OTScanIt logfile created on: 8/15/2008 12:00:28 AM
OTScanIt by OldTimer - Version 1.0.16.2 Folder = C:\Documents and Settings\Me\Desktop\OTScanIt
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.40 Mb Total Physical Memory | 517.75 Mb Available Physical Memory | 50.59% Memory free
2.40 Gb Paging File | 2.02 Gb Available in Paging File | 84.11% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.83 Gb Total Space | 2.75 Gb Free Space | 3.94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BRANDON
Current User Name: Me
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
[Processes - Non-Microsoft Only]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4107 | Size = 405504 bytes | Modified Date = 12/3/2004 10:32:34 PM | Attr = ]
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 9, 0, 1, 12 | Size = 86016 bytes | Modified Date = 9/7/2004 11:02:40 AM | Attr = ]
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 9, 0, 1, 41 | Size = 360521 bytes | Modified Date = 9/7/2004 11:05:10 AM | Attr = ]
wlkeeper.exe -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> Intel® Corporation [Ver = 9, 0, 1, 14 | Size = 225353 bytes | Modified Date = 9/7/2004 11:12:32 AM | Attr = ]
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 10:42:38 AM | Attr = ]
nicconfigsvc.exe -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> Dell Inc. [Ver = 1, 0, 0, 1 | Size = 356352 bytes | Modified Date = 3/3/2005 6:29:02 PM | Attr = ]
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 9, 0, 1, 10 | Size = 139264 bytes | Modified Date = 9/7/2004 11:02:04 AM | Attr = ]
wwsecure.exe -> %SystemRoot%\system32\wwSecure.exe -> Webroot Software, Inc. [Ver = 6.0.1.2 | Size = 487936 bytes | Modified Date = 4/20/2005 8:34:12 AM | Attr = ]
zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe -> Intel Corporation [Ver = 9, 0, 1, 45 | Size = 389120 bytes | Modified Date = 9/7/2004 11:08:02 AM | Attr = ]
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4107 | Size = 405504 bytes | Modified Date = 12/3/2004 10:32:34 PM | Attr = ]
1xconfig.exe -> %ProgramFiles%\Intel\Wireless\Bin\1XConfig.exe -> Intel [Ver = 9, 0, 1, 33 | Size = 245760 bytes | Modified Date = 9/7/2004 11:03:40 AM | Attr = ]
jusched.exe -> %ProgramFiles%\Java\j2re1.4.2_03\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 11/19/2003 12:48:14 PM | Attr = ]
apoint.exe -> %ProgramFiles%\Apoint\Apoint.exe -> Alps Electric Co., Ltd. [Ver = 5.5.101.141 | Size = 155648 bytes | Modified Date = 9/13/2004 11:33:20 AM | Attr = ]
ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe -> Intel Corporation [Ver = 9, 0, 1, 19 | Size = 385024 bytes | Modified Date = 10/30/2004 9:59:54 AM | Attr = ]
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5125 | Size = 344064 bytes | Modified Date = 12/3/2004 4:00:00 PM | Attr = ]
quickset.exe -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> [Ver = 1, 0, 0, 1 | Size = 606208 bytes | Modified Date = 3/4/2005 6:26:08 AM | Attr = ]
dvdlauncher.exe -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 53248 bytes | Modified Date = 2/23/2005 11:19:56 AM | Attr = ]
issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 11:50:18 AM | Attr = ]
apntex.exe -> %ProgramFiles%\Apoint\ApntEx.exe -> Alps Electric Co., Ltd. [Ver = 5.5.1.19 | Size = 45056 bytes | Modified Date = 8/19/2004 9:40:08 AM | Attr = ]
e_fatiada.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\E_FATIADA.EXE -> SEIKO EPSON CORPORATION [Ver = 4.00 | Size = 98304 bytes | Modified Date = 2/1/2005 5:00:00 PM | Attr = ]
zlclient.exe -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 6.5.722.000 | Size = 968696 bytes | Modified Date = 6/18/2006 2:54:48 PM | Attr = ]
directcd.exe -> %ProgramFiles%\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe -> Roxio [Ver = 5.2.0.91 | Size = 679936 bytes | Modified Date = 4/10/2002 1:44:04 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.1.45 | Size = 185896 bytes | Modified Date = 5/27/2008 7:55:08 AM | Attr = ]
dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/28/2003 10:06:00 PM | Attr = ]
