Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Freezes


  • This topic is locked This topic is locked
14 replies to this topic

#1 Master_Shake

Master_Shake

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Tx
  • Local time:05:15 PM

Posted 20 January 2008 - 08:30 PM

Computer freezes periodically for a while, wondering if anyone can see if theres a program that doesn't belong or may be causing this problem


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:03:44 PM, on 1/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 156.17.75.100:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: Video Poker - http://download.games.yahoo.com/games/clients/y/vpt0_x.cab
O16 - DPF: Yahoo! Games Voice Chat - http://presence.games.yahoo.com/yog/y/va1_x.cab
O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab
O16 - DPF: Yahoo! Literati - http://download2.games.yahoo.com/games/clients/y/tt5_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download2.games.yahoo.com/games/clients/y/poti_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} - http://www.kungfuchess.com/activex/web665.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - http://www.vzwpix.com/activex/VerizonWirel...loadControl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A2E05F45-F127-4092-B9F7-9A02C3E04C77} - http://gamedownload.ijjimax.com/gamedownlo...GPlugin7USA.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O16 - DPF: {CEE326E8-7571-4086-B347-3C0ACA9A9DE8} (PcubeSet Class) - http://config.hyosungcdn.com/download/hsloadset.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownlo...Plugin10USA.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 16777 bytes

BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 27 January 2008 - 09:01 PM

Hello Master_Shake and welcome to the BC HijackThis forum. I do not see any signs of viruses or malware in the log. It is clean.

It does appear that there are multiple anti-virus and firewall products installed. That situation can cause many issues, one of them being the issue you describe. In the log I see parts of Symantec, McAfee, Kaspersky, and Sygate. I would recommend picking one anti-virus and one firewall product and getting rid of the rest. It appears that Kaspersky and Sygate are running but only parts of Symantec and McAfee. If the Symantec and McAfee products were installed at one time and removed then the uninstallation process did not remove all of the components for either of these products.

To remove any lingering registry entries and files you can get assistance from the AntiVirus, Firewall and Privacy Products and Protection Methods forum. They have various tools to cleanup after failed uninstallations.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 Master_Shake

Master_Shake
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Tx
  • Local time:05:15 PM

Posted 27 January 2008 - 11:35 PM

Did I delete what I needed to?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:19 PM, on 1/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 156.17.75.100:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: Video Poker - http://download.games.yahoo.com/games/clients/y/vpt0_x.cab
O16 - DPF: Yahoo! Games Voice Chat - http://presence.games.yahoo.com/yog/y/va1_x.cab
O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab
O16 - DPF: Yahoo! Literati - http://download2.games.yahoo.com/games/clients/y/tt5_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download2.games.yahoo.com/games/clients/y/poti_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} - http://www.kungfuchess.com/activex/web665.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - http://www.vzwpix.com/activex/VerizonWirel...loadControl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A2E05F45-F127-4092-B9F7-9A02C3E04C77} - http://gamedownload.ijjimax.com/gamedownlo...GPlugin7USA.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O16 - DPF: {CEE326E8-7571-4086-B347-3C0ACA9A9DE8} (PcubeSet Class) - http://config.hyosungcdn.com/download/hsloadset.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownlo...Plugin10USA.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - Unknown owner - c:\program files\mcafee.com\agent\mcdetect.exe (file missing)
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - Unknown owner - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe (file missing)
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 16907 bytes

#4 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 28 January 2008 - 02:02 AM

Hi Master_Shake. It looks like partially. The Symantec services appear to be gone but McAfee doesn't go away that easily. You'll need to go to the foum I mentioned above and get the removal tools that McAfee provides to remove the registry entries. Their uninstaller simply doesn't work.

Cheers.

TO
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#5 Master_Shake

Master_Shake
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Tx
  • Local time:05:15 PM

Posted 13 February 2008 - 04:52 PM

I believe its gone now.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:49:57 PM, on 2/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Folding@Home\winFAH.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Folding@Home\FahCore_78.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 156.17.75.100:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Folding@Home 5.03.lnk = ?
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: Video Poker - http://download.games.yahoo.com/games/clients/y/vpt0_x.cab
O16 - DPF: Yahoo! Games Voice Chat - http://presence.games.yahoo.com/yog/y/va1_x.cab
O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab
O16 - DPF: Yahoo! Literati - http://download2.games.yahoo.com/games/clients/y/tt5_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download2.games.yahoo.com/games/clients/y/poti_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} - http://www.kungfuchess.com/activex/web665.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} - http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - http://www.vzwpix.com/activex/VerizonWirel...loadControl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A2E05F45-F127-4092-B9F7-9A02C3E04C77} - http://gamedownload.ijjimax.com/gamedownlo...GPlugin7USA.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O16 - DPF: {CEE326E8-7571-4086-B347-3C0ACA9A9DE8} (PcubeSet Class) - http://config.hyosungcdn.com/download/hsloadset.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownlo...Plugin10USA.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 15980 bytes

#6 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 13 February 2008 - 05:21 PM

Hi Master_Shake. Yup, that looks like it's all gone. You should be good to go.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#7 Master_Shake

Master_Shake
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Tx
  • Local time:05:15 PM

Posted 13 February 2008 - 05:53 PM

It's still freezing and it seems to be getting a bit worse. Do you think its a problem with my hardware?

#8 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 13 February 2008 - 07:20 PM

Hi Master_Shake. I would say that the odds are against a hardware issue. Normally, with hardware problems, one of two things happen. Either a blye screen error appears indicating either a hardware fault or driver fault, or the machien simply turns off, indicating a heat problem with the components. Slow performance or freezing issues would normally indicate either conflicting applications or configuration issues.

Let's take a different scan and see if it shows anything. If not, then it most likely is either a conflict between one or more applications or the operating system itself has some settings that need to be changed, and if so, we'll send you over to the XP forum to have them take a look at it.

Before running the scan let's clean out the temporoary folders.

Download ATF Cleaner
  • Double-click ATF-Cleaner.exe to run the program.
  • Click Select All found at the bottom of the list.
  • Click the Empty Selected button.
If you use Firefox browser, do this also:
  • Click Firefox at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser, do this also:
  • Click Opera at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Now download WinPFind35u.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind35u on your desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind35U.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
  • In the Drivers section click on Non-Microsoft.
  • Under Additional Scans click the checkboxes in front of the following items to select them:
    • Reg - BotCheck
      File - Additional Folder Scans
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. Make sure that the first line is code with brackets around it [] and that the last line is /code with brackets around it [].

If, after posting, the last line is not /code with brackets around it then the log is too big to fit into a single post and you will need to split it into multiple posts or attach it as a file.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#9 Master_Shake

Master_Shake
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Tx
  • Local time:05:15 PM

Posted 13 February 2008 - 08:55 PM

WinPFind35 logfile created on: 2/13/2008 7:43:52 PM

WinPFind35U Version Beta51	 Folder = C:\Documents and Settings\Robert\Desktop\WinPFind35u

Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.11)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free

Paging file location(s): C:\pagefile.sys 0 0;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 224.37 Gb Total Space | 47.81 Gb Free Space | 21.31% Space Free | Partition Type: NTFS

Drive D: | 8.50 Gb Total Space | 1.13 Gb Free Space | 13.28% Space Free | Partition Type: FAT32

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

Drive H: | 1.78 Gb Total Space | 0.84 Gb Free Space | 47.18% Space Free | Partition Type: FAT32

I: Drive not present or media not loaded



Computer Name: CASTILLO

Current User Name: Robert

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user



[Processes - Non-Microsoft Only]

ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4188 | Size = 512000 bytes | Modified Date = 12/20/2007 8:57:27 PM | Attr =	]

ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4188 | Size = 512000 bytes | Modified Date = 12/20/2007 8:57:27 PM | Attr =	]

smc.exe -> %ProgramFiles%\Sygate\SPF\Smc.exe -> Sygate Technologies, Inc. [Ver = 5.6.00.2808 | Size = 2577632 bytes | Modified Date = 10/15/2004 7:40:56 PM | Attr =	]

aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/4/2008 1:27:08 PM | Attr =	]

avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.0.125 | Size = 218376 bytes | Modified Date = 6/28/2007 11:51:38 AM | Attr =	]

siteadv.exe -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.exe -> McAfee, Inc. [Ver = 1.7.0.53 | Size = 35928 bytes | Modified Date = 10/2/2006 1:09:42 PM | Attr =	]

teatimer.exe -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 5, 0, 9 | Size = 1460560 bytes | Modified Date = 8/31/2007 4:46:28 PM | Attr =	]

mom.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\MOM.exe -> Advanced Micro Devices Inc. [Ver = 2.0.0.0 | Size = 49152 bytes | Modified Date = 7/17/2007 11:13:56 AM | Attr =	]

winfah.exe -> %ProgramFiles%\Folding@Home\winFAH.exe -> Stanford University [Ver = 5, 0, 3, 0 | Size = 323584 bytes | Modified Date = 11/9/2004 12:45:06 PM | Attr =	]

yahoowidgets.exe -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 12/11/2007 4:34:48 PM | Attr =	]

applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 9/4/2007 6:04:36 PM | Attr =	]

arservice.exe -> %SystemRoot%\arservice.exe -> Microsoft [Ver = 6.0.0160.0 | Size = 58880 bytes | Modified Date = 8/3/2005 1:19:16 AM | Attr =	]

adskscsrv.exe -> %CommonProgramFiles%\Autodesk Shared\Service\AdskScSrv.exe -> Autodesk [Ver = 2.80.011 | Size = 85096 bytes | Modified Date = 6/7/2007 6:41:38 PM | Attr =	]

avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.0.125 | Size = 218376 bytes | Modified Date = 6/28/2007 11:51:38 AM | Attr =	]

mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 11:42:38 AM | Attr =	]

ctsvccda.exe -> %SystemRoot%\system32\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/12/1999 7:01:00 PM | Attr =	]

iviregmgr.exe -> %CommonProgramFiles%\InterVideo\RegMgr\iviRegMgr.exe -> InterVideo [Ver = 1, 0, 4, 0 | Size = 112152 bytes | Modified Date = 1/4/2007 6:48:52 PM | Attr = R  ]

lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.52.1 | Size = 69632 bytes | Modified Date = 10/23/2005 7:46:44 AM | Attr =	]

raysat_3dsmax9_32server.exe -> %ProgramFiles%\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe ->  [Ver =  | Size = 65536 bytes | Modified Date = 9/29/2006 11:48:06 AM | Attr =	]

pdagent.exe -> %ProgramFiles%\Raxco\PerfectDisk\PDAgent.exe -> Raxco Software, Inc. [Ver = 8, 0, 0, 67 | Size = 414984 bytes | Modified Date = 11/6/2007 8:37:48 AM | Attr =	]

hpzipm12.exe -> %SystemRoot%\system32\HPZipm12.exe -> HP [Ver = 10, 1, 1, 5 | Size = 69632 bytes | Modified Date = 3/2/2006 7:49:14 PM | Attr =	]

pnkbstra.exe -> %SystemRoot%\system32\PnkBstrA.exe ->  [Ver =  | Size = 66872 bytes | Modified Date = 9/20/2007 2:28:23 PM | Attr =	]

pnkbstrb.exe -> %SystemRoot%\system32\PnkBstrB.exe ->  [Ver =  | Size = 99904 bytes | Modified Date = 11/15/2007 6:58:41 PM | Attr =	]

saservice.exe -> %ProgramFiles%\SiteAdvisor\6253\SAService.exe ->  [Ver =  | Size = 345376 bytes | Modified Date = 1/15/2008 5:43:01 PM | Attr =	]

viewpointservice.exe -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 24652 bytes | Modified Date = 1/4/2007 3:38:08 PM | Attr =	]

pdengine.exe -> %ProgramFiles%\Raxco\PerfectDisk\PDEngine.exe -> Raxco Software, Inc. [Ver = 8, 0, 0, 67 | Size = 734472 bytes | Modified Date = 11/6/2007 8:37:56 AM | Attr =	]

yahoowidgets.exe -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 12/11/2007 4:34:48 PM | Attr =	]

ccc.exe -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\CCC.exe -> ATI Technologies Inc. [Ver = 2.0.0.0 | Size = 49152 bytes | Modified Date = 7/17/2007 11:13:34 AM | Attr =	]

aim6.exe -> %ProgramFiles%\AIM6\aim6.exe -> AOL LLC [Ver = 1.4.9.1 | Size = 50528 bytes | Modified Date = 10/4/2007 9:20:54 AM | Attr =	]

aolsoftware.exe -> %ProgramFiles%\AIM6\aolsoftware.exe -> AOL LLC [Ver = 15.5.1.2 | Size = 42032 bytes | Modified Date = 5/25/2007 11:16:08 AM | Attr =	]

ycommon.exe -> %ProgramFiles%\Yahoo!\browser\ycommon.exe -> Yahoo!, Inc. [Ver = 2006, 3, 2, 1 | Size = 200704 bytes | Modified Date = 3/3/2006 2:18:10 PM | Attr =	]

ybrwicon.exe -> %ProgramFiles%\Yahoo!\browser\ybrwicon.exe -> Yahoo! Inc. [Ver = 2006, 7, 21, 1 | Size = 129536 bytes | Modified Date = 7/21/2006 4:19:46 PM | Attr =	]

ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 504104 bytes | Modified Date = 1/15/2008 3:22:44 AM | Attr =	]

fahcore_81.exe -> %ProgramFiles%\Folding@Home\FahCore_81.exe ->  [Ver =  | Size = 2396160 bytes | Modified Date = 2/13/2008 7:03:28 PM | Attr =	]

firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.12: 2008020121 | Size = 7655024 bytes | Modified Date = 2/9/2008 1:11:20 PM | Attr =	]

winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 309248 bytes | Modified Date = 2/13/2008 10:50:32 AM | Attr =	]



[Win32 Services - Non-Microsoft Only]

(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/4/2008 1:27:08 PM | Attr =	]

(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 10/5/2006 2:27:02 PM | Attr =	]

(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 9/4/2007 6:04:36 PM | Attr =	]

(ARSVC) ARSVC [Win32_Own | Auto | Running] -> %SystemRoot%\arservice.exe -> Microsoft [Ver = 6.0.0160.0 | Size = 58880 bytes | Modified Date = 8/3/2005 1:19:16 AM | Attr =	]

(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4188 | Size = 512000 bytes | Modified Date = 12/20/2007 8:57:27 PM | Attr =	]

(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ati2sgag.exe ->  [Ver = 5.13.0027 | Size = 593920 bytes | Modified Date = 12/20/2007 9:05:00 PM | Attr =	]

(Autodesk Licensing Service) Autodesk Licensing Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Autodesk Shared\Service\AdskScSrv.exe -> Autodesk [Ver = 2.80.011 | Size = 85096 bytes | Modified Date = 6/7/2007 6:41:38 PM | Attr =	]

(AVP) Kaspersky Anti-Virus 7.0 [Win32_Own | Auto | Running] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.0.125 | Size = 218376 bytes | Modified Date = 6/28/2007 11:51:38 AM | Attr =	]

(Bonjour Service) ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 11:42:38 AM | Attr =	]

(Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %SystemRoot%\system32\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 12/12/1999 7:01:00 PM | Attr =	]

(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

(FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 654848 bytes | Modified Date = 4/30/2007 3:46:22 PM | Attr =	]

(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 2/1/2007 9:10:53 PM | Attr =	]

(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 10.50.125 | Size = 73728 bytes | Modified Date = 10/22/2004 12:24:18 PM | Attr =	]

(InCDsrvR) InCD Helper (read only) [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Ahead\InCD\InCDsrv.exe -> Ahead Software AG [Ver = 4, 3, 7, 3 | Size = 812032 bytes | Modified Date = 11/26/2004 3:42:10 PM | Attr =	]

(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.6.0.29 | Size = 504104 bytes | Modified Date = 1/15/2008 3:22:44 AM | Attr =	]

(IviRegMgr) IviRegMgr [Win32_Own | Auto | Running] -> %CommonProgramFiles%\InterVideo\RegMgr\iviRegMgr.exe -> InterVideo [Ver = 1, 0, 4, 0 | Size = 112152 bytes | Modified Date = 1/4/2007 6:48:52 PM | Attr = R  ]

(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.52.1 | Size = 69632 bytes | Modified Date = 10/23/2005 7:46:44 AM | Attr =	]

(McDetect.exe) McAfee WSC Integration [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\mcafee.com\agent\mcdetect.exe -> File not found

(McTskshd.exe) McAfee Task Scheduler [Win32_Own | Disabled | Stopped] -> %SystemDrive%\PROGRA~1\mcafee.com\agent\mctskshd.exe -> File not found

(mcupdmgr.exe) McAfee SecurityCenter Update Manager [Win32_Own | Disabled | Stopped] -> %SystemDrive%\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe -> File not found

(mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit) [Win32_Own | Auto | Running] -> %ProgramFiles%\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe ->  [Ver =  | Size = 65536 bytes | Modified Date = 9/29/2006 11:48:06 AM | Attr =	]

(NMIndexingService) NMIndexingService [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Ahead\Lib\NMIndexingService.exe -> File not found

(PDAgent) PDAgent [Win32_Own | Auto | Running] -> %ProgramFiles%\Raxco\PerfectDisk\PDAgent.exe -> Raxco Software, Inc. [Ver = 8, 0, 0, 67 | Size = 414984 bytes | Modified Date = 11/6/2007 8:37:48 AM | Attr =	]

(PDEngine) PDEngine [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Raxco\PerfectDisk\PDEngine.exe -> Raxco Software, Inc. [Ver = 8, 0, 0, 67 | Size = 734472 bytes | Modified Date = 11/6/2007 8:37:56 AM | Attr =	]

(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Unknown | Running] ->  -> File not found

(PnkBstrA) PnkBstrA [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrA.exe ->  [Ver =  | Size = 66872 bytes | Modified Date = 9/20/2007 2:28:23 PM | Attr =	]

(PnkBstrB) PnkBstrB [Win32_Own | Auto | Running] -> %SystemRoot%\system32\PnkBstrB.exe ->  [Ver =  | Size = 99904 bytes | Modified Date = 11/15/2007 6:58:41 PM | Attr =	]

(QWAVE) QWAVE service [Win32_Shared | Unknown | Stopped] ->  -> File not found

(Roxio UPnP Renderer 9) Roxio UPnP Renderer 9 [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sonic Shared\RoxioUPnPRenderer9.exe -> File not found

(Roxio Upnp Server 9) Roxio Upnp Server 9 [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Sonic Shared\RoxioUpnpService9.exe -> File not found

(RoxLiveShare9) LiveShare P2P Server 9 [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -> File not found

(SiteAdvisor Service) SiteAdvisor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\SiteAdvisor\6253\SAService.exe ->  [Ver =  | Size = 345376 bytes | Modified Date = 1/15/2008 5:43:01 PM | Attr =	]

(SmcService) Sygate Personal Firewall [Win32_Own | Auto | Running] -> %ProgramFiles%\Sygate\SPF\Smc.exe -> Sygate Technologies, Inc. [Ver = 5.6.00.2808 | Size = 2577632 bytes | Modified Date = 10/15/2004 7:40:56 PM | Attr =	]

(stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SureThing Shared\stllssvr.exe -> File not found

(Viewpoint Manager Service) Viewpoint Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> Viewpoint Corporation [Ver = 2, 0, 0, 54 | Size = 24652 bytes | Modified Date = 1/4/2007 3:38:08 PM | Attr =	]



[Driver Services - Non-Microsoft Only]

(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] ->  -> File not found

(abp480n5) abp480n5 [Kernel | Disabled | Stopped] ->  -> File not found

(adpu160m) adpu160m [Kernel | Disabled | Stopped] ->  -> File not found

(Aha154x) Aha154x [Kernel | Disabled | Stopped] ->  -> File not found

(aic78u2) aic78u2 [Kernel | Disabled | Stopped] ->  -> File not found

(aic78xx) aic78xx [Kernel | Disabled | Stopped] ->  -> File not found

(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5910 built by: WinDDK | Size = 3644928 bytes | Modified Date = 8/29/2005 4:11:00 PM | Attr =	]

(AliIde) AliIde [Kernel | Disabled | Stopped] ->  -> File not found

(AmdK8) AMD Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AmdK8.sys -> Advanced Micro Devices [Ver = 1.3.2 (dnsrv(wmbla).060701-2226) | Size = 36864 bytes | Modified Date = 7/1/2006 10:39:40 PM | Attr =	]

(amsint) amsint [Kernel | Disabled | Stopped] ->  -> File not found

(asc) asc [Kernel | Disabled | Stopped] ->  -> File not found

(asc3350p) asc3350p [Kernel | Disabled | Stopped] ->  -> File not found

(asc3550) asc3550 [Kernel | Disabled | Stopped] ->  -> File not found

(Atdisk) Atdisk [Kernel | Disabled | Stopped] ->  -> File not found

(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6764 | Size = 2843136 bytes | Modified Date = 12/20/2007 9:53:20 PM | Attr =	]

(ATITool) ATITool Overclocking Utility [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ATITool.sys ->  [Ver = 1.30 | Size = 24064 bytes | Modified Date = 11/10/2006 7:08:50 AM | Attr =	]

(cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] ->  -> File not found

(Changer) Changer [Kernel | System | Stopped] ->  -> File not found

(CmdIde) CmdIde [Kernel | Disabled | Stopped] ->  -> File not found

(Cpqarray) Cpqarray [Kernel | Disabled | Stopped] ->  -> File not found

(dac960nt) dac960nt [Kernel | Disabled | Stopped] ->  -> File not found

(DefragFS) DefragFS [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\DefragFs.sys -> Raxco Software, Inc. [Ver = 8.0013 built by: WinDDK | Size = 68624 bytes | Modified Date = 10/22/2007 5:33:40 AM | Attr =	]

(DLABMFSM) DLABMFSM [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\DLABMFSM.SYS -> Sonic Solutions [Ver = 9.01.03a | Size = 35128 bytes | Modified Date = 8/8/2006 8:18:28 AM | Attr =	]

(DLABOIOM) DLABOIOM [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\DLABOIOM.SYS -> Sonic Solutions [Ver = 9.01.03a | Size = 32504 bytes | Modified Date = 8/8/2006 8:18:22 AM | Attr =	]

(DLADResM) DLADResM [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\DLADResM.SYS -> Sonic Solutions [Ver = 9.01.03a | Size = 9432 bytes | Modified Date = 8/8/2006 8:18:50 AM | Attr =	]

(DLAIFS_M) DLAIFS_M [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\DLAIFS_M.SYS -> Sonic Solutions [Ver = 9.01.03a | Size = 104504 bytes | Modified Date = 8/8/2006 8:18:20 AM | Attr =	]

(DLAOPIOM) DLAOPIOM [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\DLAOPIOM.SYS -> Sonic Solutions [Ver = 9.01.03a | Size = 26136 bytes | Modified Date = 8/8/2006 8:18:24 AM | Attr =	]

(DLAPoolM) DLAPoolM [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\DLAPoolM.SYS -> Sonic Solutions [Ver = 9.01.03a | Size = 14552 bytes | Modified Date = 8/8/2006 8:18:20 AM | Attr =	]

(DLAUDFAM) DLAUDFAM [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\DLAUDFAM.SYS -> Sonic Solutions [Ver = 9.01.03a | Size = 94680 bytes | Modified Date = 8/8/2006 8:18:26 AM | Attr =	]

(DLAUDF_M) DLAUDF_M [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\DLAUDF_M.SYS -> Sonic Solutions [Ver = 9.01.03a | Size = 97880 bytes | Modified Date = 8/8/2006 8:18:26 AM | Attr =	]

(dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

(dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

(dmload) dmload [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

(dpti2o) dpti2o [Kernel | Disabled | Stopped] ->  -> File not found

(drvmcdb) drvmcdb [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\drvmcdb.sys -> Sonic Solutions [Ver = 8.10.44a | Size = 99208 bytes | Modified Date = 8/4/2006 7:37:28 AM | Attr =	]

(EagleNT) EagleNT [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\EagleNT.sys -> File not found

(ftsata2) ftsata2 [Kernel | Boot | Stopped] -> %SystemRoot%\system32\DRIVERS\ftsata2.sys -> File not found

(GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 9/19/2006 3:44:04 PM | Attr =	]

(giveio) giveio [Kernel | Boot | Running] -> %SystemRoot%\system32\giveio.sys ->  [Ver =  | Size = 5248 bytes | Modified Date = 4/3/1996 1:33:26 PM | Attr =	]

