OTScanIt logfile created on: 8/24/2008 7:14:44 PM
OTScanIt by OldTimer - Version 1.0.16.2 Folder = C:\Documents and Settings\Tom Jr\Desktop\OTScanIt
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.37 Mb Total Physical Memory | 351.35 Mb Available Physical Memory | 34.64% Memory free
2.38 Gb Paging File | 1.84 Gb Available in Paging File | 77.32% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.00 Gb Total Space | 83.56 Gb Free Space | 79.58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 5.46 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 1.90 Gb Total Space | 0.12 Gb Free Space | 6.41% Space Free | Partition Type: FAT
Drive G: | 149.01 Gb Total Space | 112.09 Gb Free Space | 75.23% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DJDKK5C1
Current User Name: Tom Jr
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
[Processes - Non-Microsoft Only]
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 10.5.1.21 | Size = 434176 bytes | Modified Date = 10/18/2006 6:05:18 PM | Attr = ]
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 10.5.1.3 | Size = 946176 bytes | Modified Date = 10/18/2006 5:56:52 PM | Attr = ]
wlkeeper.exe -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> Intel(R) Corporation [Ver = 10.5.1.5 | Size = 290816 bytes | Modified Date = 10/18/2006 6:01:34 PM | Attr = ]
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 7/19/2008 7:25:06 AM | Attr = ]
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 7/19/2008 7:38:28 AM | Attr = ]
photoshopelementsfileagent.exe -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -> [Ver = | Size = 102400 bytes | Modified Date = 10/3/2005 1:04:04 PM | Attr = ]
aolacsd.exe -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> AOL LLC [Ver = 4.6.1.2 | Size = 46640 bytes | Modified Date = 10/23/2006 5:50:35 AM | Attr = R ]
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 12:42:38 PM | Attr = ]
googleupdaterservice.exe -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.2.824.5515.beta | Size = 138680 bytes | Modified Date = 8/15/2007 10:06:01 AM | Attr = ]
hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 77824 bytes | Modified Date = 12/13/2005 8:41:08 AM | Attr = ]
igfxsrvc.exe -> %SystemRoot%\system32\igfxsrvc.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 159744 bytes | Modified Date = 12/13/2005 8:41:00 AM | Attr = ]
igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> Intel Corporation [Ver = 3.0.0.4446 | Size = 118784 bytes | Modified Date = 12/13/2005 8:45:00 AM | Attr = ]
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 8.2.4.6 08Mar06 | Size = 761947 bytes | Modified Date = 3/8/2006 5:48:02 PM | Attr = ]
stsystra.exe -> %SystemRoot%\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4995.1 nd446 cp1 | Size = 282624 bytes | Modified Date = 3/24/2006 10:30:44 PM | Attr = ]
quickset.exe -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> Dell Inc [Ver = 7, 1, 12, 0 | Size = 1032192 bytes | Modified Date = 8/3/2006 5:51:42 PM | Attr = ]
tfswctrl.exe -> %SystemRoot%\system32\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 3:50:18 PM | Attr = ]
pcmservice.exe -> %ProgramFiles%\Dell\MediaDirect\PCMService.exe -> CyberLink Corp. [Ver = 4, 5, 0, 0 | Size = 184320 bytes | Modified Date = 5/2/2007 6:16:54 PM | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.4043 | Size = 185632 bytes | Modified Date = 9/13/2007 5:20:20 PM | Attr = ]
zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe -> Intel Corporation [Ver = 10.5.1.9 | Size = 802816 bytes | Modified Date = 10/18/2006 6:04:28 PM | Attr = ]
ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe -> Intel Corporation [Ver = 10.5.1.18 | Size = 696320 bytes | Modified Date = 10/18/2006 5:58:16 PM | Attr = ]
eeventmanager.exe -> %ProgramFiles%\epson\Creativity Suite\Event Manager\EEventManager.exe -> SEIKO EPSON CORPORATION [Ver = 1, 8, 0, 0 | Size = 102400 bytes | Modified Date = 10/12/2006 4:57:08 PM | Attr = ]
apdproxy.exe -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.0.0.53237 | Size = 57344 bytes | Modified Date = 9/16/2005 2:37:04 AM | Attr = ]
aolsoftware.exe -> %CommonProgramFiles%\AOL\1211604845\ee\aolsoftware.exe -> AOL LLC [Ver = 15.5.1.2 | Size = 42032 bytes | Modified Date = 5/25/2007 10:16:08 AM | Attr = ]
ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 7/19/2008 7:38:34 AM | Attr = ]
netwaiting.exe -> %ProgramFiles%\NetWaiting\netwaiting.exe -> [Ver = | Size = 20480 bytes | Modified Date = 9/10/2003 1:24:00 AM | Attr = ]
googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 4/10/2007 8:01:36 PM | Attr = ]
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 10.5.1.5 | Size = 327680 bytes | Modified Date = 10/18/2006 5:49:52 PM | Attr = ]
dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 1:06:00 AM | Attr = ]
wanmpsvc.exe -> %SystemRoot%\wanmpsvc.exe -> America Online, Inc. [Ver = 9, 0, 0, 0 | Size = 65536 bytes | Modified Date = 8/27/2003 9:29:46 AM | Attr = ]
googleupdater.exe -> %ProgramFiles%\Google\Google Updater\GoogleUpdater.exe -> Google [Ver = 2.2.940.34809.beta | Size = 124912 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
ymetray.exe -> %ProgramFiles%\Yahoo!\Yahoo! Music Jukebox\ymetray.exe -> Yahoo! Inc. [Ver = 2.2.2.056 (Build 056) | Size = 54512 bytes | Modified Date = 10/3/2007 2:56:10 PM | Attr = ]
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 7/19/2008 7:38:04 AM | Attr = ]
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 7/23/2008 7:25:45 AM | Attr = ]
dot1xcfg.exe -> %ProgramFiles%\Intel\Wireless\Bin\Dot1XCfg.exe -> Intel Corporation [Ver = 10.5.1.9 | Size = 479232 bytes | Modified Date = 10/18/2006 5:53:24 PM | Attr = ]
launchpad.exe -> %AppData%\U3\0000167A67740D5B\LaunchPad.exe -> [Ver = 1, 4, 0, 2 | Size = 4603904 bytes | Modified Date = 2/9/2007 4:47:20 PM | Attr = ]
mcvsusb.exe -> %AppData%\U3\0000167A67740D5B\9CAC5930-4010-4AD6-ABF7-CE2778969B13\Exec\McVsUSB.exe -> McAfee, Inc. [Ver = 3,0,144,0 | Size = 529696 bytes | Modified Date = 12/17/2007 11:31:52 PM | Attr = ]
vsusbrtm.exe -> %AppData%\U3\0000167A67740D5B\9CAC5930-4010-4AD6-ABF7-CE2778969B13\Exec\VsUSBRtm.exe -> McAfee, Inc. [Ver = 3,0,144,0 | Size = 320848 bytes | Modified Date = 8/2/2007 10:58:24 AM | Attr = ]
otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 7/12/2008 9:29:54 AM | Attr = ]
[Win32 Services - Non-Microsoft Only]
(AdobeActiveFileMonitor4.0) Adobe Active File Monitor V4 [Win32_Own | Auto | Running] -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -> [Ver = | Size = 102400 bytes | Modified Date = 10/3/2005 1:04:04 PM | Attr = ]
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> AOL LLC [Ver = 4.6.1.2 | Size = 46640 bytes | Modified Date = 10/23/2006 5:50:35 AM | Attr = R ]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 7/19/2008 7:25:06 AM | Attr = ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 7/19/2008 7:38:28 AM | Attr = ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 7/19/2008 7:38:04 AM | Attr = ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 7/23/2008 7:25:45 AM | Attr = ]
(Bonjour Service) ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 229376 bytes | Modified Date = 2/28/2006 12:42:38 PM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.5512.503.0 | Size = 224768 bytes | Modified Date = 4/13/2008 5:12:17 PM | Attr = ]
(EvtEng) Intel(R) PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 10.5.1.21 | Size = 434176 bytes | Modified Date = 10/18/2006 6:05:18 PM | Attr = ]
(FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 654848 bytes | Modified Date = 3/20/2008 12:43:11 AM | Attr = ]
(gusvc) Google Updater Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.2.824.5515.beta | Size = 138680 bytes | Modified Date = 8/15/2007 10:06:01 AM | Attr = ]
(RegSrvc) Intel(R) PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 10.5.1.5 | Size = 327680 bytes | Modified Date = 10/18/2006 5:49:52 PM | Attr = ]
(S24EventMonitor) Intel(R) PROSet/Wireless Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 10.5.1.3 | Size = 946176 bytes | Modified Date = 10/18/2006 5:56:52 PM | Attr = ]
(WANMiniportService) WAN Miniport (ATW) Service [Win32_Own | Auto | Running] -> %SystemRoot%\wanmpsvc.exe -> America Online, Inc. [Ver = 9, 0, 0, 0 | Size = 65536 bytes | Modified Date = 8/27/2003 9:29:46 AM | Attr = ]
(WLANKEEPER) Intel(R) PROSet/Wireless SSO Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> Intel(R) Corporation [Ver = 10.5.1.5 | Size = 290816 bytes | Modified Date = 10/18/2006 6:01:34 PM | Attr = ]
[Driver Services - Non-Microsoft Only]
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 26944 bytes | Modified Date = 7/19/2008 7:32:15 AM | Attr = ]
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.6.0.0 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\AegisP.sys -> Meetinghouse Data Communications [Ver = 3.6.0.0 | Size = 21425 bytes | Modified Date = 9/24/2007 9:24:23 AM | Attr = ]
(AliIde) AliIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 8/17/2001 12:51:56 PM | Attr = ]
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp.080413-2111) | Size = 43008 bytes | Modified Date = 4/13/2008 11:36:39 AM | Attr = ]
(APPDRV) APPDRV [Kernel | System | Running] -> %SystemRoot%\system32\drivers\APPDRV.SYS -> Dell Inc [Ver = 1, 0, 1, 1 | Size = 16128 bytes | Modified Date = 8/12/2005 4:50:46 PM | Attr = ]
(asc) asc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 8/17/2001 12:52:00 PM | Attr = ]
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 8/17/2001 12:51:58 PM | Attr = ]
(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 20560 bytes | Modified Date = 7/19/2008 7:37:42 AM | Attr = ]
(aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\System32\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 94416 bytes | Modified Date = 7/19/2008 7:37:21 AM | Attr = ]
(aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 23152 bytes | Modified Date = 7/19/2008 7:33:42 AM | Attr = ]
(aswSP) avast! Self Protection [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 78416 bytes | Modified Date = 7/19/2008 7:35:18 AM | Attr = ]
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 42912 bytes | Modified Date = 7/19/2008 7:32:36 AM | Attr = ]
(bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\bcm4sbxp.sys -> Broadcom Corporation [Ver = 4.52.0.0 built by: WinDDK | Size = 44544 bytes | Modified Date = 8/25/2006 6:23:08 AM | Attr = ]
(brfilt) Brother MFC Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\BrFilt.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 2944 bytes | Modified Date = 8/17/2001 11:12:12 AM | Attr = ]
(BrSerWDM) Brother Serial driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\BrSerWdm.sys -> Brother Industries Ltd. [Ver = 1.0.0.15 (Lab06_N.010129-0357) | Size = 60416 bytes | Modified Date = 8/17/2001 11:12:20 AM | Attr = ]
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\BrUsbMdm.sys -> Brother Industries Ltd. [Ver = 1,0,0,7 (Lab06_N.010129-0357) | Size = 11008 bytes | Modified Date = 8/17/2001 11:12:20 AM | Attr = ]
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 8/17/2001 12:51:54 PM | Attr = ]
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 8/17/2001 12:52:16 PM | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.5512.503.0 | Size = 799744 bytes | Modified Date = 4/13/2008 11:44:48 AM | Attr = ]
(dmio) Logical Disk Manager Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.5512.503.0 | Size = 153344 bytes | Modified Date = 4/13/2008 11:44:46 AM | Attr = ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 8/10/2004 4:00:00 AM | Attr = ]
(drvmcdb) drvmcdb [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\drvmcdb.sys -> Sonic Solutions [Ver = 3.22.03a | Size = 87488 bytes | Modified Date = 12/1/2004 2:22:00 AM | Attr = ]
(drvnddm) drvnddm [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\drvnddm.sys -> Sonic Solutions [Ver = 2.56.43a | Size = 40480 bytes | Modified Date = 11/23/2004 1:56:00 AM | Attr = ]
(DSproct) DSproct [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Dell Support\GTAction\triggers\DSproct.sys -> GTek Technologies Ltd. [Ver = 1, 0, 0, 28 | Size = 4864 bytes | Modified Date = 1/10/2006 10:07:58 AM | Attr = ]
(E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Modified Date = 8/17/2001 11:12:10 AM | Attr = ]
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hdaudbus.sys -> Windows (R) Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 144384 bytes | Modified Date = 4/13/2008 9:36:05 AM | Attr = ]
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSX_DPV.sys -> Conexant Systems, Inc. [Ver = 7.38.00 built by: WinDDK | Size = 936960 bytes | Modified Date = 12/1/2005 6:40:56 AM | Attr = ]
(HSXHWAZL) HSXHWAZL [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSXHWAZL.sys -> Conexant Systems, Inc. [Ver = 7.38.00 built by: WinDDK | Size = 192512 bytes | Modified Date = 12/1/2005 6:40:12 AM | Attr = ]
(ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> Intel Corporation [Ver = 6.14.10.4446 | Size = 1364574 bytes | Modified Date = 12/13/2005 9:09:34 AM | Attr = ]
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.010 | Size = 12544 bytes | Modified Date = 10/5/2005 3:57:08 AM | Attr = ]
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 8/17/2001 12:52:12 PM | Attr = ]
