] -> http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe[Virtools WebPlayer Class] -> DirectAnimation Java Classes[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\SYSTEM\dajava.cab[Reg Error: Key does not exist or could not be opened.] -> Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/vzbb.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/vzbb.dll\\.Owner -> {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/vzbb.dll\\{4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/DiskFAU.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/DiskFAU.dll\\.Owner -> {0E5F0222-96B9-11D3-8997-00104BD12D94} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/DiskFAU.dll\\{0E5F0222-96B9-11D3-8997-00104BD12D94} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/DisneyOnlineGames.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/DisneyOnlineGames.ocx\\.Owner -> {3DCEC959-378A-4922-AD7E-FD5C925D927F} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/DisneyOnlineGames.ocx\\{3DCEC959-378A-4922-AD7E-FD5C925D927F} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/dream.1.0.0.10.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/dream.1.0.0.10.dll\\.Owner -> {775879E2-7309-4619-BB02-AADE41F4B690} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/dream.1.0.0.10.dll\\{775879E2-7309-4619-BB02-AADE41F4B690} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\.Owner -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\{D27CDB6E-AE6D-11CF-96B8-444553540000} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\\.Owner -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\\{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MySpaceUploader.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MySpaceUploader.ocx\\.Owner -> {48DD0448-9209-4F81-9F6D-D83562940134} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MySpaceUploader.ocx\\{48DD0448-9209-4F81-9F6D-D83562940134} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PCPitstop.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PCPitstop.dll\\.Owner -> {0E5F0222-96B9-11D3-8997-00104BD12D94} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PCPitstop.dll\\{0E5F0222-96B9-11D3-8997-00104BD12D94} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PogoWebLauncher.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PogoWebLauncher.ocx\\.Owner -> {3107C2A8-9F0B-4404-A58B-21BD85268FBC} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PogoWebLauncher.ocx\\{3107C2A8-9F0B-4404-A58B-21BD85268FBC} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\\.Owner -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\\{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sprthelper.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sprthelper.exe\\.Owner -> {01113300-3E00-11D2-8470-0060089874ED} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sprthelper.exe\\{01113300-3E00-11D2-8470-0060089874ED} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sysreqlab2.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sysreqlab2.dll\\.Owner -> {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sysreqlab2.dll\\{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sysreqlab3.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sysreqlab3.dll\\.Owner -> {1E54D648-B804-468d-BC78-4AFFED8E262E} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/sysreqlab3.dll\\{1E54D648-B804-468d-BC78-4AFFED8E262E} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlcm.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlcm.dll\\.Owner -> {01113300-3E00-11D2-8470-0060089874ED} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlcm.dll\\{01113300-3E00-11D2-8470-0060089874ED} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsr.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsr.dll\\.Owner -> {01012101-5E80-11D8-9E86-0007E96C65AE} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsr.dll\\{01012101-5E80-11D8-9E86-0007E96C65AE} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ttinst.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ttinst.dll\\.Owner -> {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ttinst.dll\\{C02226EB-A5D7-4B1F-BD7E-635E46C2288D} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/vzbb.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/vzbb.dll\\.Owner -> {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/vzbb.dll\\{4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZIntro.ocx\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZIntro.ocx\\.Owner -> {B8BE5E93-A60C-4D26-A2DC-220313175592} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ZIntro.ocx\\{B8BE5E93-A60C-4D26-A2DC-220313175592} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/mdkiaf.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/danim.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/danim.dll\\.Owner -> 7104396936D211d2A4B8006008C61493 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/danim.dll\\7104396936D211d2A4B8006008C61493 -> 7104396936D211d2A4B8006008C61493 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/ddrawex.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/ddrawex.dll\\.Owner -> 7104396936D211d2A4B8006008C61493 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/ddrawex.dll\\7104396936D211d2A4B8006008C61493 -> 7104396936D211d2A4B8006008C61493 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\\.Owner -> {17492023-C23A-453E-A040-C7C580BBF700} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\\{17492023-C23A-453E-A040-C7C580BBF700} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/mfc42.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/mfc42.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/msvcrt.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/msvcrt.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/olepro32.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/olepro32.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/SYSTEM32/pcpbios.exe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/SYSTEM32/pcpbios.exe\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/SYSTEM32/pcpbios.exe\\{0E5F0222-96B9-11D3-8997-00104BD12D94} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/quartz.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/quartz.dll\\.Owner -> 7104396936D211d2A4B8006008C61493 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/quartz.dll\\7104396936D211d2A4B8006008C61493 -> 7104396936D211d2A4B8006008C61493 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/SYSTEM32/sysres.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/SYSTEM32/sysres.dll\\.Owner -> Unknown Owner -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/SYSTEM32/sysres.dll\\{0E5F0222-96B9-11D3-8997-00104BD12D94} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/tintel.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/SYSTEM32/unicows.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/SYSTEM32/unicows.dll\\.Owner -> {48DD0448-9209-4F81-9F6D-D83562940134} -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/SYSTEM32/unicows.dll\\{48DD0448-9209-4F81-9F6D-D83562940134} -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\Software/Microsoft/Windows/CurrentVersion/ModuleUsage/C:/WINDOWS/SYSTEM/ddrawex.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\Software/Microsoft/Windows/CurrentVersion/ModuleUsage/C:/WINDOWS/SYSTEM/ddrawex.dll\\.Owner -> 22d6f312-b0f6-11d0-94ab-0080c74 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\Software/Microsoft/Windows/CurrentVersion/ModuleUsage/C:/WINDOWS/SYSTEM/quartz.dll\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\Software/Microsoft/Windows/CurrentVersion/ModuleUsage/C:/WINDOWS/SYSTEM/quartz.dll\\.Owner -> {4112DF42-0DCB-11d1-8177-00AA00 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\Software/Microsoft/Windows/CurrentVersion/ModuleUsage/C:/WINDOWS/SYSTEM/quartz.dll\\{22d6f312-b0f6-11d0-94ab-0080c7 -> -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableRemoteConnect -> N -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\System32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> 0 [binary data] -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\System32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 6/15/2005 12:49:30 PM | Attr = ] msv1_0 -> %SystemRoot%\System32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] schannel -> %SystemRoot%\System32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 10:21:16 AM | Attr = ] wdigest -> %SystemRoot%\System32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 3/23/2006 11:37:50 PM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 632 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\System32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> %SystemRoot%\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> CA 23 4C CE AE EF 1E FE 4B 18 98 59 F8 41 87 DC 62 36 36 62 32 34 31 34 00 68 07 00 01 00 00 00 DC 00 00 00 E0 00 00 00 48 FA 06 00 97 55 5A 74 04 00 00 00 A0 FD 06 00 B8 FD 06 00 D5 50 1D 9E [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> 9C FE 22 E8 48 D4 D2 32 0B [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> 94 19 F4 ED 8B 1E [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> EC FE E1 CC 2F F4 83 8C 86 54 91 D7 52 3F E4 63 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> 10 2E 71 40 D6 20 C8 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> 00 36 F3 D1 E7 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> 00 36 F3 D1 E7 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> 00 36 F3 D1 E7 79 C4 01 [binary data] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\System32\svchost.exe [%SystemRoot%\System32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 10733 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 7:44:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 10/18/2007 11:34:02 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> %ProgramFiles%\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 10/2/2007 5:18:24 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\System32\lxcgcoms.exe -> %SystemRoot%\System32\lxcgcoms.exe [C:\WINDOWS\System32\lxcgcoms.exe:*:Enabled:2300 Series] -> [Ver = 1.154.7.0 | Size = 491520 bytes | Modified Date = 4/15/2005 5:15:30 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> Yahoo! Inc. [Ver = 8,1,0,209 | Size = 4662776 bytes | Modified Date = 11/30/2006 9:49:04 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Kory\Desktop\Kory's Folder\GunBound\softnyx\GunboundWC\GunBound.gme -> %UserProfile%\Desktop\Kory's Folder\GunBound\softnyx\GunboundWC\GunBound.gme [C:\Documents and Settings\Kory\Desktop\Kory's Folder\GunBound\softnyx\GunboundWC\GunBound.gme:*:Enabled:GunBound] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\mIRC\mirc.exe -> %ProgramFiles%\mIRC\mirc.exe [C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC] -> mIRC Co. Ltd. [Ver = 6.1 | Size = 1855488 bytes | Modified Date = 2/24/2005 7:04:04 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Yahoo!