vsmon.exe -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 6.5.722.000 | Size = 75768 bytes | Modified Date = 6/18/2006 2:54:46 PM | Attr = ]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.12: 2008020121 | Size = 7655024 bytes | Modified Date = 2/8/2008 6:02:45 PM | Attr = ]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 7/12/2008 9:29:54 AM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> [Ver = 2.41.000 | Size = 68096 bytes | Modified Date = 11/21/2005 6:23:39 PM | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4107 | Size = 405504 bytes | Modified Date = 12/3/2004 10:32:34 PM | Attr = ]
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 10:42:38 AM | Attr = ]
(CAISafe) CA ISafe [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\ZoneLabs\isafe.exe -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 188416 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/10/2004 | Attr = ]
(DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [Ver = 1, 0, 0, 8 | Size = 76848 bytes | Modified Date = 3/7/2007 12:47:46 PM | Attr = ]
(EvtEng) EvtEng [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 9, 0, 1, 12 | Size = 86016 bytes | Modified Date = 9/7/2004 11:02:40 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/3/2005 9:41:10 PM | Attr = ]
(NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> Dell Inc. [Ver = 1, 0, 0, 1 | Size = 356352 bytes | Modified Date = 3/3/2005 6:29:02 PM | Attr = ]
(RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 9, 0, 1, 10 | Size = 139264 bytes | Modified Date = 9/7/2004 11:02:04 AM | Attr = ]
(S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 9, 0, 1, 41 | Size = 360521 bytes | Modified Date = 9/7/2004 11:05:10 AM | Attr = ]
(vsmon) TrueVector Internet Monitor [Win32_Own | On_Demand | Running] -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 6.5.722.000 | Size = 75768 bytes | Modified Date = 6/18/2006 2:54:46 PM | Attr = ]
(WLANKEEPER) WLANKEEPER [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> Intel® Corporation [Ver = 9, 0, 1, 14 | Size = 225353 bytes | Modified Date = 9/7/2004 11:12:32 AM | Attr = ]
(wwSecSvc) Washer AutoComplete [Win32_Own | Auto | Running] -> %SystemRoot%\system32\wwSecure.exe -> Webroot Software, Inc. [Ver = 6.0.1.2 | Size = 487936 bytes | Modified Date = 4/20/2005 8:34:12 AM | Attr = ]
[Driver Services - Non-Microsoft Only]
(a347bus) a347bus [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\a347bus.sys -> [Ver = 3.47.0.0 built by: WinDDK | Size = 160640 bytes | Modified Date = 4/30/2004 6:37:02 AM | Attr = ]
(a347scsi) a347scsi [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\a347scsi.sys -> [Ver = 3.47.0.0 built by: WinDDK | Size = 5248 bytes | Modified Date = 4/30/2004 6:33:00 AM | Attr = ]
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.1.0.1 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.1.0.1 | Size = 17056 bytes | Modified Date = 9/7/2005 8:30:49 AM | Attr = ]
(AliIde) AliIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 8/17/2001 8:51:56 AM | Attr = ]
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\AMDAGP.SYS -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 8/3/2004 6:07:44 PM | Attr = ]
(ApfiltrService) Alps Touch Pad Filter Driver for Windows 2000/XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Apfiltr.sys -> Alps Electric Co., Ltd. [Ver = 5.5.1.271 | Size = 108791 bytes | Modified Date = 11/16/2004 11:03:52 AM | Attr = ]
(APPDRV) APPDRV [Kernel | System | Running] -> %SystemRoot%\system32\drivers\APPDRV.SYS -> Dell Inc [Ver = 1, 0, 1, 1 | Size = 16128 bytes | Modified Date = 8/18/2004 9:53:54 AM | Attr = ]
(asc) asc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 8/17/2001 8:52:00 AM | Attr = ]
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 8/17/2001 8:51:58 AM | Attr = ]
(Aspi32) Aspi32 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ASPI32.SYS -> Adaptec [Ver = 4.71 (0002) built by: WinDDK | Size = 16512 bytes | Modified Date = 11/20/2005 7:48:21 PM | Attr = ]
(atapi) Standard IDE/ESDI Hard Disk Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\atapi.sys -> [Ver = | Size = 95360 bytes | Modified Date = 8/3/2004 7:59:44 PM | Attr = ]