(NETw3x32) Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NETw3x32.sys -> Intel® Corporation [Ver = 10, 5, 1, 72 | Size = 1711104 bytes | Modified Date = 10/17/2006 11:55:28 AM | Attr = ]
(nv) nv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.5673 | Size = 1897408 bytes | Modified Date = 8/3/2004 9:29:56 PM | Attr = ]
(omci) OMCI WDM Device Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\omci.sys -> Dell Inc [Ver = 7, 1, 382, 0 | Size = 17153 bytes | Modified Date = 2/13/2004 3:46:00 PM | Attr = ]
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 8/10/2004 4:00:00 AM | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.43J | Size = 36624 bytes | Modified Date = 10/18/2006 4:00:00 AM | Attr = ]
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 8/17/2001 12:52:20 PM | Attr = ]
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 8/17/2001 12:52:20 PM | Attr = ]
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 8/17/2001 12:52:18 PM | Attr = ]
(rimmptsk) rimmptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rimmptsk.sys -> REDC [Ver = 1.0.0.6 | Size = 28544 bytes | Modified Date = 7/14/2005 10:58:14 PM | Attr = ]
(rimsptsk) rimsptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rimsptsk.sys -> REDC [Ver = 1.00.01.12 | Size = 51328 bytes | Modified Date = 7/12/2005 11:00:30 PM | Attr = ]
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rixdptsk.sys -> REDC [Ver = 1.00.02.04 | Size = 307968 bytes | Modified Date = 7/14/2005 9:28:38 PM | Attr = ]
(s24trans) WLAN Transport [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\s24trans.sys -> Intel Corporation [Ver = 10.5.1.0 | Size = 12544 bytes | Modified Date = 10/19/2006 9:29:22 AM | Attr = ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 11/13/2007 3:25:53 AM | Attr = ]
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp.080413-2111) | Size = 40960 bytes | Modified Date = 4/13/2008 11:36:39 AM | Attr = ]
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 8/17/2001 1:07:44 PM | Attr = ]
(sptd) sptd [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sptd.sys -> [Ver = | Size = 639224 bytes | Modified Date = 10/31/2007 7:30:50 PM | Attr = ]
(sscdbhk5) sscdbhk5 [File_System | System | Running] -> %SystemRoot%\system32\drivers\sscdbhk5.sys -> Sonic Solutions [Ver = 1.10.87a | Size = 5627 bytes | Modified Date = 7/14/2004 10:29:04 AM | Attr = ]
(ssrtln) ssrtln [File_System | System | Running] -> %SystemRoot%\system32\drivers\ssrtln.sys -> Sonic Solutions [Ver = 1.10.87a | Size = 23545 bytes | Modified Date = 7/14/2004 10:28:50 AM | Attr = ]
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sthda.sys -> SigmaTel, Inc. [Ver = 5.10.4995.1 nd446 cp1 | Size = 1156648 bytes | Modified Date = 3/24/2006 10:34:30 PM | Attr = ]
(symc810) symc810 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 8/17/2001 1:07:34 PM | Attr = ]
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 8/17/2001 1:07:36 PM | Attr = ]
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 8/17/2001 1:07:40 PM | Attr = ]
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 8/17/2001 1:07:42 PM | Attr = ]
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 8.2.4.6 08Mar06 | Size = 191872 bytes | Modified Date = 3/8/2006 5:35:10 PM | Attr = ]
(tfsnboio) tfsnboio [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnboio.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 25883 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
(tfsncofs) tfsncofs [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsncofs.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 34843 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
(tfsndrct) tfsndrct [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsndrct.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 4123 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
(tfsndres) tfsndres [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsndres.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 2239 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
(tfsnifs) tfsnifs [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnifs.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 86586 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
(tfsnopio) tfsnopio [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnopio.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 15227 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
(tfsnpool) tfsnpool [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnpool.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 6363 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
(tfsnudf) tfsnudf [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnudf.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 98714 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
(tfsnudfa) tfsnudfa [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnudfa.sys -> Sonic Solutions [Ver = 1.04.08a | Size = 100603 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
(ultra) ultra [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 8/17/2001 12:52:22 PM | Attr = ]
(w39n51) Intel(R) PRO/Wireless 3945ABG Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\w39n51.sys -> Intel® Corporation [Ver = 10, 1, 1, 7 | Size = 1429632 bytes | Modified Date = 4/26/2006 10:13:04 PM | Attr = ]
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\wanatw4.sys -> America Online, Inc. [Ver = 8.3.0.0 | Size = 33588 bytes | Modified Date = 1/10/2003 3:13:04 PM | Attr = ]
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSX_CNXT.sys -> Conexant Systems, Inc. [Ver = 7.38.00 built by: WinDDK | Size = 669696 bytes | Modified Date = 12/1/2005 6:40:08 AM | Attr = ]
(ATWPKT2) ATWPKT2 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\atwpkt2.sys -> America Online [Ver = 4.8.8.4 | Size = 24960 bytes | Modified Date = 10/11/2007 4:20:56 AM | Attr = ]
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Adobe Photo Downloader -> %ProgramFiles%\Adobe\Photoshop Elements 4.0\apdproxy.exe ["C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"] -> Adobe Systems Incorporated [Ver = 3.0.0.53237 | Size = 57344 bytes | Modified Date = 9/16/2005 2:37:04 AM | Attr = ]
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 1/11/2008 11:16:38 PM | Attr = ]
AOLDialer -> %CommonProgramFiles%\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] -> AOL LLC [Ver = 4.6.1.2 | Size = 71216 bytes | Modified Date = 10/23/2006 5:50:37 AM | Attr = R ]
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 7/19/2008 7:38:34 AM | Attr = ]
Dell QuickSet -> %ProgramFiles%\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> Dell Inc [Ver = 7, 1, 12, 0 | Size = 1032192 bytes | Modified Date = 8/3/2006 5:51:42 PM | Attr = ]
dla -> %SystemRoot%\system32\dla\tfswctrl.exe [C:\WINDOWS\system32\dla\tfswctrl.exe] -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
EEventManager -> %ProgramFiles%\epson\Creativity Suite\Event Manager\EEventManager.exe [C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe] -> SEIKO EPSON CORPORATION [Ver = 1, 8, 0, 0 | Size = 102400 bytes | Modified Date = 10/12/2006 4:57:08 PM | Attr = ]
HostManager -> %CommonProgramFiles%\AOL\1211604845\ee\aolsoftware.exe [C:\Program Files\Common Files\AOL\1211604845\ee\AOLSoftware.exe] -> AOL LLC [Ver = 15.5.1.2 | Size = 42032 bytes | Modified Date = 5/25/2007 10:16:08 AM | Attr = ]
igfxhkcmd -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> Intel Corporation [Ver = 3.0.0.4446 | Size = 77824 bytes | Modified Date = 12/13/2005 8:41:08 AM | Attr = ]
igfxpers -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> Intel Corporation [Ver = 3.0.0.4446 | Size = 118784 bytes | Modified Date = 12/13/2005 8:45:00 AM | Attr = ]
igfxtray -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> Intel Corporation [Ver = 3.0.0.4446 | Size = 98304 bytes | Modified Date = 12/13/2005 8:44:18 AM | Attr = ]
IntelWireless -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe ["C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless] -> Intel Corporation [Ver = 10.5.1.18 | Size = 696320 bytes | Modified Date = 10/18/2006 5:58:16 PM | Attr = ]
IntelZeroConfig -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe ["C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"] -> Intel Corporation [Ver = 10.5.1.9 | Size = 802816 bytes | Modified Date = 10/18/2006 6:04:28 PM | Attr = ]
ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 221184 bytes | Modified Date = 7/27/2004 3:50:42 PM | Attr = ]
ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 7/27/2004 3:50:18 PM | Attr = ]
PCMService -> %ProgramFiles%\Dell\MediaDirect\PCMService.exe ["C:\Program Files\Dell\MediaDirect\PCMService.exe"] -> CyberLink Corp. [Ver = 4, 5, 0, 0 | Size = 184320 bytes | Modified Date = 5/2/2007 6:16:54 PM | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> Apple Computer, Inc. [Ver = 6.5 | Size = 98304 bytes | Modified Date = 11/28/2006 1:10:00 PM | Attr = ]
SigmatelSysTrayApp -> %SystemRoot%\stsystra.exe [stsystra.exe] -> SigmaTel, Inc. [Ver = 1.0.4995.1 nd446 cp1 | Size = 282624 bytes | Modified Date = 3/24/2006 10:30:44 PM | Attr = ]
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> Synaptics, Inc. [Ver = 8.2.4.6 08Mar06 | Size = 761947 bytes | Modified Date = 3/8/2006 5:48:02 PM | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> RealNetworks, Inc. [Ver = 0.1.0.4043 | Size = 185632 bytes | Modified Date = 9/13/2007 5:20:20 PM | Attr = ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
ModemOnHold -> %ProgramFiles%\NetWaiting\netwaiting.exe [C:\Program Files\NetWaiting\netWaiting.exe] -> [Ver = | Size = 20480 bytes | Modified Date = 9/10/2003 1:24:00 AM | Attr = ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> Google Inc. [Ver = 2, 0, 301, 1654 | Size = 68856 bytes | Modified Date = 4/10/2007 8:01:36 PM | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 10/29/2003 1:06:00 AM | Attr = ]
%AllUsersProfile%\Start Menu\Programs\Startup\Google Updater.lnk -> %ProgramFiles%\Google\Google Updater\GoogleUpdater.exe -> Google [Ver = 2.2.940.34809.beta | Size = 124912 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
%AllUsersProfile%\Start Menu\Programs\Startup\ymetray.lnk -> %ProgramFiles%\Yahoo!\Yahoo! Music Jukebox\ymetray.exe -> Yahoo! Inc. [Ver = 2.2.2.056 (Build 056) | Size = 54512 bytes | Modified Date = 10/3/2007 2:56:10 PM | Attr = ]
< Tom Jr Startup Folder > -> C:\Documents and Settings\Tom Jr\Start Menu\Programs\Startup ->
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 1033728 bytes | Modified Date = 4/13/2008 5:12:19 PM | Attr = ]
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 26112 bytes | Modified Date = 4/13/2008 5:12:38 PM | Attr = ]
*MultiFile Done* -> ->
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost ->
logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 514560 bytes | Modified Date = 4/13/2008 5:12:24 PM | Attr = ]
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2105) | Size = 300544 bytes | Modified Date = 4/13/2008 5:12:41 PM | Attr = ]
*MultiFile Done* -> ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> Intel Corporation [Ver = 3.0.0.4446 | Size = 139264 bytes | Modified Date = 12/13/2005 8:40:12 AM | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> %SystemRoot%\Resources\Themes\Royale\Royale.mss [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> %SystemRoot%\Resources\Themes\Royale.the [C:\WINDOWS\Resources\Themes\Royale.theme] -> File not found
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 36 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> FF FF FF FF [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
< CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
*DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup ->
SCSI miniport -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2108) | Size = 62976 bytes | Modified Date = 4/13/2008 11:40:46 AM | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 ->
*AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable ->
NEC MBR-7 -> -> File not found
NEC MBR-7.4 -> -> File not found
PIONEER CHANGR DRM-1804X -> -> File not found
PIONEER CD-ROM DRM-6324X -> -> File not found
PIONEER CD-ROM DRM-624X -> -> File not found
TORiSAN CD-ROM CDR_C36 -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomPHILIPS_DVD+-RW_SDVD8820________________AD18____\5&1ba06b6c&0&0.0.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> USBSTOR\CdRom&Ven_SanDisk&Prod_U3_Cruzer_Micro&Rev_4.05\0000167A67740D5B&1 ->
< Drives - Autoruns > -> ->
AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 0 bytes | Modified Date = 8/16/2005 3:43:04 AM | Attr = ]
Autorun.inf [[autorun] | open=wscript.exe sowar.vbs | shell\Open\Command=wscript.exe sowar.vbs | shell\Open\Default=1 | shell\AutoPlay\Command=wscript.exe sowar.vbs | shell\Explore\Command=wscript.exe sowar.vbs | ] -> %SystemDrive%\Autorun.inf [ NTFS ] -> [Ver = | Size = 194 bytes | Modified Date = 8/24/2008 7:12:24 PM | Attr = RHS]
autorun.inf [[AutoRun] | open=LaunchU3.exe -a | icon=LaunchU3.exe,0 | | [Definitions] | Launchpad=LaunchPad.exe | Vtype=2 | | [CopyFiles] | FileNumber=1 | File1=LaunchPad.zip | | [Update] | URL=http://u3.sandisk.com/download/lp_installer.asp?custom=1.4.0.4&brand=cruzer | | | [Comment] | brand=cruzer | ] -> E:\autorun.inf [ CDFS ] -> [Ver = | Size = 277 bytes | Modified Date = 2/12/2007 12:53:42 PM | Attr = R ]
autorun.inf [] -> F:\autorun.inf [ FAT ] -> [Folder | Modified Date = 8/24/2008 9:33:32 AM | Attr = RHS]