(hpn) hpn [Kernel | Disabled | Stopped] ->  -> File not found

(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZid412.sys -> HP [Ver = 9, 0, 0, 0 | Size = 51120 bytes | Modified Date = 3/8/2005 5:52:26 AM | Attr = R  ]

(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZipr12.sys -> HP [Ver = 9, 0, 0, 0 | Size = 16496 bytes | Modified Date = 3/8/2005 5:52:28 AM | Attr = R  ]

(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HPZius12.sys -> HP [Ver = 9, 0, 0, 0 | Size = 21744 bytes | Modified Date = 3/8/2005 5:52:28 AM | Attr = R  ]

(HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWBS2.sys -> Conexant Systems, Inc. [Ver = 7.20.00 built by: WinDDK | Size = 220928 bytes | Modified Date = 12/15/2004 4:18:32 PM | Attr =	]

(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> Conexant Systems, Inc. [Ver = 7.20.00 built by: WinDDK | Size = 1038208 bytes | Modified Date = 12/15/2004 4:18:26 PM | Attr =	]

(i2omgmt) i2omgmt [Kernel | System | Stopped] ->  -> File not found

(i2omp) i2omp [Kernel | Disabled | Stopped] ->  -> File not found

(iaStor) Intel RAID Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\iaStor.sys -> Intel Corporation [Ver = 5.1.0.1022 | Size = 872064 bytes | Modified Date = 6/17/2005 3:33:40 PM | Attr =	]

(ini910u) ini910u [Kernel | Disabled | Stopped] ->  -> File not found

(intelppm) Intel Processor Driver [Kernel | System | Stopped] -> system32\DRIVERS\intelppm.sys -> File not found

(kaspersky1) kaspersky1 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Robert\LOCALS~1\Temp\Rar$EX02.672\Kaspersky Engine 3.2\kaspersky.sys -> File not found

(kl1) kl1 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\kl1.sys -> Kaspersky Lab [Ver = 6.1.21.0 | Size = 110360 bytes | Modified Date = 4/28/2007 3:51:02 PM | Attr =	]

(klif) klif [Kernel | System | Running] -> %SystemRoot%\system32\drivers\klif.sys -> Kaspersky Lab [Ver = 6.12.10.319 | Size = 194320 bytes | Modified Date = 12/20/2007 12:48:48 PM | Attr =	]

(klim5) Kaspersky Anti-Virus NDIS Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\klim5.sys -> Kaspersky Lab [Ver = 6.1.22.0 | Size = 24344 bytes | Modified Date = 4/4/2007 1:58:26 PM | Attr =	]

(lbrtfdc) lbrtfdc [Kernel | System | Stopped] ->  -> File not found

(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Stopped] -> system32\DRIVERS\mcdbus.sys -> File not found

(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 13059 bytes | Modified Date = 3/17/2004 12:04:14 PM | Attr =	]

(mraid35x) mraid35x [Kernel | Disabled | Stopped] ->  -> File not found

(npkcrypt) npkcrypt [Kernel | Auto | Stopped] -> %ProgramFiles%\NEXON\MapleStory\npkcrypt.sys -> File not found

(oreans32) oreans32 [Kernel | System | Running] -> %SystemRoot%\system32\drivers\oreans32.sys ->  [Ver =  | Size = 33824 bytes | Modified Date = 12/21/2007 11:20:25 AM | Attr =	]

(PCIDump) PCIDump [Kernel | System | Stopped] ->  -> File not found

(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] ->  -> File not found

(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] ->  -> File not found

(PDRELI) PDRELI [Kernel | On_Demand | Stopped] ->  -> File not found

(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] ->  -> File not found

(perc2) perc2 [Kernel | Disabled | Stopped] ->  -> File not found

(perc2hib) perc2hib [Kernel | Disabled | Stopped] ->  -> File not found

(pfc) Padus ASPI Shell [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\pfc.sys -> Padus, Inc. [Ver = 2, 5, 0, 204 | Size = 10368 bytes | Modified Date = 9/19/2003 3:47:24 PM | Attr =	]

(PfModNT) PfModNT [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\PfModNT.sys -> Creative Technology Ltd. [Ver = 3.0.0.3 | Size = 15840 bytes | Modified Date = 3/5/2003 12:19:28 PM | Attr =	]

(PnkBstrK) PnkBstrK [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\PnkBstrK.sys ->  [Ver =  | Size = 22584 bytes | Modified Date = 11/15/2007 6:58:47 PM | Attr =	]

(Ps2) Ps2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\PS2.sys -> Hewlett-Packard Company [Ver = 1.0.2.0 | Size = 19072 bytes | Modified Date = 12/12/2005 4:27:00 PM | Attr =	]

(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.56a | Size = 43528 bytes | Modified Date = 8/30/2007 5:33:32 AM | Attr =	]

(ql1080) ql1080 [Kernel | Disabled | Stopped] ->  -> File not found

(Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] ->  -> File not found

(ql12160) ql12160 [Kernel | Disabled | Stopped] ->  -> File not found

(ql1240) ql1240 [Kernel | Disabled | Stopped] ->  -> File not found

(ql1280) ql1280 [Kernel | Disabled | Stopped] ->  -> File not found

(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Rtlnicxp.sys -> Realtek Semiconductor Corporation							[Ver = 5.621.0304.2005 built by: WinDDK | Size = 74496 bytes | Modified Date = 3/4/2005 12:10:26 PM | Attr =	]

(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 8/3/2004 11:31:34 PM | Attr =	]

(SAMFILT) SAMFILT [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\samfilt.sys -> Dolphin, Inc. [Ver = 1.00.000 | Size = 34688 bytes | Modified Date = 2/10/2006 5:55:36 PM | Attr =	]

(SCDEmu) SCDEmu [Kernel | System | Running] -> %SystemRoot%\system32\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 3, 6, 0, 0 | Size = 31644 bytes | Modified Date = 1/20/2007 1:11:07 AM | Attr =	]

(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 11/13/2007 4:25:53 AM | Attr =	]

(Simbad) Simbad [Kernel | Disabled | Stopped] ->  -> File not found

(SONYPVU1) Sony USB Filter Driver (SONYPVU1) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SONYPVU1.SYS -> Sony Corporation [Ver = 1.3.0526.0 (XPClient.010817-1148) | Size = 7552 bytes | Modified Date = 8/17/2001 12:56:16 PM | Attr =	]

(Sparrow) Sparrow [Kernel | Disabled | Stopped] ->  -> File not found

(speedfan) speedfan [Kernel | Boot | Running] -> %SystemRoot%\system32\speedfan.sys -> Windows ® 2000 DDK provider [Ver = 5.00.2195.5438 | Size = 5248 bytes | Modified Date = 9/24/2006 7:28:46 AM | Attr =	]

(StMp3Rec) Player Recovery Device Control Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\StMp3Rec.sys -> Generic [Ver = 5.2.3790.2000 | Size = 19840 bytes | Modified Date = 2/15/2007 2:14:28 PM | Attr =	]

(symc810) symc810 [Kernel | Disabled | Stopped] ->  -> File not found

(symc8xx) symc8xx [Kernel | Disabled | Stopped] ->  -> File not found

(sym_hi) sym_hi [Kernel | Disabled | Stopped] ->  -> File not found

(sym_u3) sym_u3 [Kernel | Disabled | Stopped] ->  -> File not found

(Teefer) Teefer for NT [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\Teefer.sys -> Sygate Technologies, Inc. [Ver = 1.60.1101 | Size = 60496 bytes | Modified Date = 10/15/2004 6:17:02 PM | Attr =	]

(tfsnboio) tfsnboio [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\tfsnboio.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 25725 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

(tfsncofs) tfsncofs [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\tfsncofs.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 34845 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

(tfsndrct) tfsndrct [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\tfsndrct.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 4125 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

(tfsndres) tfsndres [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\tfsndres.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 2241 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

(tfsnifs) tfsnifs [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\tfsnifs.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 86876 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

(tfsnopio) tfsnopio [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\tfsnopio.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 15069 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

(tfsnpool) tfsnpool [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\tfsnpool.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 6365 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

(tfsnudf) tfsnudf [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\tfsnudf.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 98716 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

(tfsnudfa) tfsnudfa [File_System | Auto | Stopped] -> %SystemRoot%\system32\DLA\tfsnudfa.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 100605 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

(TosIde) TosIde [Kernel | Disabled | Stopped] ->  -> File not found

(ultra) ultra [Kernel | Disabled | Stopped] ->  -> File not found

(USBIO) USBIO Driver (usbio.sys) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbio.sys -> Thesycon GmbH, Germany [Ver = 1.42.572 | Size = 19805 bytes | Modified Date = 5/7/2001 4:56:02 AM | Attr = R  ]

(vsdatant) vsdatant [Kernel | Disabled | Stopped] ->  -> File not found

(WDICA) WDICA [Kernel | On_Demand | Stopped] ->  -> File not found

(wg3n) SyGate for NT, wg3n [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\wg3n.sys -> Sygate Technologies, Inc. [Ver = 1.01.1223 | Size = 14568 bytes | Modified Date = 10/15/2004 6:32:38 PM | Attr =	]

(wg4n) SyGate for NT, wg4n [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\wg4n.sys -> Sygate Technologies, Inc. [Ver = 1.01.1223 | Size = 14568 bytes | Modified Date = 10/15/2004 6:32:40 PM | Attr =	]

(wg5n) SyGate for NT, wg5n [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\wg5n.sys -> Sygate Technologies, Inc. [Ver = 1.01.1223 | Size = 14568 bytes | Modified Date = 10/15/2004 6:32:42 PM | Attr =	]

(wg6n) SyGate for NT, wg6n [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\wg6n.sys -> Sygate Technologies, Inc. [Ver = 1.01.1223 | Size = 14568 bytes | Modified Date = 10/15/2004 6:32:44 PM | Attr =	]

(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> Conexant Systems, Inc. [Ver = 7.20.00 built by: WinDDK | Size = 703232 bytes | Modified Date = 12/15/2004 4:18:28 PM | Attr =	]

(wpsdrvnt) wpsdrvnt [Kernel | System | Running] -> %SystemRoot%\system32\drivers\wpsdrvnt.sys -> Sygate Technologies, Inc. [Ver = 1, 0, 0, 17 | Size = 21075 bytes | Modified Date = 10/15/2004 6:18:46 PM | Attr =	]

(XDva004) XDva004 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\XDva004.sys -> File not found

(XDva007) XDva007 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\XDva007.sys -> File not found

(XDva008) XDva008 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\XDva008.sys -> File not found

(XDva026) XDva026 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\XDva026.sys -> File not found

(XDva028) XDva028 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\XDva028.sys -> File not found

(XDva042) XDva042 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\XDva042.sys -> File not found

(XTrapD12) XTrapD12 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\XTrapD12.sys -> File not found



[Registry - Non-Microsoft Only]

< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 

AVP -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.0.125 | Size = 218376 bytes | Modified Date = 6/28/2007 11:51:38 AM | Attr =	]

SiteAdvisor -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.exe -> McAfee, Inc. [Ver = 1.7.0.53 | Size = 35928 bytes | Modified Date = 10/2/2006 1:09:42 PM | Attr =	]

SmcService -> %ProgramFiles%\Sygate\SPF\Smc.exe -> Sygate Technologies, Inc. [Ver = 5.6.00.2808 | Size = 2577632 bytes | Modified Date = 10/15/2004 7:40:56 PM | Attr =	]

StartCCC -> %ProgramFiles%\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ->  [Ver =  | Size = 90112 bytes | Modified Date = 11/10/2006 12:35:24 PM | Attr =	]

< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 

SpybotSD TeaTimer -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 5, 0, 9 | Size = 1460560 bytes | Modified Date = 8/31/2007 4:46:28 PM | Attr =	]

< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 

< Robert Startup Folder > -> C:\Documents and Settings\Robert\Start Menu\Programs\Startup -> 

%UserProfile%\Start Menu\Programs\Startup\Folding@Home 5.03.lnk -> %ProgramFiles%\Folding@Home\winFAH.exe -> Stanford University [Ver = 5, 0, 3, 0 | Size = 323584 bytes | Modified Date = 11/9/2004 12:45:06 PM | Attr =	]

%UserProfile%\Start Menu\Programs\Startup\Yahoo! Widgets.lnk -> %ProgramFiles%\Yahoo!\Widgets\YahooWidgets.exe -> Yahoo! Inc. [Ver = 4.5.1 | Size = 3746856 bytes | Modified Date = 12/11/2007 4:34:48 PM | Attr =	]

< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 

< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 

< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 

< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 

AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4176 | Size = 122880 bytes | Modified Date = 12/20/2007 8:58:55 PM | Attr =	]

klogon -> %SystemRoot%\system32\klogon.dll -> Kaspersky Lab [Ver = 7.0.0.125 | Size = 206088 bytes | Modified Date = 6/28/2007 11:51:48 AM | Attr =	]

< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 149 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.mss [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> File not found

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> C:\WINDOWS\Resources\Themes\Royale.the [C:\WINDOWS\Resources\Themes\Royale.theme] -> File not found

< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 0 -> 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> 

< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 

< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 

HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> [url=http://www.yahoo.com/]http://www.yahoo.com/[/url] -> 

HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> [url=http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com]http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com[/url] -> 

HKEY_LOCAL_MACHINE\: Main\\Search Bar -> [url=http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html]http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html[/url] -> 

HKEY_LOCAL_MACHINE\: Main\\Search Page -> [url=http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com]http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com[/url] -> 

HKEY_LOCAL_MACHINE\: Main\\Start Page -> [url=http://www.yahoo.com/]http://www.yahoo.com/[/url] -> 

HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> [url=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm]http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm[/url] -> 

HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> [url=http://www.google.com/ie]http://www.google.com/ie[/url] -> 

HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> [url=http://www.google.com/ie]http://www.google.com/ie[/url] -> 

< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 

HKEY_CURRENT_USER\: Main\\Default_Page_URL -> [url=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop]http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop[/url] -> 

HKEY_CURRENT_USER\: Main\\Default_Search_URL -> [url=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop]http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop[/url] -> 

HKEY_CURRENT_USER\: Main\\Search Bar -> [url=http://www.google.com/ie]http://www.google.com/ie[/url] -> 

HKEY_CURRENT_USER\: Main\\Search Page -> [url=http://www.google.com]http://www.google.com[/url] -> 

HKEY_CURRENT_USER\: Main\\Start Page -> [url=http://att.yahoo.com]http://att.yahoo.com[/url] -> 

HKEY_CURRENT_USER\: Search\\SearchAssistant -> [url=http://www.google.com/ie]http://www.google.com/ie[/url] -> 

HKEY_CURRENT_USER\: SearchURL\\ -> [url=http://www.google.com/search?q=%s]http://www.google.com/search?q=%s[/url][Reg Error: Value provider does not exist or could not be read.] -> 

HKEY_CURRENT_USER\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn2\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2007, 3, 20, 1 | Size = 803864 bytes | Modified Date = 3/20/2007 3:39:26 PM | Attr =	]

HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 

HKEY_CURRENT_USER\: ProxyOverride -> 127.0.0.1;*.local -> 

< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. -> 

trymedia.com .[http] -> Trusted sites -> 

trymedia.com .[https] -> Trusted sites -> 

1 domain(s) and sub-domain(s) not assigned to a zone.

< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 

< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 

2 domain(s) and sub-domain(s) not assigned to a zone.

< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 

< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 

{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn2\yt.dll [&Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2007, 3, 20, 1 | Size = 803864 bytes | Modified Date = 3/20/2007 3:39:26 PM | Attr =	]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 12/18/2006 4:16:42 AM | Attr =	]

{089FD14D-132B-48FC-8861-0048AE113215} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.dll [Reg Error: Value  does not exist or could not be read.] ->  [Ver =  | Size = 927008 bytes | Modified Date = 12/4/2007 3:02:24 PM | Attr =	]

{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\FlashGet\jccatch.dll [FGCatchUrl] -> www.flashget.com [Ver = 1, 8, 4, 1007 | Size = 94308 bytes | Modified Date = 5/16/2007 3:03:26 AM | Attr =	]

{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 4:46:14 PM | Attr =	]

{5A263CF7-56A6-4D68-A8CF-345BE45BC911} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Search\YSearchSuggest.dll [Yahoo! IE Suggest] -> Yahoo! Inc. [Ver = 2007, 2, 23, 1 | Size = 140840 bytes | Modified Date = 2/23/2007 5:04:32 PM | Attr =	]

{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\common\yiesrvc.dll [Yahoo! IE Services Button] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:33:54 PM | Attr =	]

{5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\DLA\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118844 bytes | Modified Date = 5/31/2005 4:33:00 AM | Attr =	]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 12:11:33 AM | Attr =	]

{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar4.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/19/2007 11:55:32 PM | Attr = R  ]

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 0, 301, 7164 | Size = 325048 bytes | Modified Date = 8/1/2007 10:11:29 AM | Attr =	]

{F156768E-81EF-470C-9057-481BA8380DBA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\FlashGet\getflash.dll [FlashGet GetFlash Class] -> www.flashget.com [Ver = 1, 8, 4, 1003 | Size = 163840 bytes | Modified Date = 5/15/2007 11:05:16 PM | Attr =	]

{F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\browser\YSidebarIEBHO.dll [SidebarAutoLaunch Class] -> Yahoo! Inc. [Ver = 2004, 8, 3, 1 | Size = 124032 bytes | Modified Date = 2/3/2005 4:07:08 PM | Attr =	]

< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 

ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/19/2007 11:55:32 PM | Attr = R  ]

ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found

WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 1/19/2007 11:55:32 PM | Attr = R  ]

WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found

WebBrowser\\{5D956A61-05E7-427B-A2B1-BF32FB18B1BE} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found

WebBrowser\\{D554D8FC-B36D-4BB4-93DB-4A3394D505E3} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found

WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn2\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2007, 3, 20, 1 | Size = 803864 bytes | Modified Date = 3/20/2007 3:39:26 PM | Attr =	]

WebBrowser\\{F4D76F09-7896-458A-890F-E1F05C46069F} [HKEY_LOCAL_MACHINE] ->  [Ask Toolbar] -> File not found

< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_03\bin\npjpi160_03.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 12:11:34 AM | Attr =	]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 12:11:33 AM | Attr =	]

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}:BandCLSID -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Web Anti-Virus statistics] -> Kaspersky Lab [Ver = 7.0.0.125 | Size = 222472 bytes | Modified Date = 6/28/2007 11:51:52 AM | Attr =	]

{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\common\yiesrvc.dll [AT&T Yahoo! Services] -> Yahoo! Inc. [Ver = 2006, 10, 31, 3 | Size = 198136 bytes | Modified Date = 10/31/2006 3:33:54 PM | Attr =	]

{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}:Exec -> %ProgramFiles%\FlashGet\flashget.exe [FlashGet] -> FlashGet.com [Ver = 1, 8, 6, 1008 | Size = 1986608 bytes | Modified Date = 5/29/2007 9:30:16 AM | Attr =	]

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 4:46:14 PM | Attr =	]

{E2D4D26B-0180-43a4-B05F-462D6D54C789}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Connection Help] -> File not found

< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 

&Download All with FlashGet -> %ProgramFiles%\FlashGet\JC_ALL.HTM ->  [Ver =  | Size = 1049 bytes | Modified Date = 5/15/2007 3:10:34 AM | Attr =	]

&Download with FlashGet -> %ProgramFiles%\FlashGet\JC_LINK.HTM ->  [Ver =  | Size = 1898 bytes | Modified Date = 5/15/2007 3:10:34 AM | Attr =	]

< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 

PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 

PluginsPage -> [url=http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s]http://activex.microsoft.com/controls/find...=%s&mime=%s[/url] -> 

Extension\.spop -> %ProgramFiles%\Internet Explorer\PLUGINS\NPDocBox.dll [] -> InterTrust Technologies Corporation, Inc. [Ver = 1.0.30.95 | Size = 225280 bytes | Modified Date = 1/30/2001 1:56:24 PM | Attr =	]

< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 

{38642DF6-FAB8-4B68-B3CE-C69835F870C4} ->	(Realtek RTL8139/810x Family Fast Ethernet NIC) -> 

{892900FC-9814-4488-99C0-81491C1EE93D} ->	(HP EN1207D-TX PCI 10/100 Fast Ethernet Adapter) -> 

{F776E0B3-30EA-4F19-8B87-AB41068DDB76} ->	(1394 Net Adapter) -> 

< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 

NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 94208 bytes | Modified Date = 2/28/2006 11:42:30 AM | Attr =	]

< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 

ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value  does not exist or could not be read.] -> File not found

msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value  does not exist or could not be read.] -> File not found

siteadvisor:{3A5DC592-7723-4EAA-9EE6-AF4222BCF879} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.dll[Reg Error: Value  does not exist or could not be read.] ->  [Ver =  | Size = 927008 bytes | Modified Date = 12/4/2007 3:02:24 PM | Attr =	]

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 

{00B71CFB-6864-4346-A978-C0A14556272C}[HKEY_LOCAL_MACHINE] -> [url=http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab]http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab[/url][Checkers Class] -> 

{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}[HKEY_LOCAL_MACHINE] -> [url=http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab]http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab[/url][QuickTime Object] -> 

{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}[HKEY_LOCAL_MACHINE] -> [url=http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab]http://download.microsoft.com/download/e/7.../OGAControl.cab[/url][Office Genuine Advantage Validation Tool] -> 

{14B87622-7E19-4EA8-93B3-97215F77A6BC}[HKEY_LOCAL_MACHINE] -> [url=http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab]http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab[/url][MessengerStatsClient Class] -> 

{215B8138-A3CF-44C5-803F-8226143CFC0A}[HKEY_LOCAL_MACHINE] -> [url=http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab]http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab[/url][Trend Micro ActiveX Scan Agent 6.6] -> 

{231B1C6E-F934-42A2-92B6-C2FEFEC24276}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\common\yucconfig.dll[yucsetreg Class] -> 

{2917297F-F02B-4B9D-81DF-494B6333150B}[HKEY_LOCAL_MACHINE] -> [url=http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab]http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab[/url][Minesweeper Flags Class] -> 

{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll[Installation Support] -> 

{39B0684F-D7BF-4743-B050-FDC3F48F7E3B}[HKEY_LOCAL_MACHINE] -> [url=http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab]http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

{48884C41-EFAC-433D-958A-9FADAC41408E}[HKEY_LOCAL_MACHINE] -> [url=https://www.e-games.com.my/com/EGamesPlugin.cab]https://www.e-games.com.my/com/EGamesPlugin.cab[/url][EGamesPlugin Class] -> 

{58172624-85DD-4482-9E64-02ADCA637E96}[HKEY_LOCAL_MACHINE] -> [url=http://www.kungfuchess.com/activex/web665.cab]http://www.kungfuchess.com/activex/web665.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

{5F5F9FB8-878E-4455-95E0-F64B2314288A}[HKEY_LOCAL_MACHINE] -> [url=http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab]http://gamedownload.ijjimax.com/gamedownlo...Plugin11USA.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

{69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A}[HKEY_LOCAL_MACHINE] -> [url=http://www.acclaim.com/cabs/acclaim_v5.cab]http://www.acclaim.com/cabs/acclaim_v5.cab[/url][GameLauncher Control] -> 

{8A0019EB-51FA-4AE5-A40B-C0496BBFC739}[HKEY_LOCAL_MACHINE] -> [url=http://www.vzwpix.com/activex/VerizonWirelessUploadControl.cab]http://www.vzwpix.com/activex/VerizonWirel...loadControl.cab[/url][Verizon Wireless Media Upload] -> 

{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.6.0_03] -> 

{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}[HKEY_LOCAL_MACHINE] -> [url=http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab]http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab[/url][MessengerStatsClient Class] -> 

{A2E05F45-F127-4092-B9F7-9A02C3E04C77}[HKEY_LOCAL_MACHINE] -> [url=http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin7USA.cab]http://gamedownload.ijjimax.com/gamedownlo...GPlugin7USA.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

{B8BE5E93-A60C-4D26-A2DC-220313175592}[HKEY_LOCAL_MACHINE] -> [url=http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab]http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab[/url][ZoneIntro Class] -> 

{C3F79A2B-B9B4-4A66-B012-3EE46475B072}[HKEY_LOCAL_MACHINE] -> [url=http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab]http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab]http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.5.0_05] -> 

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab]http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.5.0_06] -> 