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6483 | Size = 800768 bytes | Modified Date = 12/3/2004 10:34:26 PM | Attr = ]
(atirage3) atirage3 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\atimpae.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 75136 bytes | Modified Date = 8/17/2001 9:49:00 AM | Attr = ]
(bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\bcm4sbxp.sys -> Broadcom Corporation [Ver = 4.25.0.0 built by: WinDDK | Size = 44928 bytes | Modified Date = 5/26/2004 3:18:18 PM | Attr = ]
(Cdr4_xp) Cdr4_xp [Kernel | System | Running] -> %SystemRoot%\System32\drivers\cdr4_xp.sys -> Roxio [Ver = 5.2.0.91 | Size = 59440 bytes | Modified Date = 3/17/2008 8:52:57 AM | Attr = ]
(Cdralw2k) Cdralw2k [Kernel | System | Running] -> %SystemRoot%\System32\drivers\cdralw2k.sys -> Roxio [Ver = 5.2.0.91 | Size = 23724 bytes | Modified Date = 3/17/2008 8:52:57 AM | Attr = ]
(cdudf_xp) cdudf_xp [File_System | System | Running] -> %SystemRoot%\System32\drivers\cdudf_xp.sys -> Roxio [Ver = 5.2.0.91 built by: WinDDK | Size = 236032 bytes | Modified Date = 4/10/2002 1:48:04 PM | Attr = ]
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 8/17/2001 8:51:54 AM | Attr = ]
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 8/17/2001 8:52:16 AM | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 8/10/2004 | Attr = ]
(dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 8/10/2004 | Attr = ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/10/2004 | Attr = ]
(DSproct) DSproct [Kernel | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\GTAction\triggers\DSproct.sys -> Gteko Ltd. [Ver = 2, 0, 0, 30 | Size = 4736 bytes | Modified Date = 10/5/2006 1:07:28 PM | Attr = ]
(dsunidrv) DellSupport UniDriver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\dsunidrv.sys -> Gteko Ltd. [Ver = 1, 0, 0, 12 | Size = 5376 bytes | Modified Date = 2/25/2007 9:10:48 AM | Attr = S]
(dvd_2K) dvd_2K [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\drivers\Dvd_2k.sys -> Roxio [Ver = 5.2.0.91 | Size = 24554 bytes | Modified Date = 4/10/2002 2:01:12 PM | Attr = ]
(E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Modified Date = 8/17/2001 7:12:10 AM | Attr = ]
(GoProto) GoProto Protocol Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\goprot51.sys -> Gteko Ltd. [Ver = 2, 1, 0, 21 | Size = 29184 bytes | Modified Date = 1/6/2008 10:53:11 AM | Attr = ]
(HSFHWICH) HSFHWICH [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWICH.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 200064 bytes | Modified Date = 6/17/2004 3:57:02 PM | Attr = ]
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> Conexant Systems, Inc. [Ver = 7.12.09 | Size = 1041536 bytes | Modified Date = 6/17/2004 3:55:04 PM | Attr = ]
(IWCA) Intel Wireless Connection Agent Miniport for Win XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\iwca.sys -> Intel Corporation [Ver = 9.00.0.17 built by: WinDDK | Size = 234496 bytes | Modified Date = 8/12/2004 3:44:04 AM | Attr = ]
(Jukebox) Jukebox [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ctpdusb2.sys -> Creative Technology Ltd. [Ver = 1.02.03.00 | Size = 16752 bytes | Modified Date = 9/28/2004 10:02:00 PM | Attr = ]
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 13059 bytes | Modified Date = 3/17/2004 1:04:14 PM | Attr = ]
(mmc_2K) mmc_2K [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\Mmc_2k.sys -> Roxio [Ver = 5.2.0.91 | Size = 29638 bytes | Modified Date = 4/10/2002 2:01:00 PM | Attr = ]
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 8/17/2001 8:52:12 AM | Attr = ]
(nv) nv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.5673 | Size = 1897408 bytes | Modified Date = 8/3/2004 5:29:56 PM | Attr = ]
(omci) OMCI WDM Device Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\omci.sys -> Dell Inc [Ver = 7, 1, 382, 0 | Size = 17153 bytes | Modified Date = 2/13/2004 11:46:00 AM | Attr = ]
(pfc) Padus ASPI Shell [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\pfc.sys -> Padus, Inc. [Ver = 2, 5, 0, 204 | Size = 21248 bytes | Modified Date = 9/19/2003 12:45:48 PM | Attr = ]