Autorun.inf [[autorun] | open=wscript.exe sowar.vbs | shell\Open\Command=wscript.exe sowar.vbs | shell\Open\Default=1 | shell\AutoPlay\Command=wscript.exe sowar.vbs | shell\Explore\Command=wscript.exe sowar.vbs | ] -> G:\Autorun.inf [ FAT32 ] -> [Ver = | Size = 194 bytes | Modified Date = 8/24/2008 7:12:26 PM | Attr = RHS]
< HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\windows\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.radzservices.blogspot.com/ ->
HKEY_CURRENT_USER\: SearchURL\\ -> http://home.microsoft.com/access/autosearch.asp?p=%s[Reg Error: Value provider does not exist or could not be read.] ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
HKEY_CURRENT_USER\: ProxyOverride -> *.local ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3537 domain(s) found. ->
objects_aol.com [*] -> Out of zone range - ( 5 ) ->
27 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/23/2006 12:08:42 AM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\dla\tfswshx.dll [DriveLetterAccess] -> Sonic Solutions [Ver = 1.04.08a | Size = 118842 bytes | Modified Date = 12/6/2004 12:05:00 AM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 11/10/2005 12:22:12 PM | Attr = ]
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 5.0\aoltb.dll [AOL Toolbar Launcher] -> AOL LLC [Ver = 5.0.17.1 | Size = 1025584 bytes | Modified Date = 3/23/2007 1:35:30 PM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/12/2007 8:19:35 PM | Attr = R ]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 3, 0, 1225, 9868 | Size = 734704 bytes | Modified Date = 4/12/2008 9:32:37 AM | Attr = ]
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\BAE\BAE.dll [CBrowserHelperObject Object] -> Dell Inc. [Ver = 1.2.0.2 | Size = 98304 bytes | Modified Date = 11/17/2006 10:46:38 AM | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{0BF43445-2F28-4351-9252-17FE6E806AA0} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/12/2007 8:19:35 PM | Attr = R ]
{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 5.0\aoltb.dll [AOL Toolbar] -> AOL LLC [Ver = 5.0.17.1 | Size = 1025584 bytes | Modified Date = 3/23/2007 1:35:30 PM | Attr = ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2/12/2007 8:19:35 PM | Attr = R ]
WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 5.0\aoltb.dll [AOL Toolbar] -> AOL LLC [Ver = 5.0.17.1 | Size = 1025584 bytes | Modified Date = 3/23/2007 1:35:30 PM | Attr = ]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 11/10/2005 12:22:12 PM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 11/10/2005 12:22:12 PM | Attr = ]
{3369AF0D-62E9-4bda-8103-B4C75499B578}:{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 5.0\aoltb.dll [AOL Toolbar] -> AOL LLC [Ver = 5.0.17.1 | Size = 1025584 bytes | Modified Date = 3/23/2007 1:35:30 PM | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 11/10/2005 12:22:12 PM | Attr = ]
CmdMapping\\{3369AF0D-62E9-4bda-8103-B4C75499B578} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AOL\AOL Toolbar 5.0\aoltb.dll [AOL Toolbar] -> AOL LLC [Ver = 5.0.17.1 | Size = 1025584 bytes | Modified Date = 3/23/2007 1:35:30 PM | Attr = ]
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&AOL Toolbar Search -> %ProgramFiles%\AOL\AOL Toolbar 5.0\resources\en-us\local\search.html -> [Ver = | Size = 747 bytes | Modified Date = 9/7/2006 1:59:50 PM | Attr = ]
Add to Google Photos Screensa&ver -> %SystemRoot%\system32\GPhotos.scr -> Google Inc. [Ver = 2.0.0.1077 | Size = 2790976 bytes | Modified Date = 9/28/2007 1:42:38 PM | Attr = ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{A25E3D32-098A-4F0D-A704-9EB8B0587749} -> (1394 Net Adapter) ->
{B2894969-D901-400B-BEAC-4704968BED16} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) ->
{C6C54C3D-1F8C-4122-90F7-B641D5412825} -> (Broadcom 440x 10/100 Integrated Controller) ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 94208 bytes | Modified Date = 2/28/2006 12:42:30 PM | Attr = ]
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab[Windows Genuine Advantage Validation Tool] ->
{26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C}[HKEY_LOCAL_MACHINE] -> http://o.aolcdn.com/pictures/ap/Resources/v2.15/cab/aolpPlugins.10.6.0.8.cab[AOL Pictures Uploader Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab[Java Plug-in 1.5.0_06] ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab[Java Plug-in 1.5.0_06] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab[Java Plug-in 1.5.0_06] ->
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\\.Owner -> Unknown Owner ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\\{17492023-C23A-453E-A040-C7C580BBF700} -> ->
[Registry - Additional Scans - Non-Microsoft Only]
< MountPoints2 > -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\A\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\A\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F 01 00 01 01 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 20 00 00 00 09 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\\ -> AutoRun ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\\ -> Auto&Play ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command\\ -> E:\LaunchU3.exe [E:\LaunchU3.exe -a] -> [Ver = 1, 4, 0, 7 | Size = 1110016 bytes | Modified Date = 2/12/2007 6:33:37 PM | Attr = R ]
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\_Autorun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\_Autorun\DefaultIcon\ -> ->
*~EmptyValue* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\_Autorun\DefaultIcon\\ ->
E:\LaunchU3.exe -> E:\LaunchU3.exe -> [Ver = 1, 4, 0, 7 | Size = 1110016 bytes | Modified Date = 2/12/2007 6:33:37 PM | Attr = R ]
0 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\M\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\M\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\M\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F CF 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F CF CF CF CF CF DF DF DF 5F DF DF 00 5F 5F 5F 5F 5F 5F 5F 5F 5F 5F 00 01 00 00 00 08 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e656-f650-11dc-8d6b-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e656-f650-11dc-8d6b-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e656-f650-11dc-8d6b-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F CF 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F CF CF CF CF CF DF DF DF 5F DF DF CF 5F 5F 5F 5F 5F 5F 5F 5F 5F 5F 00 01 00 00 00 00 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e656-f650-11dc-8d6b-00038a000015}\shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e656-f650-11dc-8d6b-00038a000015}\shell\\ -> None ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e656-f650-11dc-8d6b-00038a000015}\shell\Autoplay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e656-f650-11dc-8d6b-00038a000015}\shell\Autoplay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e656-f650-11dc-8d6b-00038a000015}\shell\Autoplay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e656-f650-11dc-8d6b-00038a000015}\shell\Autoplay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e657-f650-11dc-8d6b-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e657-f650-11dc-8d6b-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e657-f650-11dc-8d6b-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F 01 00 01 01 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 01 00 00 00 08 07 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e657-f650-11dc-8d6b-00038a000015}\shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e657-f650-11dc-8d6b-00038a000015}\shell\\ -> None ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e657-f650-11dc-8d6b-00038a000015}\shell\Autoplay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e657-f650-11dc-8d6b-00038a000015}\shell\Autoplay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e657-f650-11dc-8d6b-00038a000015}\shell\Autoplay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0822e657-f650-11dc-8d6b-00038a000015}\shell\Autoplay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9162-f691-11dc-8d6c-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9162-f691-11dc-8d6c-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9162-f691-11dc-8d6c-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F 00 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F 01 01 00 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 10 00 00 08 02 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9162-f691-11dc-8d6c-00038a000015}\shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9162-f691-11dc-8d6c-00038a000015}\shell\\ -> None ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9162-f691-11dc-8d6c-00038a000015}\shell\Autoplay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9162-f691-11dc-8d6c-00038a000015}\shell\Autoplay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9162-f691-11dc-8d6c-00038a000015}\shell\Autoplay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9162-f691-11dc-8d6c-00038a000015}\shell\Autoplay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9163-f691-11dc-8d6c-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9163-f691-11dc-8d6c-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9163-f691-11dc-8d6c-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F CF 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F CF CF CF CF CF CF CF CF 5F CF CF CF 5F 5F 5F 5F 5F 5F 5F 5F 5F 5F 00 00 10 00 00 00 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9163-f691-11dc-8d6c-00038a000015}\shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9163-f691-11dc-8d6c-00038a000015}\shell\\ -> None ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9163-f691-11dc-8d6c-00038a000015}\shell\Autoplay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9163-f691-11dc-8d6c-00038a000015}\shell\Autoplay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9163-f691-11dc-8d6c-00038a000015}\shell\Autoplay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9163-f691-11dc-8d6c-00038a000015}\shell\Autoplay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9164-f691-11dc-8d6c-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9164-f691-11dc-8d6c-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9164-f691-11dc-8d6c-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F CF 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F CF CF CF CF CF CF CF CF 5F CF CF CF 5F 5F 5F 5F 5F 5F 5F 5F 5F 5F 00 00 10 00 00 00 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9164-f691-11dc-8d6c-00038a000015}\shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9164-f691-11dc-8d6c-00038a000015}\shell\\ -> None ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9164-f691-11dc-8d6c-00038a000015}\shell\Autoplay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9164-f691-11dc-8d6c-00038a000015}\shell\Autoplay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9164-f691-11dc-8d6c-00038a000015}\shell\Autoplay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9164-f691-11dc-8d6c-00038a000015}\shell\Autoplay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9165-f691-11dc-8d6c-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9165-f691-11dc-8d6c-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9165-f691-11dc-8d6c-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F CF 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F CF CF CF CF CF CF CF CF 5F CF CF CF 5F 5F 5F 5F 5F 5F 5F 5F 5F 5F 00 00 10 00 00 00 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9165-f691-11dc-8d6c-00038a000015}\shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9165-f691-11dc-8d6c-00038a000015}\shell\\ -> None ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9165-f691-11dc-8d6c-00038a000015}\shell\Autoplay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9165-f691-11dc-8d6c-00038a000015}\shell\Autoplay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9165-f691-11dc-8d6c-00038a000015}\shell\Autoplay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083e9165-f691-11dc-8d6c-00038a000015}\shell\Autoplay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f68d2d-6bec-11dd-8de3-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f68d2d-6bec-11dd-8de3-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f68d2d-6bec-11dd-8de3-00038a000015}\\_AutorunStatus -> 01 01 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 01 00 00 00 09 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F 01 00 01 01 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 10 00 00 09 02 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\\ -> Open ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoPlay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoPlay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoPlay\Command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoPlay\Command\\ -> wscript.exe sowar.vbs ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoPlay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoPlay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoRun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoRun\\Extended -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoRun\command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\AutoRun\command\\ -> wscript.exe sowar.vbs ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\Explore\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\Explore\Command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\Explore\Command\\ -> wscript.exe sowar.vbs ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\Open\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\Open\Command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\Open\Command\\ -> wscript.exe sowar.vbs ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\Open\Default\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08f9ae04-6256-11dc-8d20-00038a000015}\Shell\Open\Default\\ -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b3a3cd2-8889-11dc-8d3b-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b3a3cd2-8889-11dc-8d3b-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b3a3cd2-8889-11dc-8d3b-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F 00 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F 01 01 00 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 10 00 00 08 02 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05c-0e0d-11da-9aa9-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05c-0e0d-11da-9aa9-806d6172696f}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F 01 00 01 01 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 20 00 00 00 09 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\\ -> AutoRun ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\\ -> Auto&Play ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command\\ -> E:\setup.exe [E:\setup.exe] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\_Autorun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\_Autorun\DefaultIcon\ -> ->