{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab]http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.5.0_09] -> 

{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab]http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.5.0_10] -> 

{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab]http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.5.0_11] -> 

{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.6.0_01] -> 

{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.6.0_02] -> 

{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.6.0_03] -> 

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[/url][Java Plug-in 1.6.0_03] -> 

{CD995117-98E5-4169-9920-6C12D4C0B548}[HKEY_LOCAL_MACHINE] -> [url=http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab]http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

{CEE326E8-7571-4086-B347-3C0ACA9A9DE8}[HKEY_LOCAL_MACHINE] -> [url=http://config.hyosungcdn.com/download/hsloadset.cab]http://config.hyosungcdn.com/download/hsloadset.cab[/url][PcubeSet Class] -> 

{DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF}[HKEY_LOCAL_MACHINE] -> [url=http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab]http://gamedownload.ijjimax.com/gamedownlo...Plugin10USA.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

{E6187999-9FEC-46A1-A20F-F4CA977D5643}[HKEY_LOCAL_MACHINE] -> [url=http://messenger.zone.msn.com/binary/Chess.cab31267.cab]http://messenger.zone.msn.com/binary/Chess.cab31267.cab[/url][ZoneChess Object] -> 

Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> 

Video Poker[HKEY_LOCAL_MACHINE] -> [url=http://download.games.yahoo.com/games/clients/y/vpt0_x.cab]http://download.games.yahoo.com/games/clients/y/vpt0_x.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

Yahoo! Games Voice Chat[HKEY_LOCAL_MACHINE] -> [url=http://presence.games.yahoo.com/yog/y/va1_x.cab]http://presence.games.yahoo.com/yog/y/va1_x.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

Yahoo! Graffiti[HKEY_LOCAL_MACHINE] -> [url=http://download.games.yahoo.com/games/clients/y/grt5_x.cab]http://download.games.yahoo.com/games/clients/y/grt5_x.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

Yahoo! Literati[HKEY_LOCAL_MACHINE] -> [url=http://download2.games.yahoo.com/games/clients/y/tt5_x.cab]http://download2.games.yahoo.com/games/clients/y/tt5_x.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

Yahoo! Poker[HKEY_LOCAL_MACHINE] -> [url=http://download.games.yahoo.com/games/clients/y/pt3_x.cab]http://download.games.yahoo.com/games/clients/y/pt3_x.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 

Yahoo! Pool 2[HKEY_LOCAL_MACHINE] -> [url=http://download2.games.yahoo.com/games/clients/y/poti_x.cab]http://download2.games.yahoo.com/games/clients/y/poti_x.cab[/url][Reg Error: Key does not exist or could not be opened.] -> 





[Registry - Additional Scans - Non-Microsoft Only]

< BotCheck > -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll ->  -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\DisableMonitoring -> 1 -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\ ->  -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> 

Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> 

Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> ->

*Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 

msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

*MultiFile Done* -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> 

*Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 

kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 6/15/2005 11:49:30 AM | Attr =	]

msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 4/25/2007 8:21:15 AM | Attr =	]

wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49152 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

*MultiFile Done* -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 992 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> 

*Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> 

scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

*MultiFile Done* -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> 

*ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> 

Windows NT Access Provider ->  -> File not found

*MultiFile Done* -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> C:\WINDOWS\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> [url=http://www.passport.com]http://www.passport.com[/url] -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup ->  -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 161326 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe -> C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe [C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP] -> Hewlett-Packard [Ver = Version 6.3.2 (Build 116R) | Size = 36903 bytes | Modified Date = 11/12/2005 10:31:38 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\1154073636\ee\AOLServiceHost.exe -> C:\Program Files\Common Files\AOL\1154073636\ee\AOLServiceHost.exe [C:\Program Files\Common Files\AOL\1154073636\ee\AOLServiceHost.exe:*:Enabled:AOL Services] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\Loader\aolload.exe -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> AOL LLC [Ver = 9.3.2.2 | Size = 10800 bytes | Modified Date = 11/3/2006 1:17:27 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe [C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\AIM\aim.exe -> C:\Program Files\AIM\aim.exe [C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> Microsoft Corporation [Ver = 8.1.0178.00 | Size = 5674352 bytes | Modified Date = 1/19/2007 12:54:56 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> Microsoft Corporation [Ver = 1.1.161.0 | Size = 297752 bytes | Modified Date = 1/4/2007 4:10:02 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\NCsoft\Exteel\System\Exteel.exe -> C:\Program Files\NCsoft\Exteel\System\Exteel.exe [C:\Program Files\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll [1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll [2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10243:TCP -> 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10280:UDP -> 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10281:UDP -> 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10282:UDP -> 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10283:UDP -> 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\10284:UDP -> 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe] -> Hewlett-Packard Co. [Ver = 82.0.188.000 | Size = 210520 bytes | Modified Date = 1/2/2007 9:40:10 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe -> C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe] -> Hewlett-Packard Co. [Ver = 82.0.201.000 | Size = 271960 bytes | Modified Date = 1/18/2007 2:35:40 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe -> C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe [C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe] -> Hewlett-Packard Co. [Ver = 50.0.214.000 | Size = 225280 bytes | Modified Date = 6/3/2005 6:50:00 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe -> C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe [C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe] -> Hewlett-Packard Co. [Ver = 50.0.214.000 | Size = 40960 bytes | Modified Date = 6/3/2005 6:50:14 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hposid01.exe -> C:\Program Files\HP\Digital Imaging\bin\hposid01.exe [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe] -> Hewlett-Packard Co. [Ver = 82.0.201.000 | Size = 108120 bytes | Modified Date = 1/18/2007 2:35:40 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe -> C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe [C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe] ->  [Ver = 3, 2, 0,940 | Size = 200704 bytes | Modified Date = 5/11/2005 6:50:34 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe -> C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe] -> Hewlett-Packard [Ver = 5.1.0.940 | Size = 1081344 bytes | Modified Date = 5/11/2005 6:07:26 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe -> C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe [C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe] -> Hewlett-Packard Co. [Ver = 50.0.214.000 | Size = 172032 bytes | Modified Date = 6/3/2005 7:12:34 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe -> C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe [C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe] -> Hewlett-Packard [Ver = 2.4 | Size = 151635 bytes | Modified Date = 5/11/2005 6:34:02 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe -> C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe [C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe] -> Hewlett-Packard Co. [Ver = 50.0.214.000 | Size = 458752 bytes | Modified Date = 6/3/2005 6:51:06 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe -> C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe [C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe] ->  [Ver = 5.0.0.247 | Size = 417792 bytes | Modified Date = 3/16/2005 12:12:10 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe -> C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe [C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe] ->   [Ver = 5.0.0.247 | Size = 704512 bytes | Modified Date = 3/16/2005 12:17:50 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe -> C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe] -> Hewlett-Packard Co. [Ver = 50.0.214.000 | Size = 57344 bytes | Modified Date = 6/3/2005 7:06:04 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\DISC\DISCover.exe -> C:\Program Files\DISC\DISCover.exe [C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System] -> Digital Interactive Systems Corporation [Ver = 3.33.2005.0406 | Size = 1073152 bytes | Modified Date = 5/1/2006 10:34:58 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\DISC\DiscStreamHub.exe -> C:\Program Files\DISC\DiscStreamHub.exe [C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub] -> Digital Interactive Systems Corporation, Inc. [Ver = 3.33.2005.406 | Size = 57344 bytes | Modified Date = 5/1/2006 10:36:21 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\DISC\myFTP.exe -> C:\Program Files\DISC\myFTP.exe [C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP] -> Digital Interactive Systems Corporation, Inc. [Ver = 3.33.2005.406 | Size = 94208 bytes | Modified Date = 5/1/2006 10:52:23 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe -> C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe [C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP] -> Hewlett-Packard [Ver = Version 6.3.2 (Build 116R) | Size = 36903 bytes | Modified Date = 11/12/2005 10:31:38 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\EarthLink TotalAccess\TaskPanl.exe -> C:\Program Files\EarthLink TotalAccess\TaskPanl.exe [C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\1139770828\ee\aolsoftware.exe -> C:\Program Files\Common Files\AOL\1139770828\ee\aolsoftware.exe [C:\Program Files\Common Files\AOL\1139770828\ee\aolsoftware.exe:*:Enabled:AOL Services] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\1139770828\ee\aim6.exe -> C:\Program Files\Common Files\AOL\1139770828\ee\aim6.exe [C:\Program Files\Common Files\AOL\1139770828\ee\aim6.exe:*:Enabled:AIM] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> Microsoft Corporation [Ver = 4.7.3001 | Size = 1694208 bytes | Modified Date = 10/13/2004 5:24:38 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\softnyx\GunboundWC\GunBound.gme -> C:\Program Files\softnyx\GunboundWC\GunBound.gme [C:\Program Files\softnyx\GunboundWC\GunBound.gme:*:Enabled:GunBound] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Yahoo!\Messenger\YPager.exe -> C:\Program Files\Yahoo!\Messenger\YPager.exe [C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Yahoo!\Messenger\YServer.exe -> C:\Program Files\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> Yahoo! Inc. [Ver = 3, 0, 0, 1 | Size = 91640 bytes | Modified Date = 3/27/2007 2:22:58 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\softnyx\Rakion\Bin\Rakion.bin -> C:\Program Files\softnyx\Rakion\Bin\rakion.bin [C:\Program Files\softnyx\Rakion\Bin\Rakion.bin:*:Enabled:Rakion] ->  [Ver =  | Size = 1010688 bytes | Modified Date = 1/13/2008 8:53:29 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\1151967769\ee\aolsoftware.exe -> C:\Program Files\Common Files\AOL\1151967769\ee\aolsoftware.exe [C:\Program Files\Common Files\AOL\1151967769\ee\aolsoftware.exe:*:Enabled:AOL Services] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\1151967769\ee\aim6.exe -> C:\Program Files\Common Files\AOL\1151967769\ee\aim6.exe [C:\Program Files\Common Files\AOL\1151967769\ee\aim6.exe:*:Enabled:AIM] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\1154073636\ee\aolsoftware.exe -> C:\Program Files\Common Files\AOL\1154073636\ee\aolsoftware.exe [C:\Program Files\Common Files\AOL\1154073636\ee\aolsoftware.exe:*:Enabled:AOL Services] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\1154073636\ee\aim6.exe -> C:\Program Files\Common Files\AOL\1154073636\ee\aim6.exe [C:\Program Files\Common Files\AOL\1154073636\ee\aim6.exe:*:Enabled:AIM] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\1154073636\ee\AOLServiceHost.exe -> C:\Program Files\Common Files\AOL\1154073636\ee\AOLServiceHost.exe [C:\Program Files\Common Files\AOL\1154073636\ee\AOLServiceHost.exe:*:Enabled:AOL Services] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\Loader\aolload.exe -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> AOL LLC [Ver = 9.3.2.2 | Size = 10800 bytes | Modified Date = 11/3/2006 1:17:27 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe [C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AIM\aim.exe -> C:\Program Files\AIM\aim.exe [C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Sierra\FEARCombat\FEARMP.exe -> C:\Program Files\Sierra\FEARCombat\FEARMP.exe [C:\Program Files\Sierra\FEARCombat\FEARMP.exe:*:Enabled:FEAR Combat] -> Monolith Productions, Inc. [Ver = 1.08.282.0 | Size = 5431296 bytes | Modified Date = 8/25/2006 2:54:04 PM | Attr = R  ]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> Yahoo! Inc. [Ver = 8,1,0,249 | Size = 4670968 bytes | Modified Date = 3/27/2007 2:22:56 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BitTorrent\bittorrent.exe -> C:\Program Files\BitTorrent\bittorrent.exe [C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] ->  [Ver =  | Size = 43008 bytes | Modified Date = 3/1/2007 5:11:22 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> Microsoft Corporation [Ver = 8.1.0178.00 | Size = 5674352 bytes | Modified Date = 1/19/2007 12:54:56 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> Microsoft Corporation [Ver = 1.1.161.0 | Size = 297752 bytes | Modified Date = 1/4/2007 4:10:02 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\p3xsvr.exe -> C:\WINDOWS\system32\p3xsvr.exe [C:\WINDOWS\system32\p3xsvr.exe:*:Enabled:P3XferSvr test] -> PeeringPortal Inc. [Ver = 1, 8, 0, 50513 | Size = 261384 bytes | Modified Date = 4/12/2007 6:39:19 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe -> C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe [C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit] -> Autodesk, Inc. [Ver = 9.0.0.100 | Size = 5946368 bytes | Modified Date = 9/29/2006 1:30:46 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Autodesk\Backburner\monitor.exe -> C:\Program Files\Autodesk\Backburner\monitor.exe [C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor] -> Autodesk, Inc. [Ver = 2007.0.1.218 | Size = 425984 bytes | Modified Date = 9/6/2006 2:39:14 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Autodesk\Backburner\manager.exe -> C:\Program Files\Autodesk\Backburner\manager.exe [C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager] -> Autodesk, Inc. [Ver = 2007.0.1.218 | Size = 110592 bytes | Modified Date = 9/6/2006 2:39:10 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Autodesk\Backburner\server.exe -> C:\Program Files\Autodesk\Backburner\server.exe [C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server] -> Autodesk, Inc. [Ver = 2007.0.1.218 | Size = 110592 bytes | Modified Date = 9/6/2006 2:39:12 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Bonjour\mDNSResponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 11:42:38 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe -> C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe [C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager] -> Nexon [Ver = 1, 0, 0, 4 | Size = 110592 bytes | Modified Date = 10/2/2007 7:19:55 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\utorrent.exe -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent] ->  [Ver =  | Size = 219952 bytes | Modified Date = 9/29/2007 7:52:48 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\FlashGet\FlashGet.exe -> C:\Program Files\FlashGet\flashget.exe [C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget] -> FlashGet.com [Ver = 1, 8, 6, 1008 | Size = 1986608 bytes | Modified Date = 5/29/2007 9:30:16 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Robert\Local Settings\Temp\nsm265.tmp\utorrent.exe -> C:\Documents and Settings\Robert\Local Settings\Temp\nsm265.tmp\utorrent.exe [C:\Documents and Settings\Robert\Local Settings\Temp\nsm265.tmp\utorrent.exe:*:Enabled:µTorrent] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> Microsoft Corporation [Ver = 12.0.6023.5000 | Size = 12831608 bytes | Modified Date = 5/25/2007 7:09:50 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> Microsoft Corporation [Ver = 12.0.4518.1014 | Size = 1018664 bytes | Modified Date = 10/27/2006 2:03:04 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Robert\Local Settings\Temp\nsgD6.tmp\utorrent.exe -> C:\Documents and Settings\Robert\Local Settings\Temp\nsgD6.tmp\utorrent.exe [C:\Documents and Settings\Robert\Local Settings\Temp\nsgD6.tmp\utorrent.exe:*:Enabled:µTorrent] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Xfire\Xfire.exe -> C:\Program Files\Xfire\Xfire.exe [C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire] -> Xfire Inc. [Ver = 13133 | Size = 2880336 bytes | Modified Date = 1/30/2008 8:02:36 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\id Software\Enemy Territory - QUAKE Wars Demo\etqw.exe -> C:\Program Files\id Software\Enemy Territory - QUAKE Wars Demo\etqw.exe [C:\Program Files\id Software\Enemy Territory - QUAKE Wars Demo\etqw.exe:*:Enabled:Enemy Territory - QUAKE Wars(tm) Demo] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\id Software\Enemy Territory - QUAKE Wars Demo\etqwded.exe -> C:\Program Files\id Software\Enemy Territory - QUAKE Wars Demo\etqwded.exe [C:\Program Files\id Software\Enemy Territory - QUAKE Wars Demo\etqwded.exe:*:Enabled:etqwded.exe] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Nexon\KartRider\NMService.exe -> C:\Nexon\KartRider\NMService.exe [C:\Nexon\KartRider\NMService.exe:*:Enabled:Nexon Messenger Core] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\InterVideo\DVD8\WinDVD.exe -> C:\Program Files\InterVideo\DVD8\WinDVD.exe [C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD] -> InterVideo Inc. [Ver = 8.0.6.109 | Size = 726552 bytes | Modified Date = 3/20/2007 12:38:02 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\NCsoft\Exteel\System\Exteel.exe -> C:\Program Files\NCsoft\Exteel\System\Exteel.exe [C:\Program Files\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe -> C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe [C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 768512 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\ehome\ehshell.exe -> C:\WINDOWS\ehome\ehshell.exe [C:\WINDOWS\ehome\ehshell.exe:LocalSubNet:Enabled:Media Center] -> Microsoft Corporation [Ver = 5.1.2715.3011 (xpsp(wmbla).061009-1511) | Size = 3223552 bytes | Modified Date = 10/9/2006 3:19:14 PM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> Apple Inc. [Ver = 7.6.0.29 | Size = 19926824 bytes | Modified Date = 1/15/2008 3:22:48 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus] -> Kaspersky Lab [Ver = 7.0.0.125 | Size = 218376 bytes | Modified Date = 6/28/2007 11:51:38 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll [2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll [139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll [445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll [137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll [138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\22527:TCP -> 22527:TCP:*:Enabled:BitComet 22527 TCP -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\22527:UDP -> 22527:UDP:*:Enabled:BitComet 22527 UDP -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll [1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007] -> File not found

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10243:TCP -> 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10280:UDP -> 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10281:UDP -> 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10282:UDP -> 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10283:UDP -> 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\10284:UDP -> 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3776:UDP -> 3776:UDP:*:Enabled:Media Center Extender Service -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3390:TCP -> 3390:TCP:*:Enabled:Remote Media Center Experience -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings\\AllowInboundEchoRequest -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Description -> Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. -> 

*DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DependOnService -> 

RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/26/2005 5:39:50 AM | Attr =	]

*MultiFile Done* -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DisplayName -> Remote Registry -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ErrorControl -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k LocalService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ObjectName -> NT AUTHORITY\LocalService -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Group ->  -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Start -> 4 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Type -> 32 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\FailureActions -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\\ServiceDll -> C:\WINDOWS\system32\regsvc.dll [%SystemRoot%\system32\regsvc.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\\Security -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\0 -> Root\LEGACY_REMOTEREGISTRY\0000 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\Count -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\NextInstance -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Type -> 16 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 4 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ErrorControl -> 1 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ImagePath -> C:\WINDOWS\system32\tlntsvr.exe [C:\WINDOWS\system32\tlntsvr.exe] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73216 bytes | Modified Date = 8/10/2004 6:00:00 AM | Attr =	]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DisplayName -> Telnet -> 

*DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnService -> 

RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/26/2005 5:39:50 AM | Attr =	]

TCPIP ->  -> File not found

NTLMSSP ->  -> File not found

*MultiFile Done* -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnGroup ->  -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ObjectName -> LocalSystem -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Description -> Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\ -> -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\\Security -> (binary data) -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\EnableAutodial -> 0 ->



[Files/Folders - Created Within 30 days]

3cwmcru.sys -> %SystemRoot%\System32\dllcache\3cwmcru.sys -> 3Com, Inc. [Ver =  1.44.008.0020 | Size = 762780 bytes | Modified Date = 8/17/2001 1:28:00 PM | Attr =	]

3dfxvs.dll -> %SystemRoot%\System32\dllcache\3dfxvs.dll -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 689216 bytes | Modified Date = 8/17/2001 2:55:58 PM | Attr =	]

3dfxvsm.sys -> %SystemRoot%\System32\dllcache\3dfxvsm.sys -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 148352 bytes | Modified Date = 8/17/2001 12:48:32 PM | Attr =	]

a3d.dll -> %SystemRoot%\System32\dllcache\a3d.dll -> Aureal Semiconductor [Ver = 2.09 | Size = 98304 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

a3dapi.dll -> %SystemRoot%\System32\dllcache\a3dapi.dll -> Aureal Inc. [Ver = 3.02 | Size = 462848 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

ac97ali.sys -> %SystemRoot%\System32\dllcache\ac97ali.sys -> Acer Laboratories Inc. [Ver = 5.12.01.6003 | Size = 231552 bytes | Modified Date = 8/3/2004 10:32:22 PM | Attr =	]

ac97intc.sys -> %SystemRoot%\System32\dllcache\ac97intc.sys -> Intel Corporation [Ver = 5.10.3523 built by: WinDDK | Size = 96256 bytes | Modified Date = 8/17/2001 12:20:04 PM | Attr =	]

ac97sis.sys -> %SystemRoot%\System32\dllcache\ac97sis.sys -> Silicon Integrated Systems Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 297728 bytes | Modified Date = 8/17/2001 12:20:16 PM | Attr =	]

ac97via.sys -> %SystemRoot%\System32\dllcache\ac97via.sys -> VIA Technologies, Inc. [Ver = 5.10.00.3622 built by: WinDDK | Size = 84480 bytes | Modified Date = 8/3/2004 10:32:32 PM | Attr =	]

acerscad.dll -> %SystemRoot%\System32\dllcache\acerscad.dll -> Color Flatbed Scanner [Ver = 1, 0, 0, 0 | Size = 61440 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

adm8511.sys -> %SystemRoot%\System32\dllcache\adm8511.sys -> ADMtek Incorporated [Ver = 2.04.2001.0719 built by: WinDDK | Size = 20160 bytes | Modified Date = 8/17/2001 12:11:18 PM | Attr =	]

adm8810.sys -> %SystemRoot%\System32\dllcache\adm8810.sys -> Aureal, Inc. [Ver = 5.12.01.3500 | Size = 584448 bytes | Modified Date = 8/17/2001 12:19:10 PM | Attr =	]

adm8820.sys -> %SystemRoot%\System32\dllcache\adm8820.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 553984 bytes | Modified Date = 8/17/2001 12:19:14 PM | Attr =	]

adm8830.sys -> %SystemRoot%\System32\dllcache\adm8830.sys -> Aureal, Inc. [Ver = 5.12.01.2500 | Size = 747392 bytes | Modified Date = 8/17/2001 12:19:14 PM | Attr =	]

admjoy.sys -> %SystemRoot%\System32\dllcache\admjoy.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 10880 bytes | Modified Date = 8/3/2004 10:32:24 PM | Attr =	]

adptsf50.sys -> %SystemRoot%\System32\dllcache\adptsf50.sys -> Adaptec, Inc  [Ver = V5.10.22 | Size = 46112 bytes | Modified Date = 8/17/2001 12:11:16 PM | Attr =	]

adv01nt5.dll -> %SystemRoot%\System32\dllcache\adv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 4255 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

adv02nt5.dll -> %SystemRoot%\System32\dllcache\adv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 3967 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

adv05nt5.dll -> %SystemRoot%\System32\dllcache\adv05nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 3615 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

adv07nt5.dll -> %SystemRoot%\System32\dllcache\adv07nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 3647 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

adv08nt5.dll -> %SystemRoot%\System32\dllcache\adv08nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 3135 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

adv09nt5.dll -> %SystemRoot%\System32\dllcache\adv09nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 3711 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

adv11nt5.dll -> %SystemRoot%\System32\dllcache\adv11nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 3775 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

ali5261.sys -> %SystemRoot%\System32\dllcache\ali5261.sys -> Acer Laboratories Inc. [Ver = 5.01.2462.0102 | Size = 27678 bytes | Modified Date = 8/17/2001 12:11:18 PM | Attr =	]

alifir.sys -> %SystemRoot%\System32\dllcache\alifir.sys -> Acer Laboratories Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 26624 bytes | Modified Date = 8/17/2001 1:49:02 PM | Attr =	]

aliide.sys -> %SystemRoot%\System32\dllcache\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 8/17/2001 1:51:56 PM | Attr =	]

amb8002.sys -> %SystemRoot%\System32\dllcache\amb8002.sys -> AmbiCom, Inc. [Ver = v3.03 | Size = 16969 bytes | Modified Date = 8/17/2001 12:11:20 PM | Attr =	]

amdagp.sys -> %SystemRoot%\System32\dllcache\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 8/3/2004 11:07:44 PM | Attr =	]

an983.sys -> %SystemRoot%\System32\dllcache\an983.sys -> ADMtek Incorporated. [Ver = 2.17.1025.2001 built by: WinDDK | Size = 36224 bytes | Modified Date = 8/3/2004 10:31:20 PM | Attr =	]

asc.sys -> %SystemRoot%\System32\dllcache\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 8/17/2001 1:52:00 PM | Attr =	]

asc3550.sys -> %SystemRoot%\System32\dllcache\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 8/17/2001 1:51:58 PM | Attr =	]