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/10/2004 | Attr = ]
(pwd_2k) pwd_2k [Kernel | System | Running] -> %SystemRoot%\System32\drivers\pwd_2K.sys -> Roxio [Ver = 5.2.0.91 | Size = 117898 bytes | Modified Date = 4/10/2002 2:00:44 PM | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Stopped] -> %SystemRoot%\System32\Drivers\PxHelp20.sys -> File not found
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 8/17/2001 8:52:20 AM | Attr = ]
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 8/17/2001 8:52:20 AM | Attr = ]
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 8/17/2001 8:52:18 AM | Attr = ]
(RioS30) RioS30S driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\RioS30.sys -> SonicBlue Inc. [Ver = 1.0.2.7 | Size = 12661 bytes | Modified Date = 11/7/2002 3:49:42 AM | Attr = R ]
(s24trans) WLAN Transport [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\s24trans.sys -> Intel Corporation [Ver = 9, 0, 0, 3 | Size = 11354 bytes | Modified Date = 8/31/2004 3:53:04 AM | Attr = ]
(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 11/13/2007 12:25:53 AM | Attr = ]
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\SISAGP.SYS -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 8/3/2004 6:07:44 PM | Attr = ]
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 8/17/2001 9:07:44 AM | Attr = ]
(srescan) srescan [Kernel | Boot | Running] -> %SystemRoot%\system32\ZoneLabs\srescan.sys -> Zone Labs, LLC [Ver = 5, 0, 189, 0 | Size = 51176 bytes | Modified Date = 12/28/2007 7:53:12 PM | Attr = ]
(STAC97) SigmaTel C-Major Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\STAC97.sys -> SigmaTel, Inc. [Ver = 5.10.4255 | Size = 273168 bytes | Modified Date = 3/10/2005 5:56:06 PM | Attr = ]
(symc810) symc810 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 8/17/2001 9:07:34 AM | Attr = ]
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 8/17/2001 9:07:36 AM | Attr = ]
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 8/17/2001 9:07:40 AM | Attr = ]
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 8/17/2001 9:07:42 AM | Attr = ]
(UdfReadr_xp) UdfReadr_xp [File_System | System | Running] -> %SystemRoot%\System32\drivers\udfreadr_xp.sys -> Roxio [Ver = 5.2.0.91 built by: WinDDK | Size = 206336 bytes | Modified Date = 4/10/2002 1:45:16 PM | Attr = ]
(ultra) ultra [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 8/17/2001 8:52:22 AM | Attr = ]
(VET-FILT) VET File System Filter [Kernel | System | Running] -> %SystemRoot%\System32\drivers\vet-filt.sys -> [Ver = | Size = 21605 bytes | Modified Date = 5/13/2005 3:53:24 PM | Attr = ]
(VET-REC) VET File System Recognizer [Kernel | System | Running] -> %SystemRoot%\System32\drivers\vet-rec.sys -> [Ver = | Size = 15668 bytes | Modified Date = 5/13/2005 3:53:24 PM | Attr = ]
(VETFDDNT) VET Floppy Boot Sector Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\vetfddnt.sys -> Computer Associates International, Inc. [Ver = 31.1.0.0 | Size = 114856 bytes | Modified Date = 10/18/2007 9:00:45 AM | Attr = ]
(VETMONNT) VET File and Macro Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\vetmonnt.sys -> Computer Associates International, Inc. [Ver = 31.1.0.0 | Size = 896472 bytes | Modified Date = 10/18/2007 9:00:45 AM | Attr = ]
(vsdatant) vsdatant [Kernel | On_Demand | Running] -> %SystemRoot%\system32\vsdatant.sys -> Zone Labs, LLC [Ver = 6.5.722.000 | Size = 394872 bytes | Modified Date = 6/18/2006 2:54:58 PM | Attr = ]
(w29n51) Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\w29n51.sys -> Intel® Corporation [Ver = 9000-61 Driver | Size = 3210496 bytes | Modified Date = 10/21/2004 3:56:04 PM | Attr = ]
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wanatw4.sys -> File not found
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> Conexant Systems, Inc. [Ver = 7.12.09 built by: WinDDK | Size = 685056 bytes | Modified Date = 6/17/2004 3:55:38 PM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
-> [] -> File not found