*~EmptyValue* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\_Autorun\DefaultIcon\\ ->
E:\setup.exe -> E:\setup.exe -> File not found
0 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05e-0e0d-11da-9aa9-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05e-0e0d-11da-9aa9-806d6172696f}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05f-0e0d-11da-9aa9-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05f-0e0d-11da-9aa9-806d6172696f}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{469152aa-dd6d-11dc-8d5d-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{469152aa-dd6d-11dc-8d5d-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{469152aa-dd6d-11dc-8d5d-00038a000015}\\_AutorunStatus -> 01 01 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 20 00 00 00 09 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{469152aa-dd6d-11dc-8d5d-00038a000015}\_Autorun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{469152aa-dd6d-11dc-8d5d-00038a000015}\_Autorun\DefaultIcon\ -> ->
*~EmptyValue* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{469152aa-dd6d-11dc-8d5d-00038a000015}\_Autorun\DefaultIcon\\ ->
E:\LaunchU3.exe -> E:\LaunchU3.exe -> [Ver = 1, 4, 0, 7 | Size = 1110016 bytes | Modified Date = 2/12/2007 6:33:37 PM | Attr = R ]
0 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{469152ab-dd6d-11dc-8d5d-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{469152ab-dd6d-11dc-8d5d-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{469152ab-dd6d-11dc-8d5d-00038a000015}\\_AutorunStatus -> 01 01 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 10 00 00 08 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{608c55a2-7f19-11db-9a21-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{608c55a2-7f19-11db-9a21-806d6172696f}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{608c55a3-7f19-11db-9a21-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{608c55a3-7f19-11db-9a21-806d6172696f}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86523382-9328-11dc-8d41-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86523382-9328-11dc-8d41-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86523382-9328-11dc-8d41-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F 00 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F 01 01 00 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 10 00 00 08 02 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F 01 00 01 01 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 20 00 00 00 09 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\Shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\Shell\\ -> AutoRun ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\Shell\AutoRun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\Shell\AutoRun\\ -> Auto&Play ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\Shell\AutoRun\command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\Shell\AutoRun\command\\ -> I:\LaunchU3.exe [I:\LaunchU3.exe -a] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\_Autorun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\_Autorun\DefaultIcon\ -> ->
*~EmptyValue* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de30-2831-11dc-8cfa-00038a000015}\_Autorun\DefaultIcon\\ ->
I:\LaunchU3.exe -> I:\LaunchU3.exe -> File not found
0 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F CF 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F CF CF CF CF CF 01 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 10 00 00 08 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\\ -> Open ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoPlay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoPlay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoPlay\Command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoPlay\Command\\ -> wscript.exe sowar.vbs ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoPlay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoPlay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoRun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoRun\\Extended -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoRun\command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\AutoRun\command\\ -> wscript.exe sowar.vbs ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\Explore\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\Explore\Command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\Explore\Command\\ -> wscript.exe sowar.vbs ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\Open\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\Open\Command\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\Open\Command\\ -> wscript.exe sowar.vbs ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\Open\Default\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a870de31-2831-11dc-8cfa-00038a000015}\Shell\Open\Default\\ -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d486141a-4b6a-11dd-8dce-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d486141a-4b6a-11dd-8dce-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d486141a-4b6a-11dd-8dce-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F 01 00 01 01 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 10 00 00 08 06 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d486141a-4b6a-11dd-8dce-00038a000015}\shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d486141a-4b6a-11dd-8dce-00038a000015}\shell\\ -> None ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d486141a-4b6a-11dd-8dce-00038a000015}\shell\Autoplay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d486141a-4b6a-11dd-8dce-00038a000015}\shell\Autoplay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d486141a-4b6a-11dd-8dce-00038a000015}\shell\Autoplay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d486141a-4b6a-11dd-8dce-00038a000015}\shell\Autoplay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbbd3636-c047-11dc-8d49-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbbd3636-c047-11dc-8d49-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbbd3636-c047-11dc-8d49-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F CF 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F CF CF CF CF CF CF CF CF 5F CF CF CF 5F 5F 5F 5F 5F 5F 5F 5F 5F 5F 00 00 10 00 00 00 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbbd3636-c047-11dc-8d49-00038a000015}\shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbbd3636-c047-11dc-8d49-00038a000015}\shell\\ -> None ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbbd3636-c047-11dc-8d49-00038a000015}\shell\Autoplay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbbd3636-c047-11dc-8d49-00038a000015}\shell\Autoplay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbbd3636-c047-11dc-8d49-00038a000015}\shell\Autoplay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbbd3636-c047-11dc-8d49-00038a000015}\shell\Autoplay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02e8ea2-8409-11db-8cb2-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02e8ea2-8409-11db-8cb2-806d6172696f}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02e8ea3-8409-11db-8cb2-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02e8ea3-8409-11db-8cb2-806d6172696f}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02e8ea3-8409-11db-8cb2-806d6172696f}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F CF 5F 5F 5F 5F CF CF 5F 5F 5F CF 01 01 00 5F 5F EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 60 00 00 00 0C 00 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02e8ea3-8409-11db-8cb2-806d6172696f}\_Autorun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02e8ea3-8409-11db-8cb2-806d6172696f}\_Autorun\DefaultIcon\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02e8ea3-8409-11db-8cb2-806d6172696f}\_Autorun\DefaultIcon\\ -> D:\_setimg\Cdrom.ico [D:\_setimg\Cdrom.ico] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a0-41ed-11dd-8db7-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a0-41ed-11dd-8db7-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a0-41ed-11dd-8db7-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F 01 00 01 01 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 10 00 00 08 06 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a1-41ed-11dd-8db7-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a1-41ed-11dd-8db7-00038a000015}\\BaseClass -> Drive ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a1-41ed-11dd-8db7-00038a000015}\\_AutorunStatus -> 01 00 01 00 00 01 00 DF DF 5F DF 5F 5F 5F 5F DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F 5F DF DF DF 5F 5F DF 5F 5F 5F 5F 5F 00 5F 5F 5F 5F 5F CF CF 5F 5F 5F 5F 01 01 00 EE FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 00 10 00 00 08 02 00 00 [binary data] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a1-41ed-11dd-8db7-00038a000015}\shell\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a1-41ed-11dd-8db7-00038a000015}\shell\\ -> None ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a1-41ed-11dd-8db7-00038a000015}\shell\Autoplay\ -> ->
*MUIVerb* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a1-41ed-11dd-8db7-00038a000015}\shell\Autoplay\\MUIVerb ->
@shell32.dll -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr = ]
-8504 -> -> File not found
*MultiFile Done* -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a1-41ed-11dd-8db7-00038a000015}\shell\Autoplay\DropTarget\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc0937a1-41ed-11dd-8db7-00038a000015}\shell\Autoplay\DropTarget\\CLSID -> {f26a669a-bcbb-4e37-abf9-7325da15f931} ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{08f68d2d-6bec-11dd-8de3-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{08f68d2d-6bec-11dd-8de3-00038a000015}\\Data -> [Binary data over 100 bytes] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{08f68d2d-6bec-11dd-8de3-00038a000015}\\Generation -> 2 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{469152aa-dd6d-11dc-8d5d-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{469152aa-dd6d-11dc-8d5d-00038a000015}\\Data -> [Binary data over 100 bytes] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{469152aa-dd6d-11dc-8d5d-00038a000015}\\Generation -> 2 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{469152ab-dd6d-11dc-8d5d-00038a000015}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{469152ab-dd6d-11dc-8d5d-00038a000015}\\Data -> [Binary data over 100 bytes] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{469152ab-dd6d-11dc-8d5d-00038a000015}\\Generation -> 3 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e02e8ea2-8409-11db-8cb2-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e02e8ea2-8409-11db-8cb2-806d6172696f}\\Data -> [Binary data over 100 bytes] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e02e8ea2-8409-11db-8cb2-806d6172696f}\\Generation -> 2 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e02e8ea3-8409-11db-8cb2-806d6172696f}\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e02e8ea3-8409-11db-8cb2-806d6172696f}\\Data -> [Binary data over 100 bytes] ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{e02e8ea3-8409-11db-8cb2-806d6172696f}\\Generation -> 2 ->
< EventViewer Logs > -> Errors and Warnings -> Description
System - Warning - 8/17/2008 7:41:23 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 1223Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Warning - 8/18/2008 3:42:20 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of SAS window
System - Warning - 8/18/2008 3:42:20 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/18/2008 3:42:20 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 1003153 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/18/2008 3:42:25 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of SAS window