aspndis3.sys -> %SystemRoot%\System32\dllcache\aspndis3.sys -> Bay Networks, Inc. [Ver = 3.23.11 | Size = 97354 bytes | Modified Date = 8/17/2001 12:12:34 PM | Attr =	]

ati.sys -> %SystemRoot%\System32\dllcache\ati.sys -> ATI Technologies, Inc. [Ver = 3.0.62 (XPClient.010817-1148) | Size = 77568 bytes | Modified Date = 8/17/2001 1:57:12 PM | Attr =	]

ati1btxx.sys -> %SystemRoot%\System32\dllcache\ati1btxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 56623 bytes | Modified Date = 8/3/2004 10:29:30 PM | Attr =	]

ati1mdxx.sys -> %SystemRoot%\System32\dllcache\ati1mdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 11615 bytes | Modified Date = 8/3/2004 10:29:30 PM | Attr =	]

ati1pdxx.sys -> %SystemRoot%\System32\dllcache\ati1pdxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 12047 bytes | Modified Date = 8/3/2004 10:29:30 PM | Attr =	]

ati1raxx.sys -> %SystemRoot%\System32\dllcache\ati1raxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 30671 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

ati1rvxx.sys -> %SystemRoot%\System32\dllcache\ati1rvxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 63663 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

ati1snxx.sys -> %SystemRoot%\System32\dllcache\ati1snxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 26367 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

ati1ttxx.sys -> %SystemRoot%\System32\dllcache\ati1ttxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 21343 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

ati1tuxx.sys -> %SystemRoot%\System32\dllcache\ati1tuxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 36463 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

ati1xbxx.sys -> %SystemRoot%\System32\dllcache\ati1xbxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 29455 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

ati1xsxx.sys -> %SystemRoot%\System32\dllcache\ati1xsxx.sys -> ATI Technologies Inc. [Ver = 6.13.10.6131 | Size = 34735 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

ati2dvaa.dll -> %SystemRoot%\System32\dllcache\ati2dvaa.dll -> ATI Technologies Inc. [Ver = 6.13.10.5019 | Size = 377984 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

ati2mtaa.sys -> %SystemRoot%\System32\dllcache\ati2mtaa.sys -> ATI Technologies Inc. [Ver = 6.13.10.5019 | Size = 327040 bytes | Modified Date = 8/3/2004 10:29:28 PM | Attr =	]

ati3d1ag.dll -> %SystemRoot%\System32\dllcache\ati3d1ag.dll -> ATI Technologies Inc.  [Ver = 6.14.10.4071 | Size = 870784 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

atibt829.sys -> %SystemRoot%\System32\dllcache\atibt829.sys ->  [Ver =  | Size = 46464 bytes | Modified Date = 8/17/2001 12:49:04 PM | Attr =	]

atidrab.dll -> %SystemRoot%\System32\dllcache\atidrab.dll -> ATI Technologies Inc. [Ver = 5.01.2195.5012 (ReleasedBinaries.010718-0005) | Size = 382592 bytes | Modified Date = 8/17/2001 2:55:58 PM | Attr =	]

atidrae.dll -> %SystemRoot%\System32\dllcache\atidrae.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 137216 bytes | Modified Date = 8/17/2001 2:56:00 PM | Attr =	]

atidvai.dll -> %SystemRoot%\System32\dllcache\atidvai.dll -> ATI Technologies Inc. [Ver = 5.10.2280.1028 (ReleasedBinaries.010715-1631) | Size = 268160 bytes | Modified Date = 8/17/2001 2:56:00 PM | Attr =	]

atimpab.sys -> %SystemRoot%\System32\dllcache\atimpab.sys -> ATI Technologies Inc. [Ver = 5.00.2195.5007 (ReleasedBinaries.010718-0005) | Size = 289664 bytes | Modified Date = 8/17/2001 12:48:56 PM | Attr =	]

atimpae.sys -> %SystemRoot%\System32\dllcache\atimpae.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 75136 bytes | Modified Date = 8/17/2001 12:49:00 PM | Attr =	]

atimtai.sys -> %SystemRoot%\System32\dllcache\atimtai.sys -> ATI Technologies Inc. [Ver = 5.13.01.1140 (ReleasedBinaries.010715-1631) | Size = 281600 bytes | Modified Date = 8/17/2001 12:48:40 PM | Attr =	]

atinbtxx.sys -> %SystemRoot%\System32\dllcache\atinbtxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 57856 bytes | Modified Date = 8/3/2004 10:29:28 PM | Attr =	]

atinmdxx.sys -> %SystemRoot%\System32\dllcache\atinmdxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 13824 bytes | Modified Date = 8/3/2004 10:29:30 PM | Attr =	]

atinpdxx.sys -> %SystemRoot%\System32\dllcache\atinpdxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 14336 bytes | Modified Date = 8/3/2004 10:29:30 PM | Attr =	]

atinraxx.sys -> %SystemRoot%\System32\dllcache\atinraxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 52224 bytes | Modified Date = 8/3/2004 10:29:30 PM | Attr =	]

atinrvxx.sys -> %SystemRoot%\System32\dllcache\atinrvxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 104960 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

atinsnxx.sys -> %SystemRoot%\System32\dllcache\atinsnxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 28672 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

atinttxx.sys -> %SystemRoot%\System32\dllcache\atinttxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 13824 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

atintuxx.sys -> %SystemRoot%\System32\dllcache\atintuxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 73216 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

atinxbxx.sys -> %SystemRoot%\System32\dllcache\atinxbxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 31744 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

atinxsxx.sys -> %SystemRoot%\System32\dllcache\atinxsxx.sys -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 63488 bytes | Modified Date = 8/3/2004 10:29:32 PM | Attr =	]

atipcxxx.sys -> %SystemRoot%\System32\dllcache\atipcxxx.sys ->  [Ver =  | Size = 10240 bytes | Modified Date = 8/17/2001 12:49:36 PM | Attr =	]

atiraged.dll -> %SystemRoot%\System32\dllcache\atiraged.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 104832 bytes | Modified Date = 8/17/2001 2:56:00 PM | Attr =	]

atiragem.sys -> %SystemRoot%\System32\dllcache\atiragem.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 70528 bytes | Modified Date = 8/17/2001 12:48:48 PM | Attr =	]

atirtcap.sys -> %SystemRoot%\System32\dllcache\atirtcap.sys ->  [Ver =  | Size = 49920 bytes | Modified Date = 8/17/2001 12:49:12 PM | Attr =	]

atirtsnd.sys -> %SystemRoot%\System32\dllcache\atirtsnd.sys ->  [Ver =  | Size = 26880 bytes | Modified Date = 8/17/2001 12:49:18 PM | Attr =	]

atitunep.sys -> %SystemRoot%\System32\dllcache\atitunep.sys ->  [Ver =  | Size = 17152 bytes | Modified Date = 8/17/2001 12:49:22 PM | Attr =	]

atitvsnd.sys -> %SystemRoot%\System32\dllcache\atitvsnd.sys ->  [Ver =  | Size = 17152 bytes | Modified Date = 8/17/2001 12:49:28 PM | Attr =	]

ativdaxx.ax -> %SystemRoot%\System32\dllcache\ativdaxx.ax -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 9728 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr =	]

ativmdcd.sys -> %SystemRoot%\System32\dllcache\ativmdcd.sys ->  [Ver =  | Size = 9472 bytes | Modified Date = 8/17/2001 12:49:38 PM | Attr =	]

ativmvxx.ax -> %SystemRoot%\System32\dllcache\ativmvxx.ax -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 23040 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr =	]

ativtmxx.dll -> %SystemRoot%\System32\dllcache\ativtmxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.6238 | Size = 32768 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

ativttxx.sys -> %SystemRoot%\System32\dllcache\ativttxx.sys ->  [Ver =  | Size = 19456 bytes | Modified Date = 8/17/2001 12:49:44 PM | Attr =	]

ativxbar.sys -> %SystemRoot%\System32\dllcache\ativxbar.sys ->  [Ver =  | Size = 26624 bytes | Modified Date = 8/17/2001 12:49:48 PM | Attr =	]

atixbar.sys -> %SystemRoot%\System32\dllcache\atixbar.sys ->  [Ver =  | Size = 23552 bytes | Modified Date = 8/17/2001 12:49:34 PM | Attr =	]

atv01nt5.dll -> %SystemRoot%\System32\dllcache\atv01nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 21183 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

atv02nt5.dll -> %SystemRoot%\System32\dllcache\atv02nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 11359 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

atv04nt5.dll -> %SystemRoot%\System32\dllcache\atv04nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 25471 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

atv06nt5.dll -> %SystemRoot%\System32\dllcache\atv06nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 14143 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

atv10nt5.dll -> %SystemRoot%\System32\dllcache\atv10nt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 17279 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

avmcoxp.dll -> %SystemRoot%\System32\dllcache\avmcoxp.dll -> AVM GmbH [Ver = 2.4 | Size = 87552 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

avmenum.dll -> %SystemRoot%\System32\dllcache\avmenum.dll -> AVM GmbH [Ver = 1, 0, 0, 3 | Size = 144384 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

avmwan.sys -> %SystemRoot%\System32\dllcache\avmwan.sys -> AVM GmbH [Ver = 02.04.00 | Size = 37568 bytes | Modified Date = 8/17/2001 12:13:48 PM | Attr =	]

aztw2320.sys -> %SystemRoot%\System32\dllcache\aztw2320.sys -> Aztech Systems Ltd [Ver = 5.1.2501.0 built by: WinDDK | Size = 36992 bytes | Modified Date = 8/17/2001 12:19:16 PM | Attr =	]

b1cbase.sys -> %SystemRoot%\System32\dllcache\b1cbase.sys -> AVM GmbH [Ver = 5.2 | Size = 89952 bytes | Modified Date = 8/17/2001 12:13:56 PM | Attr =	]

b57xp32.sys -> %SystemRoot%\System32\dllcache\b57xp32.sys -> Broadcom Corporation [Ver = 2.16b.0.0 built by: WinDDK | Size = 96640 bytes | Modified Date = 8/17/2001 12:11:30 PM | Attr =	]

banshee.dll -> %SystemRoot%\System32\dllcache\banshee.dll -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 342336 bytes | Modified Date = 8/17/2001 2:56:00 PM | Attr =	]

banshee.sys -> %SystemRoot%\System32\dllcache\banshee.sys -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 36128 bytes | Modified Date = 8/17/2001 12:48:28 PM | Attr =	]

bcm42u.sys -> %SystemRoot%\System32\dllcache\bcm42u.sys -> Broadcom Corporation [Ver = 2.29.0.8 | Size = 66557 bytes | Modified Date = 8/17/2001 12:11:28 PM | Attr =	]

bcm42xx5.sys -> %SystemRoot%\System32\dllcache\bcm42xx5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 54271 bytes | Modified Date = 8/17/2001 12:11:26 PM | Attr =	]

bcm4e5.sys -> %SystemRoot%\System32\dllcache\bcm4e5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 26568 bytes | Modified Date = 8/17/2001 12:11:30 PM | Attr =	]

bcmdm.sys -> %SystemRoot%\System32\dllcache\bcmdm.sys -> BCM [Ver =  3.2.12.9 07/17/2001 14:21:30 | Size = 871388 bytes | Modified Date = 8/17/2001 1:28:00 PM | Attr =	]

brbidiif.dll -> %SystemRoot%\System32\dllcache\brbidiif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 19456 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

brcoinst.dll -> %SystemRoot%\System32\dllcache\brcoinst.dll -> Brother Industries Ltd. [Ver = 1.0.0.8 (Lab06_N.010129-0357) | Size = 9728 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

brevif.dll -> %SystemRoot%\System32\dllcache\brevif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 12800 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

brfilt.sys -> %SystemRoot%\System32\dllcache\brfilt.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 2944 bytes | Modified Date = 8/17/2001 1:12:12 PM | Attr =	]

brfiltlo.sys -> %SystemRoot%\System32\dllcache\brfiltlo.sys -> Brother Industries, Ltd. [Ver = 1.09.000 (Lab06_N.010129-0357) | Size = 12160 bytes | Modified Date = 8/17/2001 1:12:22 PM | Attr =	]

brfiltup.sys -> %SystemRoot%\System32\dllcache\brfiltup.sys -> Brother Industries, Ltd. [Ver = 1.04.000 (Lab06_N.010129-0357) | Size = 3968 bytes | Modified Date = 8/17/2001 1:12:24 PM | Attr =	]

brmfbidi.dll -> %SystemRoot%\System32\dllcache\brmfbidi.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 15360 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

brmflpt.dll -> %SystemRoot%\System32\dllcache\brmflpt.dll -> Brother Industries, Ltd. [Ver = 1.45.15.346 | Size = 29696 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

brmfrsmg.exe -> %SystemRoot%\System32\dllcache\brmfrsmg.exe -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 32256 bytes | Modified Date = 8/17/2001 10:36:38 PM | Attr =	]

brmfusb.dll -> %SystemRoot%\System32\dllcache\brmfusb.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 41472 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

brparimg.sys -> %SystemRoot%\System32\dllcache\brparimg.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 3168 bytes | Modified Date = 8/17/2001 1:12:24 PM | Attr =	]

brparwdm.sys -> %SystemRoot%\System32\dllcache\brparwdm.sys -> Brother Industries Ltd. [Ver = 1.00 | Size = 39552 bytes | Modified Date = 8/17/2001 1:12:18 PM | Attr =	]

brscnrsm.dll -> %SystemRoot%\System32\dllcache\brscnrsm.dll -> Brother Industries,Ltd. [Ver = 1.0.0.14 | Size = 5120 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

brserif.dll -> %SystemRoot%\System32\dllcache\brserif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9728 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

brserwdm.sys -> %SystemRoot%\System32\dllcache\brserwdm.sys -> Brother Industries Ltd. [Ver = 1.0.0.15 (Lab06_N.010129-0357) | Size = 60416 bytes | Modified Date = 8/17/2001 1:12:20 PM | Attr =	]

brusbmdm.sys -> %SystemRoot%\System32\dllcache\brusbmdm.sys -> Brother Industries Ltd. [Ver = 1,0,0,7 (Lab06_N.010129-0357) | Size = 11008 bytes | Modified Date = 8/17/2001 1:12:20 PM | Attr =	]

brusbscn.sys -> %SystemRoot%\System32\dllcache\brusbscn.sys -> Brother Industries Ltd. [Ver = 1,0,0,6 (Lab06_N.010129-0357) | Size = 10368 bytes | Modified Date = 8/17/2001 1:12:22 PM | Attr =	]

brzwlan.sys -> %SystemRoot%\System32\dllcache\brzwlan.sys -> BreezeCOM [Ver = 4.4.1.18 | Size = 31529 bytes | Modified Date = 8/17/2001 12:11:24 PM | Attr =	]

cb102.sys -> %SystemRoot%\System32\dllcache\cb102.sys -> Fast Ethernet Controller Provider [Ver = 2.20.0.0 | Size = 37916 bytes | Modified Date = 8/17/2001 12:12:16 PM | Attr =	]

cb325.sys -> %SystemRoot%\System32\dllcache\cb325.sys -> Silicom Ltd. [Ver = 4.106.24 | Size = 39680 bytes | Modified Date = 8/17/2001 12:12:42 PM | Attr =	]

cben5.sys -> %SystemRoot%\System32\dllcache\cben5.sys -> Xircom, Inc. [Ver = 3.14.05.00 | Size = 46108 bytes | Modified Date = 8/17/2001 12:13:14 PM | Attr =	]

cbmdmkxx.sys -> %SystemRoot%\System32\dllcache\cbmdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714698 bytes | Modified Date = 8/17/2001 1:28:16 PM | Attr =	]

ce2n5.sys -> %SystemRoot%\System32\dllcache\ce2n5.sys -> Xircom, Inc. [Ver = 3.06.04.00 | Size = 21530 bytes | Modified Date = 8/17/2001 12:13:12 PM | Attr =	]

ce3n5.sys -> %SystemRoot%\System32\dllcache\ce3n5.sys -> Xircom, Inc. [Ver = 2.11.01.00 | Size = 27164 bytes | Modified Date = 8/17/2001 12:13:20 PM | Attr =	]

cem28n5.sys -> %SystemRoot%\System32\dllcache\cem28n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Modified Date = 8/17/2001 12:13:18 PM | Attr =	]

cem33n5.sys -> %SystemRoot%\System32\dllcache\cem33n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Modified Date = 8/17/2001 12:13:18 PM | Attr =	]

cem56n5.sys -> %SystemRoot%\System32\dllcache\cem56n5.sys -> Xircom, Inc. [Ver = 2.70.02.00 | Size = 49182 bytes | Modified Date = 8/17/2001 12:13:20 PM | Attr =	]

ch7xxnt5.dll -> %SystemRoot%\System32\dllcache\ch7xxnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 15423 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

cicap.sys -> %SystemRoot%\System32\dllcache\cicap.sys -> Xircom [Ver = 4.0.0.41 | Size = 980034 bytes | Modified Date = 8/17/2001 12:13:38 PM | Attr =	]

cinemclc.sys -> %SystemRoot%\System32\dllcache\cinemclc.sys -> RAVISENT Technologies Inc. [Ver = 5.0.00.0081 | Size = 272640 bytes | Modified Date = 8/17/2001 2:02:48 PM | Attr =	]

cmbp0wdm.sys -> %SystemRoot%\System32\dllcache\cmbp0wdm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 20736 bytes | Modified Date = 8/17/2001 1:51:04 PM | Attr =	]

cmdide.sys -> %SystemRoot%\System32\dllcache\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 8/17/2001 1:51:54 PM | Attr =	]

cnxt1803.sys -> %SystemRoot%\System32\dllcache\cnxt1803.sys -> Conexant Systems, Inc. [Ver = V1.15.7 | Size = 39936 bytes | Modified Date = 8/17/2001 12:11:42 PM | Attr =	]

cpqndis5.sys -> %SystemRoot%\System32\dllcache\cpqndis5.sys -> Compaq Computer Corporation [Ver = 3.06.04.00 | Size = 21533 bytes | Modified Date = 8/17/2001 12:13:14 PM | Attr =	]

cpqtrnd5.sys -> %SystemRoot%\System32\dllcache\cpqtrnd5.sys -> Compaq Computer Corp. [Ver = 5.84.02 | Size = 60970 bytes | Modified Date = 8/17/2001 12:11:32 PM | Attr =	]

cpscan.dll -> %SystemRoot%\System32\dllcache\cpscan.dll -> COMPAQ Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Modified Date = 8/17/2001 10:36:10 PM | Attr =	]

crtaud.sys -> %SystemRoot%\System32\dllcache\crtaud.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 42112 bytes | Modified Date = 8/17/2001 12:19:18 PM | Attr =	]

ctlfacem.sys -> %SystemRoot%\System32\dllcache\ctlfacem.sys -> Creative Technology Ltd. [Ver = 5.12.01.2108 built by: WinDDK | Size = 6912 bytes | Modified Date = 8/17/2001 12:19:28 PM | Attr =	]

ctljystk.sys -> %SystemRoot%\System32\dllcache\ctljystk.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3712 bytes | Modified Date = 8/17/2001 12:19:20 PM | Attr =	]

ctlsb16.sys -> %SystemRoot%\System32\dllcache\ctlsb16.sys -> Copyright © Creative Technology Ltd. 1994-2001 [Ver = 5.1.2501.0 built by: WinDDK | Size = 96256 bytes | Modified Date = 8/17/2001 12:19:20 PM | Attr =	]

ctmasetp.dll -> %SystemRoot%\System32\dllcache\ctmasetp.dll -> Comtrol® Corporation [Ver = 5.1.2600.2180 | Size = 249856 bytes | Modified Date = 8/4/2004 12:56:42 AM | Attr =	]

ctwdm32.dll -> %SystemRoot%\System32\dllcache\ctwdm32.dll -> Creative Technology Ltd. [Ver = 5.0.0.2001 | Size = 4096 bytes | Modified Date = 8/17/2001 10:36:12 PM | Attr =	]

cwbase.sys -> %SystemRoot%\System32\dllcache\cwbase.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Modified Date = 8/17/2001 12:19:24 PM | Attr =	]

cwbmidi.sys -> %SystemRoot%\System32\dllcache\cwbmidi.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Modified Date = 8/17/2001 12:19:26 PM | Attr =	]

cwbwdm.sys -> %SystemRoot%\System32\dllcache\cwbwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72832 bytes | Modified Date = 8/17/2001 12:19:28 PM | Attr =	]

cwcosnt5.sys -> %SystemRoot%\System32\dllcache\cwcosnt5.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3584 bytes | Modified Date = 8/17/2001 12:19:30 PM | Attr =	]

cwcspud.sys -> %SystemRoot%\System32\dllcache\cwcspud.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 111872 bytes | Modified Date = 8/17/2001 12:19:36 PM | Attr =	]

cwcwdm.sys -> %SystemRoot%\System32\dllcache\cwcwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 93952 bytes | Modified Date = 8/17/2001 12:19:48 PM | Attr =	]

cwrwdm.sys -> %SystemRoot%\System32\dllcache\cwrwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.2.3790.0 built by: WinDDK | Size = 48640 bytes | Modified Date = 8/3/2004 10:32:26 PM | Attr =	]

d100ib5.sys -> %SystemRoot%\System32\dllcache\d100ib5.sys -> Intel Corporation [Ver = 5.41.17.0000 built by: WinDDK | Size = 117760 bytes | Modified Date = 8/17/2001 12:12:02 PM | Attr =	]

dac2w2k.sys -> %SystemRoot%\System32\dllcache\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 8/17/2001 1:52:16 PM | Attr =	]

dc21x4.sys -> %SystemRoot%\System32\dllcache\dc21x4.sys -> Intel Corporation. [Ver = 5.05.04 | Size = 63208 bytes | Modified Date = 8/17/2001 12:12:02 PM | Attr =	]

defpa.sys -> %SystemRoot%\System32\dllcache\defpa.sys -> Digital Networks, LLC [Ver = 5.5 built by: WinDDK | Size = 20928 bytes | Modified Date = 8/17/2001 12:11:44 PM | Attr =	]

devcon32.dll -> %SystemRoot%\System32\dllcache\devcon32.dll -> Creative Technology Ltd. [Ver = 4.06.651 | Size = 256512 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

devldr32.exe -> %SystemRoot%\System32\dllcache\devldr32.exe -> Creative Technology Ltd. [Ver = 1, 0, 0, 17 | Size = 24064 bytes | Modified Date = 8/17/2001 10:36:42 PM | Attr =	]

dfe650.sys -> %SystemRoot%\System32\dllcache\dfe650.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24648 bytes | Modified Date = 8/17/2001 12:11:48 PM | Attr =	]

dfe650d.sys -> %SystemRoot%\System32\dllcache\dfe650d.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24649 bytes | Modified Date = 8/17/2001 12:11:48 PM | Attr =	]

dgapci.sys -> %SystemRoot%\System32\dllcache\dgapci.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 29531 bytes | Modified Date = 8/17/2001 12:17:20 PM | Attr =	]

dgconfig.dll -> %SystemRoot%\System32\dllcache\dgconfig.dll -> Digi International [Ver = v3.7.3.0 | Size = 419357 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

diapi2.sys -> %SystemRoot%\System32\dllcache\diapi2.sys -> Eicon Technology [Ver = 1.0.1.390 | Size = 164923 bytes | Modified Date = 8/17/2001 12:13:48 PM | Attr =	]

diapi2NT.dll -> %SystemRoot%\System32\dllcache\diapi2NT.dll -> Eicon Technology Corporation [Ver = 2.10 101-390 | Size = 32256 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

digiasyn.dll -> %SystemRoot%\System32\dllcache\digiasyn.dll -> Digi International Inc. [Ver = 3.10 | Size = 65622 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

digiasyn.sys -> %SystemRoot%\System32\dllcache\digiasyn.sys -> Digi International Inc. [Ver = 3.10 | Size = 37735 bytes | Modified Date = 8/17/2001 12:13:36 PM | Attr =	]

digidbp.dll -> %SystemRoot%\System32\dllcache\digidbp.dll -> Digi International Inc. [Ver = 3.10 | Size = 131156 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

digidxb.sys -> %SystemRoot%\System32\dllcache\digidxb.sys -> Digi International Inc. [Ver = 3.10 | Size = 103044 bytes | Modified Date = 8/17/2001 12:13:52 PM | Attr =	]