AdaptecDirectCD -> %ProgramFiles%\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe ["C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"] -> Roxio [Ver = 5.2.0.91 | Size = 679936 bytes | Modified Date = 4/10/2002 1:44:04 PM | Attr = ]
Apoint -> %ProgramFiles%\Apoint\Apoint.exe [C:\Program Files\Apoint\Apoint.exe] -> Alps Electric Co., Ltd. [Ver = 5.5.101.141 | Size = 155648 bytes | Modified Date = 9/13/2004 11:33:20 AM | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe [C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] -> ATI Technologies, Inc. [Ver = 6.14.10.5125 | Size = 344064 bytes | Modified Date = 12/3/2004 4:00:00 PM | Attr = ]
Auto EPSON Stylus CX4600 Series on BIGB -> %SystemRoot%\system32\spool\drivers\w32x86\3\E_FATI9AA.EXE [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P39 "Auto EPSON Stylus CX4600 Series on BIGB" /O14 "\\BIGB\Printer" /M "Stylus CX4600"] -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 98304 bytes | Modified Date = 3/4/2004 1:00:00 AM | Attr = ]
BM77a82fad -> %SystemRoot%\system32\hbekpapq.dll [Rundll32.exe "C:\WINDOWS\system32\hbekpapq.dll",s] -> [Ver = | Size = 93696 bytes | Modified Date = 7/9/2008 10:29:44 PM | Attr = ]
Dell QuickSet -> %ProgramFiles%\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [Ver = 1, 0, 0, 1 | Size = 606208 bytes | Modified Date = 3/4/2005 6:26:08 AM | Attr = ]
DIGStream -> %ProgramFiles%\DIGStream\digstream.exe [C:\Program Files\DIGStream\digstream.exe] -> File not found
DVDLauncher -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe ["C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"] -> CyberLink Corp. [Ver = 3.00.0000 | Size = 53248 bytes | Modified Date = 2/23/2005 11:19:56 AM | Attr = ]
EPSON Stylus CX4600 Series -> %SystemRoot%\system32\spool\drivers\w32x86\3\E_FATI9AA.EXE [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"] -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 98304 bytes | Modified Date = 3/4/2004 1:00:00 AM | Attr = ]
EPSON Stylus CX4800 Series -> %SystemRoot%\system32\spool\drivers\w32x86\3\E_FATIADA.EXE [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE /P26 "EPSON Stylus CX4800 Series" /O6 "USB002" /M "Stylus CX4800"] -> SEIKO EPSON CORPORATION [Ver = 4.00 | Size = 98304 bytes | Modified Date = 2/1/2005 5:00:00 PM | Attr = ]
IntelWireless -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe [C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless] -> Intel Corporation [Ver = 9, 0, 1, 19 | Size = 385024 bytes | Modified Date = 10/30/2004 9:59:54 AM | Attr = ]
ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 221184 bytes | Modified Date = 7/27/2004 11:50:42 AM | Attr = ]
ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 11:50:18 AM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 10/25/2006 4:58:18 PM | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\j2re1.4.2_03\bin\jusched.exe [C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe] -> [Ver = | Size = 32881 bytes | Modified Date = 11/19/2003 12:48:14 PM | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> RealNetworks, Inc. [Ver = 0.1.1.45 | Size = 185896 bytes | Modified Date = 5/27/2008 7:55:08 AM | Attr = ]
Transcode360 -> %ProgramFiles%\Transcode360\Transcode360Tray.exe [C:\Program Files\Transcode360\Transcode360Tray.exe] -> [Ver = 1.4.1.0 | Size = 192512 bytes | Modified Date = 5/2/2006 7:01:30 AM | Attr = ]
Zone Labs Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe ["C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"] -> Zone Labs, LLC [Ver = 6.5.722.000 | Size = 968696 bytes | Modified Date = 6/18/2006 2:54:48 PM | Attr = ]
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Aim6 -> %ProgramFiles%\AIM6\aim6.exe ["C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp] -> AOL LLC [Ver = 1.4.9.1 | Size = 50736 bytes | Modified Date = 11/7/2006 5:29:02 AM | Attr = ]
DellSupport -> %ProgramFiles%\DellSupport\DSAgnt.exe ["C:\Program Files\DellSupport\DSAgnt.exe" /startup] -> Gteko Ltd. [Ver = 3, 0, 0, 197 | Size = 460784 bytes | Modified Date = 3/15/2007 8:09:36 AM | Attr = ]