System - Error - 8/18/2008 3:42:30 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Windows Update Agent -> Description =
System - Warning - 8/18/2008 4:41:56 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Win32k -> Description =
System - Warning - 8/18/2008 6:24:42 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 75C608FC-0B96-4F1B-B9B9-F5DA32B10549User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/18/2008 6:24:45 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 873A3D74-3AD5-4C16-9D9C-DD41C6A99EC8User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found regkeyHKLMSoftwareMicrosoftWindowsCurrentVersionRunSystem RestorerunkeyHKLMSoftwareMicrosoftWindowsCurrentVersionRunSystem RestorefileCWINDOWSSysResvbsAlert Type 807Detection Type (null)
System - Warning - 8/18/2008 7:29:07 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 1223Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Warning - 8/19/2008 6:49:15 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/19/2008 6:49:15 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 1003155 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/19/2008 8:30:40 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/19/2008 8:30:40 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/19/2008 8:30:44 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/19/2008 8:30:44 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 7:56:35 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 7:56:35 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 7:56:39 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 7:56:39 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 7:56:42 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 7:56:42 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 7:58:35 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 7CC18307-9495-46C8-8534-D1B2E98CCB9DUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found driverATWPKT2Alert Type 807Detection Type (null)
System - Warning - 8/20/2008 9:48:40 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 9:48:40 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 9:48:44 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 9:48:44 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Error - 8/20/2008 9:48:46 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not assigned an address from the network (by the DHCPServer) for the Network Card with network address 0018DE3CF436 The following erroroccurred 1223Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Warning - 8/20/2008 1:22:58 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of IWMSWindow
System - Warning - 8/20/2008 1:23:04 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 1:23:04 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 1:47:58 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 1:47:58 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 8:26:42 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 8:26:42 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 8:26:45 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Server -> Description = The server could not bind to the transport DeviceNetBTTcpipB2894969-D901-400B-BEAC-4704968BED16
System - Warning - 8/20/2008 8:47:37 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of IWMSWindow
System - Warning - 8/20/2008 8:47:37 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of IWMSWindow
System - Warning - 8/20/2008 8:47:43 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 8:47:43 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 8:47:46 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/20/2008 8:47:46 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/20/2008 8:47:48 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Server -> Description = The server could not bind to the transport DeviceNetBTTcpipB2894969-D901-400B-BEAC-4704968BED16
System - Error - 8/20/2008 8:47:50 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Server -> Description = The server could not bind to the transport DeviceNetbiosSmb because another computer on the network has the same name The server could not start
System - Warning - 8/21/2008 7:10:25 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 7:10:25 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 8:38:31 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 8:38:31 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 8:38:36 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 8:38:36 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 9:20:46 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of IWMSWindow
System - Warning - 8/21/2008 9:20:52 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 9:20:52 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 10:31:59 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 10:31:59 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Error - 8/21/2008 10:32:01 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not assigned an address from the network (by the DHCPServer) for the Network Card with network address 0018DE3CF436 The following erroroccurred 1223Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Warning - 8/21/2008 2:01:40 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of IWMSWindow
System - Warning - 8/21/2008 2:01:40 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of IWMSWindow
System - Warning - 8/21/2008 2:01:45 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 2:01:45 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Error - 8/21/2008 2:01:48 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Server -> Description = The server could not bind to the transport DeviceNetbiosSmb because another computer on the network has the same name The server could not start
System - Warning - 8/21/2008 3:14:29 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 3:14:29 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 3:14:33 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 3:14:33 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 4:13:21 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 4:13:21 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 6:43:16 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 6:43:16 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 8:08:01 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 8:08:01 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 8:08:06 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/21/2008 8:08:06 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/21/2008 9:16:37 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Win32k -> Description =
System - Warning - 8/22/2008 6:54:48 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID AAD63037-EED3-4715-9159-5C3C44665DEDUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:54:50 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 5A022868-4937-4E3C-AB1B-4B7DC72779C4User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:54:52 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID AF712554-DCC4-4DF2-96CC-25E92A79014BUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:54:54 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 914C2251-B8E2-4445-8B5D-A502C9F406A9User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:54:59 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 5395A989-6BF7-464C-AEC6-FEFAEA343682User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:55:02 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID CA33CE45-6129-41E3-8FAB-29754C319700User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:55:17 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 760CAB70-76AD-4CD1-BE94-5161AC072708User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:55:19 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 9286C281-F765-4EB6-8B28-A5E14A5ED117User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:56:04 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 888BC797-E19B-49FD-B145-08AF95CB50D3User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:56:05 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 459204A0-5746-4E0C-B2FE-75A7F05F8F9BUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:56:22 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID A0B9877A-73CF-45F0-B35F-269E345E8BCCUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 6:56:26 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 726EBF7B-A88D-4943-95C5-CB8F1C2A7BF6User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Error - 8/22/2008 7:51:54 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not assigned an address from the network (by the DHCPServer) for the Network Card with network address 0018DE3CF436 The following erroroccurred 1223Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Warning - 8/22/2008 7:51:57 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/22/2008 7:51:57 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/22/2008 7:53:33 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 2DA4BF45-3917-4D0A-8E3F-5A41A28F1992User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found driverxpdxAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:33 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 59A01311-8485-403C-9DA4-13EC7927EAB0User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found servicexpdxAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:33 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 8FE964CC-E649-44C7-BB05-C40248B1EE30User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found driverxpdtAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:33 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 42ACCFBE-D615-408C-A969-3E3717CFF92EUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found servicexpdtAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:33 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 709BD9C7-D784-4262-9580-C57616D2042BUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found servicehuy32Alert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:33 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID AC9789B6-29D0-4128-B850-FE64B80DDD6BUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found driverhuy32Alert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:33 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 27781150-FF3A-4B52-9323-1639B0D40091User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found servicepe386Alert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:35 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID D5139405-217E-4EE7-9387-9DA394BBC469User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found driverpe386Alert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:35 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID CBB1AC23-C3FD-40DD-924C-53B8EAFBA132User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found servicelzx32Alert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:35 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 48A70AD0-4B5D-467F-AC89-61FD362EDF8BUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found servicemsguardAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:35 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 20615F85-CFBB-4D9C-BE6A-29F81129B985User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found driverlzx32Alert Type 807Detection Type (null)
System - Warning - 8/22/2008 7:53:36 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID B46E65F7-ACFC-446D-9A53-FB00C3200375User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found drivermsguardAlert Type 807Detection Type (null)
System - Error - 8/22/2008 7:55:58 PM -> Computer Name = DJDKK5C1 - User Name = NT AUTHORITY\SYSTEM - Source = DCOM -> Description =
System - Error - 8/22/2008 7:57:03 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Service Control Manager -> Description = The following boot-start or system-start driver(s) failed to load Aavmker4APPDRVaswSPFipsintelppm
System - Error - 8/22/2008 7:58:56 PM -> Computer Name = DJDKK5C1 - User Name = NT AUTHORITY\SYSTEM - Source = DCOM -> Description =
System - Warning - 8/22/2008 8:00:18 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID A55D3AD0-9886-4619-B0AB-BDED52751673User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 8:02:07 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 5387C8C4-E0B5-46B9-B147-FCFCB2D7338FUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 8:02:07 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 5263CD78-C674-4A6F-9FE5-2CA7F3B74A4EUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 8:04:31 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 984407D9-FF2F-4CA6-9EF9-E6D0893AD1B4User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 8:04:34 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 9C62AB9E-383B-4404-9221-081E7BC768CDUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/22/2008 10:04:10 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/22/2008 10:04:11 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/22/2008 10:04:16 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/22/2008 10:04:16 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/23/2008 12:25:26 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of IWMSWindow