digifep5.sys -> %SystemRoot%\System32\dllcache\digifep5.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 90525 bytes | Modified Date = 8/17/2001 12:17:40 PM | Attr =	]

digifwrk.dll -> %SystemRoot%\System32\dllcache\digifwrk.dll -> Digi International Inc. [Ver = 3.10 | Size = 229462 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

digihlc.dll -> %SystemRoot%\System32\dllcache\digihlc.dll -> Digi International Inc. [Ver = 3.10 | Size = 159828 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

digiinf.dll -> %SystemRoot%\System32\dllcache\digiinf.dll -> Digi International Inc. [Ver = 3.10 | Size = 102484 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

digiisdn.dll -> %SystemRoot%\System32\dllcache\digiisdn.dll -> Digi International Inc. [Ver = 3.10 | Size = 41046 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

digiisdn.sys -> %SystemRoot%\System32\dllcache\digiisdn.sys -> Digi International Inc. [Ver = 3.10 | Size = 21606 bytes | Modified Date = 8/17/2001 12:14:44 PM | Attr =	]

digirlpt.dll -> %SystemRoot%\System32\dllcache\digirlpt.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 110621 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

digirlpt.sys -> %SystemRoot%\System32\dllcache\digirlpt.sys -> Digi International, Inc. [Ver = 2.3.7 | Size = 42432 bytes | Modified Date = 8/17/2001 12:17:44 PM | Attr =	]

digiview.exe -> %SystemRoot%\System32\dllcache\digiview.exe -> Digi International Inc. [Ver = 3.10 | Size = 614429 bytes | Modified Date = 8/17/2001 10:36:42 PM | Attr =	]

dimaint.sys -> %SystemRoot%\System32\dllcache\dimaint.sys -> Eicon Technology [Ver = 2.0.1.315 | Size = 91305 bytes | Modified Date = 8/17/2001 12:13:52 PM | Attr =	]

disrvci.dll -> %SystemRoot%\System32\dllcache\disrvci.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 6729 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

disrvpp.dll -> %SystemRoot%\System32\dllcache\disrvpp.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 31305 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

disrvsu.dll -> %SystemRoot%\System32\dllcache\disrvsu.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 38985 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

ditrace.exe -> %SystemRoot%\System32\dllcache\ditrace.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 236060 bytes | Modified Date = 8/17/2001 10:36:42 PM | Attr =	]

divaci.dll -> %SystemRoot%\System32\dllcache\divaci.dll ->  [Ver =  | Size = 6216 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

divaprop.dll -> %SystemRoot%\System32\dllcache\divaprop.dll ->  [Ver =  | Size = 37962 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

divasu.dll -> %SystemRoot%\System32\dllcache\divasu.dll ->  [Ver =  | Size = 29768 bytes | Modified Date = 8/17/2001 10:36:14 PM | Attr =	]

diwan.sys -> %SystemRoot%\System32\dllcache\diwan.sys -> Eicon Technology [Ver = 2.0.1.700 | Size = 952007 bytes | Modified Date = 8/17/2001 12:14:52 PM | Attr =	]

dlh5xnd5.sys -> %SystemRoot%\System32\dllcache\dlh5xnd5.sys -> D-Link Corporation [Ver = v2.5.4 | Size = 26698 bytes | Modified Date = 8/17/2001 12:11:44 PM | Attr =	]

dm9pci5.sys -> %SystemRoot%\System32\dllcache\dm9pci5.sys -> CNet Technology, Inc.													 [Ver = 1.23.01.0228 built by: WinDDK | Size = 29696 bytes | Modified Date = 8/17/2001 12:11:42 PM | Attr =	]

dp83820.sys -> %SystemRoot%\System32\dllcache\dp83820.sys -> National Semiconductor Coproration [Ver = 5.0.4.17 | Size = 28062 bytes | Modified Date = 8/17/2001 12:12:32 PM | Attr =	]

ds1wdm.sys -> %SystemRoot%\System32\dllcache\ds1wdm.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 334208 bytes | Modified Date = 8/17/2001 12:20:18 PM | Attr =	]

e1000nt5.sys -> %SystemRoot%\System32\dllcache\e1000nt5.sys -> Intel Corporation [Ver = 2.94.294.0 | Size = 50719 bytes | Modified Date = 8/17/2001 12:12:08 PM | Attr =	]

e100b325.sys -> %SystemRoot%\System32\dllcache\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Modified Date = 8/17/2001 12:12:10 PM | Attr =	]

e100isa4.sys -> %SystemRoot%\System32\dllcache\e100isa4.sys -> Intel Corporation [Ver = 5.0.5.0 | Size = 19594 bytes | Modified Date = 8/17/2001 12:12:12 PM | Attr =	]

el515.sys -> %SystemRoot%\System32\dllcache\el515.sys -> 3Com Corporation [Ver = 1.08.03 | Size = 44103 bytes | Modified Date = 8/17/2001 12:10:50 PM | Attr =	]

el556nd5.sys -> %SystemRoot%\System32\dllcache\el556nd5.sys -> 3Com Corporation [Ver = 1.21.00.001 | Size = 55999 bytes | Modified Date = 8/17/2001 12:10:56 PM | Attr =	]

el574nd4.sys -> %SystemRoot%\System32\dllcache\el574nd4.sys -> 3Com Corporation [Ver = 2.00.03.4001 | Size = 24653 bytes | Modified Date = 8/17/2001 12:10:56 PM | Attr =	]

el575nd5.sys -> %SystemRoot%\System32\dllcache\el575nd5.sys -> 3Com Corporation [Ver = 2.60.5000.0020 | Size = 69692 bytes | Modified Date = 8/17/2001 12:10:58 PM | Attr =	]

el589nd5.sys -> %SystemRoot%\System32\dllcache\el589nd5.sys -> 3Com Corporation [Ver = 2.50.50.0033 | Size = 26141 bytes | Modified Date = 8/17/2001 12:10:52 PM | Attr =	]

el656cd5.sys -> %SystemRoot%\System32\dllcache\el656cd5.sys -> 3Com Corporation [Ver = 3.00.5000.0004 | Size = 69194 bytes | Modified Date = 8/17/2001 12:11:00 PM | Attr =	]

el656ct5.sys -> %SystemRoot%\System32\dllcache\el656ct5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 634134 bytes | Modified Date = 8/17/2001 1:28:00 PM | Attr =	]

el656nd5.sys -> %SystemRoot%\System32\dllcache\el656nd5.sys -> 3Com Corporation [Ver = 1.50.5000.0007 | Size = 77386 bytes | Modified Date = 8/17/2001 12:11:00 PM | Attr =	]

el656se5.sys -> %SystemRoot%\System32\dllcache\el656se5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 241206 bytes | Modified Date = 8/17/2001 1:28:00 PM | Attr =	]

el90xbc5.sys -> %SystemRoot%\System32\dllcache\el90xbc5.sys -> 3Com Corporation [Ver = 4.05.00.0000 | Size = 66591 bytes | Modified Date = 8/17/2001 12:11:06 PM | Attr =	]

el90xnd5.sys -> %SystemRoot%\System32\dllcache\el90xnd5.sys -> 3Com Corporation [Ver = 3.60.50.008 | Size = 153631 bytes | Modified Date = 8/17/2001 12:11:02 PM | Attr =	]

el985n51.sys -> %SystemRoot%\System32\dllcache\el985n51.sys -> 3Com Corporation. [Ver = 1.17.34.4 | Size = 455199 bytes | Modified Date = 8/17/2001 12:11:12 PM | Attr =	]

el98xn5.sys -> %SystemRoot%\System32\dllcache\el98xn5.sys -> 3Com Corporation [Ver = 4.0.0.13 | Size = 70174 bytes | Modified Date = 8/17/2001 12:11:04 PM | Attr =	]

el99xn51.sys -> %SystemRoot%\System32\dllcache\el99xn51.sys -> 3Com Corporation [Ver = 2.00.00.0030 built by: WinDDK | Size = 171520 bytes | Modified Date = 8/17/2001 12:11:08 PM | Attr =	]

elnk3.sys -> %SystemRoot%\System32\dllcache\elnk3.sys -> 3Com Corporation [Ver = 5.32.40 | Size = 25159 bytes | Modified Date = 8/17/2001 12:10:52 PM | Attr =	]

em556n4.sys -> %SystemRoot%\System32\dllcache\em556n4.sys -> 3Com Corporation [Ver = 1.10.02 | Size = 19996 bytes | Modified Date = 8/17/2001 12:10:54 PM | Attr =	]

emu10k1m.sys -> %SystemRoot%\System32\dllcache\emu10k1m.sys -> Creative Technology Ltd. [Ver = 5.12.01.3300 built by: WinDDK | Size = 283904 bytes | Modified Date = 8/17/2001 12:19:26 PM | Attr =	]

epro4.sys -> %SystemRoot%\System32\dllcache\epro4.sys -> Intel Corporation [Ver = 3.70.00.0000 | Size = 18503 bytes | Modified Date = 8/17/2001 12:12:08 PM | Attr =	]

eqn.sys -> %SystemRoot%\System32\dllcache\eqn.sys -> Equinox Systems Inc. [Ver = 5.0.U72 Intel built by: WinDDK | Size = 629952 bytes | Modified Date = 8/17/2001 12:17:40 PM | Attr =	]

eqndiag.exe -> %SystemRoot%\System32\dllcache\eqndiag.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 53248 bytes | Modified Date = 8/17/2001 10:36:44 PM | Attr =	]

eqnlogr.exe -> %SystemRoot%\System32\dllcache\eqnlogr.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 51200 bytes | Modified Date = 8/17/2001 10:36:44 PM | Attr =	]

eqnloop.exe -> %SystemRoot%\System32\dllcache\eqnloop.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 61952 bytes | Modified Date = 8/17/2001 10:36:44 PM | Attr =	]

es1370mp.sys -> %SystemRoot%\System32\dllcache\es1370mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 37120 bytes | Modified Date = 8/17/2001 12:19:38 PM | Attr =	]

es1371mp.sys -> %SystemRoot%\System32\dllcache\es1371mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 40704 bytes | Modified Date = 8/17/2001 12:19:34 PM | Attr =	]

es1969.sys -> %SystemRoot%\System32\dllcache\es1969.sys -> ESS Technology Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72192 bytes | Modified Date = 8/17/2001 12:19:58 PM | Attr =	]

es198x.sys -> %SystemRoot%\System32\dllcache\es198x.sys -> ESS Technology, Inc. [Ver = 5.1.2526.0 built by: WinDDK | Size = 174464 bytes | Modified Date = 8/17/2001 12:19:48 PM | Attr =	]

es56cvmp.sys -> %SystemRoot%\System32\dllcache\es56cvmp.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 595647 bytes | Modified Date = 8/17/2001 1:28:02 PM | Attr =	]

es56hpi.sys -> %SystemRoot%\System32\dllcache\es56hpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 594238 bytes | Modified Date = 8/17/2001 1:28:04 PM | Attr =	]

es56tpi.sys -> %SystemRoot%\System32\dllcache\es56tpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 347550 bytes | Modified Date = 8/17/2001 1:28:04 PM | Attr =	]

ess.sys -> %SystemRoot%\System32\dllcache\ess.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 63360 bytes | Modified Date = 8/17/2001 12:19:56 PM | Attr =	]

essm2e.sys -> %SystemRoot%\System32\dllcache\essm2e.sys -> ESS Technology, Inc. [Ver = 5.1.3612.0 built by: WinDDK | Size = 137088 bytes | Modified Date = 8/3/2004 10:32:28 PM | Attr =	]

esucm.dll -> %SystemRoot%\System32\dllcache\esucm.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 43008 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

esuimg.dll -> %SystemRoot%\System32\dllcache\esuimg.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 34816 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

esuni.dll -> %SystemRoot%\System32\dllcache\esuni.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

esunib.dll -> %SystemRoot%\System32\dllcache\esunib.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

ex10.sys -> %SystemRoot%\System32\dllcache\ex10.sys -> Intel Corporation [Ver = 1.51.00.0000 | Size = 16998 bytes | Modified Date = 8/17/2001 12:12:08 PM | Attr =	]

f3ab18xi.sys -> %SystemRoot%\System32\dllcache\f3ab18xi.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 12362 bytes | Modified Date = 8/17/2001 12:11:54 PM | Attr =	]

f3ab18xj.sys -> %SystemRoot%\System32\dllcache\f3ab18xj.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 11850 bytes | Modified Date = 8/17/2001 12:11:56 PM | Attr =	]

fa312nd5.sys -> %SystemRoot%\System32\dllcache\fa312nd5.sys -> NETGEAR Corp. [Ver = 5.00.119.0 | Size = 16074 bytes | Modified Date = 8/17/2001 12:12:32 PM | Attr =	]

fa410nd5.sys -> %SystemRoot%\System32\dllcache\fa410nd5.sys -> NETGEAR [Ver = 5.00.2128.1 | Size = 24618 bytes | Modified Date = 8/17/2001 12:12:32 PM | Attr =	]

fem556n5.sys -> %SystemRoot%\System32\dllcache\fem556n5.sys -> 3Com Corporation [Ver = 1.01.08.6001 | Size = 22090 bytes | Modified Date = 8/17/2001 12:10:54 PM | Attr =	]

fetnd5.sys -> %SystemRoot%\System32\dllcache\fetnd5.sys -> VIA Technologies, Inc.			   [Ver = 2.66 | Size = 27165 bytes | Modified Date = 8/17/2001 12:13:08 PM | Attr =	]

forehe.sys -> %SystemRoot%\System32\dllcache\forehe.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 34173 bytes | Modified Date = 8/3/2004 10:31:24 PM | Attr =	]

fpcibase.sys -> %SystemRoot%\System32\dllcache\fpcibase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 444416 bytes | Modified Date = 8/17/2001 12:14:24 PM | Attr =	]

fpcmbase.sys -> %SystemRoot%\System32\dllcache\fpcmbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 441728 bytes | Modified Date = 8/17/2001 12:14:44 PM | Attr =	]

fpnpbase.sys -> %SystemRoot%\System32\dllcache\fpnpbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 442240 bytes | Modified Date = 8/17/2001 12:15:02 PM | Attr =	]

fus2base.sys -> %SystemRoot%\System32\dllcache\fus2base.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455680 bytes | Modified Date = 8/17/2001 12:15:22 PM | Attr =	]

fusbbase.sys -> %SystemRoot%\System32\dllcache\fusbbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455296 bytes | Modified Date = 8/17/2001 12:15:38 PM | Attr =	]

fxusbase.sys -> %SystemRoot%\System32\dllcache\fxusbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 454912 bytes | Modified Date = 8/17/2001 12:15:56 PM | Attr =	]

g200d.dll -> %SystemRoot%\System32\dllcache\g200d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 470144 bytes | Modified Date = 8/17/2001 2:56:00 PM | Attr =	]

g200m.sys -> %SystemRoot%\System32\dllcache\g200m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Modified Date = 8/17/2001 12:49:34 PM | Attr =	]

g400d.dll -> %SystemRoot%\System32\dllcache\g400d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 1733120 bytes | Modified Date = 8/17/2001 2:56:00 PM | Attr =	]

g400m.sys -> %SystemRoot%\System32\dllcache\g400m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 322432 bytes | Modified Date = 8/17/2001 12:49:42 PM | Attr =	]

gpr400.sys -> %SystemRoot%\System32\dllcache\gpr400.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 17408 bytes | Modified Date = 8/17/2001 1:51:06 PM | Attr =	]

grclass.sys -> %SystemRoot%\System32\dllcache\grclass.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 82304 bytes | Modified Date = 8/17/2001 1:51:20 PM | Attr =	]

grserial.sys -> %SystemRoot%\System32\dllcache\grserial.sys -> Gemplus [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 28288 bytes | Modified Date = 8/3/2004 10:59:20 PM | Attr =	]

hcf_msft.sys -> %SystemRoot%\System32\dllcache\hcf_msft.sys -> Conexant [Ver = 2.1.2.171.021.003 | Size = 907456 bytes | Modified Date = 8/17/2001 1:28:02 PM | Attr =	]

hpgt21.dll -> %SystemRoot%\System32\dllcache\hpgt21.dll ->  [Ver = 1, 0, 0, 1 | Size = 83968 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

hpgt33.dll -> %SystemRoot%\System32\dllcache\hpgt33.dll ->  [Ver = 1, 0, 0, 1 | Size = 89088 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

hpgt34.dll -> %SystemRoot%\System32\dllcache\hpgt34.dll ->  [Ver = 1, 0, 0, 1 | Size = 101376 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

hpgt34tk.dll -> %SystemRoot%\System32\dllcache\hpgt34tk.dll -> Hewlett Packard [Ver = 4.11.2000.0 | Size = 126976 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

hpgt42.dll -> %SystemRoot%\System32\dllcache\hpgt42.dll ->  [Ver = 1, 0, 0, 1 | Size = 93696 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

hpgt53.dll -> %SystemRoot%\System32\dllcache\hpgt53.dll ->  [Ver = 1, 0, 0, 1 | Size = 165888 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

hpgt53tk.dll -> %SystemRoot%\System32\dllcache\hpgt53tk.dll -> Avisioin [Ver = 1,0,7,0210 | Size = 68608 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

hsfbs2s2.sys -> %SystemRoot%\System32\dllcache\hsfbs2s2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 220032 bytes | Modified Date = 8/3/2004 10:41:48 PM | Attr =	]

hsfcisp2.dll -> %SystemRoot%\System32\dllcache\hsfcisp2.dll -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 32285 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr =	]

hsfcxts2.sys -> %SystemRoot%\System32\dllcache\hsfcxts2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Modified Date = 8/3/2004 10:41:50 PM | Attr =	]

hsfdpsp2.sys -> %SystemRoot%\System32\dllcache\hsfdpsp2.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Modified Date = 8/3/2004 10:41:56 PM | Attr =	]

hsf_amos.sys -> %SystemRoot%\System32\dllcache\hsf_amos.sys -> Conexant [Ver = 3.05.12.04 | Size = 150239 bytes | Modified Date = 8/17/2001 1:28:04 PM | Attr =	]

hsf_bsc2.sys -> %SystemRoot%\System32\dllcache\hsf_bsc2.sys -> Conexant [Ver = 3.05.12.04 | Size = 67167 bytes | Modified Date = 8/17/2001 1:28:04 PM | Attr =	]

hsf_fall.sys -> %SystemRoot%\System32\dllcache\hsf_fall.sys -> Conexant [Ver = 3.05.12.04 | Size = 289887 bytes | Modified Date = 8/17/2001 1:28:06 PM | Attr =	]

hsf_faxx.sys -> %SystemRoot%\System32\dllcache\hsf_faxx.sys -> Conexant [Ver = 3.05.12.04 | Size = 199711 bytes | Modified Date = 8/17/2001 1:28:06 PM | Attr =	]

hsf_fsks.sys -> %SystemRoot%\System32\dllcache\hsf_fsks.sys -> Conexant [Ver = 3.05.12.04 | Size = 115807 bytes | Modified Date = 8/17/2001 1:28:06 PM | Attr =	]

hsf_inst.dll -> %SystemRoot%\System32\dllcache\hsf_inst.dll -> Conexant [Ver = 3.05.12.04 | Size = 9759 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

hsf_k56k.sys -> %SystemRoot%\System32\dllcache\hsf_k56k.sys -> Conexant [Ver = 3.05.12.04 | Size = 391199 bytes | Modified Date = 8/17/2001 1:28:08 PM | Attr =	]

hsf_msft.sys -> %SystemRoot%\System32\dllcache\hsf_msft.sys -> Conexant [Ver = 3.05.12.06 | Size = 542879 bytes | Modified Date = 8/17/2001 1:28:10 PM | Attr =	]

hsf_samp.sys -> %SystemRoot%\System32\dllcache\hsf_samp.sys -> Conexant [Ver = 3.05.12.05 | Size = 57471 bytes | Modified Date = 8/17/2001 1:28:10 PM | Attr =	]

hsf_soar.sys -> %SystemRoot%\System32\dllcache\hsf_soar.sys -> Conexant [Ver = 3.05.12.05 | Size = 44863 bytes | Modified Date = 8/17/2001 1:28:10 PM | Attr =	]

hsf_spkp.sys -> %SystemRoot%\System32\dllcache\hsf_spkp.sys -> Conexant [Ver = 3.05.12.04 | Size = 73279 bytes | Modified Date = 8/17/2001 1:28:10 PM | Attr =	]

hsf_tone.sys -> %SystemRoot%\System32\dllcache\hsf_tone.sys -> Conexant [Ver = 3.05.12.04 | Size = 50751 bytes | Modified Date = 8/17/2001 1:28:12 PM | Attr =	]

hsf_v124.sys -> %SystemRoot%\System32\dllcache\hsf_v124.sys -> Conexant [Ver = 3.05.12.04 | Size = 488383 bytes | Modified Date = 8/17/2001 1:28:12 PM | Attr =	]

i740dnt5.dll -> %SystemRoot%\System32\dllcache\i740dnt5.dll -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 353184 bytes | Modified Date = 8/17/2001 2:56:00 PM | Attr =	]

i740nt5.sys -> %SystemRoot%\System32\dllcache\i740nt5.sys -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 58592 bytes | Modified Date = 8/17/2001 12:49:06 PM | Attr =	]

i81xdnt5.dll -> %SystemRoot%\System32\dllcache\i81xdnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 702845 bytes | Modified Date = 8/4/2004 12:56:44 AM | Attr =	]

i81xnt5.sys -> %SystemRoot%\System32\dllcache\i81xnt5.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 161020 bytes | Modified Date = 8/3/2004 10:29:38 PM | Attr =	]

ibmexmp.sys -> %SystemRoot%\System32\dllcache\ibmexmp.sys -> IBM Corp. [Ver = 3.14.00.0000 | Size = 28700 bytes | Modified Date = 8/17/2001 12:11:58 PM | Attr =	]

ibmsgnet.dll -> %SystemRoot%\System32\dllcache\ibmsgnet.dll -> IBM Corporation [Ver = 1.00.00.0000 | Size = 9216 bytes | Modified Date = 8/17/2001 10:34:30 PM | Attr =	]

ibmtok.sys -> %SystemRoot%\System32\dllcache\ibmtok.sys -> IBM Corporation [Ver = 12.23.04.0050 | Size = 100936 bytes | Modified Date = 8/17/2001 12:12:00 PM | Attr =	]

ibmtrp.sys -> %SystemRoot%\System32\dllcache\ibmtrp.sys -> IBM Corporation [Ver = 5.33.02.0050 | Size = 109085 bytes | Modified Date = 8/17/2001 12:12:02 PM | Attr =	]

iconf32.dll -> %SystemRoot%\System32\dllcache\iconf32.dll -> Xircom [Ver = 1.1.0.11 | Size = 372824 bytes | Modified Date = 8/17/2001 10:36:16 PM | Attr =	]

io8.sys -> %SystemRoot%\System32\dllcache\io8.sys -> Perle Systems Ltd.  [Ver = 1.0.1.0022 (XPClient.010817-1148) | Size = 38784 bytes | Modified Date = 8/17/2001 1:50:56 PM | Attr =	]

io8ports.dll -> %SystemRoot%\System32\dllcache\io8ports.dll -> Perle Systems Ltd.  [Ver = 1.0.0.0008 | Size = 90200 bytes | Modified Date = 8/17/2001 10:36:18 PM | Attr =	]

ip5515.sys -> %SystemRoot%\System32\dllcache\ip5515.sys -> Interphase ® Corporation a Windows ® 2000 DDK Driver Provider [Ver = 5.1.2257.1 built by: Administrator | Size = 45632 bytes | Modified Date = 8/17/2001 12:12:12 PM | Attr =	]

irmk7.sys -> %SystemRoot%\System32\dllcache\irmk7.sys -> MKNet Corporation [Ver = 4.1.0 | Size = 23552 bytes | Modified Date = 8/17/2001 1:49:04 PM | Attr =	]

irstusb.sys -> %SystemRoot%\System32\dllcache\irstusb.sys -> SigmaTel, Inc. [Ver = 1, 20, 0, 0 | Size = 26624 bytes | Modified Date = 8/17/2001 1:49:10 PM | Attr =	]

ktc111.sys -> %SystemRoot%\System32\dllcache\ktc111.sys -> Kingston Technology Company															  [Ver = 2.00 | Size = 19016 bytes | Modified Date = 8/17/2001 12:12:14 PM | Attr =	]