\Messenger\YServer.exe -> %ProgramFiles%\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> Yahoo! Inc. [Ver = 3, 0, 0, 1 | Size = 91640 bytes | Modified Date = 11/30/2006 9:49:06 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\ICQ\Icq.exe -> %ProgramFiles%\ICQ\Icq.exe [C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ] -> ICQ Inc. [Ver = 5,5,6,3916 | Size = 1880639 bytes | Modified Date = 10/14/2003 1:03:50 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\System32\java.exe -> %SystemRoot%\System32\java.exe [C:\WINDOWS\System32\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Modified Date = 6/10/2008 1:21:02 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\ijji\ENGLISH\Gunbound Revolution\GunBound.gme -> %SystemDrive%\ijji\ENGLISH\Gunbound Revolution\GunBound.gme [C:\ijji\ENGLISH\Gunbound Revolution\GunBound.gme:*:Enabled:GunBound] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Kory\Desktop\Kory's Folder\Maple Story\Wizet\MapleStory\Patcher.exe -> %UserProfile%\Desktop\Kory's Folder\Maple Story\Wizet\MapleStory\Patcher.exe [C:\Documents and Settings\Kory\Desktop\Kory's Folder\Maple Story\Wizet\MapleStory\Patcher.exe:*:Enabled:Patcher MFC ?? ????] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Digital Asphyxia\Y!TunnelPro 2.5\YTPro.exe -> %ProgramFiles%\Digital Asphyxia\Y!TunnelPro 2.5\YTPro.exe [C:\Program Files\Digital Asphyxia\Y!TunnelPro 2.5\YTPro.exe:*:Enabled:Y!TunelPro V2.1] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\IJJI\ENGLISH\Golf\DangGol.exe -> %SystemDrive%\IJJI\ENGLISH\Golf\DangGol.exe [C:\IJJI\ENGLISH\Golf\DangGol.exe:*:Enabled:DangGol] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Kory\Desktop\Kory's Folder\Maple Story\Wizet\MapleStory\NewPatcher.exe -> %UserProfile%\Desktop\Kory's Folder\Maple Story\Wizet\MapleStory\NewPatcher.exe [C:\Documents and Settings\Kory\Desktop\Kory's Folder\Maple Story\Wizet\MapleStory\NewPatcher.exe:*:Enabled:Patcher MFC ?? ????] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\EA SPORTS\Madden NFL 06\Updater.exe -> %ProgramFiles%\EA SPORTS\Madden NFL 06\Updater.exe [C:\Program Files\EA SPORTS\Madden NFL 06\Updater.exe:*:Enabled:Updater] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\updater.exe -> D:\updater.exe [D:\updater.exe:*:Enabled:Updater] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Ubisoft\Puzzle Pirates\java\bin\javaw.exe -> %ProgramFiles%\Ubisoft\Puzzle Pirates\java\bin\javaw.exe [C:\Program Files\Ubisoft\Puzzle Pirates\java\bin\javaw.exe:*:Enabled:javaw] -> [Ver = | Size = 45163 bytes | Modified Date = 9/28/2004 8:29:34 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe -> %ProgramFiles%\Microsoft Games\Zoo Tycoon 2\zt.exe [C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BitComet\BitComet.exe -> %ProgramFiles%\BitComet\BitComet.exe [C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\EA SPORTS\Madden NFL 06\MAINAPP.EXE -> %ProgramFiles%\EA SPORTS\Madden NFL 06\MAINAPP.EXE [C:\Program Files\EA SPORTS\Madden NFL 06\MAINAPP.EXE:*:Enabled:MAINAPP] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Auxiliary Power\Demo\DerbyDemo.exe -> %ProgramFiles%\Auxiliary Power\Demo\DerbyDemo.exe [C:\Program Files\Auxiliary Power\Demo\DerbyDemo.exe:*:Enabled:Demolition Derby & Figure 8 Race Application] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SecondLife\SecondLife.exe -> %ProgramFiles%\SecondLife\SecondLife.exe [C:\Program Files\SecondLife\SecondLife.exe:*:Enabled:Second Life] -> Linden Lab [Ver = 1.20.15.92456 | Size = 16076800 bytes | Modified Date = 7/18/2008 2:03:16 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\ijji\ENGLISH\Gunz\Gunz.exe -> %SystemDrive%\ijji\ENGLISH\Gunz\Gunz.exe [C:\ijji\ENGLISH\Gunz\Gunz.exe:*:Enabled:Gunz] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN\MSNCoreFiles\msn.exe -> %ProgramFiles%\MSN\MSNCoreFiles\msn.exe [C:\Program Files\MSN\MSNCoreFiles\msn.exe:*:Enabled:msn] -> Microsoft Corporation [Ver = 9.50.0034.2000 | Size = 98304 bytes | Modified Date = 10/20/2006 3:42:12 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\PocketSoft\RTPatch\AutoRTP\artpschd.exe -> %CommonProgramFiles%\PocketSoft\RTPatch\AutoRTP\artpschd.exe [C:\Program Files\Common Files\PocketSoft\RTPatch\AutoRTP\artpschd.exe:*:Enabled:artpschd] -> Pocket Soft, Inc. [Ver = 6.50 | Size = 417792 bytes | Modified Date = 2/27/2002 6:50:00 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\ijji\ENGLISH\GUNSTER.exe -> %SystemDrive%\ijji\ENGLISH\GUNSTER.exe [C:\ijji\ENGLISH\GUNSTER.exe:*:Enabled:Gunster] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\StickIt\StickIt3.exe -> %ProgramFiles%\StickIt\StickIt3.exe [C:\Program Files\StickIt\StickIt3.exe:*:Enabled:StickIt3] -> Singer's Creations [Ver = 3.00.0003 | Size = 315392 bytes | Modified Date = 3/2/2007 9:29:46 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BYOND\bin\byond.exe -> %ProgramFiles%\BYOND\bin\byond.exe [C:\Program Files\BYOND\bin\byond.exe:*:Enabled:byond] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BYOND\bin\dreamseeker.exe -> %ProgramFiles%\BYOND\bin\dreamseeker.exe [C:\Program Files\BYOND\bin\dreamseeker.exe:*:Enabled:dreamseeker] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Gpotato\Flyff\Flyff.exe -> %ProgramFiles%\Gpotato\Flyff\Flyff.exe [C:\Program Files\Gpotato\Flyff\Flyff.exe:*:Enabled:Flyff] -> [Ver = | Size = 639048 bytes | Modified Date = 8/17/2007 8:35:08 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 10/10/2006 7:44:50 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\360Share Pro\Gui\360Share Pro.exe -> %ProgramFiles%\360Share Pro\Gui\360Share Pro.exe [C:\Program Files\360Share Pro\Gui\360Share Pro.exe:*:Enabled:360Share Pro] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\eMule\emule.exe -> %ProgramFiles%\eMule\emule.exe [C:\Program Files\eMule\emule.exe:*:Enabled:eMule] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Trillian\trillian.exe -> %ProgramFiles%\Trillian\trillian.exe [C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\utorrent.exe -> %ProgramFiles%\uTorrent\utorrent.exe [C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Steam\Steam.exe -> %ProgramFiles%\Steam\Steam.exe [C:\Program Files\Steam\Steam.exe:*:Enabled:Steam] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Steam\SteamApps\chamelionk\the ship\ship.exe -> %ProgramFiles%\Steam\SteamApps\chamelionk\the ship\ship.exe [C:\Program Files\Steam\SteamApps\chamelionk\the ship\ship.exe:*:Enabled:ship] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Savage 2 - A Tortured Soul\SAVAGE2.EXE -> %ProgramFiles%\Savage 2 - A Tortured Soul\SAVAGE2.EXE [C:\Program Files\Savage 2 - A Tortured Soul\SAVAGE2.EXE:*:Enabled:SAVAGE2] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Nexon\MapleStory\Patcher.exe -> %SystemDrive%\Nexon\MapleStory\Patcher.exe [C:\Nexon\MapleStory\Patcher.exe:*:Enabled:Patcher MFC ?? ????] -> [Ver = 1, 0, 0, 1 | Size = 1384448 bytes | Modified Date = 5/21/2008 6:11:26 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Nexon\MapleStory\MapleStory.exe -> %SystemDrive%\Nexon\MapleStory\MapleStory.exe [C:\Nexon\MapleStory\MapleStory.exe:*:Enabled:MapleStory] -> Wizet [Ver = 1, 0, 0, 1 | Size = 1946146 bytes | Modified Date = 5/21/2008 6:16:40 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\ijji\ENGLISH\u_goonzu.exe -> %SystemDrive%\ijji\ENGLISH\u_goonzu.exe [C:\ijji\ENGLISH\u_goonzu.exe:*:Enabled:] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\ijji\ENGLISH\u_gbound.exe -> %SystemDrive%\ijji\ENGLISH\u_gbound.exe [C:\ijji\ENGLISH\u_gbound.exe:*:Enabled:] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Disney\Disney Online\PiratesOnline\Launcher1.exe -> %ProgramFiles%\Disney\Disney Online\PiratesOnline\Launcher1.exe [C:\Program Files\Disney\Disney Online\PiratesOnline\Launcher1.exe:*:Enabled:Pirates of the Caribbean Online] -> Disney [Ver = 1.0.0.1 | Size = 1512960 bytes | Modified Date = 7/26/2008 10:33:18 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\Loader\aolload.exe -> %CommonProgramFiles%\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 10/18/2007 11:34:02 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> %ProgramFiles%\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 10/2/2007 5:18:24 PM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\My Games\Claw\cla.exe -> %SystemDrive%\My Games\Claw\cla.exe [C:\My Games\Claw\cla.exe:*:Enabled:Side-Scrolling Arcade-Action Game] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MySpace\IM\MySpaceIM.exe -> %ProgramFiles%\MySpace\IM\MySpaceIM.exe [C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\17155:TCP -> 17155:TCP:*:Enabled:BitComet 17155 TCP -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\17155:UDP -> 17155:UDP:*:Enabled:BitComet 17155 UDP -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\28910:TCP -> 28910:TCP:*:Enabled:WiFi -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\19900:TCP -> 19900:TCP:*:Enabled:Wifi (2) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\29901:TCP -> 29901:TCP:*:Enabled:Wifi (3) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\29920:TCP -> 29920:TCP:*:Enabled:Wifi (4) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\80:TCP -> 80:TCP:*:Enabled:WiFi (5) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{C9EB16AC-D2DF-4549-B438-8AF04F85A1E0} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{0E891372-9927-406C-8234-DAA2C2F5D0E8} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{B2B2A19A-DA2E-40F5-BEC5-8245740FB161} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %SystemRoot%\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> %SystemRoot%\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/4/2004 12:56:48 AM | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> [Binary data over 100 bytes] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> [Files/Folders - Created Within 90 days] FOUND.004 -> %SystemDrive%\FOUND.004 -> [Folder | Created Date = 7/27/2008 7:31:04 AM | Attr = HS] FOUND.000 -> %SystemDrive%\FOUND.000 -> [Folder | Created Date = 6/28/2008 11:42:24 PM | Attr = HS] FOUND.001 -> %SystemDrive%\FOUND.001 -> [Folder | Created Date = 7/7/2008 4:18:12 PM | Attr = HS] FOUND.002 -> %SystemDrive%\FOUND.002 -> [Folder | Created Date = 7/18/2008 1:00:32 PM | Attr = HS] FOUND.003 -> %SystemDrive%\FOUND.003 -> [Folder | Created Date = 7/24/2008 11:46:34 PM | Attr = HS] FOUND.005 -> %SystemDrive%\FOUND.005 -> [Folder | Created Date = 7/28/2008 9:58:10 PM | Attr = HS] ijji -> %SystemDrive%\ijji -> [Folder | Created Date = 7/30/2008 8:03:31 AM | Attr = ] FOUND.006 -> %SystemDrive%\FOUND.006 -> [Folder | Created Date = 8/2/2008 12:09:38 AM | Attr = HS] FOUND.007 -> %SystemDrive%\FOUND.007 -> [Folder | Created Date = 8/2/2008 7:23:52 AM | Attr = HS] FOUND.008 -> %SystemDrive%\FOUND.008 -> [Folder | Created Date = 8/2/2008 9:13:26 AM | Attr = HS] FOUND.009 -> %SystemDrive%\FOUND.009 -> [Folder | Created Date = 8/10/2008 1:47:46 PM | Attr = HS] url_history.xml -> %SystemDrive%\url_history.xml -> [Ver = | Size = 24 bytes | Created Date = 8/11/2008 7:06:23 AM | Attr = ] symredrv.sys -> %SystemRoot%\System32\drivers\symredrv.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 22320 bytes | Created Date = 6/13/2008 2:13:38 PM | Attr = ] symids.sys -> %SystemRoot%\System32\drivers\symids.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 38576 bytes | Created Date = 6/13/2008 2:13:38 PM | Attr = ] symndis.sys -> %SystemRoot%\System32\drivers\symndis.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 37424 bytes | Created Date = 6/13/2008 2:13:38 PM | Attr = ] symdns.sys -> %SystemRoot%\System32\drivers\symdns.