System - Warning - 8/23/2008 12:25:34 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/23/2008 12:25:34 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/23/2008 12:25:37 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Server -> Description = The server could not bind to the transport DeviceNetBTTcpipB2894969-D901-400B-BEAC-4704968BED16
System - Error - 8/23/2008 12:26:02 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Service Control Manager -> Description = Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service
System - Error - 8/23/2008 12:26:32 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Service Control Manager -> Description = Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service
System - Error - 8/23/2008 12:27:02 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Service Control Manager -> Description = Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service
System - Warning - 8/23/2008 8:17:05 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/23/2008 8:17:05 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/23/2008 8:17:10 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/23/2008 8:17:10 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/23/2008 8:17:14 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/23/2008 8:17:14 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/23/2008 8:17:17 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/23/2008 8:17:17 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/23/2008 9:15:37 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/23/2008 9:15:37 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/23/2008 9:15:39 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/23/2008 9:15:39 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/23/2008 9:15:46 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Server -> Description = The server could not bind to the transport DeviceNetBTTcpipB2894969-D901-400B-BEAC-4704968BED16
System - Error - 8/23/2008 9:15:46 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Server -> Description = The server could not bind to the transport DeviceNetbiosSmb because another computer on the network has the same name The server could not start
System - Warning - 8/24/2008 7:17:29 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of IWMSWindow
System - Warning - 8/24/2008 7:17:29 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = PlugPlayManager -> Description = Timed out sending notification of device interface change to window of IWMSWindow
System - Warning - 8/24/2008 7:17:31 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 7:17:31 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 7:17:37 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 7:17:37 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 7:17:41 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 7:17:41 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 7:17:44 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 7:17:44 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 9:11:41 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 9:11:41 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 9:11:46 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 9:11:46 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 9:50:08 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 5BD82A96-CDF5-425C-B642-C39470C25E9CUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:14:08 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID BC2EECAC-B0F4-4272-A276-9743C6D100A0User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:14:36 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID AAC10109-9445-443C-9914-5A8E685479B6User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersBackupCacheAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:14:36 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 989C169B-3D32-489E-AC4B-B434227AF38EUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersBackupCookiesAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:14:36 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID C555F834-0D07-43B0-8CC6-12C28B7CE7B5User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersBackupHistoryAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:14:36 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID C9B868CE-7A0D-475D-B65C-E0A93D751094User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersBackupFavoritesAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:14:36 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 95C97162-25C4-4B93-8078-1C7743ADF7ACUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersCookiesAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:14:36 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID AE2631C7-7E39-404D-95E7-3C32E0DDAECEUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersHistoryAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:14:36 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID EF4E4296-94F3-48C0-B9EC-3DFF7216B5B0User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersCacheAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:14:38 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID DFC620D8-4DF7-48E3-81AC-33588D459B30User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersFavoritesAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:18:53 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 0558D223-368B-4E0E-B3EE-A97C244F796EUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersCookiesAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:18:53 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID D1B3766B-90B6-45EB-BA25-8A75B26CBA2FUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersCacheAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:18:53 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 5B329467-8E47-4562-9ECD-03315A8B59F9User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersFavoritesAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 10:18:53 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 80587117-DB76-4052-8E37-FA5A3533AE5FUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found usershellfolderHKCUS-1-5-21-3016711891-1204557993-285463850-1006SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell FoldersHistoryAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 1:22:23 PM -> Computer Name = DJDKK5C1 - User Name = NT AUTHORITY\SYSTEM - Source = USER32 -> Description = The attempt to power off DJDKK5C1 failed
System - Warning - 8/24/2008 1:47:29 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 1:47:29 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 1:47:35 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 1:47:35 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 1:50:41 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 1:50:41 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 1:50:45 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 1:50:45 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 1:50:49 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 1:50:49 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 1:52:23 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 9A7CCE75-021D-40FF-92CA-F84AB7B24262User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 1:53:01 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 3C793BF4-B223-4BE2-B282-249C186AD6CCUser DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 2:30:37 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 2:30:37 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Warning - 8/24/2008 2:30:43 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer was not able to renew its address from the network (from theDHCP Server) for the Network Card with network address 0018DE3CF436 The followingerror occurred 121Your computer will continue to try and obtain an address on its own fromthe network address (DHCP) server
System - Error - 8/24/2008 2:30:43 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Dhcp -> Description = Your computer has lost the lease to its IP address 19216823 on theNetwork Card with network address 0018DE3CF436
System - Error - 8/24/2008 2:35:16 PM -> Computer Name = DJDKK5C1 - User Name = NT AUTHORITY\SYSTEM - Source = DCOM -> Description =
System - Error - 8/24/2008 2:36:17 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = Service Control Manager -> Description = The following boot-start or system-start driver(s) failed to load Aavmker4APPDRVaswSPFipsintelppm
System - Error - 8/24/2008 2:37:08 PM -> Computer Name = DJDKK5C1 - User Name = DJDKK5C1\Tom Jr - Source = DCOM -> Description =
System - Error - 8/24/2008 2:44:32 PM -> Computer Name = DJDKK5C1 - User Name = DJDKK5C1\Tom Jr - Source = DCOM -> Description =
System - Error - 8/24/2008 5:33:26 PM -> Computer Name = DJDKK5C1 - User Name = NT AUTHORITY\SYSTEM - Source = DCOM -> Description =
System - Warning - 8/24/2008 5:35:03 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID A0E510B8-63D6-48A5-BCBD-3FC0B3F27820User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 6:05:07 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 2ADD022E-EFBB-4324-9452-6E3BE3C9F343User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
System - Warning - 8/24/2008 6:05:10 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = WinDefend -> Description = 827 Real-Time Protection agent has detected changes Microsoft recommends you analyze the software that made these changes for potential risks You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer Allow changes only if you trust the program or the software publisher 827 cant undo changes that you allowFor more information please see the followinghttpgomicrosoftcomfwlinklinkid=74409Scan ID 7C1F4F22-4BDE-4DBF-8C67-72B4DCA94BB8User DJDKK5C1Tom JrName UnknownID (null)Severity Not Yet ClassifiedCategory Not Yet ClassifiedPath Found iemainHKCUS-1-5-21-3016711891-1204557993-285463850-1006SOFTWAREMicrosoftInternet ExplorerMainStart PageAlert Type 807Detection Type (null)
Antivirus - Warning - 8/18/2008 6:44:05 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Sign of Win32Small-LLU Trj has been found in CsoftwareAdobePhotoshopCS3aps3ekgexe file
Antivirus - Warning - 8/19/2008 6:57:39 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Sign of Win32Small-LLU Trj has been found in CSystem Volume Informationrestore129201FA-B0AC-49B3-96B2-DEB8B91E727BRP118A0030064exe file
Antivirus - Warning - 8/19/2008 7:19:34 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Function setifaceUpdatePackages() has failed Return code is 0x20000011 dwRes is 20000011
Antivirus - Warning - 8/19/2008 7:11:06 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Function setifaceUpdatePackages() has failed Return code is 0x000004C7 dwRes is 000004C7
Antivirus - Warning - 8/21/2008 1:05:21 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Function setifaceUpdatePackages() has failed Return code is 0xC0000142 dwRes is C0000142
Antivirus - Warning - 8/21/2008 5:05:27 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Function setifaceUpdatePackages() has failed Return code is 0xC0000142 dwRes is C0000142
Antivirus - Warning - 8/24/2008 9:43:50 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Sign of Win32Inject-EV Trj has been found in CDOCUME1TOMJR1LOCALS1Tempsygdvprydll file
Antivirus - Warning - 8/24/2008 9:46:18 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Sign of Win32Inject-EV Trj has been found in CDOCUME1TOMJR1LOCALS1Tempsygdvprydll file
Antivirus - Warning - 8/24/2008 9:52:29 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Sign of Win32Inject-EV Trj has been found in CDOCUME1TOMJR1LOCALS1Tempsygdvprydll file
Antivirus - Warning - 8/24/2008 9:52:40 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Sign of Win32Inject-EV Trj has been found in CDOCUME1TOMJR1LOCALS1Tempsygdvprydll file
Antivirus - Warning - 8/24/2008 9:54:44 AM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Sign of Win32Inject-EV Trj has been found in CDOCUME1TOMJR1LOCALS1Tempsygdvprydll file
Antivirus - Warning - 8/24/2008 12:24:34 PM -> Computer Name = DJDKK5C1 - User Name = (blank) - Source = avast! -> Description = Function setifaceUpdatePackages() has failed Return code is 0xC0000142 dwRes is C0000142
[Files/Folders - Created Within 30 days]
Autorun.inf -> %SystemDrive%\Autorun.inf -> [Ver = | Size = 194 bytes | Created Date = 8/18/2008 7:25:05 PM | Attr = RHS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1063714816 bytes | Created Date = 8/24/2008 6:34:39 PM | Attr = HS]
Radz_Services.vbs -> %SystemDrive%\Radz_Services.vbs -> [Ver = | Size = 5830 bytes | Created Date = 8/18/2008 7:25:05 PM | Attr = ]
sowar.vbs -> %SystemDrive%\sowar.vbs -> [Ver = | Size = 5830 bytes | Created Date = 8/18/2008 7:25:05 PM | Attr = RHS]
404Fix.exe -> %SystemRoot%\System32\404Fix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Created Date = 8/22/2008 8:52:26 PM | Attr = ]
AntiXPVSTFix.exe -> %SystemRoot%\System32\AntiXPVSTFix.exe -> S!Ri.URZ [Ver = | Size = 87552 bytes | Created Date = 8/22/2008 8:52:26 PM | Attr = ]
dumphive.exe -> %SystemRoot%\System32\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
IEDFix.C.exe -> %SystemRoot%\System32\IEDFix.C.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Created Date = 8/22/2008 8:52:26 PM | Attr = ]
IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver = | Size = 82944 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
Process.exe -> %SystemRoot%\System32\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
SrchSTS.exe -> %SystemRoot%\System32\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
swsc.exe -> %SystemRoot%\System32\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 4462 bytes | Created Date = 8/22/2008 8:52:37 PM | Attr = ]
VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver = | Size = 86528 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
VCCLSID.exe -> %SystemRoot%\System32\VCCLSID.exe -> S!Ri [Ver = | Size = 289144 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
WS2Fix.exe -> %SystemRoot%\System32\WS2Fix.exe -> [Ver = | Size = 25600 bytes | Created Date = 8/22/2008 8:52:25 PM | Attr = ]
SysRes.vbs -> %SystemRoot%\SysRes.vbs -> [Ver = | Size = 5830 bytes | Created Date = 8/18/2008 7:24:40 PM | Attr = RHS]
[Files/Folders - Modified Within 30 days]
Autorun.inf -> %SystemDrive%\Autorun.inf -> [Ver = | Size = 194 bytes | Modified Date = 8/24/2008 7:12:24 PM | Attr = RHS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1063714816 bytes | Modified Date = 8/24/2008 6:34:39 PM | Attr = HS]
MDT -> %SystemDrive%\MDT -> [Folder | Modified Date = 8/24/2008 6:35:00 PM | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 8/24/2008 7:08:38 PM | Attr = ]
VETlog.dmp -> %SystemDrive%\VETlog.dmp -> [Ver = | Size = 53930 bytes | Modified Date = 8/18/2008 5:00:13 PM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 8/24/2008 6:34:53 PM | Attr = ]
etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 8/20/2008 8:01:33 PM | Attr = ]
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [Ver = | Size = 734 bytes | Modified Date = 8/22/2008 8:56:31 PM | Attr = ]
404Fix.exe -> %SystemRoot%\System32\404Fix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Modified Date = 8/18/2008 12:19:03 PM | Attr = ]
AntiXPVSTFix.exe -> %SystemRoot%\System32\AntiXPVSTFix.exe -> S!Ri.URZ [Ver = | Size = 87552 bytes | Modified Date = 8/21/2008 11:41:01 PM | Attr = ]
CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 8/24/2008 6:35:17 PM | Attr = ]
9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [Ver = | Size = 2626 bytes | Modified Date = 8/17/2008 4:38:59 PM | Attr = ]
dllcache -> %SystemRoot%\System32\dllcache -> [Folder | Modified Date = 8/20/2008 7:23:18 AM | Attr = ]
drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 8/20/2008 8:41:13 PM | Attr = ]
FC3D591647.sys -> %SystemRoot%\System32\FC3D591647.sys -> [Ver = | Size = 88 bytes | Modified Date = 8/21/2008 6:29:44 PM | Attr = RHS]
IEDFix.C.exe -> %SystemRoot%\System32\IEDFix.C.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Modified Date = 8/14/2008 9:52:23 PM | Attr = ]
KGyGaAvL.sys -> %SystemRoot%\System32\KGyGaAvL.sys -> [Ver = | Size = 2828 bytes | Modified Date = 8/21/2008 6:29:44 PM | Attr = HS]
LogFiles -> %SystemRoot%\System32\LogFiles -> [Folder | Modified Date = 8/2/2008 9:17:16 PM | Attr = ]
tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 4462 bytes | Modified Date = 8/22/2008 8:56:35 PM | Attr = ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 8/24/2008 6:35:24 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 8/20/2008 7:23:07 AM | Attr = H ]
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 8/24/2008 6:34:40 PM | Attr = S]
CSC -> %SystemRoot%\CSC -> [Folder | Modified Date = 8/24/2008 3:34:49 PM | Attr = HS]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 8/20/2008 7:21:05 AM | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 8/20/2008 7:23:11 AM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 8/20/2008 7:23:19 AM | Attr = H ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 8/24/2008 7:13:15 PM | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 8/24/2008 6:35:11 PM | Attr = ]
system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 8/22/2008 8:56:35 PM | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 8/24/2008 6:37:46 PM | Attr = S]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 8/24/2008 7:13:31 PM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 759 bytes | Modified Date = 8/22/2008 3:11:19 PM | Attr = ]
MP Scheduled Scan.job -> %SystemRoot%\tasks\MP Scheduled Scan.job -> [Ver = | Size = 330 bytes | Modified Date = 8/24/2008 6:37:46 PM | Attr = H ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 8/24/2008 6:34:46 PM | Attr = H ]
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs -> [Folder | Modified Date = 8/24/2008 6:34:53 PM | Attr = ]
eHomeLog-0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\eHomeLog-0.dat -> [Ver = | Size = 484 bytes | Modified Date = 6/24/2008 7:31:42 AM | Attr = H ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [Folder | Modified Date = 11/28/2006 1:15:00 PM | Attr = ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 5485 bytes | Modified Date = 8/24/2008 6:35:50 PM | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 5485 bytes | Modified Date = 8/24/2008 6:35:50 PM | Attr = ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data -> [Folder | Modified Date = 3/16/2008 11:38:02 AM | Attr = ]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1372 bytes | Modified Date = 12/4/2006 8:07:03 PM | Attr = ]
opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\opa11.dat -> [Ver = | Size = 8206 bytes | Modified Date = 3/16/2008 11:38:02 AM | Attr = ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works -> [Folder | Modified Date = 8/24/2008 8:17:36 AM | Attr = ]
wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/23/2008 8:03:56 PM | Attr = ]
wklntsk1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk1.dat -> [Ver = | Size = 201374 bytes | Modified Date = 8/23/2008 9:21:37 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\RTPatch -> [Folder | Modified Date = 5/18/2008 3:00:28 PM | Attr = ]
patch.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\RTPatch\patch.exe -> [Ver = | Size = 34816 bytes | Modified Date = 5/18/2008 3:00:28 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\RTPatch -> [Folder | Modified Date = 5/18/2008 2:56:09 PM | Attr = ]
patch.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\RTPatch\patch.exe -> [Ver = | Size = 34816 bytes | Modified Date = 5/18/2008 2:56:09 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea -> [Folder | Modified Date = 5/18/2008 2:59:57 PM | Attr = ]
4185.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4185.exe -> Adobe Systems [Ver = 1.1.0 | Size = 6264768 bytes | Modified Date = 9/19/2007 7:11:42 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\RTPatch -> [Folder | Modified Date = 5/18/2008 3:00:06 PM | Attr = ]
patch.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\RTPatch\patch.exe -> [Ver = | Size = 34816 bytes | Modified Date = 5/18/2008 3:00:06 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\RTPatch -> [Folder | Modified Date = 5/18/2008 2:53:56 PM | Attr = ]
patch.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\RTPatch\patch.exe -> [Ver = | Size = 34816 bytes | Modified Date = 5/18/2008 2:53:56 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea -> [Folder | Modified Date = 5/18/2008 2:55:07 PM | Attr = ]
1393.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1393.exe -> Adobe Systems, Inc. [Ver = 2.1.1 | Size = 11777960 bytes | Modified Date = 11/6/2007 11:36:12 AM | Attr = ]
1423.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1423.exe -> Adobe Systems, Inc. [Ver = 2.0 | Size = 124840 bytes | Modified Date = 11/6/2007 11:36:14 AM | Attr = ]
1732.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1732.exe -> Adobe Systems Incorporated [Ver = 4.0.0.76626 | Size = 4937640 bytes | Modified Date = 11/6/2007 11:36:18 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\RTPatch -> [Folder | Modified Date = 5/18/2008 3:02:10 PM | Attr = ]
patch.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\RTPatch\patch.exe -> [Ver = | Size = 34816 bytes | Modified Date = 5/18/2008 3:02:10 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\StagingArea -> [Folder | Modified Date = 5/18/2008 3:02:27 PM | Attr = ]
1111.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\StagingArea\1111.exe -> Adobe Systems, Incorporated [Ver = 10.0.1 (10.0.1x20071012 [20071012.r.1644 09:30:00 cutoff; r branch]) | Size = 44814336 bytes | Modified Date = 10/20/2007 9:11:42 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\RTPatch -> [Folder | Modified Date = 5/18/2008 3:02:36 PM | Attr = ]
patch.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\RTPatch\patch.exe -> [Ver = | Size = 34816 bytes | Modified Date = 5/18/2008 3:02:36 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\RTPatch -> [Folder | Modified Date = 5/18/2008 2:55:11 PM | Attr = ]
patch.exe -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\RTPatch\patch.exe -> [Ver = | Size = 34816 bytes | Modified Date = 5/18/2008 2:55:11 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\_PASFX795\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\_PASFX795 -> [Folder | Modified Date = 3/20/2008 12:41:30 AM | Attr = ]
7Z.DLL -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\_PASFX795\7Z.DLL -> [Ver = | Size = 76288 bytes | Modified Date = 3/20/2008 12:37:58 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\{0EE6E933-C5E5-49D0-9E29-278FD31730B3}\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\{0EE6E933-C5E5-49D0-9E29-278FD31730B3} -> [Folder | Modified Date = 2/17/2008 8:35:03 AM | Attr = ]
ISSetup.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\{0EE6E933-C5E5-49D0-9E29-278FD31730B3}\ISSetup.dll -> Macrovision Corporation [Ver = 12.0.49974 | Size = 552214 bytes | Modified Date = 10/30/2006 8:10:00 AM | Attr = R ]
_Setup.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\{0EE6E933-C5E5-49D0-9E29-278FD31730B3}\_Setup.dll -> Macrovision Corporation [Ver = 12.0.49974 | Size = 385968 bytes | Modified Date = 10/30/2006 8:10:00 AM | Attr = R ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\{D7BF6560-C709-4A54-9FC7-1BEA08687CA2}\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\{D7BF6560-C709-4A54-9FC7-1BEA08687CA2} -> [Folder | Modified Date = 2/17/2008 8:32:07 AM | Attr = ]
ISSetup.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\{D7BF6560-C709-4A54-9FC7-1BEA08687CA2}\ISSetup.dll -> Macrovision Corporation [Ver = 12.0.49974 | Size = 552214 bytes | Modified Date = 11/14/2006 2:08:52 AM | Attr = R ]
_Setup.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\{D7BF6560-C709-4A54-9FC7-1BEA08687CA2}\_Setup.dll -> Macrovision Corporation [Ver = 12.0.49974 | Size = 385968 bytes | Modified Date = 5/17/2006 11:21:04 AM | Attr = R ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592 -> [Folder | Modified Date = 5/18/2008 3:00:31 PM | Attr = ]
InstallerResults.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\InstallerResults.dll -> [Ver = | Size = 153280 bytes | Modified Date = 5/18/2008 3:00:17 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\CAPS -> [Folder | Modified Date = 5/18/2008 3:00:17 PM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 5/18/2008 3:00:17 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\RTPatch -> [Folder | Modified Date = 5/18/2008 3:00:28 PM | Attr = ]
patchw32.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher2592\RTPatch\patchw32.dll -> [Ver = | Size = 182272 bytes | Modified Date = 5/18/2008 3:00:28 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher3684\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher3684\CAPS -> [Folder | Modified Date = 5/18/2008 2:51:37 PM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher3684\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 5/18/2008 2:51:38 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424 -> [Folder | Modified Date = 5/18/2008 2:59:58 PM | Attr = ]
InstallerResults.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\InstallerResults.dll -> [Ver = | Size = 153016 bytes | Modified Date = 5/18/2008 2:55:22 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\CAPS -> [Folder | Modified Date = 5/18/2008 2:55:22 PM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 5/18/2008 2:55:22 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\RTPatch -> [Folder | Modified Date = 5/18/2008 2:56:09 PM | Attr = ]
patchw32.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\RTPatch\patchw32.dll -> [Ver = | Size = 182272 bytes | Modified Date = 5/18/2008 2:56:09 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea -> [Folder | Modified Date = 5/18/2008 2:59:57 PM | Attr = ]
4186.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4186.dll -> Adobe Systems, Inc. [Ver = 2.1.2.1069 (BuildVersion: 46.276280; BuildDate: Thu Feb 15 2007 22:34:47) | Size = 2662400 bytes | Modified Date = 9/19/2007 7:11:38 AM | Attr = ]
4187.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4187.dll -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 2531328 bytes | Modified Date = 9/19/2007 7:11:38 AM | Attr = ]
4204.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4204.dll -> Adobe Systems Incorporated [Ver = 6.0.4 | Size = 1410048 bytes | Modified Date = 9/19/2007 7:11:42 AM | Attr = ]
4577.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4577.dll -> [Ver = | Size = 135168 bytes | Modified Date = 9/19/2007 7:11:44 AM | Attr = ]