lanepic5.sys -> %SystemRoot%\System32\dllcache\lanepic5.sys -> SMSC [Ver = 3.40.0000.0000 | Size = 26442 bytes | Modified Date = 8/17/2001 12:12:50 PM | Attr =	]

lbrtfdc.sys -> %SystemRoot%\System32\dllcache\lbrtfdc.sys -> Toshiba Corp. [Ver = Version 5.10.3 (xpsp_sp2_rtm.040803-2158) | Size = 34688 bytes | Modified Date = 8/3/2004 10:59:34 PM | Attr =	]

lit220p.sys -> %SystemRoot%\System32\dllcache\lit220p.sys -> Litronic Industries [Ver = 1 | Size = 15744 bytes | Modified Date = 8/17/2001 1:51:10 PM | Attr =	]

lmndis3.sys -> %SystemRoot%\System32\dllcache\lmndis3.sys -> D-Link [Ver = 5.00.2128.1 | Size = 25065 bytes | Modified Date = 8/17/2001 12:11:52 PM | Attr =	]

lne100.sys -> %SystemRoot%\System32\dllcache\lne100.sys -> The Linksts Group  [Ver = 2.00 | Size = 20573 bytes | Modified Date = 8/17/2001 12:12:20 PM | Attr =	]

lne100tx.sys -> %SystemRoot%\System32\dllcache\lne100tx.sys -> Linksys Group, Inc. [Ver = 4.55 | Size = 70730 bytes | Modified Date = 8/17/2001 12:12:24 PM | Attr =	]

ltck000c.sys -> %SystemRoot%\System32\dllcache\ltck000c.sys -> Xircom, Inc. [Ver = 1.98.2 | Size = 727786 bytes | Modified Date = 8/17/2001 1:28:18 PM | Attr =	]

ltmdmnt.sys -> %SystemRoot%\System32\dllcache\ltmdmnt.sys -> LT [Ver = 8.28 | Size = 606684 bytes | Modified Date = 8/3/2004 10:41:36 PM | Attr =	]

ltmdmntl.sys -> %SystemRoot%\System32\dllcache\ltmdmntl.sys -> LT [Ver = 3.01.3 | Size = 576746 bytes | Modified Date = 8/17/2001 1:28:08 PM | Attr =	]

ltmdmntt.sys -> %SystemRoot%\System32\dllcache\ltmdmntt.sys -> LT [Ver = 6.08 | Size = 420992 bytes | Modified Date = 8/3/2004 10:41:38 PM | Attr =	]

ltsm.sys -> %SystemRoot%\System32\dllcache\ltsm.sys -> Lucent Technologies [Ver = 3.1.92.1 3.1.92.1 07/18/2001 12:51:10 | Size = 802683 bytes | Modified Date = 8/17/2001 1:28:10 PM | Attr =	]

ltsmt.sys -> %SystemRoot%\System32\dllcache\ltsmt.sys -> LT [Ver =  3.1.92.1 07/18/2001 13:02:42 | Size = 797500 bytes | Modified Date = 8/17/2001 1:28:12 PM | Attr =	]

lwadihid.sys -> %SystemRoot%\System32\dllcache\lwadihid.sys -> Logitech Inc. [Ver = 5.1.420.093 | Size = 20864 bytes | Modified Date = 8/3/2004 10:39:32 PM | Attr =	]

lwusbhid.sys -> %SystemRoot%\System32\dllcache\lwusbhid.sys -> Logitech Inc. [Ver = 5.1.410.190 | Size = 22848 bytes | Modified Date = 8/17/2001 12:49:20 PM | Attr =	]

maestro.sys -> %SystemRoot%\System32\dllcache\maestro.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 48768 bytes | Modified Date = 8/17/2001 12:19:58 PM | Attr =	]

mdgndis5.sys -> %SystemRoot%\System32\dllcache\mdgndis5.sys -> Madge Networks Ltd [Ver = 6.06 | Size = 164586 bytes | Modified Date = 8/17/2001 12:12:26 PM | Attr =	]

memstpci.sys -> %SystemRoot%\System32\dllcache\memstpci.sys -> Sony Corporation [Ver = 1.00.1120.0 (xpsp_sp2_rtm.040803-2158) | Size = 26112 bytes | Modified Date = 8/3/2004 11:00:50 PM | Attr =	]

mgaud.dll -> %SystemRoot%\System32\dllcache\mgaud.dll -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 235648 bytes | Modified Date = 8/17/2001 2:56:02 PM | Attr =	]

mgaum.sys -> %SystemRoot%\System32\dllcache\mgaum.sys -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Modified Date = 8/17/2001 12:50:00 PM | Attr =	]

mraid35x.sys -> %SystemRoot%\System32\dllcache\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 8/17/2001 1:52:12 PM | Attr =	]

mtlmnt5.sys -> %SystemRoot%\System32\dllcache\mtlmnt5.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 126686 bytes | Modified Date = 8/3/2004 10:41:40 PM | Attr =	]

mtlstrm.sys -> %SystemRoot%\System32\dllcache\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/3/2004 10:41:38 PM | Attr =	]

mtxparhd.dll -> %SystemRoot%\System32\dllcache\mtxparhd.dll -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 1737856 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr =	]

mtxparhm.sys -> %SystemRoot%\System32\dllcache\mtxparhm.sys -> Matrox Graphics Inc. [Ver = 6.13.01.1296 | Size = 452736 bytes | Modified Date = 8/3/2004 10:29:38 PM | Attr =	]

mtxvideo.sys -> %SystemRoot%\System32\dllcache\mtxvideo.sys -> Matrox Graphics Inc [Ver = 1.00.25 | Size = 103296 bytes | Modified Date = 8/17/2001 12:50:04 PM | Attr =	]

mxcard.sys -> %SystemRoot%\System32\dllcache\mxcard.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 21888 bytes | Modified Date = 8/17/2001 1:50:48 PM | Attr =	]

mxicfg.dll -> %SystemRoot%\System32\dllcache\mxicfg.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 19968 bytes | Modified Date = 8/17/2001 10:36:26 PM | Attr =	]

mxnic.sys -> %SystemRoot%\System32\dllcache\mxnic.sys -> Macronix International Co., Ltd.												[Ver = 2.12 (XPClient.010817-1148) | Size = 19968 bytes | Modified Date = 8/17/2001 1:49:32 PM | Attr =	]

mxport.dll -> %SystemRoot%\System32\dllcache\mxport.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 7168 bytes | Modified Date = 8/17/2001 10:36:26 PM | Attr =	]

mxport.sys -> %SystemRoot%\System32\dllcache\mxport.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 75520 bytes | Modified Date = 8/17/2001 1:50:54 PM | Attr =	]

n1000nt5.sys -> %SystemRoot%\System32\dllcache\n1000nt5.sys -> Compaq Computer Corporation [Ver = 2.94.294.0 | Size = 52255 bytes | Modified Date = 8/17/2001 12:11:36 PM | Attr =	]

n100325.sys -> %SystemRoot%\System32\dllcache\n100325.sys -> Compaq Computer Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 128000 bytes | Modified Date = 8/17/2001 12:11:38 PM | Attr =	]

n9i128.dll -> %SystemRoot%\System32\dllcache\n9i128.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 35392 bytes | Modified Date = 8/17/2001 2:56:02 PM | Attr =	]

n9i128.sys -> %SystemRoot%\System32\dllcache\n9i128.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 13664 bytes | Modified Date = 8/17/2001 12:50:06 PM | Attr =	]

n9i128v2.dll -> %SystemRoot%\System32\dllcache\n9i128v2.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 59104 bytes | Modified Date = 8/17/2001 10:36:02 PM | Attr =	]

n9i128v2.sys -> %SystemRoot%\System32\dllcache\n9i128v2.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 33088 bytes | Modified Date = 8/17/2001 12:50:08 PM | Attr =	]

n9i3d.sys -> %SystemRoot%\System32\dllcache\n9i3d.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 27936 bytes | Modified Date = 8/17/2001 12:50:10 PM | Attr =	]

n9i3disp.dll -> %SystemRoot%\System32\dllcache\n9i3disp.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 91488 bytes | Modified Date = 8/17/2001 2:56:02 PM | Attr =	]

neo20xx.dll -> %SystemRoot%\System32\dllcache\neo20xx.dll -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 60480 bytes | Modified Date = 8/17/2001 10:36:02 PM | Attr =	]

neo20xx.sys -> %SystemRoot%\System32\dllcache\neo20xx.sys -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 39264 bytes | Modified Date = 8/17/2001 12:50:04 PM | Attr =	]

netflx3.sys -> %SystemRoot%\System32\dllcache\netflx3.sys -> Compaq Computer Corporation [Ver = 5.0.1.18 | Size = 65278 bytes | Modified Date = 8/17/2001 12:11:36 PM | Attr =	]

netwlan5.sys -> %SystemRoot%\System32\dllcache\netwlan5.sys -> 802.11b [Ver = 3, 1, 4, 26 | Size = 132695 bytes | Modified Date = 8/3/2004 10:31:42 PM | Attr =	]

ngrpci.sys -> %SystemRoot%\System32\dllcache\ngrpci.sys -> NETGEAR Corporation. [Ver = 4.56 | Size = 32840 bytes | Modified Date = 8/17/2001 12:12:20 PM | Attr =	]

nm5a2wdm.sys -> %SystemRoot%\System32\dllcache\nm5a2wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 126080 bytes | Modified Date = 8/17/2001 12:20:08 PM | Attr =	]

nm6wdm.sys -> %SystemRoot%\System32\dllcache\nm6wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 87040 bytes | Modified Date = 8/17/2001 12:20:08 PM | Attr =	]

nscirda.sys -> %SystemRoot%\System32\dllcache\nscirda.sys -> National Semiconductor Corporation [Ver = 5,02,00,011 (xpsp_sp2_rtm.040803-2158) | Size = 28672 bytes | Modified Date = 8/3/2004 11:00:52 PM | Attr =	]

ntgrip.sys -> %SystemRoot%\System32\dllcache\ntgrip.sys -> Kensington Technology Group [Ver = 1.00 | Size = 51552 bytes | Modified Date = 8/17/2001 12:49:04 PM | Attr =	]

ntmtlfax.sys -> %SystemRoot%\System32\dllcache\ntmtlfax.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 180360 bytes | Modified Date = 8/3/2004 10:41:40 PM | Attr =	]

nv3.dll -> %SystemRoot%\System32\dllcache\nv3.dll -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141)			| Size = 123776 bytes | Modified Date = 8/17/2001 10:36:02 PM | Attr =	]

nv3.sys -> %SystemRoot%\System32\dllcache\nv3.sys -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141)			| Size = 198144 bytes | Modified Date = 8/17/2001 12:50:18 PM | Attr =	]

nv4_disp.dll -> %SystemRoot%\System32\dllcache\nv4_disp.dll -> NVIDIA Corporation [Ver = 6.14.10.5673 | Size = 4274816 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr =	]

nv4_mini.sys -> %SystemRoot%\System32\dllcache\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.5673 | Size = 1897408 bytes | Modified Date = 8/3/2004 10:29:56 PM | Attr =	]

opl3sax.sys -> %SystemRoot%\System32\dllcache\opl3sax.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 54528 bytes | Modified Date = 8/17/2001 12:20:16 PM | Attr =	]

otc06x5.sys -> %SystemRoot%\System32\dllcache\otc06x5.sys -> Ositech Communications, Inc. [Ver = 1.01.020 | Size = 27209 bytes | Modified Date = 8/17/2001 12:12:36 PM | Attr =	]

otceth5.sys -> %SystemRoot%\System32\dllcache\otceth5.sys -> Ositech Communications, Inc. [Ver = 1.02.014.3 | Size = 43689 bytes | Modified Date = 8/17/2001 12:12:36 PM | Attr =	]

otcsercb.sys -> %SystemRoot%\System32\dllcache\otcsercb.sys -> Ositech Communications, Inc. [Ver = 1.05.02 | Size = 54186 bytes | Modified Date = 8/17/2001 1:28:12 PM | Attr =	]

pc100nds.sys -> %SystemRoot%\System32\dllcache\pc100nds.sys -> Linksys [Ver = 5.00.2195.1 | Size = 30495 bytes | Modified Date = 8/17/2001 12:12:18 PM | Attr =	]

pca200e.sys -> %SystemRoot%\System32\dllcache\pca200e.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 29502 bytes | Modified Date = 8/3/2004 10:31:24 PM | Attr =	]

pcmlm56.sys -> %SystemRoot%\System32\dllcache\pcmlm56.sys -> Linksys [Ver = 5.00.2128.1 | Size = 26153 bytes | Modified Date = 8/17/2001 12:12:18 PM | Attr =	]

pcntn5hl.sys -> %SystemRoot%\System32\dllcache\pcntn5hl.sys -> AMD Inc. [Ver = 1.09.001 | Size = 30282 bytes | Modified Date = 8/17/2001 12:11:22 PM | Attr =	]

pcntn5m.sys -> %SystemRoot%\System32\dllcache\pcntn5m.sys -> AMD Inc. [Ver = 4.09.00 | Size = 29769 bytes | Modified Date = 8/17/2001 12:11:20 PM | Attr =	]

pcntpci5.sys -> %SystemRoot%\System32\dllcache\pcntpci5.sys -> AMD Inc. [Ver = 4.38.00 built by: WinDDK | Size = 35328 bytes | Modified Date = 8/17/2001 12:11:22 PM | Attr =	]

pctspk.exe -> %SystemRoot%\System32\dllcache\pctspk.exe -> PCtel, Inc. [Ver = 4.00 | Size = 86016 bytes | Modified Date = 8/17/2001 10:36:54 PM | Attr =	]

pcx500.sys -> %SystemRoot%\System32\dllcache\pcx500.sys -> Cisco Systems [Ver = 7.50.01 Firmware built by: Cisco Systems | Size = 169984 bytes | Modified Date = 8/3/2004 10:06:18 PM | Attr =	]

perm2.sys -> %SystemRoot%\System32\dllcache\perm2.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00-0009 (MS) (xpsp_sp2_rtm.040803-2158) | Size = 27904 bytes | Modified Date = 8/3/2004 11:06:56 PM | Attr =	]

perm2dll.dll -> %SystemRoot%\System32\dllcache\perm2dll.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 211712 bytes | Modified Date = 8/4/2004 12:56:24 AM | Attr =	]

perm3.sys -> %SystemRoot%\System32\dllcache\perm3.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 28032 bytes | Modified Date = 8/3/2004 11:06:58 PM | Attr =	]

perm3dd.dll -> %SystemRoot%\System32\dllcache\perm3dd.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 259328 bytes | Modified Date = 8/4/2004 12:56:24 AM | Attr =	]

pscr.sys -> %SystemRoot%\System32\dllcache\pscr.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16128 bytes | Modified Date = 8/17/2001 1:51:08 PM | Attr =	]

ptserli.sys -> %SystemRoot%\System32\dllcache\ptserli.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 128286 bytes | Modified Date = 8/17/2001 1:28:12 PM | Attr =	]

ptserlp.sys -> %SystemRoot%\System32\dllcache\ptserlp.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 112574 bytes | Modified Date = 8/17/2001 1:28:14 PM | Attr =	]

ptserlv.sys -> %SystemRoot%\System32\dllcache\ptserlv.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 130942 bytes | Modified Date = 8/17/2001 1:28:14 PM | Attr =	]

ql1080.sys -> %SystemRoot%\System32\dllcache\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 8/17/2001 1:52:20 PM | Attr =	]

ql12160.sys -> %SystemRoot%\System32\dllcache\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 8/17/2001 1:52:20 PM | Attr =	]

ql1280.sys -> %SystemRoot%\System32\dllcache\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 8/17/2001 1:52:18 PM | Attr =	]

r2mdkxga.sys -> %SystemRoot%\System32\dllcache\r2mdkxga.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 899146 bytes | Modified Date = 8/17/2001 1:28:18 PM | Attr =	]

r2mdmkxx.sys -> %SystemRoot%\System32\dllcache\r2mdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714762 bytes | Modified Date = 8/17/2001 1:28:20 PM | Attr =	]

recagent.sys -> %SystemRoot%\System32\dllcache\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Modified Date = 8/3/2004 10:41:40 PM | Attr =	]

reslog32.dll -> %SystemRoot%\System32\dllcache\reslog32.dll -> Xircom [Ver = 1.0.0.6 | Size = 86097 bytes | Modified Date = 8/17/2001 10:36:30 PM | Attr =	]

rlnet5.sys -> %SystemRoot%\System32\dllcache\rlnet5.sys -> RadioLAN [Ver = 2.30 | Size = 37563 bytes | Modified Date = 8/17/2001 12:12:36 PM | Attr =	]

rocket.sys -> %SystemRoot%\System32\dllcache\rocket.sys -> Comtrol Corporation [Ver = 4.50 | Size = 79104 bytes | Modified Date = 8/3/2004 10:59:12 PM | Attr =	]

rpfun.sys -> %SystemRoot%\System32\dllcache\rpfun.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 3840 bytes | Modified Date = 8/17/2001 12:19:20 PM | Attr =	]

rsmgrstr.dll -> %SystemRoot%\System32\dllcache\rsmgrstr.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9216 bytes | Modified Date = 8/17/2001 10:36:30 PM | Attr =	]

rthwcls.sys -> %SystemRoot%\System32\dllcache\rthwcls.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 30720 bytes | Modified Date = 8/17/2001 12:19:22 PM | Attr =	]

rtl8029.sys -> %SystemRoot%\System32\dllcache\rtl8029.sys -> Realtek Semiconductor Corporation [Ver = 5.508.0803.2000 | Size = 19017 bytes | Modified Date = 8/17/2001 12:12:40 PM | Attr =	]

rw430ext.dll -> %SystemRoot%\System32\dllcache\rw430ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 24576 bytes | Modified Date = 8/17/2001 10:36:30 PM | Attr =	]

rw450ext.dll -> %SystemRoot%\System32\dllcache\rw450ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Modified Date = 8/17/2001 10:36:30 PM | Attr =	]

rwia430.dll -> %SystemRoot%\System32\dllcache\rwia430.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Modified Date = 8/17/2001 10:36:30 PM | Attr =	]

rwia450.dll -> %SystemRoot%\System32\dllcache\rwia450.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 82432 bytes | Modified Date = 8/17/2001 10:36:30 PM | Attr =	]

s3gnb.dll -> %SystemRoot%\System32\dllcache\s3gnb.dll -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 397056 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr =	]

s3gnbm.sys -> %SystemRoot%\System32\dllcache\s3gnbm.sys -> S3 Graphics, Inc. [Ver = 6.14.10.0012-13.94.12 | Size = 166912 bytes | Modified Date = 8/3/2004 10:29:52 PM | Attr =	]

s3m.sys -> %SystemRoot%\System32\dllcache\s3m.sys -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 166720 bytes | Modified Date = 8/17/2001 12:50:34 PM | Attr =	]

s3mt3d.dll -> %SystemRoot%\System32\dllcache\s3mt3d.dll -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 182272 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

s3mt3d.sys -> %SystemRoot%\System32\dllcache\s3mt3d.sys -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 41216 bytes | Modified Date = 8/17/2001 12:50:40 PM | Attr =	]

s3mtrio.dll -> %SystemRoot%\System32\dllcache\s3mtrio.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 62496 bytes | Modified Date = 8/17/2001 10:36:02 PM | Attr =	]

s3mvirge.dll -> %SystemRoot%\System32\dllcache\s3mvirge.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 210496 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

s3sav3d.dll -> %SystemRoot%\System32\dllcache\s3sav3d.dll -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 179264 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

s3sav3dm.sys -> %SystemRoot%\System32\dllcache\s3sav3dm.sys -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 61504 bytes | Modified Date = 8/17/2001 12:50:22 PM | Attr =	]

s3sav4.dll -> %SystemRoot%\System32\dllcache\s3sav4.dll -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 198400 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

s3sav4m.sys -> %SystemRoot%\System32\dllcache\s3sav4m.sys -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 77824 bytes | Modified Date = 8/17/2001 12:50:28 PM | Attr =	]

s3savmx.dll -> %SystemRoot%\System32\dllcache\s3savmx.dll -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 245632 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

s3savmxm.sys -> %SystemRoot%\System32\dllcache\s3savmxm.sys -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 75392 bytes | Modified Date = 8/17/2001 12:50:34 PM | Attr =	]

sblfx.dll -> %SystemRoot%\System32\dllcache\sblfx.dll -> Creative Technology Ltd. [Ver = 5.12.01.3210 | Size = 495616 bytes | Modified Date = 8/17/2001 10:36:30 PM | Attr =	]

sccmn50m.sys -> %SystemRoot%\System32\dllcache\sccmn50m.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Modified Date = 8/17/2001 1:51:10 PM | Attr =	]

sccmusbm.sys -> %SystemRoot%\System32\dllcache\sccmusbm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Modified Date = 8/17/2001 1:51:14 PM | Attr =	]

scr111.sys -> %SystemRoot%\System32\dllcache\scr111.sys -> SCM Microsystems [Ver = 1.01.006 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 8/17/2001 1:51:16 PM | Attr =	]

sfmanm.sys -> %SystemRoot%\System32\dllcache\sfmanm.sys -> Creative Technology Ltd. [Ver = 4.10.3300 | Size = 36480 bytes | Modified Date = 8/17/2001 12:19:34 PM | Attr =	]

sgiul50.dll -> %SystemRoot%\System32\dllcache\sgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 386560 bytes | Modified Date = 8/17/2001 10:36:02 PM | Attr =	]

sgiulnt5.sys -> %SystemRoot%\System32\dllcache\sgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 98080 bytes | Modified Date = 8/17/2001 12:51:04 PM | Attr =	]

sgsmld.sys -> %SystemRoot%\System32\dllcache\sgsmld.sys -> Micro Systemation [Ver = 1.1 | Size = 18400 bytes | Modified Date = 7/21/2001 2:29:20 PM | Attr =	]

sgsmusb.sys -> %SystemRoot%\System32\dllcache\sgsmusb.sys -> Micro Systemation [Ver = 1, 0, 0, 4 | Size = 161568 bytes | Modified Date = 7/21/2001 2:29:20 PM | Attr =	]

siint5.dll -> %SystemRoot%\System32\dllcache\siint5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 3901 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr =	]

sis300ip.sys -> %SystemRoot%\System32\dllcache\sis300ip.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 101760 bytes | Modified Date = 8/17/2001 12:50:46 PM | Attr =	]

sis300iv.dll -> %SystemRoot%\System32\dllcache\sis300iv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 252032 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

sis6306p.sys -> %SystemRoot%\System32\dllcache\sis6306p.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 68608 bytes | Modified Date = 8/17/2001 12:50:56 PM | Attr =	]

sis6306v.dll -> %SystemRoot%\System32\dllcache\sis6306v.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 150144 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

sisagp.sys -> %SystemRoot%\System32\dllcache\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 8/3/2004 11:07:44 PM | Attr =	]

sisgrp.sys -> %SystemRoot%\System32\dllcache\sisgrp.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 104064 bytes | Modified Date = 8/17/2001 12:50:48 PM | Attr =	]

sisgrv.dll -> %SystemRoot%\System32\dllcache\sisgrv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 238592 bytes | Modified Date = 8/17/2001 10:36:32 PM | Attr =	]

sisnic.sys -> %SystemRoot%\System32\dllcache\sisnic.sys -> SiS Corporation [Ver = 1.16.00.05 built by: WinDDK | Size = 32768 bytes | Modified Date = 8/3/2004 10:31:36 PM | Attr =	]

sisv.sys -> %SystemRoot%\System32\dllcache\sisv.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 50432 bytes | Modified Date = 8/17/2001 12:50:56 PM | Attr =	]

sisv256.dll -> %SystemRoot%\System32\dllcache\sisv256.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 157696 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

sk98xwin.sys -> %SystemRoot%\System32\dllcache\sk98xwin.sys -> SysKonnect GmbH. [Ver = 3.12 | Size = 94698 bytes | Modified Date = 8/17/2001 12:12:52 PM | Attr =	]

skfpwin.sys -> %SystemRoot%\System32\dllcache\skfpwin.sys -> SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH. [Ver = 5.13 | Size = 91294 bytes | Modified Date = 8/17/2001 12:12:52 PM | Attr =	]

sla30nd5.sys -> %SystemRoot%\System32\dllcache\sla30nd5.sys -> Symbol Technologies [Ver = 4.2.0.8 | Size = 63547 bytes | Modified Date = 8/3/2004 10:31:42 PM | Attr =	]

slcoinst.dll -> %SystemRoot%\System32\dllcache\slcoinst.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 73832 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr =	]