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 13616 bytes | Created Date = 6/13/2008 2:13:38 PM | Attr = ] symfw.sys -> %SystemRoot%\System32\drivers\symfw.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 96432 bytes | Created Date = 6/13/2008 2:13:38 PM | Attr = ] symtdi.sys -> %SystemRoot%\System32\drivers\symtdi.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 184240 bytes | Created Date = 6/13/2008 2:13:40 PM | Attr = ] SymRedir.cat -> %SystemRoot%\System32\drivers\SymRedir.cat -> [Ver = | Size = 13093 bytes | Created Date = 6/13/2008 2:14:02 PM | Attr = ] SymRedir.inf -> %SystemRoot%\System32\drivers\SymRedir.inf -> [Ver = | Size = 1611 bytes | Created Date = 6/13/2008 2:14:02 PM | Attr = ] symndisv.sys -> %SystemRoot%\System32\drivers\symndisv.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 41008 bytes | Created Date = 6/13/2008 2:13:40 PM | Attr = ] mr7910.sys -> %SystemRoot%\System32\drivers\mr7910.sys -> Mars Semiconductor Corp. [Ver = v2.0 | Size = 114560 bytes | Created Date = 5/24/2008 7:41:22 PM | Attr = ] SymIM.sys -> %SystemRoot%\System32\drivers\SymIM.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 31280 bytes | Created Date = 6/13/2008 2:14:02 PM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Created Date = 7/28/2008 9:51:31 PM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Created Date = 7/28/2008 9:51:31 PM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 139264 bytes | Created Date = 7/28/2008 9:51:32 PM | Attr = ] nvcplara.chm -> %SystemRoot%\System32\nvcplara.chm -> [Ver = | Size = 125735 bytes | Created Date = 8/10/2008 2:45:05 PM | Attr = R ] NVUNINST.EXE -> %SystemRoot%\System32\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Created Date = 8/10/2008 3:27:25 PM | Attr = ] nvdspara.chm -> %SystemRoot%\System32\nvdspara.chm -> [Ver = | Size = 200405 bytes | Created Date = 8/10/2008 2:45:05 PM | Attr = R ] nv3dara.chm -> %SystemRoot%\System32\nv3dara.chm -> [Ver = | Size = 128544 bytes | Created Date = 8/10/2008 2:45:09 PM | Attr = R ] nvmobara.chm -> %SystemRoot%\System32\nvmobara.chm -> [Ver = | Size = 57328 bytes | Created Date = 8/10/2008 2:45:09 PM | Attr = R ] nvcplcsy.chm -> %SystemRoot%\System32\nvcplcsy.chm -> [Ver = | Size = 124067 bytes | Created Date = 8/10/2008 2:45:10 PM | Attr = R ] nvdspcsy.chm -> %SystemRoot%\System32\nvdspcsy.chm -> [Ver = | Size = 219156 bytes | Created Date = 8/10/2008 2:45:10 PM | Attr = R ] nv3dcsy.chm -> %SystemRoot%\System32\nv3dcsy.chm -> [Ver = | Size = 128958 bytes | Created Date = 8/10/2008 2:45:10 PM | Attr = R ] nvmobcsy.chm -> %SystemRoot%\System32\nvmobcsy.chm -> [Ver = | Size = 57387 bytes | Created Date = 8/10/2008 2:45:10 PM | Attr = R ] nvcpldan.chm -> %SystemRoot%\System32\nvcpldan.chm -> [Ver = | Size = 120933 bytes | Created Date = 8/10/2008 2:45:11 PM | Attr = R ] nvdspdan.chm -> %SystemRoot%\System32\nvdspdan.chm -> [Ver = | Size = 188707 bytes | Created Date = 8/10/2008 2:45:12 PM | Attr = R ] nv3ddan.chm -> %SystemRoot%\System32\nv3ddan.chm -> [Ver = | Size = 118926 bytes | Created Date = 8/10/2008 2:45:12 PM | Attr = R ] nvmobdan.chm -> %SystemRoot%\System32\nvmobdan.chm -> [Ver = | Size = 55622 bytes | Created Date = 8/10/2008 2:45:12 PM | Attr = R ] nvcpldeu.chm -> %SystemRoot%\System32\nvcpldeu.chm -> [Ver = | Size = 124590 bytes | Created Date = 8/10/2008 2:45:16 PM | Attr = R ] nvdspdeu.chm -> %SystemRoot%\System32\nvdspdeu.chm -> [Ver = | Size = 197544 bytes | Created Date = 8/10/2008 2:45:16 PM | Attr = R ] nv3ddeu.chm -> %SystemRoot%\System32\nv3ddeu.chm -> [Ver = | Size = 123526 bytes | Created Date = 8/10/2008 2:45:17 PM | Attr = R ] nvmobdeu.chm -> %SystemRoot%\System32\nvmobdeu.chm -> [Ver = | Size = 56087 bytes | Created Date = 8/10/2008 2:45:17 PM | Attr = R ] nvcplell.chm -> %SystemRoot%\System32\nvcplell.chm -> [Ver = | Size = 126670 bytes | Created Date = 8/10/2008 2:45:18 PM | Attr = R ] nvdspell.chm -> %SystemRoot%\System32\nvdspell.chm -> [Ver = | Size = 220768 bytes | Created Date = 8/10/2008 2:45:18 PM | Attr = R ] nv3dell.chm -> %SystemRoot%\System32\nv3dell.chm -> [Ver = | Size = 131422 bytes | Created Date = 8/10/2008 2:45:18 PM | Attr = R ] nvmobell.chm -> %SystemRoot%\System32\nvmobell.chm -> [Ver = | Size = 59100 bytes | Created Date = 8/10/2008 2:45:18 PM | Attr = R ] ijjiSetup.exe -> %SystemRoot%\System32\ijjiSetup.exe -> NHN USA [Ver = 1, 0, 0, 31 | Size = 710064 bytes | Created Date = 7/30/2008 8:01:28 AM | Attr = ] nvcpleng.chm -> %SystemRoot%\System32\nvcpleng.chm -> [Ver = | Size = 121758 bytes | Created Date = 8/10/2008 2:45:21 PM | Attr = R ] nvdspeng.chm -> %SystemRoot%\System32\nvdspeng.chm -> [Ver = | Size = 182024 bytes | Created Date = 8/10/2008 2:45:21 PM | Attr = R ] nv3deng.chm -> %SystemRoot%\System32\nv3deng.chm -> [Ver = | Size = 117083 bytes | Created Date = 8/10/2008 2:45:21 PM | Attr = R ] nvmobeng.chm -> %SystemRoot%\System32\nvmobeng.chm -> [Ver = | Size = 55103 bytes | Created Date = 8/10/2008 2:45:21 PM | Attr = R ] nvcplesn.chm -> %SystemRoot%\System32\nvcplesn.chm -> [Ver = | Size = 124084 bytes | Created Date = 8/10/2008 2:45:22 PM | Attr = R ] nvudisp.exe -> %SystemRoot%\System32\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 3 , 10 , 0 | Size = 442368 bytes | Created Date = 8/10/2008 3:28:02 PM | Attr = ] nvdspesn.chm -> %SystemRoot%\System32\nvdspesn.chm -> [Ver = | Size = 196421 bytes | Created Date = 8/10/2008 2:45:26 PM | Attr = R ] nv3desn.chm -> %SystemRoot%\System32\nv3desn.chm -> [Ver = | Size = 117909 bytes | Created Date = 8/10/2008 2:45:26 PM | Attr = R ] nvmobesn.chm -> %SystemRoot%\System32\nvmobesn.chm -> [Ver = | Size = 55669 bytes | Created Date = 8/10/2008 2:45:26 PM | Attr = R ] nvcplesm.chm -> %SystemRoot%\System32\nvcplesm.chm -> [Ver = | Size = 124138 bytes | Created Date = 8/10/2008 2:45:27 PM | Attr = R ] nvdisp.nvu -> %SystemRoot%\System32\nvdisp.nvu -> [Ver = | Size = 18070 bytes | Created Date = 8/10/2008 3:28:02 PM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 43573 bytes | Created Date = 8/10/2008 3:28:35 PM | Attr = ] nvdspesm.chm -> %SystemRoot%\System32\nvdspesm.chm -> [Ver = | Size = 197555 bytes | Created Date = 8/10/2008 2:45:27 PM | Attr = R ] nv3desm.chm -> %SystemRoot%\System32\nv3desm.chm -> [Ver = | Size = 118608 bytes | Created Date = 8/10/2008 2:45:27 PM | Attr = R ] nvmobesm.chm -> %SystemRoot%\System32\nvmobesm.chm -> [Ver = | Size = 55992 bytes | Created Date = 8/10/2008 2:45:27 PM | Attr = R ] nvcplfin.chm -> %SystemRoot%\System32\nvcplfin.chm -> [Ver = | Size = 124544 bytes | Created Date = 8/10/2008 2:45:28 PM | Attr = R ] SymRedir.dll -> %SystemRoot%\System32\SymRedir.dll -> Symantec Corporation [Ver = 8.0.2.6 | Size = 207240 bytes | Created Date = 6/13/2008 2:45:44 PM | Attr = ] nvdspfin.chm -> %SystemRoot%\System32\nvdspfin.chm -> [Ver = | Size = 195677 bytes | Created Date = 8/10/2008 2:45:29 PM | Attr = R ] nv3dfin.chm -> %SystemRoot%\System32\nv3dfin.chm -> [Ver = | Size = 124278 bytes | Created Date = 8/10/2008 2:45:29 PM | Attr = R ] nvmobfin.chm -> %SystemRoot%\System32\nvmobfin.chm -> [Ver = | Size = 56934 bytes | Created Date = 8/10/2008 2:45:29 PM | Attr = R ] nvcplfra.chm -> %SystemRoot%\System32\nvcplfra.chm -> [Ver = | Size = 122227 bytes | Created Date = 8/10/2008 2:45:33 PM | Attr = R ] nvdspfra.chm -> %SystemRoot%\System32\nvdspfra.chm -> [Ver = | Size = 189184 bytes | Created Date = 8/10/2008 2:45:34 PM | Attr = R ] SymNeti.dll -> %SystemRoot%\System32\SymNeti.dll -> Symantec Corporation [Ver = 8.0.2.6 | Size = 579464 bytes | Created Date = 6/13/2008 2:45:48 PM | Attr = ] nv3dfra.chm -> %SystemRoot%\System32\nv3dfra.chm -> [Ver = | Size = 119315 bytes | Created Date = 8/10/2008 2:45:34 PM | Attr = R ] nvmobfra.chm -> %SystemRoot%\System32\nvmobfra.chm -> [Ver = | Size = 56087 bytes | Created Date = 8/10/2008 2:45:34 PM | Attr = R ] nvcplheb.chm -> %SystemRoot%\System32\nvcplheb.chm -> [Ver = | Size = 126196 bytes | Created Date = 8/10/2008 2:45:35 PM | Attr = R ] nvdspheb.chm -> %SystemRoot%\System32\nvdspheb.chm -> [Ver = | Size = 207116 bytes | Created Date = 8/10/2008 2:45:35 PM | Attr = R ] nv3dheb.chm -> %SystemRoot%\System32\nv3dheb.chm -> [Ver = | Size = 132088 bytes | Created Date = 8/10/2008 2:45:35 PM | Attr = R ] nvmobheb.chm -> %SystemRoot%\System32\nvmobheb.chm -> [Ver = | Size = 58340 bytes | Created Date = 8/10/2008 2:45:36 PM | Attr = R ] nvcplhun.chm -> %SystemRoot%\System32\nvcplhun.chm -> [Ver = | Size = 125552 bytes | Created Date = 8/10/2008 2:45:37 PM | Attr = R ] nvdsphun.chm -> %SystemRoot%\System32\nvdsphun.chm -> [Ver = | Size = 203902 bytes | Created Date = 8/10/2008 2:45:37 PM | Attr = R ] nv3dhun.chm -> %SystemRoot%\System32\nv3dhun.chm -> [Ver = | Size = 131070 bytes | Created Date = 8/10/2008 2:45:37 PM | Attr = R ] nvmobhun.chm -> %SystemRoot%\System32\nvmobhun.chm -> [Ver = | Size = 57512 bytes | Created Date = 8/10/2008 2:45:37 PM | Attr = R ] nvcplita.chm -> %SystemRoot%\System32\nvcplita.chm -> [Ver = | Size = 124148 bytes | Created Date = 8/10/2008 2:45:41 PM | Attr = R ] nvdspita.chm -> %SystemRoot%\System32\nvdspita.chm -> [Ver = | Size = 201378 bytes | Created Date = 8/10/2008 2:45:42 PM | Attr = R ] nv3dita.chm -> %SystemRoot%\System32\nv3dita.chm -> [Ver = | Size = 121053 bytes | Created Date = 8/10/2008 2:45:42 PM | Attr = R ] nvmobita.chm -> %SystemRoot%\System32\nvmobita.chm -> [Ver = | Size = 56175 bytes | Created Date = 8/10/2008 2:45:42 PM | Attr = R ] nvcpljpn.chm -> %SystemRoot%\System32\nvcpljpn.chm -> [Ver = | Size = 129704 bytes | Created Date = 8/10/2008 2:45:43 PM | Attr = R ] nvdspjpn.chm -> %SystemRoot%\System32\nvdspjpn.chm -> [Ver = | Size = 251599 bytes | Created Date = 8/10/2008 2:45:43 PM | Attr = R ] nv3djpn.chm -> %SystemRoot%\System32\nv3djpn.chm -> [Ver = | Size = 144421 bytes | Created Date = 8/10/2008 2:45:44 PM | Attr = R ] nvmobjpn.chm -> %SystemRoot%\System32\nvmobjpn.chm -> [Ver = | Size = 60357 bytes | Created Date = 8/10/2008 2:45:44 PM | Attr = R ] nvcplkor.chm -> %SystemRoot%\System32\nvcplkor.chm -> [Ver = | Size = 124741 bytes | Created Date = 8/10/2008 2:45:48 PM | Attr = R ] nvdspkor.chm -> %SystemRoot%\System32\nvdspkor.chm -> [Ver = | Size = 224281 bytes | Created Date = 8/10/2008 2:45:48 PM | Attr = R ] nv3dkor.chm -> %SystemRoot%\System32\nv3dkor.chm -> [Ver = | Size = 132251 bytes | Created Date = 8/10/2008 2:45:49 PM | Attr = R ] nvmobkor.chm -> %SystemRoot%\System32\nvmobkor.chm -> [Ver = | Size = 59061 bytes | Created Date = 8/10/2008 2:45:49 PM | Attr = R ] nvcplnld.chm -> %SystemRoot%\System32\nvcplnld.chm -> [Ver = | Size = 122809 bytes | Created Date = 8/10/2008 2:45:50 PM | Attr = R ] nvdspnld.chm -> %SystemRoot%\System32\nvdspnld.chm -> [Ver = | Size = 189364 bytes | Created Date = 8/10/2008 2:45:50 PM | Attr = R ] nv3dnld.chm -> %SystemRoot%\System32\nv3dnld.chm -> [Ver = | Size = 118401 bytes | Created Date = 8/10/2008 2:45:50 PM | Attr = R ] nvmobnld.chm -> %SystemRoot%\System32\nvmobnld.chm -> [Ver = | Size = 55475 bytes | Created Date = 8/10/2008 2:45:50 PM | Attr = R ] nvcplnor.chm -> %SystemRoot%\System32\nvcplnor.chm -> [Ver = | Size = 120026 bytes | Created Date = 8/10/2008 2:45:53 PM | Attr = R ] nvdspnor.chm -> %SystemRoot%\System32\nvdspnor.chm -> [Ver = | Size = 189041 bytes | Created Date = 8/10/2008 2:45:53 PM | Attr = R ] nv3dnor.chm -> %SystemRoot%\System32\nv3dnor.chm -> [Ver = | Size = 119706 bytes | Created Date = 8/10/2008 2:45:53 PM | Attr = R ] nvmobnor.chm -> %SystemRoot%\System32\nvmobnor.chm -> [Ver = | Size = 55525 bytes | Created Date = 8/10/2008 2:45:53 PM | Attr = R ] nvcplplk.chm -> %SystemRoot%\System32\nvcplplk.chm -> [Ver = | Size = 124019 bytes | Created Date = 8/10/2008 2:45:57 PM | Attr = R ] nvdspplk.chm -> %SystemRoot%\System32\nvdspplk.chm -> [Ver = | Size = 205816 bytes | Created Date = 8/10/2008 2:45:58 PM | Attr = R ] nv3dplk.chm -> %SystemRoot%\System32\nv3dplk.chm -> [Ver = | Size = 130245 bytes | Created Date = 8/10/2008 2:45:58 PM | Attr = R ] nvmobplk.chm -> %SystemRoot%\System32\nvmobplk.chm -> [Ver = | Size = 57376 bytes | Created Date = 8/10/2008 2:45:58 PM | Attr = R ] nvcplptg.chm -> %SystemRoot%\System32\nvcplptg.chm -> [Ver = | Size = 124044 bytes | Created Date = 8/10/2008 2:45:59 PM | Attr = R ] ijjiPlugin2.dll -> %SystemRoot%\System32\ijjiPlugin2.dll -> NHN USA Corp. [Ver = 2, 0, 0, 1 | Size = 58800 bytes | Created Date = 7/30/2008 8:01:29 AM | Attr = ] nvdspptg.chm -> %SystemRoot%\System32\nvdspptg.chm -> [Ver = | Size = 194380 bytes | Created Date = 8/10/2008 2:45:59 PM | Attr = R ] nv3dptg.chm -> %SystemRoot%\System32\nv3dptg.chm -> [Ver = | Size = 129550 bytes | Created Date = 8/10/2008 2:46:00 PM | Attr = R ] nvmobptg.chm -> %SystemRoot%\System32\nvmobptg.chm -> [Ver = | Size = 55845 bytes | Created Date = 8/10/2008 2:46:00 PM | Attr = R ] nvcplptb.chm -> %SystemRoot%\System32\nvcplptb.chm -> [Ver = | Size = 124078 bytes | Created Date = 8/10/2008 2:46:01 PM | Attr = R ] nvdspptb.chm -> %SystemRoot%\System32\nvdspptb.chm -> [Ver = | Size = 189104 bytes | Created Date = 8/10/2008 2:46:01 PM | Attr = R ] nv3dptb.chm -> %SystemRoot%\System32\nv3dptb.chm -> [Ver = | Size = 118410 bytes | Created Date = 8/10/2008 2:46:01 PM | Attr = R ] nvmobptb.chm -> %SystemRoot%\System32\nvmobptb.chm -> [Ver = | Size = 55946 bytes | Created Date = 8/10/2008 2:46:01 PM | Attr = R ] nvcplrus.chm -> %SystemRoot%\System32\nvcplrus.chm -> [Ver = | Size = 125181 bytes | Created Date = 8/10/2008 2:46:06 PM | Attr = R ] nvdsprus.chm -> %SystemRoot%\System32\nvdsprus.chm -> [Ver = | Size = 214210 bytes | Created Date = 8/10/2008 2:46:06 PM | Attr = R ] nv3drus.chm -> %SystemRoot%\System32\nv3drus.chm -> [Ver = | Size = 126976 bytes | Created Date = 8/10/2008 2:46:06 PM | Attr = R ] nvmobrus.chm -> %SystemRoot%\System32\nvmobrus.chm -> [Ver = | Size = 57339 bytes | Created Date = 8/10/2008 2:46:07 PM | Attr = R ] nvcplsky.chm -> %SystemRoot%\System32\nvcplsky.chm -> [Ver = | Size = 126105 bytes | Created Date = 8/10/2008 2:46:08 PM | Attr = R ] nvdspsky.chm -> %SystemRoot%\System32\nvdspsky.chm -> [Ver = | Size = 217076 bytes | Created Date = 8/10/2008 2:46:08 PM | Attr = R ] nv3dsky.chm -> %SystemRoot%\System32\nv3dsky.chm -> [Ver = | Size = 129499 bytes | Created Date = 8/10/2008 2:46:08 PM | Attr = R ] nvmobsky.chm -> %SystemRoot%\System32\nvmobsky.chm -> [Ver = | Size = 57545 bytes | Created Date = 8/10/2008 2:46:08 PM | Attr = R ] nvcplslv.chm -> %SystemRoot%\System32\nvcplslv.chm -> [Ver = | Size = 124964 bytes | Created Date = 8/10/2008 2:46:13 PM | Attr = R ] nvdspslv.chm -> %SystemRoot%\System32\nvdspslv.chm -> [Ver = | Size = 206105 bytes | Created Date = 8/10/2008 2:46:13 PM | Attr = R ] nv3dslv.chm -> %SystemRoot%\System32\nv3dslv.chm -> [Ver = | Size = 128913 bytes | Created Date = 8/10/2008 2:46:13 PM | Attr = R ] nvmobslv.chm -> %SystemRoot%\System32\nvmobslv.chm -> [Ver = | Size = 57380 bytes | Created Date = 8/10/2008 2:46:13 PM | Attr = R ] nvcplsve.chm -> %SystemRoot%\System32\nvcplsve.chm -> [Ver = | Size = 122675 bytes | Created Date = 8/10/2008 2:46:15 PM | Attr = R ] nvdspsve.chm -> %SystemRoot%\System32\nvdspsve.chm -> [Ver = | Size = 195910 bytes | Created Date = 8/10/2008 2:46:15 PM | Attr = R ] nv3dsve.chm -> %SystemRoot%\System32\nv3dsve.chm -> [Ver = | Size = 118734 bytes | Created Date = 8/10/2008 2:46:15 PM | Attr = R ] nvmobsve.chm -> %SystemRoot%\System32\nvmobsve.chm -> [Ver = | Size = 55693 bytes | Created Date = 8/10/2008 2:46:15 PM | Attr = R ] nvcpltha.chm -> %SystemRoot%\System32\nvcpltha.chm -> [Ver = | Size = 128148 bytes | Created Date = 8/10/2008 2:46:17 PM | Attr = R ] nvdsptha.chm -> %SystemRoot%\System32\nvdsptha.chm -> [Ver = | Size = 220312 bytes | Created Date = 8/10/2008 2:46:21 PM | Attr = R ] nv3dtha.chm -> %SystemRoot%\System32\nv3dtha.chm -> [Ver = | Size = 137045 bytes | Created Date = 8/10/2008 2:46:21 PM | Attr = R ] nvmobtha.chm -> %SystemRoot%\System32\nvmobtha.chm -> [Ver = | Size = 59225 bytes | Created Date = 8/10/2008 2:46:22 PM | Attr = R ] nvcpltrk.chm -> %SystemRoot%\System32\nvcpltrk.chm -> [Ver = | Size = 126892 bytes | Created Date = 8/10/2008 2:46:23 PM | Attr = R ] nvdsptrk.chm -> %SystemRoot%\System32\nvdsptrk.chm -> [Ver = | Size = 210720 bytes | Created Date = 8/10/2008 2:46:23 PM | Attr = R ] nv3dtrk.chm -> %SystemRoot%\System32\nv3dtrk.chm -> [Ver = | Size = 133761 bytes | Created Date = 8/10/2008 2:46:24 PM | Attr = R ] nvmobtrk.chm -> %SystemRoot%\System32\nvmobtrk.chm -> [Ver = | Size = 57450 bytes | Created Date = 8/10/2008 2:46:24 PM | Attr = R ] nvcplchs.chm -> %SystemRoot%\System32\nvcplchs.chm -> [Ver = | Size = 124229 bytes | Created Date = 8/10/2008 2:46:25 PM | Attr = R ] nvdspchs.chm -> %SystemRoot%\System32\nvdspchs.chm -> [Ver = | Size = 219669 bytes | Created Date = 8/10/2008 2:46:25 PM | Attr = R ] nv3dchs.chm -> %SystemRoot%\System32\nv3dchs.chm -> [Ver = | Size = 134133 bytes | Created Date = 8/10/2008 2:46:25 PM | Attr = R ] nvmobchs.chm -> %SystemRoot%\System32\nvmobchs.chm -> [Ver = | Size = 58607 bytes | Created Date = 8/10/2008 2:46:26 PM | Attr = R ] nvcplcht.chm -> %SystemRoot%\System32\nvcplcht.chm -> [Ver = | Size = 124817 bytes | Created Date = 8/10/2008 2:46:30 PM | Attr = R ] nvdspcht.chm -> %SystemRoot%\System32\nvdspcht.chm -> [Ver = | Size = 213493 bytes | Created Date = 8/10/2008 2:46:30 PM | Attr = R ] nv3dcht.chm -> %SystemRoot%\System32\nv3dcht.chm -> [Ver = | Size = 139792 bytes | Created Date = 8/10/2008 2:46:31 PM | Attr = R ] nvmobcht.chm -> %SystemRoot%\System32\nvmobcht.chm -> [Ver = | Size = 59261 bytes | Created Date = 8/10/2008 2:46:31 PM | Attr = R ] nvdsp.chm -> %SystemRoot%\System32\nvdsp.chm -> [Ver = | Size = 181895 bytes | Created Date = 8/10/2008 3:41:50 PM | Attr = ] nv3d.chm -> %SystemRoot%\System32\nv3d.chm -> [Ver = | Size = 116384 bytes | Created Date = 8/10/2008 3:41:50 PM | Attr = ] nvmob.chm -> %SystemRoot%\System32\nvmob.chm -> [Ver = | Size = 54988 bytes | Created Date = 8/10/2008 3:41:50 PM | Attr = ] nvcpl.chm -> %SystemRoot%\System32\nvcpl.chm -> [Ver = | Size = 121529 bytes | Created Date = 8/10/2008 3:41:49 PM | Attr = ] d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [Ver = | Size = 1324 bytes | Created Date = 7/24/2008 11:36:55 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Created Date = 8/10/2008 1:33:59 PM | Attr = ] 18 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> LastGood -> %SystemRoot%\LastGood -> [Folder | Created Date = 8/10/2008 3:41:12 PM | Attr = ] NV21681996.TMP -> %SystemRoot%\NV21681996.TMP -> [Folder | Created Date = 8/10/2008 3:41:45 PM | Attr = ] marscam.ini -> %SystemRoot%\marscam.ini -> [Ver = | Size = 36 bytes | Created Date = 5/24/2008 7:42:24 PM | Attr = ] NV768732.TMP -> %SystemRoot%\NV768732.TMP -> [Folder | Created Date = 7/11/2008 10:06:47 AM | Attr = ] nvidia icons -> %SystemRoot%\nvidia icons -> [Folder | Created Date = 6/30/2008 11:45:51 PM | Attr = ] Logs -> %SystemRoot%\Logs -> [Folder | Created Date = 7/11/2008 10:08:34 AM | Attr = ] Norton AntiVirus - Run Full System Scan - Kory.job -> %SystemRoot%\tasks\Norton AntiVirus - Run Full System Scan - Kory.job -> [Ver = | Size = 554 bytes | Created Date = 8/3/2008 11:54:02 PM | Attr = ] [Files Created - Additional Folder Scans - Non-Microsoft Only] Yahoo! Companion -> %AllUsersProfile%\Application Data\Yahoo! Companion -> [Folder | Created Date = 7/21/2008 3:00:07 PM | Attr = ] Uniblue -> %AppData%\Uniblue -> [Folder | Created Date = 7/20/2008 11:04:09 PM | Attr = ] Flickr -> %AppData%\Flickr -> [Folder | Created Date = 5/21/2008 2:09:01 PM | Attr = ] NPLUTO Corporation -> %AppData%\NPLUTO Corporation -> [Folder | Created Date = 7/30/2008 2:49:53 PM | Attr = ] Mabinogi -> %UserProfile%\My Documents\Mabinogi -> [Folder | Created Date = 7/24/2008 3:13:08 PM | Attr = S] Pirates of the Caribbean Online.lnk -> %AllUsersProfile%\Desktop\Pirates of the Caribbean Online.lnk -> [Ver = | Size = 863 bytes | Created Date = 7/18/2008 11:09:02 AM | Attr = ] Second Life.lnk -> %AllUsersProfile%\Desktop\Second Life.lnk -> [Ver = | Size = 610 bytes | Created Date = 8/7/2008 2:00:23 PM | Attr = ] Windows Live Messenger .lnk -> %UserProfile%\Desktop\Windows Live Messenger .lnk -> [Ver = | Size = 1743 bytes | Created Date = 5/16/2008 8:16:16 AM | Attr = ] StepMania 3.9.lnk -> %UserProfile%\Desktop\StepMania 3.9.lnk -> [Ver = | Size = 694 bytes | Created Date = 7/19/2008 11:57:18 PM | Attr = ] Mabinogi.lnk -> %UserProfile%\Desktop\Mabinogi.lnk -> [Ver = | Size = 538 bytes | Created Date = 7/24/2008 3:16:22 PM | Attr = ] Mabinogi Homepage.lnk -> %UserProfile%\Desktop\Mabinogi Homepage.lnk -> [Ver = | Size = 1314 bytes | Created Date = 7/24/2008 3:16:22 PM | Attr = ] Ad-aware 6.0.lnk -> %UserProfile%\Desktop\Ad-aware 6.0.lnk -> [Ver = | Size = 1607 bytes | Created Date = 7/26/2008 8:39:51 PM | Attr = ] Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk -> [Ver = | Size = 837 bytes | Created Date = 7/26/2008 8:47:05 PM | Attr = ] i j j i.lnk -> %UserProfile%\Desktop\i j j i.lnk -> [Ver = | Size = 1457 bytes | Created Date = 7/30/2008 8:05:50 AM | Attr = ] Drift City.lnk -> %UserProfile%\Desktop\Drift City.lnk -> [Ver = | Size = 1559 bytes | Created Date = 7/30/2008 11:47:20 AM | Attr = ] MSNCleaner.exe -> %UserProfile%\Desktop\MSNCleaner.exe -> InfoSpyware - ForoSpyware [Ver = 1.06.0008 | Size = 192512 bytes | Created Date = 8/5/2008 9:57:46 PM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1638 bytes | Created Date = 8/5/2008 10:04:19 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568477 bytes | Created Date = 8/13/2008 9:37:16 PM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Created Date = 8/13/2008 9:37:43 PM | Attr = ] NHN USA -> %ProgramFiles%\NHN USA -> [Folder | Created Date = 7/30/2008 8:01:28 AM | Attr = ] DriftCity -> %ProgramFiles%\DriftCity -> [Folder | Created Date = 7/30/2008 11:38:27 AM | Attr = ] Spybot - Search & Destroy -> %ProgramFiles%\Spybot - Search & Destroy -> [Folder | Created Date = 7/26/2008 8:46:54 PM | Attr = ] gtx73.ini -> %ProgramFiles%\gtx73.ini -> [Ver = | Size = 1437 bytes | Created Date = 2/8/2100 3:53:34 PM | Attr = ] Trend Micro -> %ProgramFiles%\Trend Micro -> [Folder | Created Date = 8/5/2008 10:04:16 PM | Attr = ] DIFX -> %ProgramFiles%\DIFX -> [Folder | Created Date = 5/24/2008 7:41:37 PM | Attr = ] SecondLife -> %ProgramFiles%\SecondLife -> [Folder | Created Date = 8/7/2008 1:59:49 PM | Attr = ] ACMonitor_X73.exe -> %ProgramFiles%\ACMonitor_X73.exe -> Silitek Corp. [Ver = 1, 0, 0, 8 | Size = 53248 bytes | Created Date = 2/8/2100 4:03:54 PM | Attr = ] [Files/Folders - Modified Within 90 days] FOUND.004 -> %SystemDrive%\FOUND.004 -> [Folder | Modified Date = 7/27/2008 7:31:04 AM | Attr = HS] sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/1/2008 10:27:10 PM | Attr = H ] sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 268 bytes | Modified Date = 8/2/2008 12:01:58 AM | Attr = H ] sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 8/2/2008 12:01:58 AM | Attr = H ] FOUND.000 -> %SystemDrive%\FOUND.000 -> [Folder | Modified Date = 6/28/2008 11:42:24 PM | Attr = HS] FOUND.001 -> %SystemDrive%\FOUND.001 -> [Folder | Modified Date = 7/7/2008 4:18:12 PM | Attr = HS] FOUND.002 -> %SystemDrive%\FOUND.002 -> [Folder | Modified Date = 7/18/2008 1:00:32 PM | Attr = HS] FOUND.003 -> %SystemDrive%\FOUND.003 -> [Folder | Modified Date = 7/24/2008 11:46:34 PM | Attr = HS] FOUND.005 -> %SystemDrive%\FOUND.005 -> [Folder | Modified Date = 7/28/2008 9:58:10 PM | Attr = HS] sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 5/16/2008 8:16:24 AM | Attr = H ] sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 232 bytes | Modified Date = 5/16/2008 8:16:24 AM | Attr = H ] sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 268 bytes | Modified Date = 8/1/2008 10:27:10 PM | Attr = H ] ijji -> %SystemDrive%\ijji -> [Folder | Modified Date = 7/30/2008 8:03:32 AM | Attr = ] FOUND.006 -> %SystemDrive%\FOUND.006 -> [Folder | Modified Date = 8/2/2008 12:09:38 AM | Attr = HS] FOUND.007 -> %SystemDrive%\FOUND.007 -> [Folder | Modified Date = 8/2/2008 7:23:52 AM | Attr = HS] FOUND.008 -> %SystemDrive%\FOUND.008 -> [Folder | Modified Date = 8/2/2008 9:13:26 AM | Attr = HS] FOUND.009 -> %SystemDrive%\FOUND.009 -> [Folder | Modified Date = 8/10/2008 1:47:46 PM | Attr = HS] url_history.xml -> %SystemDrive%\url_history.xml -> [Ver = | Size = 24 bytes | Modified Date = 8/13/2008 9:37:34 PM | Attr = ] SYMEVENT.SYS -> %SystemRoot%\System32\drivers\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.5.4.1 | Size = 123952 bytes | Modified Date = 7/18/2008 9:59:02 AM | Attr = ] SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF -> [Ver = | Size = 805 bytes | Modified Date = 7/18/2008 9:59:04 AM | Attr = ] SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT -> [Ver = | Size = 10671 bytes | Modified Date = 7/18/2008 9:59:04 AM | Attr = ] symredrv.sys -> %SystemRoot%\System32\drivers\symredrv.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 22320 bytes | Modified Date = 6/13/2008 2:13:38 PM | Attr = ] symids.sys -> %SystemRoot%\System32\drivers\symids.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 38576 bytes | Modified Date = 6/13/2008 2:13:38 PM | Attr = ] symndis.sys -> %SystemRoot%\System32\drivers\symndis.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 37424 bytes | Modified Date = 6/13/2008 2:13:38 PM | Attr = ] symdns.sys -> %SystemRoot%\System32\drivers\symdns.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 13616 bytes | Modified Date = 6/13/2008 2:13:38 PM | Attr = ] symfw.sys -> %SystemRoot%\System32\drivers\symfw.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 96432 bytes | Modified Date = 6/13/2008 2:13:38 PM | Attr = ] symtdi.sys -> %SystemRoot%\System32\drivers\symtdi.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 184240 bytes | Modified Date = 6/13/2008 2:13:40 PM | Attr = ] SymRedir.cat -> %SystemRoot%\System32\drivers\SymRedir.cat -> [Ver = | Size = 13093 bytes | Modified Date = 6/13/2008 2:14:02 PM | Attr = ] SymRedir.inf -> %SystemRoot%\System32\drivers\SymRedir.inf -> [Ver = | Size = 1611 bytes | Modified Date = 6/13/2008 2:14:02 PM | Attr = ] symndisv.sys -> %SystemRoot%\System32\drivers\symndisv.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 41008 bytes | Modified Date = 6/13/2008 2:13:40 PM | Attr = ] COH_Mon.sys -> %SystemRoot%\System32\drivers\COH_Mon.sys -> Symantec Corporation [Ver = 6,1,4,10 | Size = 23888 bytes | Modified Date = 7/30/2008 5:42:12 PM | Attr = ] coh_mon.cat -> %SystemRoot%\System32\drivers\coh_mon.cat -> [Ver = | Size = 10537 bytes | Modified Date = 7/30/2008 5:28:04 PM | Attr = ] COH_Mon.inf -> %SystemRoot%\System32\drivers\COH_Mon.inf -> [Ver = | Size = 706 bytes | Modified Date = 7/30/2008 5:28:04 PM | Attr = ] SymIM.sys -> %SystemRoot%\System32\drivers\SymIM.sys -> Symantec Corporation [Ver = 8.0.2.4 | Size = 31280 bytes | Modified Date = 6/13/2008 2:14:02 PM | Attr = ] d3d8caps.dat -> %SystemRoot%\System32\d3d8caps.dat -> [Ver = | Size = 1100 bytes | Modified Date = 7/28/2008 6:59:48 AM | Attr = ] java.exe -> %SystemRoot%\System32\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Modified Date = 6/10/2008 1:21:02 AM | Attr = ] javaw.exe -> %SystemRoot%\System32\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 135168 bytes | Modified Date = 6/10/2008 1:21:04 AM | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 13064 bytes | Modified Date = 8/10/2008 3:34:56 PM | Attr = ] javaws.exe -> %SystemRoot%\System32\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 139264 bytes | Modified Date = 6/10/2008 2:32:34 AM | Attr = ] javacpl.cpl -> %SystemRoot%\System32\javacpl.cpl -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 73728 bytes | Modified Date = 6/10/2008 2:32:34 AM | Attr = ] ijjiSetup.exe -> %SystemRoot%\System32\ijjiSetup.exe -> NHN USA [Ver = 1, 0, 0, 31 | Size = 710064 bytes | Modified Date = 6/17/2008 7:28:42 PM | Attr = ] S32EVNT1.DLL -> %SystemRoot%\System32\S32EVNT1.DLL -> Symantec Corporation [Ver = 12.5.4.2 | Size = 60800 bytes | Modified Date = 7/18/2008 9:59:02 AM | Attr = ] nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [Ver = | Size = 43573 bytes | Modified Date = 8/10/2008 3:48:20 PM | Attr = ] SymRedir.dll -> %SystemRoot%\System32\SymRedir.dll -> Symantec Corporation [Ver = 8.0.2.6 | Size = 207240 bytes | Modified Date = 6/13/2008 2:45:44 PM | Attr = ] SymNeti.dll -> %SystemRoot%\System32\SymNeti.dll -> Symantec Corporation [Ver = 8.0.2.6 | Size = 579464 bytes | Modified Date = 6/13/2008 2:45:48 PM | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,224,0 | Size = 107888 bytes | Modified Date = 7/19/2008 10:39:56 AM | Attr = ] ijjiPlugin2.dll -> %SystemRoot%\System32\ijjiPlugin2.dll -> NHN USA Corp. [Ver = 2, 0, 0, 1 | Size = 58800 bytes | Modified Date = 6/11/2008 11:01:48 PM | Attr = ] d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [Ver = | Size = 1324 bytes | Modified Date = 8/1/2008 11:56:18 PM | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Modified Date = 8/10/2008 1:34:00 PM | Attr = ] 18 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = | Size = 536367104 bytes | Modified Date = 7/30/2008 3:58:30 PM | Attr = ] LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 8/10/2008 3:41:14 PM | Attr = ] NV21681996.TMP -> %SystemRoot%\NV21681996.TMP -> [Folder | Modified Date = 8/10/2008 3:41:46 PM | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 8/10/2008 3:32:54 PM | Attr = S] marscam.ini -> %SystemRoot%\marscam.ini -> [Ver = | Size = 36 bytes | Modified Date = 6/29/2008 12:24:24 AM | Attr = ] NV768732.TMP -> %SystemRoot%\NV768732.TMP -> [Folder | Modified Date = 7/11/2008 10:06:48 AM | Attr = ] nvidia icons -> %SystemRoot%\nvidia icons -> [Folder | Modified Date = 6/30/2008 11:45:52 PM | Attr = ] Logs -> %SystemRoot%\Logs -> [Folder | Modified Date = 7/11/2008 10:08:36 AM | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 8/10/2008 3:33:10 PM | Attr = H ] Norton AntiVirus - Run Full System Scan - CDM.job -> %SystemRoot%\tasks\Norton AntiVirus - Run Full System Scan - CDM.job -> [Ver = | Size = 552 bytes | Modified Date = 8/11/2008 8:00:02 PM | Attr = ] Norton AntiVirus - Run Full System Scan - Kory.job -> %SystemRoot%\tasks\Norton AntiVirus - Run Full System Scan - Kory.job -> [Ver = | Size = 554 bytes | Modified Date = 8/13/2008 6:30:18 AM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help -> [Folder | Modified Date = 2/23/2005 4:47:28 PM | Attr = ] hhcolreg.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [Ver = | Size = 8122 bytes | Modified Date = 2/19/2006 8:49:48 PM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache -> [Folder | Modified Date = 2/25/2005 8:20:16 PM | Attr = ] college.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\college.dat -> [Ver = | Size = 327746 bytes | Modified Date = 6/18/2003 12:00:00 PM | Attr = ] ylpgscat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ylpgscat.dat -> [Ver = | Size = 12283223 bytes | Modified Date = 6/18/2003 12:00:00 PM | Attr = ] about.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\about.dat -> [Ver = | Size = 1528 bytes | Modified Date = 6/18/2003 12:00:00 PM | Attr = ] moreinfo.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\moreinfo.dat -> [Ver = | Size = 102 bytes | Modified Date = 6/18/2003 12:00:00 PM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 2/24/2005 6:03:02 AM | Attr = ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 6812 bytes | Modified Date = 8/13/2008 7:30:02 PM | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 7197 bytes | Modified Date = 8/13/2008 7:30:02 PM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data -> [Folder | Modified Date = 2/25/2005 8:15:04 PM | Attr = ] data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 3804 bytes | Modified Date = 2/25/2005 9:02:44 PM | Attr = ] C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works -> [Folder | Modified Date = 2/25/2005 8:11:14 PM | Attr = ] wklntsk1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk1.dat -> [Ver = | Size = 198875 bytes | Modified Date = 8/12/2008 7:54:06 AM | Attr = ] wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat -> [Ver = | Size = 16384 bytes | Modified Date = 12/11/2005 11:42:30 PM | Attr = ] CalMRU.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\CalMRU.dat -> [Ver = | Size = 12 bytes | Modified Date = 1/18/2007 11:57:10 PM | Attr = ] C:\Documents and Settings\Kory\Local Settings\Temp\ -> C:\Documents and Settings\Kory\Local Settings\Temp -> [Folder | Modified Date = 2/23/2005 4:36:42 PM | Attr = ] eauninstall.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\eauninstall.exe -> Electronic Arts Inc. [Ver = 1.04.00.356 | Size = 356352 bytes | Modified Date = 8/9/2007 4:09:22 PM | Attr = ] AutoRun.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\AutoRun.exe -> Electronic Arts Inc. [Ver = 1.4.0.356 | Size = 703552 bytes | Modified Date = 5/27/2008 5:42:04 PM | Attr = ] The Sims 2 Deluxe_uninst.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\The Sims 2 Deluxe_uninst.exe -> Electronic Arts Inc. [Ver = 1.05.02.01 | Size = 73728 bytes | Modified Date = 8/6/2007 8:28:12 PM | Attr = ] ycomp_setup.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\ycomp_setup.exe -> [Ver = | Size = 1636376 bytes | Modified Date = 1/9/2007 3:09:00 PM | Attr = ] VP6Install.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\VP6Install.exe -> [Ver = | Size = 23040 bytes | Modified Date = 8/6/2007 7:28:40 PM | Attr = R ] 700 C:\Documents and Settings\Kory\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Kory\Local Settings\Temp\*.tmp -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\ -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD} -> [Folder | Modified Date = 7/11/2008 10:05:20 AM | Attr = ] nvupnp-amd64.