EasyLinkAdvisor -> %ProgramFiles%\Linksys EasyLink Advisor\LinksysAgent.exe ["C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup] -> Linksys, a Division of Cisco Systems, Inc. [Ver = 2, 1, 3, 162 | Size = 389120 bytes | Modified Date = 4/2/2006 6:07:44 PM | Attr = ]
Window Washer -> %ProgramFiles%\Webroot\Washer\wwDisp.exe [C:\Program Files\Webroot\Washer\wwDisp.exe] -> Webroot Software [Ver = 6.0.5.409 | Size = 894464 bytes | Modified Date = 4/20/2005 8:44:28 AM | Attr = ]
< RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
FlashPlayerUpdate -> %SystemRoot%\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p] -> Adobe Systems, Inc. [Ver = 9,0,47,0 | Size = 190696 bytes | Modified Date = 6/11/2007 10:34:40 AM | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 11/4/1999 1:06:48 PM | Attr = ]
%AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/28/2003 10:06:00 PM | Attr = ]
%AllUsersProfile%\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk -> %CommonProgramFiles%\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> Intuit, Inc. [Ver = 15.0 R2 | Size = 806912 bytes | Modified Date = 11/11/2004 6:59:36 AM | Attr = ]
< Me Startup Folder > -> C:\Documents and Settings\Me\Start Menu\Programs\Startup ->
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
ksznnl.dll -> -> File not found
*MultiFile Done* -> ->
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Size = 1033216 bytes | Modified Date = 6/13/2007 12:23:07 AM | Attr = ]
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 8/10/2004 | Attr = ]
*MultiFile Done* -> ->
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost ->
logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 514560 bytes | Modified Date = 8/10/2004 | Attr = ]
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 10/25/2007 5:34:01 PM | Attr = ]
Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Modified Date = 8/10/2004 | Attr = ]
*MultiFile Done* -> ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4107 | Size = 90112 bytes | Modified Date = 12/3/2004 10:32:40 PM | Attr = ]
IntelWireless -> %ProgramFiles%\Intel\Wireless\Bin\LgNotify.dll -> Intel Corporation [Ver = 9, 0, 1, 0 | Size = 110592 bytes | Modified Date = 9/7/2004 11:08:06 AM | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> %SystemRoot%\Resources\Themes\Royale\Royale.mss [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> %SystemRoot%\Resources\Themes\Royale.the [C:\WINDOWS\Resources\Themes\Royale.theme] -> File not found
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
*DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup ->
SCSI miniport -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 8/10/2004 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 ->
*AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable ->
NEC MBR-7 -> -> File not found
NEC MBR-7.4 -> -> File not found
PIONEER CHANGR DRM-1804X -> -> File not found
PIONEER CD-ROM DRM-6324X -> -> File not found
PIONEER CD-ROM DRM-624X -> -> File not found
TORiSAN CD-ROM CDR_C36 -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomSONY_DVD+-RW_DW-D56A____________________PDS7____\5&2a87b71a&3&0.0.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> SCSI\CdRom&Ven_AXV&Prod_CD/DVD-ROM&Rev_2.2a\2&20c8176e&0&000 ->
< Drives - Autoruns > -> ->
AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 0 bytes | Modified Date = 8/19/2004 11:07:14 AM | Attr = ]
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page ->
http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Start Page ->
http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Default_Page_URL ->
http://www.dell4me.com/myway ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page ->
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page ->
http://yahoo.com/ ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
HKEY_CURRENT_USER\: ProxyOverride -> *.local ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
2887 domain(s) found. ->