slextspk.dll -> %SystemRoot%\System32\dllcache\slextspk.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 286792 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr =	]

slgen.dll -> %SystemRoot%\System32\dllcache\slgen.dll -> Smart Link [Ver = 3.80.01MC15 | Size = 188508 bytes | Modified Date = 8/4/2004 12:56:46 AM | Attr =	]

slnt7554.sys -> %SystemRoot%\System32\dllcache\slnt7554.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 129535 bytes | Modified Date = 8/3/2004 10:41:42 PM | Attr =	]

slntamr.sys -> %SystemRoot%\System32\dllcache\slntamr.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 404990 bytes | Modified Date = 8/3/2004 10:41:44 PM | Attr =	]

slnthal.sys -> %SystemRoot%\System32\dllcache\slnthal.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 95424 bytes | Modified Date = 8/3/2004 10:41:46 PM | Attr =	]

slrundll.exe -> %SystemRoot%\System32\dllcache\slrundll.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 32866 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr =	]

slserv.exe -> %SystemRoot%\System32\dllcache\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr =	]

slwdmsup.sys -> %SystemRoot%\System32\dllcache\slwdmsup.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13240 bytes | Modified Date = 8/3/2004 10:41:46 PM | Attr =	]

smc8000n.sys -> %SystemRoot%\System32\dllcache\smc8000n.sys -> SMC Networks, Inc. [Ver = 3.13.1025.2000 built by: yfeng | Size = 24576 bytes | Modified Date = 8/17/2001 12:12:46 PM | Attr =	]

smcirda.sys -> %SystemRoot%\System32\dllcache\smcirda.sys -> SMC [Ver = 5.1.2462.0 | Size = 35913 bytes | Modified Date = 8/17/2001 12:10:28 PM | Attr =	]

smcpwr2n.sys -> %SystemRoot%\System32\dllcache\smcpwr2n.sys -> SMC Networks, Inc. [Ver = 3.28.1214.2000 | Size = 25034 bytes | Modified Date = 8/17/2001 12:12:48 PM | Attr =	]

smidispb.dll -> %SystemRoot%\System32\dllcache\smidispb.dll -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 147200 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

smiminib.sys -> %SystemRoot%\System32\dllcache\smiminib.sys -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 58368 bytes | Modified Date = 8/17/2001 12:51:00 PM | Attr =	]

sonync.sys -> %SystemRoot%\System32\dllcache\sonync.sys -> Sony Corporation [Ver = 6.0.0.05300 | Size = 20752 bytes | Modified Date = 8/17/2001 12:51:20 PM | Attr =	]

sonypi.dll -> %SystemRoot%\System32\dllcache\sonypi.dll -> Sony Corporation [Ver = 1.5.090699 | Size = 114688 bytes | Modified Date = 8/17/2001 10:36:32 PM | Attr =	]

sonypi.sys -> %SystemRoot%\System32\dllcache\sonypi.sys -> Sony Corporation [Ver = 6.0.5.07140 | Size = 37040 bytes | Modified Date = 8/17/2001 12:51:22 PM | Attr =	]

sparrow.sys -> %SystemRoot%\System32\dllcache\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 8/17/2001 2:07:44 PM | Attr =	]

spdports.dll -> %SystemRoot%\System32\dllcache\spdports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0012 | Size = 106584 bytes | Modified Date = 8/17/2001 10:36:32 PM | Attr =	]

speed.sys -> %SystemRoot%\System32\dllcache\speed.sys -> Perle Systems Ltd. [Ver = 1.0.4.0021 (XPClient.010817-1148) | Size = 61824 bytes | Modified Date = 8/17/2001 1:51:00 PM | Attr =	]

spxupchk.dll -> %SystemRoot%\System32\dllcache\spxupchk.dll -> Perle Systems Ltd. [Ver = 1.0.0.0002 | Size = 24660 bytes | Modified Date = 8/17/2001 10:36:32 PM | Attr =	]

srwlnd5.sys -> %SystemRoot%\System32\dllcache\srwlnd5.sys -> 3Com [Ver = 3.0.4 alpha | Size = 48736 bytes | Modified Date = 8/17/2001 12:11:08 PM | Attr =	]

stcusb.sys -> %SystemRoot%\System32\dllcache\stcusb.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16896 bytes | Modified Date = 8/17/2001 1:51:20 PM | Attr =	]

stlnata.sys -> %SystemRoot%\System32\dllcache\stlnata.sys -> Stallion Technologies [Ver = 5.6.5 | Size = 285760 bytes | Modified Date = 8/17/2001 12:18:18 PM | Attr =	]

stlncoin.dll -> %SystemRoot%\System32\dllcache\stlncoin.dll -> Stallion Technologies [Ver = 5.6.5 | Size = 53248 bytes | Modified Date = 8/17/2001 10:36:32 PM | Attr =	]

stlnprop.dll -> %SystemRoot%\System32\dllcache\stlnprop.dll -> Stallion Technologies [Ver = 5.6.4 | Size = 155648 bytes | Modified Date = 8/17/2001 10:36:32 PM | Attr =	]

sx.sys -> %SystemRoot%\System32\dllcache\sx.sys -> Perle Systems Ltd.  [Ver = 1.1.2.0031 (XPClient.010817-1148) | Size = 103936 bytes | Modified Date = 8/17/2001 1:50:58 PM | Attr =	]

sxports.dll -> %SystemRoot%\System32\dllcache\sxports.dll -> Perle Systems Ltd.  [Ver = 1.0.0.0008 | Size = 94293 bytes | Modified Date = 8/17/2001 10:36:32 PM | Attr =	]

symc810.sys -> %SystemRoot%\System32\dllcache\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 8/17/2001 2:07:34 PM | Attr =	]

symc8xx.sys -> %SystemRoot%\System32\dllcache\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 8/17/2001 2:07:36 PM | Attr =	]

sym_hi.sys -> %SystemRoot%\System32\dllcache\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 8/17/2001 2:07:40 PM | Attr =	]

sym_u3.sys -> %SystemRoot%\System32\dllcache\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 8/17/2001 2:07:42 PM | Attr =	]

t2r4disp.dll -> %SystemRoot%\System32\dllcache\t2r4disp.dll -> Number Nine Visual Technology [Ver = 5.01.104.09 | Size = 172768 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

t2r4mini.sys -> %SystemRoot%\System32\dllcache\t2r4mini.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.104.09 | Size = 36640 bytes | Modified Date = 8/17/2001 12:50:12 PM | Attr =	]

tbatm155.sys -> %SystemRoot%\System32\dllcache\tbatm155.sys -> Toshiba Corporation [Ver = 0.4.0.0 (XPClient.010817-1148) | Size = 30464 bytes | Modified Date = 8/17/2001 1:49:46 PM | Attr =	]

tdk100b.sys -> %SystemRoot%\System32\dllcache\tdk100b.sys -> TDK Corporation [Ver = 1.00 | Size = 37961 bytes | Modified Date = 8/17/2001 12:13:00 PM | Attr =	]

tdkcd31.sys -> %SystemRoot%\System32\dllcache\tdkcd31.sys -> TDK Corporation [Ver = 5.00.2128.1 | Size = 17129 bytes | Modified Date = 8/17/2001 12:13:00 PM | Attr =	]

tffsport.sys -> %SystemRoot%\System32\dllcache\tffsport.sys -> M-Systems [Ver = 5.02 | Size = 149376 bytes | Modified Date = 8/3/2004 11:00:06 PM | Attr =	]

tgiul50.dll -> %SystemRoot%\System32\dllcache\tgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 81408 bytes | Modified Date = 8/17/2001 2:56:04 PM | Attr =	]

tgiulnt5.sys -> %SystemRoot%\System32\dllcache\tgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 138528 bytes | Modified Date = 8/17/2001 12:51:10 PM | Attr =	]

tjisdn.sys -> %SystemRoot%\System32\dllcache\tjisdn.sys -> Tiger Jet Network [Ver = 3.03 | Size = 123995 bytes | Modified Date = 8/17/2001 12:14:26 PM | Attr =	]

tos4mo.sys -> %SystemRoot%\System32\dllcache\tos4mo.sys -> TOSHIBA Corporation [Ver = 2.23 | Size = 28232 bytes | Modified Date = 8/17/2001 12:10:26 PM | Attr =	]

tosdvd02.sys -> %SystemRoot%\System32\dllcache\tosdvd02.sys -> Toshiba Corporation [Ver = 1.00.99.1004 (XPClient.010817-1148) | Size = 241664 bytes | Modified Date = 8/17/2001 2:01:52 PM | Attr =	]

tosdvd03.sys -> %SystemRoot%\System32\dllcache\tosdvd03.sys -> Toshiba Corporation [Ver = 1.00.99.1003 (XPClient.010817-1148) | Size = 230912 bytes | Modified Date = 8/17/2001 2:02:00 PM | Attr =	]

tp4.dll -> %SystemRoot%\System32\dllcache\tp4.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 31744 bytes | Modified Date = 8/17/2001 10:36:32 PM | Attr =	]

tp4mon.exe -> %SystemRoot%\System32\dllcache\tp4mon.exe -> IBM Corporation [Ver = 6.03 (xpsp_sp2_rtm.040803-2158) | Size = 82432 bytes | Modified Date = 8/4/2004 12:56:58 AM | Attr =	]

tp4res.dll -> %SystemRoot%\System32\dllcache\tp4res.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 42496 bytes | Modified Date = 8/17/2001 10:35:42 PM | Attr =	]

tpro4.sys -> %SystemRoot%\System32\dllcache\tpro4.sys -> Intel Corporation [Ver = 3.06.02.0000 | Size = 34375 bytes | Modified Date = 8/17/2001 12:12:12 PM | Attr =	]

trid3d.dll -> %SystemRoot%\System32\dllcache\trid3d.dll -> Trident Microsystems Inc. [Ver = 5.1.2471.0046 (ReleasedBinaries.000421-1946) | Size = 315520 bytes | Modified Date = 8/17/2001 2:56:06 PM | Attr =	]

trid3dm.sys -> %SystemRoot%\System32\dllcache\trid3dm.sys -> Trident Microsystems Inc. [Ver = 5.1.2471.0032 (ReleasedBinaries.000421-1946) | Size = 222336 bytes | Modified Date = 8/17/2001 12:51:16 PM | Attr =	]

tridkb.dll -> %SystemRoot%\System32\dllcache\tridkb.dll -> Trident Microsystems Inc. [Ver = 5.1.2489.0045 (ReleasedBinaries.000421-1946) | Size = 440576 bytes | Modified Date = 8/17/2001 2:56:06 PM | Attr =	]

tridkbm.sys -> %SystemRoot%\System32\dllcache\tridkbm.sys -> Trident Microsystems Inc. [Ver = 5.1.2489.0032 (ReleasedBinaries.000421-1946) | Size = 159232 bytes | Modified Date = 8/17/2001 12:51:16 PM | Attr =	]

tridxp.dll -> %SystemRoot%\System32\dllcache\tridxp.dll -> Trident Microsystems Inc. [Ver = 5.1.2475.0115 (ReleasedBinaries.010510-2313) | Size = 525568 bytes | Modified Date = 8/17/2001 10:36:32 PM | Attr =	]

tridxpm.sys -> %SystemRoot%\System32\dllcache\tridxpm.sys -> Trident Microsystems Inc. [Ver = 5.1.2475.96 (ReleasedBinaries.010510-2313) | Size = 166784 bytes | Modified Date = 8/17/2001 12:51:22 PM | Attr =	]

twotrack.sys -> %SystemRoot%\System32\dllcache\twotrack.sys -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 11520 bytes | Modified Date = 8/17/2001 1:48:14 PM | Attr =	]

ultra.sys -> %SystemRoot%\System32\dllcache\ultra.sys -> Promise Technology, Inc. [Ver =  1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 8/17/2001 1:52:22 PM | Attr =	]

um34scan.dll -> %SystemRoot%\System32\dllcache\um34scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Modified Date = 8/17/2001 10:36:34 PM | Attr =	]

um54scan.dll -> %SystemRoot%\System32\dllcache\um54scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.8 | Size = 211968 bytes | Modified Date = 8/17/2001 10:36:34 PM | Attr =	]

umaxscan.dll -> %SystemRoot%\System32\dllcache\umaxscan.dll -> UMAX DATA SYSTEMS INC. [Ver = 5.00.2434.1 | Size = 50688 bytes | Modified Date = 8/17/2001 10:36:34 PM | Attr =	]

usb101et.sys -> %SystemRoot%\System32\dllcache\usb101et.sys -> KLSI USA, Inc. [Ver = 3.43.0005.0000 | Size = 32384 bytes | Modified Date = 8/3/2004 10:31:26 PM | Attr =	]

usr1801.sys -> %SystemRoot%\System32\dllcache\usr1801.sys -> U.S. Robotics, Inc. [Ver =  1.00.034 | Size = 794654 bytes | Modified Date = 8/17/2001 1:28:16 PM | Attr =	]

usr1806.sys -> %SystemRoot%\System32\dllcache\usr1806.sys -> U.S. Robotics, Inc. [Ver =  1.00.036 | Size = 793598 bytes | Modified Date = 8/17/2001 1:28:16 PM | Attr =	]

usr1806v.sys -> %SystemRoot%\System32\dllcache\usr1806v.sys -> U.S. Robotics, Inc. [Ver =  1.00.036 | Size = 794399 bytes | Modified Date = 8/17/2001 1:28:18 PM | Attr =	]

usr1807a.sys -> %SystemRoot%\System32\dllcache\usr1807a.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 224802 bytes | Modified Date = 8/17/2001 1:28:24 PM | Attr =	]

usroslba.sys -> %SystemRoot%\System32\dllcache\usroslba.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 7556 bytes | Modified Date = 8/17/2001 1:28:24 PM | Attr =	]

usrpda.sys -> %SystemRoot%\System32\dllcache\usrpda.sys -> U.S. Robotics Corporation [Ver = 4. 11. 22 | Size = 113762 bytes | Modified Date = 8/17/2001 1:28:26 PM | Attr =	]

usrti.sys -> %SystemRoot%\System32\dllcache\usrti.sys -> U.S. Robotics, Inc. [Ver =  2.60.005 | Size = 765884 bytes | Modified Date = 8/17/2001 1:28:14 PM | Attr =	]

usrwdxjs.sys -> %SystemRoot%\System32\dllcache\usrwdxjs.sys -> U.S. Robotics Corporation [Ver = 3.27.036.0005 | Size = 687999 bytes | Modified Date = 8/17/2001 1:28:26 PM | Attr =	]

vchnt5.dll -> %SystemRoot%\System32\dllcache\vchnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 11325 bytes | Modified Date = 8/4/2004 12:56:48 AM | Attr =	]

viairda.sys -> %SystemRoot%\System32\dllcache\viairda.sys -> VIA Technologies, Inc. [Ver = 5,1,2480,0 (XPClient.010817-1148) | Size = 24576 bytes | Modified Date = 8/17/2001 1:49:04 PM | Attr =	]

vinwm.sys -> %SystemRoot%\System32\dllcache\vinwm.sys -> Xircom [Ver = 2.1.0.10 | Size = 249402 bytes | Modified Date = 8/17/2001 12:14:12 PM | Attr =	]

vmodem.sys -> %SystemRoot%\System32\dllcache\vmodem.sys -> PCTEL, INC. [Ver = 7.60.10A | Size = 604253 bytes | Modified Date = 8/17/2001 1:28:14 PM | Attr =	]

vpctcom.sys -> %SystemRoot%\System32\dllcache\vpctcom.sys -> PCtel, Inc. [Ver = 8.00-9K | Size = 397502 bytes | Modified Date = 8/17/2001 1:28:16 PM | Attr =	]

vvoice.sys -> %SystemRoot%\System32\dllcache\vvoice.sys -> PCtel, Inc. [Ver = 3.53.00 | Size = 64605 bytes | Modified Date = 8/17/2001 1:28:16 PM | Attr =	]

w840nd.sys -> %SystemRoot%\System32\dllcache\w840nd.sys -> Winbond Electronics Corporation [Ver = 2.40 | Size = 19528 bytes | Modified Date = 8/17/2001 12:13:08 PM | Attr =	]

w926nd.sys -> %SystemRoot%\System32\dllcache\w926nd.sys -> Winbond Electronics Corporation [Ver = 1.60 | Size = 19016 bytes | Modified Date = 8/17/2001 12:13:08 PM | Attr =	]

w940nd.sys -> %SystemRoot%\System32\dllcache\w940nd.sys -> Winbond Electronics Corporation [Ver = 3.22 | Size = 16925 bytes | Modified Date = 8/17/2001 12:13:12 PM | Attr =	]

wadv01nt.sys -> %SystemRoot%\System32\dllcache\wadv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 12415 bytes | Modified Date = 8/3/2004 10:29:38 PM | Attr =	]

wadv02nt.sys -> %SystemRoot%\System32\dllcache\wadv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 12127 bytes | Modified Date = 8/3/2004 10:29:38 PM | Attr =	]

wadv05nt.sys -> %SystemRoot%\System32\dllcache\wadv05nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 11775 bytes | Modified Date = 8/3/2004 10:29:38 PM | Attr =	]

wadv07nt.sys -> %SystemRoot%\System32\dllcache\wadv07nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 11807 bytes | Modified Date = 8/3/2004 10:29:40 PM | Attr =	]

wadv08nt.sys -> %SystemRoot%\System32\dllcache\wadv08nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 11295 bytes | Modified Date = 8/3/2004 10:29:40 PM | Attr =	]

wadv09nt.sys -> %SystemRoot%\System32\dllcache\wadv09nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 11871 bytes | Modified Date = 8/3/2004 10:29:42 PM | Attr =	]

wadv11nt.sys -> %SystemRoot%\System32\dllcache\wadv11nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 11935 bytes | Modified Date = 8/3/2004 10:29:42 PM | Attr =	]

watv01nt.sys -> %SystemRoot%\System32\dllcache\watv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 29311 bytes | Modified Date = 8/3/2004 10:29:42 PM | Attr =	]

watv02nt.sys -> %SystemRoot%\System32\dllcache\watv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 19551 bytes | Modified Date = 8/3/2004 10:29:44 PM | Attr =	]

watv04nt.sys -> %SystemRoot%\System32\dllcache\watv04nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 33599 bytes | Modified Date = 8/3/2004 10:29:44 PM | Attr =	]

watv06nt.sys -> %SystemRoot%\System32\dllcache\watv06nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 22271 bytes | Modified Date = 8/3/2004 10:29:46 PM | Attr =	]

watv10nt.sys -> %SystemRoot%\System32\dllcache\watv10nt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 25471 bytes | Modified Date = 8/3/2004 10:29:46 PM | Attr =	]

wbfirdma.sys -> %SystemRoot%\System32\dllcache\wbfirdma.sys -> Winbond Electronics Corp. [Ver = 5.4.9820.0306 | Size = 35871 bytes | Modified Date = 8/17/2001 12:10:30 PM | Attr =	]

wch7xxnt.sys -> %SystemRoot%\System32\dllcache\wch7xxnt.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 23615 bytes | Modified Date = 8/3/2004 10:29:46 PM | Attr =	]

wdhaalba.sys -> %SystemRoot%\System32\dllcache\wdhaalba.sys -> 3Com Corporation [Ver = 3.34.034.0075 | Size = 701386 bytes | Modified Date = 8/17/2001 1:28:02 PM | Attr =	]

winacisa.sys -> %SystemRoot%\System32\dllcache\winacisa.sys -> Rockwell [Ver = 2,0,2,111 | Size = 771581 bytes | Modified Date = 8/17/2001 1:28:14 PM | Attr =	]

wlandrv2.sys -> %SystemRoot%\System32\dllcache\wlandrv2.sys -> Raytheon Corp. [Ver = 4.00.00.0004 | Size = 34890 bytes | Modified Date = 8/17/2001 12:12:38 PM | Attr =	]

wlluc48.sys -> %SystemRoot%\System32\dllcache\wlluc48.sys -> Lucent Technologies [Ver = 7.43.0.9 | Size = 154624 bytes | Modified Date = 8/3/2004 10:31:28 PM | Attr =	]

wsiintxx.sys -> %SystemRoot%\System32\dllcache\wsiintxx.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 12063 bytes | Modified Date = 8/3/2004 10:29:48 PM | Attr =	]

wvchntxx.sys -> %SystemRoot%\System32\dllcache\wvchntxx.sys -> Intel® Corporation [Ver = 6.13.01.3198  | Size = 19455 bytes | Modified Date = 8/3/2004 10:29:50 PM | Attr =	]

xem336n5.sys -> %SystemRoot%\System32\dllcache\xem336n5.sys -> US Robotics MCD (Megahertz) [Ver = 1.25.014 | Size = 16970 bytes | Modified Date = 8/17/2001 12:11:14 PM | Attr =	]

xlog.exe -> %SystemRoot%\System32\dllcache\xlog.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 99865 bytes | Modified Date = 8/17/2001 10:37:02 PM | Attr =	]

xrxftplt.exe -> %SystemRoot%\System32\dllcache\xrxftplt.exe ->  [Ver = 1, 0, 0, 2 | Size = 27648 bytes | Modified Date = 8/17/2001 10:37:02 PM | Attr =	]

xrxscnui.dll -> %SystemRoot%\System32\dllcache\xrxscnui.dll ->  [Ver = 1, 0, 0, 1 | Size = 17408 bytes | Modified Date = 8/17/2001 10:36:36 PM | Attr =	]

xrxwbtmp.dll -> %SystemRoot%\System32\dllcache\xrxwbtmp.dll -> Xerox Corporation [Ver = 1, 0, 0, 1 | Size = 23040 bytes | Modified Date = 8/17/2001 10:36:36 PM | Attr =	]

xrxwiadr.dll -> %SystemRoot%\System32\dllcache\xrxwiadr.dll -> Xerox [Ver = 1, 0, 0, 2 | Size = 116224 bytes | Modified Date = 8/4/2004 12:56:48 AM | Attr =	]

Teefer.sys -> %SystemRoot%\System32\drivers\Teefer.sys -> Sygate Technologies, Inc. [Ver = 1.60.1101 | Size = 60496 bytes | Modified Date = 10/15/2004 6:17:02 PM | Attr =	]

wg3n.sys -> %SystemRoot%\System32\drivers\wg3n.sys -> Sygate Technologies, Inc. [Ver = 1.01.1223 | Size = 14568 bytes | Modified Date = 10/15/2004 6:32:38 PM | Attr =	]

wg4n.sys -> %SystemRoot%\System32\drivers\wg4n.sys -> Sygate Technologies, Inc. [Ver = 1.01.1223 | Size = 14568 bytes | Modified Date = 10/15/2004 6:32:40 PM | Attr =	]

wg5n.sys -> %SystemRoot%\System32\drivers\wg5n.sys -> Sygate Technologies, Inc. [Ver = 1.01.1223 | Size = 14568 bytes | Modified Date = 10/15/2004 6:32:42 PM | Attr =	]

wg6n.sys -> %SystemRoot%\System32\drivers\wg6n.sys -> Sygate Technologies, Inc. [Ver = 1.01.1223 | Size = 14568 bytes | Modified Date = 10/15/2004 6:32:44 PM | Attr =	]

wpsdrvnt.sys -> %SystemRoot%\System32\drivers\wpsdrvnt.sys -> Sygate Technologies, Inc. [Ver = 1, 0, 0, 17 | Size = 21075 bytes | Modified Date = 10/15/2004 6:18:46 PM | Attr =	]

Copy of GkSui18.EXE -> %SystemRoot%\System32\Copy of GkSui18.EXE ->  [Ver =  | Size = 69632 bytes | Modified Date = 1/16/2002 1:27:54 AM | Attr =	]

eeedec1_g.dll -> %SystemRoot%\System32\eeedec1_g.dll ->  [Ver =  | Size = 23 bytes | Modified Date = 1/27/2008 10:01:34 PM | Attr =  HS]

feffdadecc7_g.ocx -> %SystemRoot%\System32\feffdadecc7_g.ocx ->  [Ver =  | Size = 23 bytes | Modified Date = 1/27/2008 10:01:34 PM | Attr =	]