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvupnp-amd64.exe -> [Ver = | Size = 28160 bytes | Modified Date = 6/1/2006 6:59:24 PM | Attr = ] nvuninst-ia64.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvuninst-ia64.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 25 | Size = 242688 bytes | Modified Date = 6/1/2006 5:30:52 PM | Attr = ] NVUninst.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\NVUninst.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 208896 bytes | Modified Date = 6/1/2006 7:09:24 PM | Attr = ] nvuninst-amd64.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvuninst-amd64.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 222720 bytes | Modified Date = 6/1/2006 6:59:24 PM | Attr = ] nvupnpbr.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvupnpbr.exe -> [Ver = | Size = 32768 bytes | Modified Date = 6/1/2006 6:59:24 PM | Attr = ] nvupnp-ia64.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\nvupnp-ia64.exe -> [Ver = | Size = 56832 bytes | Modified Date = 6/1/2006 5:30:52 PM | Attr = ] C:\Documents and Settings\Kory\Local Settings\Temp\Rar$EX03.762\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Rar$EX03.762\ -> [Folder | Modified Date = 7/21/2008 10:48:14 AM | Attr = ] SysSpec.exe -> C:\Documents and Settings\Kory\Local Settings\Temp\Rar$EX03.762\SysSpec.exe -> [Ver = | Size = 1907200 bytes | Modified Date = 10/15/2006 6:14:50 PM | Attr = ] C:\Documents and Settings\Kory\Local Settings\Temp\ -> C:\Documents and Settings\Kory\Local Settings\Temp -> [Folder | Modified Date = 2/23/2005 4:36:42 PM | Attr = ] drm_dyndata_7370007.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\drm_dyndata_7370007.dll -> Sony DADC Austria AG [Ver = 1, 0, 0, 3 | Size = 204800 bytes | Modified Date = 7/19/2008 10:40:00 AM | Attr = ] AutoRunGUI.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\AutoRunGUI.dll -> Electronic Arts Inc. [Ver = 1.04.00.00 | Size = 662592 bytes | Modified Date = 5/27/2008 5:42:04 PM | Attr = ] drm_dialogs.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\drm_dialogs.dll -> Sony DADC Austria AG [Ver = 1, 2, 0, 1 | Size = 65536 bytes | Modified Date = 7/19/2008 10:40:06 AM | Attr = ] VP6VFW.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\VP6VFW.dll -> On2.com [Ver = 6,0,6,4 | Size = 442368 bytes | Modified Date = 8/6/2007 7:28:40 PM | Attr = R ] 700 C:\Documents and Settings\Kory\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Kory\Local Settings\Temp\*.tmp -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\ -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD} -> [Folder | Modified Date = 7/11/2008 10:05:20 AM | Attr = ] NvInstNT.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\NvInstNT.dll -> NVIDIA Corporation [Ver = 6.14.10.9131 | Size = 167936 bytes | Modified Date = 6/1/2006 7:09:18 PM | Attr = ] _isressm.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\_isressm.dll -> InstallShield Software Corporation [Ver = 9.00.333 | Size = 299008 bytes | Modified Date = 6/1/2006 5:30:50 PM | Attr = ] isrt.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\isrt.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 401408 bytes | Modified Date = 4/19/2005 12:42:56 PM | Attr = R ] _IsRes.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\{EFB7D050-CAD2-11D4-B34D-00105A1C23DD}\_IsRes.dll -> InstallShield Software Corporation [Ver = 9.00.333 | Size = 364544 bytes | Modified Date = 4/19/2005 12:42:46 PM | Attr = R ] C:\Documents and Settings\Kory\Local Settings\Temp\isp27.tmp\ -> C:\Documents and Settings\Kory\Local Settings\Temp\isp27.tmp\ -> [Folder | Modified Date = 8/1/2008 11:56:40 PM | Attr = ] _Setup.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\isp27.tmp\_Setup.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 368640 bytes | Modified Date = 8/1/2008 11:56:40 PM | Attr = ] C:\Documents and Settings\Kory\Local Settings\Temp\isp323.tmp\ -> C:\Documents and Settings\Kory\Local Settings\Temp\isp323.tmp\ -> [Folder | Modified Date = 7/11/2008 10:05:12 AM | Attr = ] _Setup.dll -> C:\Documents and Settings\Kory\Local Settings\Temp\isp323.tmp\_Setup.dll -> InstallShield Software Corporation [Ver = 9.01.429 | Size = 368640 bytes | Modified Date = 7/11/2008 10:05:12 AM | Attr = ] C:\Documents and Settings\Kory\Local Settings\Temp\ -> C:\Documents and Settings\Kory\Local Settings\Temp -> [Folder | Modified Date = 2/23/2005 4:36:42 PM | Attr = ] Perflib_Perfdata_74c.dat -> C:\Documents and Settings\Kory\Local Settings\Temp\Perflib_Perfdata_74c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/4/2008 9:33:28 PM | Attr = ] Perflib_Perfdata_904.dat -> C:\Documents and Settings\Kory\Local Settings\Temp\Perflib_Perfdata_904.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/10/2008 7:53:18 AM | Attr = ] Perflib_Perfdata_ec8.dat -> C:\Documents and Settings\Kory\Local Settings\Temp\Perflib_Perfdata_ec8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/26/2008 6:51:48 AM | Attr = ] Perflib_Perfdata_888.dat -> C:\Documents and Settings\Kory\Local Settings\Temp\Perflib_Perfdata_888.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/28/2008 8:30:16 PM | Attr = ] Perflib_Perfdata_8a0.dat -> C:\Documents and Settings\Kory\Local Settings\Temp\Perflib_Perfdata_8a0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/17/2008 11:09:18 PM | Attr = ] Perflib_Perfdata_2f0.dat -> C:\Documents and Settings\Kory\Local Settings\Temp\Perflib_Perfdata_2f0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/24/2008 10:47:24 PM | Attr = ] Perflib_Perfdata_bdc.dat -> C:\Documents and Settings\Kory\Local Settings\Temp\Perflib_Perfdata_bdc.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/28/2008 6:26:16 AM | Attr = ] Perflib_Perfdata_e2c.dat -> C:\Documents and Settings\Kory\Local Settings\Temp\Perflib_Perfdata_e2c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/28/2008 9:38:24 PM | Attr = ] 700 C:\Documents and Settings\Kory\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Kory\Local Settings\Temp\*.tmp -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\ -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3} -> [Folder | Modified Date = 7/11/2008 10:05:20 AM | Attr = ] corecomp.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\{CE0B3F02-9E7D-4CCE-AA82-AB1E43A147D3}\corecomp.ini -> [Ver = | Size = 65503 bytes | Modified Date = 4/19/2005 12:42:56 PM | Attr = R ] C:\Documents and Settings\Kory\Local Settings\Temp\History\History.IE5\ -> C:\Documents and Settings\Kory\Local Settings\Temp\History\History.IE5\ -> [Folder | Modified Date = 6/28/2005 9:26:16 AM | Attr = HS] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\History\History.IE5\desktop.ini -> [Ver = | Size = 113 bytes | Modified Date = 6/28/2005 9:26:18 AM | Attr = HS] C:\Documents and Settings\Kory\Local Settings\Temp\iss322.tmp\ -> C:\Documents and Settings\Kory\Local Settings\Temp\iss322.tmp\ -> [Folder | Modified Date = 7/11/2008 10:05:12 AM | Attr = ] setup.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\iss322.tmp\setup.ini -> [Ver = | Size = 862 bytes | Modified Date = 7/11/2008 10:05:12 AM | Attr = ] C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\ -> [Folder | Modified Date = 6/28/2005 9:26:16 AM | Attr = HS] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 6/28/2005 9:26:16 AM | Attr = HS] C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\05QBK5ER\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\05QBK5ER -> [Folder | Modified Date = 11/21/2006 6:40:32 PM | Attr = S] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\05QBK5ER\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 11/21/2006 6:40:32 PM | Attr = HS] C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\20MDWCWI\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\20MDWCWI -> [Folder | Modified Date = 6/28/2005 9:26:16 AM | Attr = S] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\20MDWCWI\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 6/28/2005 9:26:16 AM | Attr = HS] C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\KLQ30H2Z\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\KLQ30H2Z -> [Folder | Modified Date = 11/21/2006 6:40:32 PM | Attr = S] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\KLQ30H2Z\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 11/21/2006 6:40:32 PM | Attr = HS] C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\OC76JT2Q\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\OC76JT2Q -> [Folder | Modified Date = 6/28/2005 9:26:16 AM | Attr = S] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\OC76JT2Q\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 6/28/2005 9:26:16 AM | Attr = HS] C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\UARVP8VV\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\UARVP8VV -> [Folder | Modified Date = 11/21/2006 6:40:32 PM | Attr = S] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\UARVP8VV\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 11/21/2006 6:40:32 PM | Attr = HS] C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\VAHY0BNP\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\VAHY0BNP -> [Folder | Modified Date = 6/28/2005 9:26:16 AM | Attr = S] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\VAHY0BNP\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 6/28/2005 9:26:16 AM | Attr = HS] C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\VS2Z48FD\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\VS2Z48FD -> [Folder | Modified Date = 6/28/2005 9:26:16 AM | Attr = S] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\VS2Z48FD\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 6/28/2005 9:26:16 AM | Attr = HS] C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\YT6XEP8F\ -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\YT6XEP8F -> [Folder | Modified Date = 11/21/2006 6:40:32 PM | Attr = S] desktop.ini -> C:\Documents and Settings\Kory\Local Settings\Temp\Temporary Internet Files\Content.IE5\YT6XEP8F\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 11/21/2006 6:40:32 PM | Attr = HS] C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 4/12/2004 7:49:30 PM | Attr = ] INSERTCD.EXE -> C:\WINDOWS\Temp\INSERTCD.EXE -> Gateway, Inc. [Ver = 1.3.1.0 | Size = 361984 bytes | Modified Date = 4/12/2004 7:37:36 PM | Attr = ] GLF8B.EXE -> C:\WINDOWS\Temp\GLF8B.EXE -> [Ver = | Size = 167165 bytes | Modified Date = 10/30/2006 4:46:12 PM | Attr = ] GLF94.EXE -> C:\WINDOWS\Temp\GLF94.EXE -> [Ver = | Size = 167165 bytes | Modified Date = 10/30/2006 4:46:12 PM | Attr = ] 0024151191681411mcinst.exe -> C:\WINDOWS\Temp\0024151191681411mcinst.exe -> McAfee, Inc. [Ver = 3,0,116,0 | Size = 306528 bytes | Modified Date = 8/28/2007 1:34:18 PM | Attr = ] 0214411191928062mcinst.exe -> C:\WINDOWS\Temp\0214411191928062mcinst.exe -> [Ver = | Size = 1212416 bytes | Modified Date = 8/28/2007 1:34:18 PM | Attr = ] 67 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\ -> C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\ -> [Folder | Modified Date = 2/23/2005 3:40:52 PM | Attr = ] IsUninst.exe -> C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\IsUninst.exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Modified Date = 10/29/1998 4:45:06 PM | Attr = ] C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\ -> C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\ -> [Folder | Modified Date = 2/23/2005 3:40:52 PM | Attr = ] IsUninst.exe -> C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\IsUninst.exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Modified Date = 10/29/1998 4:45:06 PM | Attr = ] C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\ -> C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\ -> [Folder | Modified Date = 2/24/2005 1:51:50 PM | Attr = ] IsUninst.Exe -> C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\IsUninst.Exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Modified Date = 10/29/1998 1:45:06 PM | Attr = R ] C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\ -> C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\ -> [Folder | Modified Date = 2/23/2005 3:40:52 PM | Attr = ] viasetup.dll -> C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\viasetup.dll -> [Ver = | Size = 81920 bytes | Modified Date = 7/5/2000 10:46:18 AM | Attr = ] 16c217.DLL -> C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\16c217.DLL -> InstallShield Software Corporation [Ver = 5, 50, 131, 0 | Size = 129536 bytes | Modified Date = 9/22/1998 7:05:48 PM | Attr = ] C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\ -> C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\ -> [Folder | Modified Date = 2/23/2005 3:40:52 PM | Attr = ] AGP.dll -> C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\AGP.dll -> [Ver = | Size = 20992 bytes | Modified Date = 5/16/2000 5:37:30 PM | Attr = ] viasetup.dll -> C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\viasetup.dll -> [Ver = | Size = 81920 bytes | Modified Date = 7/11/2000 2:39:00 PM | Attr = ] 16c249.DLL -> C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\16c249.DLL -> InstallShield Software Corporation [Ver = 5, 50, 131, 0 | Size = 129536 bytes | Modified Date = 9/22/1998 7:05:48 PM | Attr = ] C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\ -> C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\ -> [Folder | Modified Date = 2/24/2005 1:51:50 PM | Attr = ] Ctl3d32.dll -> C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\Ctl3d32.dll -> Microsoft Corporation [Ver = 2.31.000 | Size = 27136 bytes | Modified Date = 7/13/1995 3:46:26 PM | Attr = R ] 18ee132.DLL -> C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\18ee132.DLL -> [Ver = | Size = 38400 bytes | Modified Date = 8/5/1999 6:22:04 AM | Attr = R ] C:\WINDOWS\Temp\slu75cd.tmp\ -> C:\WINDOWS\Temp\slu75cd.tmp\ -> [Folder | Modified Date = 11/7/2006 12:43:16 PM | Attr = ] CCERASER.DLL -> C:\WINDOWS\Temp\slu75cd.tmp\CCERASER.DLL -> Symantec Corporation [Ver = 106.3.1.3 | Size = 2410856 bytes | Modified Date = 10/26/2006 4:00:00 AM | Attr = ] ECMSVR32.DLL -> C:\WINDOWS\Temp\slu75cd.tmp\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 | Size = 272040 bytes | Modified Date = 10/4/2006 4:00:00 AM | Attr = ] NAVENG32.DLL -> C:\WINDOWS\Temp\slu75cd.tmp\NAVENG32.DLL -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 124584 bytes | Modified Date = 10/4/2006 4:00:00 AM | Attr = ] NAVEX32A.DLL -> C:\WINDOWS\Temp\slu75cd.tmp\NAVEX32A.DLL -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 882344 bytes | Modified Date = 10/4/2006 4:00:00 AM | Attr = ] C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 4/12/2004 7:49:30 PM | Attr = ] Perflib_Perfdata_150.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_150.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/24/2006 10:42:58 AM | Attr = ] Perflib_Perfdata_bf8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_bf8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 10/28/2007 10:50:02 PM | Attr = ] Perflib_Perfdata_b60.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_b60.dat -> [Ver = | Size = 16384 bytes | Modified Date = 11/25/2006 12:11:56 PM | Attr = ] Perflib_Perfdata_680.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_680.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2/11/2006 10:07:22 PM | Attr = ] Perflib_Perfdata_824.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_824.dat -> [Ver = | Size = 16384 bytes | Modified Date = 9/8/2006 12:09:50 AM | Attr = ] Perflib_Perfdata_c98.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_c98.dat -> [Ver = | Size = 16384 bytes | Modified Date = 11/20/2006 4:24:08 PM | Attr = ] Perflib_Perfdata_1b4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1b4.dat -> [Ver = | Size = 16384 bytes | Modified Date = 10/6/2006 10:33:12 AM | Attr = ] Perflib_Perfdata_86c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_86c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2/19/2006 7:38:18 PM | Attr = ] Perflib_Perfdata_83c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_83c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2/19/2006 7:42:38 PM | Attr = ] Perflib_Perfdata_3e4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3e4.dat -> [Ver = | Size = 16384 bytes | Modified Date = 10/26/2006 1:10:30 PM | Attr = ] Perflib_Perfdata_3dc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3dc.dat -> [Ver = | Size = 16384 bytes | Modified Date = 10/26/2006 4:29:40 PM | Attr = ] Perflib_Perfdata_d98.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_d98.dat -> [Ver = | Size = 16384 bytes | Modified Date = 10/31/2006 8:41:36 AM | Attr = ] Perflib_Perfdata_ac.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_ac.dat -> [Ver = | Size = 16384 bytes | Modified Date = 11/10/2006 1:59:34 PM | Attr = ] Perflib_Perfdata_78c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_78c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 11/16/2006 8:12:28 PM | Attr = ] Perflib_Perfdata_860.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_860.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2/23/2006 1:50:46 PM | Attr = ] Perflib_Perfdata_8b0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_8b0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 11/19/2006 10:47:42 PM | Attr = ] Perflib_Perfdata_920.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_920.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2/24/2006 1:35:16 AM | Attr = ] Perflib_Perfdata_d54.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_d54.dat -> [Ver = | Size = 16384 bytes | Modified Date = 11/2/2007 8:10:12 AM | Attr = ] Perflib_Perfdata_df4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_df4.dat -> [Ver = | Size = 16384 bytes | Modified Date = 12/1/2006 7:46:30 PM | Attr = ] Perflib_Perfdata_a14.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_a14.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/3/2006 9:32:56 PM | Attr = ] Perflib_Perfdata_3d0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3d0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/5/2006 3:38:38 PM | Attr = ] Perflib_Perfdata_3d8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_3d8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/27/2006 1:05:30 AM | Attr = ] Perflib_Perfdata_788.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_788.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/14/2006 12:47:54 PM | Attr = ] Perflib_Perfdata_c90.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_c90.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/7/2008 5:05:58 PM | Attr = ] Perflib_Perfdata_704.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_704.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/9/2008 1:56:48 PM | Attr = ] Perflib_Perfdata_e74.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_e74.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/10/2008 2:56:34 PM | Attr = ] Perflib_Perfdata_5ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_5ec.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/13/2008 9:35:46 PM | Attr = ] Perflib_Perfdata_1670.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1670.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2/22/2007 12:40:36 AM | Attr = ] Perflib_Perfdata_4e0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4e0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2/23/2007 4:04:44 AM | Attr = ] Perflib_Perfdata_1340.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1340.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2/27/2007 7:02:38 PM | Attr = ] Perflib_Perfdata_4e8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4e8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/1/2007 2:13:02 AM | Attr = ] Perflib_Perfdata_624.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_624.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/7/2007 12:47:52 AM | Attr = ] Perflib_Perfdata_4f4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4f4.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/13/2007 1:09:54 AM | Attr = ] Perflib_Perfdata_50c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_50c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 3/16/2007 5:02:56 AM | Attr = ] Perflib_Perfdata_1758.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1758.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/3/2007 11:35:26 PM | Attr = ] Perflib_Perfdata_4bc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4bc.dat -> [Ver = | Size = 16384 bytes | Modified Date = 4/27/2007 4:04:04 AM | Attr = ] Perflib_Perfdata_694.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_694.dat -> [Ver = | Size = 16384 bytes | Modified Date = 5/11/2007 4:03:04 AM | Attr = ] Perflib_Perfdata_1534.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1534.dat -> [Ver = | Size = 16384 bytes | Modified Date = 5/20/2007 10:52:22 PM | Attr = ] Perflib_Perfdata_4f8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4f8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 5/25/2007 4:04:00 AM | Attr = ] Perflib_Perfdata_4dc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4dc.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/1/2007 4:04:02 AM | Attr = ] Perflib_Perfdata_4fc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4fc.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/15/2007 4:04:08 AM | Attr = ] Perflib_Perfdata_4ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4ec.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/27/2007 4:04:28 AM | Attr = ] Perflib_Perfdata_c38.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_c38.dat -> [Ver = | Size = 16384 bytes | Modified Date = 9/17/2007 3:07:20 PM | Attr = ] Perflib_Perfdata_b9c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_b9c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 10/13/2007 8:44:00 AM | Attr = ] Perflib_Perfdata_7f4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7f4.dat -> [Ver = | Size = 16384 bytes | Modified Date = 1/31/2008 2:16:22 PM | Attr = ] Perflib_Perfdata_8b8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_8b8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 5/22/2008 3:06:14 PM | Attr = ] Perflib_Perfdata_898.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_898.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/20/2008 11:21:20 PM | Attr = ] 67 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> C:\WINDOWS\Temp\Cookies\ -> C:\WINDOWS\Temp\Cookies -> [Folder | Modified Date = 3/16/2006 4:40:06 PM | Attr = HS] index.dat -> C:\WINDOWS\Temp\Cookies\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 12/15/2007 11:00:44 AM | Attr = ] C:\WINDOWS\Temp\History\History.IE5\ -> C:\WINDOWS\Temp\History\History.IE5\ -> [Folder | Modified Date = 3/16/2006 4:40:06 PM | Attr = HS] index.dat -> C:\WINDOWS\Temp\History\History.IE5\index.dat -> [Ver = | Size = 16384 bytes | Modified Date = 12/15/2007 11:00:44 AM | Attr = ] C:\WINDOWS\Temp\slu75cd.tmp\ -> C:\WINDOWS\Temp\slu75cd.tmp\ -> [Folder | Modified Date = 11/7/2006 12:43:16 PM | Attr = ] CATALOG.