90 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 1771 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 39 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] -> [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 3/2/2001 9:02:04 AM | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{BA52B914-B692-46c4-B683-905236F6F655} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Sun Java Console] -> File not found
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}:Exec -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.3861 | Size = 67160 bytes | Modified Date = 8/5/2005 12:08:26 PM | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> [Sun Java Console] -> File not found
CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.3861 | Size = 67160 bytes | Modified Date = 8/5/2005 12:08:26 PM | Attr = ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{3032B695-4550-4B5D-BBD2-1B19C0A6CE65} -> (Intel(R) PRO/Wireless 2915ABG Network Connection) ->
{3163DDC9-5773-4411-B47C-DD2D3B6A5107} -> (Broadcom 440x 10/100 Integrated Controller) ->
{467B3CC5-0E17-46DE-A72B-CEA133E4419C} -> (1394 Net Adapter) ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 94208 bytes | Modified Date = 2/28/2006 10:42:30 AM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000001 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000002 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000003 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000004 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000005 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000006 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000007 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000008 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000009 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000010 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000011 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000012 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000013 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000014 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000015 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000016 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000017 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000018 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
Protocol_Catalog9\Catalog_Entries\000000000019 -> %SystemRoot%\system32\ZoneLabs\vetredir.dll -> Computer Associates International, Inc. [Ver = Version 10.67.0.0 | Size = 57344 bytes | Modified Date = 6/23/2005 2:16:02 PM | Attr = ]
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0A5FD7C5-A45C-49FC-ADB5-9952547D5715}[HKEY_LOCAL_MACHINE] -> http://www.creative.com/su/ocx/15031/CTSUEng.cab[Creative Software AutoUpdate] ->
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}[HKEY_LOCAL_MACHINE] -> http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab[Reg Error: Key does not exist or could not be opened.] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2_03] ->
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}[HKEY_LOCAL_MACHINE] -> http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab[Reg Error: Key does not exist or could not be opened.] ->
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab[Java Plug-in 1.4.2_03] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] ->
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CTSUEng.ocx\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CTSUEng.ocx\\.Owner -> {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CTSUEng.ocx\\{0A5FD7C5-A45C-49FC-ADB5-9952547D5715} -> ->
[Files/Folders - Created Within 30 days]
[Files/Folders - Modified Within 30 days]
327882R2FWJFW -> %SystemDrive%\327882R2FWJFW -> [Folder | Modified Date = 8/7/2008 5:30:35 PM | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1073180672 bytes | Modified Date = 8/14/2008 9:33:58 AM | Attr = HS]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 8/14/2008 7:27:22 AM | Attr = ]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Modified Date = 7/30/2008 8:07:52 PM | Attr = ]
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> Malwarebytes Corporation [Ver = 1.00 | Size = 38472 bytes | Modified Date = 7/30/2008 8:07:56 PM | Attr = ]
vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml -> [Ver = | Size = 51625 bytes | Modified Date = 8/14/2008 7:27:46 AM | Attr = H ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 8/14/2008 7:26:00 AM | Attr = ]
BM77a82fad.xml -> %SystemRoot%\BM77a82fad.xml -> [Ver = | Size = 111587 bytes | Modified Date = 8/14/2008 11:58:04 PM | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 8/14/2008 9:34:01 AM | Attr = S]
Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 8/14/2008 11:57:04 PM | Attr = ]
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 8/15/2008 12:00:01 AM | Attr = ]
pskt.ini -> %SystemRoot%\pskt.ini -> [Ver = | Size = 22 bytes | Modified Date = 8/14/2008 7:26:23 AM | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 8/14/2008 9:34:27 AM | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 8/14/2008 7:27:19 AM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 8/14/2008 9:34:06 AM | Attr = H ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 9/7/2005 8:52:24 AM | Attr = ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 5524 bytes | Modified Date = 6/27/2008 9:48:48 PM | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 5524 bytes | Modified Date = 6/27/2008 9:48:48 PM | Attr = ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data -> [Folder | Modified Date = 4/17/2007 1:58:26 PM | Attr = ]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1394 bytes | Modified Date = 3/9/2007 12:42:05 PM | Attr = ]
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\opa12.dat -> [Ver = | Size = 8206 bytes | Modified Date = 4/17/2007 1:58:26 PM | Attr = ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works -> [Folder | Modified Date = 4/17/2007 9:15:17 AM | Attr = ]
wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat -> [Ver = | Size = 16384 bytes | Modified Date = 10/24/2005 6:48:13 AM | Attr = ]
C:\Documents and Settings\Me\Local Settings\Temp\Cookies\ -> C:\Documents and Settings\Me\Local Settings\Temp\Cookies -> [Folder | Modified Date = 7/23/2006 6:09:38 PM | Attr = S]
index.dat -> C:\Documents and Settings\Me\Local Settings\Temp\Cookies\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 5/1/2006 10:05:21 PM | Attr = ]
C:\Documents and Settings\Me\Local Settings\Temp\History\History.IE5\ -> C:\Documents and Settings\Me\Local Settings\Temp\History\History.IE5\ -> [Folder | Modified Date = 7/23/2006 6:09:42 PM | Attr = S]
index.dat -> C:\Documents and Settings\Me\Local Settings\Temp\History\History.IE5\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 5/1/2006 10:05:21 PM | Attr = ]
C:\Documents and Settings\Me\Local Settings\Temp\Temporary Internet Files\Content.IE5\ -> C:\Documents and Settings\Me\Local Settings\Temp\Temporary Internet Files\Content.IE5\ -> [Folder | Modified Date = 7/23/2006 6:09:54 PM | Attr = S]
index.dat -> C:\Documents and Settings\Me\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat -> [Ver = | Size = 81920 bytes | Modified Date = 5/1/2006 10:05:21 PM | Attr = ]
C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 8/14/2008 7:27:19 AM | Attr = ]
Perflib_Perfdata_310.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_310.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/14/2008 9:34:24 AM | Attr = ]
4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
C:\WINDOWS\Temp\Cookies\ -> C:\WINDOWS\Temp\Cookies -> [Folder | Modified Date = 9/13/2005 9:59:56 AM | Attr = HS]
index.dat -> C:\WINDOWS\Temp\Cookies\index.dat -> [Ver = | Size = 16384 bytes | Modified Date = 5/25/2008 6:11:03 PM | Attr = ]
C:\WINDOWS\Temp\History\History.IE5\ -> C:\WINDOWS\Temp\History\History.IE5\ -> [Folder | Modified Date = 5/30/2008 9:08:29 PM | Attr = HS]
index.dat -> C:\WINDOWS\Temp\History\History.IE5\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 5/25/2008 6:11:03 PM | Attr = ]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> [Folder | Modified Date = 5/30/2008 9:08:29 PM | Attr = HS]
index.dat -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat -> [Ver = | Size = 49152 bytes | Modified Date = 5/25/2008 6:11:03 PM | Attr = ]
< End of report >