GkSui18.EXE -> %SystemRoot%\System32\GkSui18.EXE ->  [Ver =  | Size = 73728 bytes | Modified Date = 4/18/2002 4:50:11 PM | Attr =	]

hpzll4v2.dll -> %SystemRoot%\System32\hpzll4v2.dll -> Hewlett-Packard Company [Ver = 61.063.247.00 | Size = 117760 bytes | Modified Date = 12/30/2006 3:49:16 PM | Attr =	]

initdebug.nfo -> %SystemRoot%\System32\initdebug.nfo ->  [Ver =  | Size = 45 bytes | Modified Date = 1/24/2008 3:06:41 PM | Attr =	]

PDBootState -> %SystemRoot%\System32\PDBootState ->  [Ver =  | Size = 280 bytes | Modified Date = 1/18/2008 8:33:07 AM | Attr =	]

SSSensor.dll -> %SystemRoot%\System32\SSSensor.dll -> Sygate Technologies, Inc. [Ver = 5. 5. 0. 5 | Size = 83096 bytes | Modified Date = 10/15/2004 6:32:10 PM | Attr =	]

xfcodec.dll -> %SystemRoot%\System32\xfcodec.dll ->  [Ver = 29825 | Size = 54608 bytes | Modified Date = 1/30/2008 8:02:38 PM | Attr =	]

ativpsrm.bin -> %SystemRoot%\ativpsrm.bin ->  [Ver =  | Size = 0 bytes | Modified Date = 1/21/2008 11:34:47 AM | Attr =	]

AWMODEM.INF -> %SystemRoot%\AWMODEM.INF ->  [Ver =  | Size = 1071 bytes | Modified Date = 1/23/2008 7:36:30 PM | Attr =	]

HPHins13.dat -> %SystemRoot%\HPHins13.dat ->  [Ver =  | Size = 130491 bytes | Modified Date = 1/24/2008 9:42:50 PM | Attr =	]

hphmdl13.dat -> %SystemRoot%\hphmdl13.dat ->  [Ver =  | Size = 2977 bytes | Modified Date = 1/22/2007 10:05:06 AM | Attr =	]

iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.0.3 | Size = 720896 bytes | Modified Date = 1/15/2008 2:40:35 PM | Attr =	]

Performance -> %SystemRoot%\Performance ->  [Folder | Created Date = 1/15/2008 5:32:22 PM | Attr =	]

1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 

[Files Created - Additional Folder Scans - Non-Microsoft Only]

ATI -> %AllUsersProfile%\Application Data\ATI ->  [Folder | Created Date = 1/21/2008 11:35:27 AM | Attr =	]

5 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> 

Hewlett-Packard -> %AllUsersProfile%\Application Data\Hewlett-Packard ->  [Folder | Created Date = 1/24/2008 9:25:53 PM | Attr =	]

Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft ->  [Folder | Created Date = 1/20/2008 2:04:09 PM | Attr =	]

Microsoft Corporation -> %AllUsersProfile%\Application Data\Microsoft Corporation ->  [Folder | Created Date = 1/15/2008 5:32:01 PM | Attr =	]

Protexis -> %AllUsersProfile%\Application Data\Protexis ->  [Folder | Created Date = 1/15/2008 5:50:39 PM | Attr =	]

Raxco -> %AllUsersProfile%\Application Data\Raxco ->  [Folder | Created Date = 1/15/2008 5:52:22 PM | Attr =	]

Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy ->  [Folder | Created Date = 1/20/2008 3:39:56 PM | Attr =	]

WEBREG -> %AllUsersProfile%\Application Data\WEBREG ->  [Folder | Created Date = 1/24/2008 9:42:50 PM | Attr =	]

Installer2780 -> %UserProfile%\Local Settings\Application Data\Installer2780 ->  [Folder | Created Date = 2/3/2008 3:29:07 PM | Attr =	]

cc_20080127_2141.reg -> %UserProfile%\My Documents\cc_20080127_2141.reg ->  [Ver =  | Size = 739492 bytes | Modified Date = 1/27/2008 9:42:02 PM | Attr =	]

cc_20080127_2200.reg -> %UserProfile%\My Documents\cc_20080127_2200.reg ->  [Ver =  | Size = 28522 bytes | Modified Date = 1/27/2008 10:00:40 PM | Attr =	]

cc_20080212_1530.reg -> %UserProfile%\My Documents\cc_20080212_1530.reg ->  [Ver =  | Size = 37894 bytes | Modified Date = 2/12/2008 3:30:09 PM | Attr =	]

cc_20080212_1549.reg -> %UserProfile%\My Documents\cc_20080212_1549.reg ->  [Ver =  | Size = 1344 bytes | Modified Date = 2/12/2008 3:49:38 PM | Attr =	]

cpuz.cvf -> %UserProfile%\My Documents\cpuz.cvf ->  [Ver =  | Size = 480 bytes | Modified Date = 2/7/2008 4:10:13 PM | Attr =	]

Fax -> %UserProfile%\My Documents\Fax ->  [Folder | Created Date = 1/23/2008 7:35:56 PM | Attr =	]

hijackthis2 -> %UserProfile%\My Documents\hijackthis2 ->  [Ver =  | Size = 17404 bytes | Modified Date = 1/27/2008 9:23:12 PM | Attr =	]

windiag.iso -> %UserProfile%\My Documents\windiag.iso ->  [Ver =  | Size = 305152 bytes | Modified Date = 1/24/2008 3:40:07 PM | Attr =	]

WinPFind35u -> %UserProfile%\Desktop\WinPFind35u ->  [Folder | Created Date = 2/13/2008 7:41:41 PM | Attr =	]

WinPFind35u.exe -> %UserProfile%\Desktop\WinPFind35u.exe ->  [Ver =  | Size = 480325 bytes | Modified Date = 2/13/2008 7:41:21 PM | Attr =	]

Folding@Home 5.03.lnk -> %UserProfile%\Start Menu\Programs\Startup\Folding@Home 5.03.lnk ->  [Ver =  | Size = 573 bytes | Modified Date = 2/10/2008 10:15:53 PM | Attr =	]

Raxco -> %CommonProgramFiles%\Raxco ->  [Folder | Created Date = 1/15/2008 5:52:22 PM | Attr =	]



[Files/Folders - Modified Within 30 days]

boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 291 bytes | Modified Date = 2/11/2008 3:04:09 PM | Attr = RHS]

Config.Msi -> %SystemDrive%\Config.Msi ->  [Folder | Modified Date = 2/9/2008 12:20:57 PM | Attr =  H ]

Documents and Settings -> %SystemDrive%\Documents and Settings ->  [Folder | Modified Date = 1/30/2008 6:56:13 PM | Attr =	]

Downloads -> %SystemDrive%\Downloads ->  [Folder | Modified Date = 2/13/2008 4:42:30 PM | Attr =	]

hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 3152596992 bytes | Modified Date = 2/13/2008 3:41:25 PM | Attr =  HS]

HijackThis -> %SystemDrive%\HijackThis ->  [Folder | Modified Date = 1/20/2008 5:16:19 PM | Attr =	]

Program Files -> %ProgramFiles% ->  [Folder | Modified Date = 2/12/2008 3:48:36 PM | Attr =	]

WINDOWS -> %SystemRoot% ->  [Folder | Modified Date = 2/13/2008 4:58:31 PM | Attr =	]

fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat ->  [Ver =  | Size = 98361120 bytes | Modified Date = 2/13/2008 7:43:14 PM | Attr =  HS]

fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx ->  [Ver =  | Size = 1317572 bytes | Modified Date = 2/13/2008 3:40:37 PM | Attr =  HS]

fidbox2.dat -> %SystemRoot%\System32\drivers\fidbox2.dat ->  [Ver =  | Size = 4201248 bytes | Modified Date = 2/13/2008 7:41:42 PM | Attr =  HS]

fidbox2.idx -> %SystemRoot%\System32\drivers\fidbox2.idx ->  [Ver =  | Size = 394604 bytes | Modified Date = 2/13/2008 3:40:37 PM | Attr =  HS]

klin.dat -> %SystemRoot%\System32\drivers\klin.dat ->  [Ver =  | Size = 91700 bytes | Modified Date = 1/31/2008 3:06:13 PM | Attr =	]

CatRoot -> %SystemRoot%\System32\CatRoot ->  [Folder | Modified Date = 1/27/2008 4:24:58 PM | Attr =	]

CatRoot2 -> %SystemRoot%\System32\CatRoot2 ->  [Folder | Modified Date = 2/13/2008 3:42:11 PM | Attr =	]

config -> %SystemRoot%\System32\config ->  [Folder | Modified Date = 2/4/2008 7:51:27 PM | Attr =	]

dllcache -> %SystemRoot%\System32\dllcache ->  [Folder | Modified Date = 2/12/2008 3:33:31 PM | Attr = RHS]

drivers -> %SystemRoot%\System32\drivers ->  [Folder | Modified Date = 2/12/2008 3:33:31 PM | Attr =	]

DRVSTORE -> %SystemRoot%\System32\DRVSTORE ->  [Folder | Modified Date = 1/24/2008 9:30:48 PM | Attr =	]

eeedec1_g.dll -> %SystemRoot%\System32\eeedec1_g.dll ->  [Ver =  | Size = 23 bytes | Modified Date = 1/27/2008 10:01:34 PM | Attr =  HS]

feffdadecc7_g.ocx -> %SystemRoot%\System32\feffdadecc7_g.ocx ->  [Ver =  | Size = 23 bytes | Modified Date = 1/27/2008 10:01:34 PM | Attr =	]

FxsTmp -> %SystemRoot%\System32\FxsTmp ->  [Folder | Modified Date = 1/24/2008 9:26:00 PM | Attr =	]

GroupPolicy -> %SystemRoot%\System32\GroupPolicy ->  [Folder | Modified Date = 1/15/2008 4:44:59 PM | Attr =  H ]

initdebug.nfo -> %SystemRoot%\System32\initdebug.nfo ->  [Ver =  | Size = 45 bytes | Modified Date = 1/24/2008 3:06:41 PM | Attr =	]

PDBootState -> %SystemRoot%\System32\PDBootState ->  [Ver =  | Size = 280 bytes | Modified Date = 1/18/2008 8:33:07 AM | Attr =	]

perfc009.dat -> %SystemRoot%\System32\perfc009.dat ->  [Ver =  | Size = 64064 bytes | Modified Date = 1/23/2008 6:02:45 PM | Attr =	]

perfh009.dat -> %SystemRoot%\System32\perfh009.dat ->  [Ver =  | Size = 405640 bytes | Modified Date = 1/23/2008 6:02:45 PM | Attr =	]

PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI ->  [Ver =  | Size = 477404 bytes | Modified Date = 1/23/2008 6:02:45 PM | Attr =	]

wpa.dbl -> %SystemRoot%\System32\wpa.dbl ->  [Ver =  | Size = 1158 bytes | Modified Date = 2/13/2008 3:42:21 PM | Attr =	]

xfcodec.dll -> %SystemRoot%\System32\xfcodec.dll ->  [Ver = 29825 | Size = 54608 bytes | Modified Date = 1/30/2008 8:02:38 PM | Attr =	]

$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Modified Date = 2/12/2008 12:51:12 PM | Attr =  H ]

1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 

assembly -> %SystemRoot%\assembly ->  [Folder | Modified Date = 1/21/2008 11:32:23 AM | Attr = R S]

ativpsrm.bin -> %SystemRoot%\ativpsrm.bin ->  [Ver =  | Size = 0 bytes | Modified Date = 1/21/2008 11:34:47 AM | Attr =	]

AWMODEM.INF -> %SystemRoot%\AWMODEM.INF ->  [Ver =  | Size = 1071 bytes | Modified Date = 1/23/2008 7:36:30 PM | Attr =	]

bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 2/13/2008 3:41:29 PM | Attr =   S]

Debug -> %SystemRoot%\Debug ->  [Folder | Modified Date = 2/12/2008 3:48:58 PM | Attr =	]

ehome -> %SystemRoot%\ehome ->  [Folder | Modified Date = 1/27/2008 4:24:57 PM | Attr =	]

Help -> %SystemRoot%\Help ->  [Folder | Modified Date = 1/27/2008 4:24:54 PM | Attr =	]

HPHins13.dat -> %SystemRoot%\HPHins13.dat ->  [Ver =  | Size = 130491 bytes | Modified Date = 1/24/2008 9:42:50 PM | Attr =	]

inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 2/12/2008 3:33:33 PM | Attr =  H ]

Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 2/9/2008 12:21:05 PM | Attr =  HS]

iun6002.exe -> %SystemRoot%\iun6002.exe -> Indigo Rose Corporation [Ver = 6.0.0.3 | Size = 720896 bytes | Modified Date = 1/15/2008 2:40:35 PM | Attr =	]

MEDB.mdb -> %SystemRoot%\MEDB.mdb ->  [Ver =  | Size = 1609728 bytes | Modified Date = 2/10/2008 8:59:29 PM | Attr =	]

NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 116 bytes | Modified Date = 2/10/2008 1:33:57 PM | Attr =	]

Performance -> %SystemRoot%\Performance ->  [Folder | Modified Date = 1/15/2008 5:32:22 PM | Attr =	]

Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Modified Date = 2/13/2008 7:36:46 PM | Attr =	]

Registration -> %SystemRoot%\Registration ->  [Folder | Modified Date = 2/13/2008 3:42:06 PM | Attr =	]

security -> %SystemRoot%\security ->  [Folder | Modified Date = 1/21/2008 1:23:55 PM | Attr =	]

SoftwareDistribution -> %SystemRoot%\SoftwareDistribution ->  [Folder | Modified Date = 1/21/2008 9:20:23 PM | Attr =	]

system.ini -> %SystemRoot%\system.ini ->  [Ver =  | Size = 286 bytes | Modified Date = 2/11/2008 3:04:08 PM | Attr =	]

system32 -> %SystemRoot%\system32 ->  [Folder | Modified Date = 2/12/2008 7:31:07 PM | Attr =	]

Tasks -> %SystemRoot%\Tasks ->  [Folder | Modified Date = 1/28/2008 5:48:37 PM | Attr =   S]

Temp -> %SystemRoot%\Temp ->  [Folder | Modified Date = 2/13/2008 7:44:06 PM | Attr =	]

win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 674 bytes | Modified Date = 2/11/2008 3:04:08 PM | Attr =	]

WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Modified Date = 1/24/2008 9:33:09 PM | Attr =	]

AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job ->  [Ver =  | Size = 284 bytes | Modified Date = 2/7/2008 4:03:10 PM | Attr =	]

ipresub.job -> %SystemRoot%\tasks\ipresub.job ->  [Ver =  | Size = 262 bytes | Modified Date = 2/13/2008 7:37:00 PM | Attr =	]

SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 2/13/2008 3:41:37 PM | Attr =  H ]

Scan.job -> %SystemRoot%\tasks\Scan.job ->  [Ver =  | Size = 344 bytes | Modified Date = 2/1/2008 6:30:00 PM | Attr =	]

Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job ->  [Ver =  | Size = 366 bytes | Modified Date = 2/13/2008 7:44:00 PM | Attr =	]

qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat ->  [Ver =  | Size = 8331 bytes | Modified Date = 2/13/2008 3:44:18 PM | Attr =	]

qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat ->  [Ver =  | Size = 7946 bytes | Modified Date = 2/13/2008 3:44:18 PM | Attr =	]

opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat ->  [Ver =  | Size = 11194 bytes | Modified Date = 7/30/2006 7:58:05 AM | Attr =	]

opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat ->  [Ver =  | Size = 8472 bytes | Modified Date = 3/31/2007 4:52:21 PM | Attr =	]

CalMRU.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\CalMRU.dat ->  [Ver =  | Size = 1804 bytes | Modified Date = 11/6/2007 11:30:18 AM | Attr =	]

wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 2/18/2006 6:50:34 PM | Attr =	]

wklntsk1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk1.dat ->  [Ver =  | Size = 166221 bytes | Modified Date = 2/18/2006 8:32:28 PM | Attr =	]

Perflib_Perfdata_9c8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_9c8.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 2/13/2008 3:41:54 PM | Attr =	]

[Files Modified - Additional Folder Scans - Non-Microsoft Only]

ATI -> %AllUsersProfile%\Application Data\ATI ->  [Folder | Modified Date = 1/21/2008 11:35:27 AM | Attr =	]

5 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> 

Hewlett-Packard -> %AllUsersProfile%\Application Data\Hewlett-Packard ->  [Folder | Modified Date = 1/24/2008 9:25:53 PM | Attr =	]

Kaspersky Lab -> %AllUsersProfile%\Application Data\Kaspersky Lab ->  [Folder | Modified Date = 2/13/2008 3:42:19 PM | Attr =	]

Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft ->  [Folder | Modified Date = 1/20/2008 2:04:29 PM | Attr =	]

McAfee -> %AllUsersProfile%\Application Data\McAfee ->  [Folder | Modified Date = 1/28/2008 5:21:06 PM | Attr =	]

Microsoft Corporation -> %AllUsersProfile%\Application Data\Microsoft Corporation ->  [Folder | Modified Date = 1/20/2008 10:30:46 PM | Attr =	]

Protexis -> %AllUsersProfile%\Application Data\Protexis ->  [Folder | Modified Date = 1/15/2008 5:50:39 PM | Attr =	]

Raxco -> %AllUsersProfile%\Application Data\Raxco ->  [Folder | Modified Date = 1/15/2008 5:52:22 PM | Attr =	]

SiteAdvisor -> %AllUsersProfile%\Application Data\SiteAdvisor ->  [Folder | Modified Date = 2/13/2008 6:00:18 PM | Attr =	]

Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy ->  [Folder | Modified Date = 1/20/2008 4:11:31 PM | Attr =	]

WEBREG -> %AllUsersProfile%\Application Data\WEBREG ->  [Folder | Modified Date = 1/24/2008 9:42:50 PM | Attr =	]

LimeWire -> %AppData%\LimeWire ->  [Folder | Modified Date = 2/12/2008 3:48:37 PM | Attr =	]

uTorrent -> %AppData%\uTorrent ->  [Folder | Modified Date = 2/13/2008 4:42:24 PM | Attr =	]

Xfire -> %AppData%\Xfire ->  [Folder | Modified Date = 2/6/2008 7:01:11 PM | Attr =	]

ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory ->  [Folder | Modified Date = 1/27/2008 4:26:56 PM | Attr =	]

IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db ->  [Ver =  | Size = 3793826 bytes | Modified Date = 1/15/2008 5:06:08 PM | Attr =  H ]

Installer2780 -> %UserProfile%\Local Settings\Application Data\Installer2780 ->  [Folder | Modified Date = 2/3/2008 3:29:10 PM | Attr =	]

Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft ->  [Folder | Modified Date = 2/13/2008 4:13:05 PM | Attr =	]

cc_20080127_2141.reg -> %UserProfile%\My Documents\cc_20080127_2141.reg ->  [Ver =  | Size = 739492 bytes | Modified Date = 1/27/2008 9:42:02 PM | Attr =	]

cc_20080127_2200.reg -> %UserProfile%\My Documents\cc_20080127_2200.reg ->  [Ver =  | Size = 28522 bytes | Modified Date = 1/27/2008 10:00:40 PM | Attr =	]

cc_20080212_1530.reg -> %UserProfile%\My Documents\cc_20080212_1530.reg ->  [Ver =  | Size = 37894 bytes | Modified Date = 2/12/2008 3:30:09 PM | Attr =	]

cc_20080212_1549.reg -> %UserProfile%\My Documents\cc_20080212_1549.reg ->  [Ver =  | Size = 1344 bytes | Modified Date = 2/12/2008 3:49:38 PM | Attr =	]

cpuz.cvf -> %UserProfile%\My Documents\cpuz.cvf ->  [Ver =  | Size = 480 bytes | Modified Date = 2/7/2008 4:10:13 PM | Attr =	]

Fax -> %UserProfile%\My Documents\Fax ->  [Folder | Modified Date = 1/23/2008 7:35:56 PM | Attr =	]

hijackthis2 -> %UserProfile%\My Documents\hijackthis2 ->  [Ver =  | Size = 17404 bytes | Modified Date = 1/27/2008 9:23:12 PM | Attr =	]

Internet Folder -> %UserProfile%\My Documents\Internet Folder ->  [Folder | Modified Date = 2/13/2008 7:41:32 PM | Attr =	]

My Music -> %UserProfile%\My Documents\My Music ->  [Folder | Modified Date = 2/13/2008 4:41:49 PM | Attr = R  ]

My Pictures -> %UserProfile%\My Documents\My Pictures ->  [Folder | Modified Date = 2/12/2008 3:33:55 PM | Attr = R  ]

Photoshop -> %UserProfile%\My Documents\Photoshop ->  [Folder | Modified Date = 2/3/2008 3:24:43 PM | Attr =	]

windiag.iso -> %UserProfile%\My Documents\windiag.iso ->  [Ver =  | Size = 305152 bytes | Modified Date = 1/24/2008 3:40:07 PM | Attr =	]

WinPFind35u -> %UserProfile%\Desktop\WinPFind35u ->  [Folder | Modified Date = 2/13/2008 7:41:41 PM | Attr =	]

WinPFind35u.exe -> %UserProfile%\Desktop\WinPFind35u.exe ->  [Ver =  | Size = 480325 bytes | Modified Date = 2/13/2008 7:41:21 PM | Attr =	]

Folding@Home 5.03.lnk -> %UserProfile%\Start Menu\Programs\Startup\Folding@Home 5.03.lnk ->  [Ver =  | Size = 573 bytes | Modified Date = 2/10/2008 10:15:53 PM | Attr =	]

Raxco -> %CommonProgramFiles%\Raxco ->  [Folder | Modified Date = 1/15/2008 5:52:22 PM | Attr =	]

Symantec Shared -> %CommonProgramFiles%\Symantec Shared ->  [Folder | Modified Date = 1/27/2008 9:16:18 PM | Attr =	]

Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard ->  [Folder | Modified Date = 1/20/2008 2:03:43 PM | Attr =	]



< End of report >


#10 Master_Shake

Master_Shake
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Tx
  • Local time:05:15 PM

Posted 13 February 2008 - 09:16 PM

Also, after the ATF cleaner, in forums part of the website I can only see text
This is also happening at bungie.net

#11 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 13 February 2008 - 11:26 PM

Hi Master_Shake. The only thing interesting I see in the log are the two files listed below. Let's hae them checked out.

We need to make sure all hidden files are showing so please:
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck the Hide file extensions for known types option.
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
Go to the Jotti's malware scan page and use the buttons at the top of the page to browse to this file(s) on your hard drive to submit for a scan:
c:\windows\System32\eeedec1_g.dll
c:\windows\System32\feffdadecc7_g.ocx

Several scanning engines will be used to check the file for any threats. Please post the results of the scans back here.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#12 Master_Shake

Master_Shake
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Tx
  • Local time:05:15 PM

Posted 13 February 2008 - 11:51 PM

File: eeedec1_g.dll
Status:
OK
MD5: 16ce6acca7f07d5fc69856f718064b76
Packers detected:
-
Bit9 reports: File not found
Scanner results
Scan taken on 14 Feb 2008 04:45:40 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

File: feffdadecc7_g.ocx
Status:
OK
MD5: 7a961777c317bfee55d94c15c7840006
Packers detected:
-
Bit9 reports: File not found
Scanner results
Scan taken on 14 Feb 2008 04:49:17 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

#13 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 14 February 2008 - 12:07 AM

Hi Master_Shake. Looks like they are Ok. Have no idea what the are and they are only 23 bytes each. Strange files.

I talked to the developer of ATF-Cleaner about the graphics issue. He said that that can happen if the browser is open when ATF-Cleaner is run. To fix it, close all browsers and runthe program again. Then everything should be fine. I'll have to update my directions I guess lol.

What about the freezeups? If they are still occurring it does not appear to be related to any malware issues. If that is the case then I would suggest posting to the Windows XP Home and Professional forum.

The techs in that forum specialize in matters pertaining to the operating system, performance and applications. Let them know that you have been to this forum and that no malware was found.

When posting to any other forum, do not post a HijackThis log or the post will simply be moved back to this forum for infection analysis. That is what HijackThis is used for and that is what we specialize in here in this forum.

Also, when posting in any other forum for assistance, give as much detail as possible regarding any issues that are occurring. The more information they have, the better the techs can analyze the issue and make any recommendations for resolving it.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#14 Master_Shake

Master_Shake
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, Tx
  • Local time:05:15 PM

Posted 14 February 2008 - 09:45 AM

Ok, Thank you for your time OldTimer. Much appreciated.

#15 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 14 February 2008 - 12:15 PM

You are welcome Master_Shake. I will now close this topic. If you have any malware related issues in the future please start a new topic.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users