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\CATALOG.DAT -> [Ver = | Size = 3378 bytes | Modified Date = 8/17/2006 4:00:00 AM | Attr = ] SCRAUTH.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\SCRAUTH.DAT -> [Ver = | Size = 97664 bytes | Modified Date = 11/3/2006 4:00:00 AM | Attr = ] TCDEFS.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\TCDEFS.DAT -> [Ver = | Size = 186611 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] TCSCAN7.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\TCSCAN7.DAT -> [Ver = | Size = 1039808 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] TCSCAN8.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\TCSCAN8.DAT -> [Ver = | Size = 319921 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] TCSCAN9.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\TCSCAN9.DAT -> [Ver = | Size = 693967 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] TINF.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\TINF.DAT -> [Ver = | Size = 453 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] TINFIDX.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\TINFIDX.DAT -> [Ver = | Size = 148 bytes | Modified Date = 9/12/2005 3:00:00 AM | Attr = ] TINFL.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\TINFL.DAT -> [Ver = | Size = 1957 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] TSCAN1.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\TSCAN1.DAT -> [Ver = | Size = 61669 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] TSCAN1HD.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\TSCAN1HD.DAT -> [Ver = | Size = 3027 bytes | Modified Date = 6/15/2006 4:00:00 AM | Attr = ] VIRSCAN1.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCAN1.DAT -> [Ver = | Size = 970911 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] VIRSCAN2.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCAN2.DAT -> [Ver = | Size = 569844 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] VIRSCAN3.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCAN3.DAT -> [Ver = | Size = 146828 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] VIRSCAN4.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCAN4.DAT -> [Ver = | Size = 320186 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] VIRSCAN5.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCAN5.DAT -> [Ver = | Size = 2899435 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] VIRSCAN6.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCAN6.DAT -> [Ver = | Size = 389767 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] VIRSCAN7.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCAN7.DAT -> [Ver = | Size = 4909498 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] VIRSCAN8.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCAN8.DAT -> [Ver = | Size = 1625809 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] VIRSCAN9.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCAN9.DAT -> [Ver = | Size = 3822271 bytes | Modified Date = 11/6/2006 4:00:00 AM | Attr = ] VIRSCANT.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\VIRSCANT.DAT -> [Ver = | Size = 32 bytes | Modified Date = 11/6/2006 5:36:38 AM | Attr = ] ZDONE.DAT -> C:\WINDOWS\Temp\slu75cd.tmp\ZDONE.DAT -> [Ver = | Size = 224 bytes | Modified Date = 9/12/2005 3:00:00 AM | Attr = ] vscanmsx.dat -> C:\WINDOWS\Temp\slu75cd.tmp\vscanmsx.dat -> [Ver = | Size = 2072 bytes | Modified Date = 11/7/2006 10:15:20 AM | Attr = ] C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> [Folder | Modified Date = 3/16/2006 4:40:02 PM | Attr = HS] index.dat -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 12/15/2007 11:00:44 AM | Attr = ] C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 4/12/2004 7:49:30 PM | Attr = ] INSERTCD.INI -> C:\WINDOWS\Temp\INSERTCD.INI -> [Ver = | Size = 505 bytes | Modified Date = 4/12/2004 7:37:36 PM | Attr = ] 67 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\ -> C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\ -> [Folder | Modified Date = 2/23/2005 3:40:52 PM | Attr = ] Corecomp.ini -> C:\WINDOWS\Temp\_ISTMP1.DIR\_ISTMP0.DIR\Corecomp.ini -> [Ver = | Size = 28290 bytes | Modified Date = 1/12/1999 11:48:42 AM | Attr = ] C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\ -> C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\ -> [Folder | Modified Date = 2/23/2005 3:40:52 PM | Attr = ] Corecomp.ini -> C:\WINDOWS\Temp\_ISTMP2.DIR\_ISTMP0.DIR\Corecomp.ini -> [Ver = | Size = 28290 bytes | Modified Date = 1/12/1999 11:48:42 AM | Attr = ] C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\ -> C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\ -> [Folder | Modified Date = 2/24/2005 1:51:50 PM | Attr = ] Corecomp.ini -> C:\WINDOWS\Temp\_ISTMP3.DIR\_ISTMP0.DIR\Corecomp.ini -> [Ver = | Size = 28290 bytes | Modified Date = 2/2/1999 1:21:18 PM | Attr = R ] C:\WINDOWS\Temp\History\History.IE5\ -> C:\WINDOWS\Temp\History\History.IE5\ -> [Folder | Modified Date = 3/16/2006 4:40:06 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\History\History.IE5\desktop.ini -> [Ver = | Size = 113 bytes | Modified Date = 3/16/2006 4:40:06 PM | Attr = HS] C:\WINDOWS\Temp\mcu11FD.tmp\vso\ -> C:\WINDOWS\Temp\mcu11FD.tmp\vso -> [Folder | Modified Date = 5/8/2006 8:12:30 PM | Attr = ] mcdelta.ini -> C:\WINDOWS\Temp\mcu11FD.tmp\vso\mcdelta.ini -> [Ver = | Size = 997 bytes | Modified Date = 5/8/2006 8:12:28 PM | Attr = ] C:\WINDOWS\Temp\mcu83.tmp\vso\ -> C:\WINDOWS\Temp\mcu83.tmp\vso -> [Folder | Modified Date = 3/16/2006 4:43:14 PM | Attr = ] mcdelta.ini -> C:\WINDOWS\Temp\mcu83.tmp\vso\mcdelta.ini -> [Ver = | Size = 995 bytes | Modified Date = 3/16/2006 4:43:10 PM | Attr = ] C:\WINDOWS\Temp\mcu900.tmp\vso\ -> C:\WINDOWS\Temp\mcu900.tmp\vso -> [Folder | Modified Date = 3/17/2006 11:08:08 PM | Attr = ] mcdelta.ini -> C:\WINDOWS\Temp\mcu900.tmp\vso\mcdelta.ini -> [Ver = | Size = 995 bytes | Modified Date = 3/17/2006 11:08:02 PM | Attr = ] C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> [Folder | Modified Date = 3/16/2006 4:40:02 PM | Attr = HS] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 3/16/2006 4:40:02 PM | Attr = HS] C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\4EBJEFG1\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\4EBJEFG1 -> [Folder | Modified Date = 3/16/2006 4:40:06 PM | Attr = S] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\4EBJEFG1\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 3/16/2006 4:40:06 PM | Attr = HS] C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\JWY6KBM2\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\JWY6KBM2 -> [Folder | Modified Date = 3/16/2006 4:40:04 PM | Attr = S] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\JWY6KBM2\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 3/16/2006 4:40:04 PM | Attr = HS] C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MSZ3GR1H\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MSZ3GR1H -> [Folder | Modified Date = 3/16/2006 4:40:04 PM | Attr = S] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MSZ3GR1H\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 3/16/2006 4:40:04 PM | Attr = HS] C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\YEDR566N\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\YEDR566N -> [Folder | Modified Date = 3/16/2006 4:40:04 PM | Attr = S] desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\YEDR566N\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 3/16/2006 4:40:04 PM | Attr = HS] [Files Modified - Additional Folder Scans - Non-Microsoft Only] Yahoo! Companion -> %AllUsersProfile%\Application Data\Yahoo! Companion -> [Folder | Modified Date = 7/21/2008 3:00:08 PM | Attr = ] wklnhst.dat -> %AppData%\wklnhst.dat -> [Ver = | Size = 38526 bytes | Modified Date = 7/9/2008 10:53:12 PM | Attr = ] Uniblue -> %AppData%\Uniblue -> [Folder | Modified Date = 7/20/2008 11:04:10 PM | Attr = ] Flickr -> %AppData%\Flickr -> [Folder | Modified Date = 5/21/2008 2:09:02 PM | Attr = ] NPLUTO Corporation -> %AppData%\NPLUTO Corporation -> [Folder | Modified Date = 7/30/2008 2:49:54 PM | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 21504 bytes | Modified Date = 7/26/2008 8:10:18 PM | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 1104448 bytes | Modified Date = 8/2/2008 1:42:34 AM | Attr = H ] Mabinogi -> %UserProfile%\My Documents\Mabinogi -> [Folder | Modified Date = 7/24/2008 3:13:10 PM | Attr = S] Pirates of the Caribbean Online.lnk -> %AllUsersProfile%\Desktop\Pirates of the Caribbean Online.lnk -> [Ver = | Size = 863 bytes | Modified Date = 7/18/2008 11:09:04 AM | Attr = ] Second Life.lnk -> %AllUsersProfile%\Desktop\Second Life.lnk -> [Ver = | Size = 610 bytes | Modified Date = 8/7/2008 2:00:24 PM | Attr = ] Disney's Toontown Online.lnk -> %UserProfile%\Desktop\Disney's Toontown Online.lnk -> [Ver = | Size = 1587 bytes | Modified Date = 8/6/2008 9:18:44 AM | Attr = ] DogProxy II.lnk -> %UserProfile%\Desktop\DogProxy II.lnk -> [Ver = | Size = 586 bytes | Modified Date = 7/28/2008 11:47:28 PM | Attr = ] MapleStory.lnk -> %UserProfile%\Desktop\MapleStory.lnk -> [Ver = | Size = 2351 bytes | Modified Date = 5/21/2008 6:10:06 PM | Attr = ] Windows Live Messenger .lnk -> %UserProfile%\Desktop\Windows Live Messenger .lnk -> [Ver = | Size = 1743 bytes | Modified Date = 5/16/2008 8:16:18 AM | Attr = ] StepMania 3.9.lnk -> %UserProfile%\Desktop\StepMania 3.9.lnk -> [Ver = | Size = 694 bytes | Modified Date = 7/19/2008 11:57:20 PM | Attr = ] Mabinogi.lnk -> %UserProfile%\Desktop\Mabinogi.lnk -> [Ver = | Size = 538 bytes | Modified Date = 7/24/2008 3:16:24 PM | Attr = ] Mabinogi Homepage.lnk -> %UserProfile%\Desktop\Mabinogi Homepage.lnk -> [Ver = | Size = 1314 bytes | Modified Date = 7/24/2008 3:16:24 PM | Attr = ] Ad-aware 6.0.lnk -> %UserProfile%\Desktop\Ad-aware 6.0.lnk -> [Ver = | Size = 1607 bytes | Modified Date = 7/26/2008 8:39:52 PM | Attr = ] Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk -> [Ver = | Size = 837 bytes | Modified Date = 7/26/2008 8:47:06 PM | Attr = ] i j j i.lnk -> %UserProfile%\Desktop\i j j i.lnk -> [Ver = | Size = 1457 bytes | Modified Date = 8/6/2008 11:20:56 PM | Attr = ] Drift City.lnk -> %UserProfile%\Desktop\Drift City.lnk -> [Ver = | Size = 1559 bytes | Modified Date = 7/30/2008 11:47:22 AM | Attr = ] MSNCleaner.exe -> %UserProfile%\Desktop\MSNCleaner.exe -> InfoSpyware - ForoSpyware [Ver = 1.06.0008 | Size = 192512 bytes | Modified Date = 8/4/2008 6:49:40 PM | Attr = ] HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [Ver = | Size = 1638 bytes | Modified Date = 8/5/2008 10:04:20 PM | Attr = ] OTScanIt.exe -> %UserProfile%\Desktop\OTScanIt.exe -> [Ver = | Size = 568477 bytes | Modified Date = 8/13/2008 9:37:22 PM | Attr = ] OTScanIt -> %UserProfile%\Desktop\OTScanIt -> [Folder | Modified Date = 8/13/2008 9:37:44 PM | Attr = ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]