4589.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4589.dll -> Opera Software [Ver = 8773 | Size = 3272704 bytes | Modified Date = 9/19/2007 7:11:36 AM | Attr = ]
4590.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4590.dll -> [Ver = | Size = 25600 bytes | Modified Date = 9/19/2007 7:11:36 AM | Attr = ]
4591.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4591.dll -> [Ver = | Size = 34816 bytes | Modified Date = 9/19/2007 7:11:40 AM | Attr = ]
5302.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\5302.dll -> [Ver = | Size = 81920 bytes | Modified Date = 9/19/2007 7:11:38 AM | Attr = ]
5303.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\5303.dll -> [Ver = | Size = 46592 bytes | Modified Date = 9/19/2007 7:11:38 AM | Attr = ]
5304.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\5304.dll -> [Ver = | Size = 724992 bytes | Modified Date = 9/19/2007 7:11:40 AM | Attr = ]
5305.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\5305.dll -> [Ver = | Size = 716800 bytes | Modified Date = 9/19/2007 7:11:42 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4440\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4440 -> [Folder | Modified Date = 8/17/2008 7:55:46 AM | Attr = ]
InstallerResults.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4440\InstallerResults.dll -> [Ver = | Size = 153280 bytes | Modified Date = 8/17/2008 7:55:38 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4440\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4440\CAPS -> [Folder | Modified Date = 8/17/2008 7:55:38 AM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4440\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 8/17/2008 7:55:38 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528 -> [Folder | Modified Date = 5/18/2008 3:00:14 PM | Attr = ]
InstallerResults.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\InstallerResults.dll -> [Ver = | Size = 153280 bytes | Modified Date = 5/18/2008 3:00:02 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\CAPS -> [Folder | Modified Date = 5/18/2008 3:00:02 PM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 5/18/2008 3:00:02 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\RTPatch -> [Folder | Modified Date = 5/18/2008 3:00:06 PM | Attr = ]
patchw32.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4528\RTPatch\patchw32.dll -> [Ver = | Size = 182272 bytes | Modified Date = 5/18/2008 3:00:06 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596 -> [Folder | Modified Date = 5/18/2008 2:55:07 PM | Attr = ]
InstallerResults.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\InstallerResults.dll -> [Ver = | Size = 153016 bytes | Modified Date = 5/18/2008 2:53:39 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\CAPS -> [Folder | Modified Date = 5/18/2008 2:53:39 PM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 5/18/2008 2:53:39 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\RTPatch -> [Folder | Modified Date = 5/18/2008 2:53:56 PM | Attr = ]
patchw32.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\RTPatch\patchw32.dll -> [Ver = | Size = 182272 bytes | Modified Date = 5/18/2008 2:53:56 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea -> [Folder | Modified Date = 5/18/2008 2:55:07 PM | Attr = ]
1313.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1313.dll -> Opera Software [Ver = 8773 | Size = 3272704 bytes | Modified Date = 11/6/2007 11:36:30 AM | Attr = ]
1315.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1315.dll -> [Ver = | Size = 25600 bytes | Modified Date = 11/6/2007 11:36:32 AM | Attr = ]
1339.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1339.dll -> Adobe Systems Incorporated [Ver = 4.0.0.76626 | Size = 57344 bytes | Modified Date = 11/6/2007 11:36:24 AM | Attr = ]
1374.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1374.dll -> Adobe Systems, Incorporated [Ver = 3.0.0.63netio24 | Size = 147456 bytes | Modified Date = 11/6/2007 11:36:32 AM | Attr = ]
1451.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1451.dll -> Adobe Systems Incorporated [Ver = 2.0d12 | Size = 73728 bytes | Modified Date = 11/6/2007 11:36:14 AM | Attr = ]
1557.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1557.dll -> Adobe Systems Incorporated [Ver = 2.0.1.1504 | Size = 372736 bytes | Modified Date = 11/6/2007 11:36:38 AM | Attr = ]
1661.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1661.dll -> Adobe Systems Incorporated [Ver = 2.0.1.1504 | Size = 340992 bytes | Modified Date = 11/6/2007 11:36:14 AM | Attr = ]
1733.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1733.dll -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 2531328 bytes | Modified Date = 11/6/2007 11:36:26 AM | Attr = ]
1783.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1783.dll -> Adobe Systems, Incorporated [Ver = 3.7.72 | Size = 540672 bytes | Modified Date = 11/6/2007 11:36:22 AM | Attr = ]
1903.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1903.dll -> [Ver = 4.1-c037, 46.282696, Mon Apr 02 2007 18:36:42 | Size = 393216 bytes | Modified Date = 11/6/2007 11:36:20 AM | Attr = ]
1912.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1912.dll -> Adobe Systems Incorporated [Ver = 2.0.1.1504 | Size = 346624 bytes | Modified Date = 11/6/2007 11:36:26 AM | Attr = ]
1966.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1966.dll -> Adobe Systems Incorporated [Ver = 2.11.36 | Size = 846336 bytes | Modified Date = 11/6/2007 11:36:16 AM | Attr = ]
1982.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1982.dll -> Adobe Systems Incorporated [Ver = 4.0.0.76626 | Size = 110592 bytes | Modified Date = 11/6/2007 11:36:16 AM | Attr = ]
1983.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1983.dll -> [Ver = 4.1-s010, 46.282696, Mon Apr 02 2007 18:36:42 | Size = 176128 bytes | Modified Date = 11/6/2007 11:36:26 AM | Attr = ]
1987.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1987.dll -> Adobe Systems Incorporated [Ver = 5, 1, 0, 1504 | Size = 496128 bytes | Modified Date = 11/6/2007 11:36:32 AM | Attr = ]
1997.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1997.dll -> Adobe Systems Incorporated [Ver = 10.0 (10.0x001) | Size = 12271616 bytes | Modified Date = 11/6/2007 11:36:36 AM | Attr = ]
2018.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2018.dll -> Adobe Systems, Incorporated [Ver = 3.7.72 | Size = 557056 bytes | Modified Date = 11/6/2007 11:36:16 AM | Attr = ]
2053.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2053.dll -> Adobe Systems, Incorporated [Ver = 3.0.0.63netio24 | Size = 204800 bytes | Modified Date = 11/6/2007 11:36:28 AM | Attr = ]
2065.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2065.dll -> Adobe Systems Incorporated [Ver = 4.0.0.76626 | Size = 9728 bytes | Modified Date = 11/6/2007 11:36:28 AM | Attr = ]
2086.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2086.dll -> Adobe Systems, Incorporated [Ver = 3.2.0.275 | Size = 647168 bytes | Modified Date = 11/6/2007 11:36:14 AM | Attr = ]
2104.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2104.dll -> Adobe Systems Incorporated [Ver = 4.0.0.76626 | Size = 118784 bytes | Modified Date = 11/6/2007 11:36:22 AM | Attr = ]
2111.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2111.dll -> Adobe Systems, Incorporated [Ver = 3.0.0.63netio24 | Size = 77824 bytes | Modified Date = 11/6/2007 11:36:36 AM | Attr = ]
2149.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2149.dll -> Adobe Systems Incorporated [Ver = 4.0.0.76626 | Size = 131072 bytes | Modified Date = 11/6/2007 11:36:28 AM | Attr = ]
2162.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2162.dll -> Adobe Systems Incorporated [Ver = 2.0.1.1504 | Size = 342016 bytes | Modified Date = 11/6/2007 11:36:24 AM | Attr = ]
2191.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2191.dll -> Adobe Systems, Inc. [Ver = 2.1.5.1504 (BuildVersion: 49.285477; BuildDate: Wed Apr 25 2007 12:01:03) | Size = 2666496 bytes | Modified Date = 11/6/2007 11:36:22 AM | Attr = ]
2195.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2195.dll -> [Ver = 4.1-f101, 46.282696, Mon Apr 02 2007 18:36:42 | Size = 339968 bytes | Modified Date = 11/6/2007 11:36:30 AM | Attr = ]
2196.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2196.dll -> Adobe Systems, Incorporated [Ver = 3.0.0.63netio24 | Size = 360448 bytes | Modified Date = 11/6/2007 11:36:24 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4868\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4868\CAPS -> [Folder | Modified Date = 5/18/2008 3:00:42 PM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4868\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 5/18/2008 3:00:42 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048 -> [Folder | Modified Date = 5/18/2008 3:02:30 PM | Attr = ]
InstallerResults.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\InstallerResults.dll -> [Ver = | Size = 153016 bytes | Modified Date = 5/18/2008 3:01:46 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\CAPS -> [Folder | Modified Date = 5/18/2008 3:01:46 PM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 5/18/2008 3:01:46 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\RTPatch -> [Folder | Modified Date = 5/18/2008 3:02:10 PM | Attr = ]
patchw32.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\RTPatch\patchw32.dll -> [Ver = | Size = 182272 bytes | Modified Date = 5/18/2008 3:02:10 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\StagingArea -> [Folder | Modified Date = 5/18/2008 3:02:27 PM | Attr = ]
1108.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\StagingArea\1108.dll -> Adobe Systems Incorporated [Ver = 2.11.36 | Size = 846336 bytes | Modified Date = 10/20/2007 9:11:26 AM | Attr = ]
1109.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\StagingArea\1109.dll -> Adobe Systems, Inc. [Ver = 2.1.2.1082 (BuildVersion: 46.278103; BuildDate: Wed Feb 28 2007 17:43:17) | Size = 2662400 bytes | Modified Date = 10/20/2007 9:11:26 AM | Attr = ]
1110.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5048\StagingArea\1110.dll -> Macrovision Europe Ltd. [Ver = 11.03.005 | Size = 2527744 bytes | Modified Date = 10/20/2007 9:11:46 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456 -> [Folder | Modified Date = 5/18/2008 3:02:44 PM | Attr = ]
InstallerResults.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\InstallerResults.dll -> [Ver = | Size = 153280 bytes | Modified Date = 5/18/2008 3:02:33 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\CAPS -> [Folder | Modified Date = 5/18/2008 3:02:33 PM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 5/18/2008 3:02:33 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\RTPatch -> [Folder | Modified Date = 5/18/2008 3:02:36 PM | Attr = ]
patchw32.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5456\RTPatch\patchw32.dll -> [Ver = | Size = 182272 bytes | Modified Date = 5/18/2008 3:02:36 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796 -> [Folder | Modified Date = 5/18/2008 2:55:13 PM | Attr = ]
InstallerResults.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\InstallerResults.dll -> [Ver = | Size = 153280 bytes | Modified Date = 5/18/2008 2:55:09 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\CAPS\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\CAPS -> [Folder | Modified Date = 5/18/2008 2:55:10 PM | Attr = ]
adobe_caps.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\CAPS\adobe_caps.dll -> Adobe Systems Incorporated [Ver = 1,0,135,0 | Size = 215040 bytes | Modified Date = 5/18/2008 2:55:10 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\RTPatch\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\RTPatch -> [Folder | Modified Date = 5/18/2008 2:55:11 PM | Attr = ]
patchw32.dll -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher5796\RTPatch\patchw32.dll -> [Ver = | Size = 182272 bytes | Modified Date = 5/18/2008 2:55:11 PM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea -> [Folder | Modified Date = 5/18/2008 2:59:57 PM | Attr = ]
1009.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\1009.dat -> [Ver = | Size = 236 bytes | Modified Date = 9/19/2007 7:11:38 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea -> [Folder | Modified Date = 5/18/2008 2:55:07 PM | Attr = ]
2264.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2264.dat -> [Ver = | Size = 14124 bytes | Modified Date = 11/6/2007 11:36:32 AM | Attr = ]
2273.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2273.dat -> [Ver = | Size = 14878 bytes | Modified Date = 11/6/2007 11:36:14 AM | Attr = ]
2280.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2280.dat -> [Ver = | Size = 11994 bytes | Modified Date = 11/6/2007 11:36:22 AM | Attr = ]
2286.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2286.dat -> [Ver = | Size = 12030 bytes | Modified Date = 11/6/2007 11:36:26 AM | Attr = ]
2305.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2305.dat -> [Ver = | Size = 12530 bytes | Modified Date = 11/6/2007 11:36:12 AM | Attr = ]
2311.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2311.dat -> [Ver = | Size = 14030 bytes | Modified Date = 11/6/2007 11:36:26 AM | Attr = ]
2317.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2317.dat -> [Ver = | Size = 14336 bytes | Modified Date = 11/6/2007 11:36:14 AM | Attr = ]
2323.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2323.dat -> [Ver = | Size = 14102 bytes | Modified Date = 11/6/2007 11:36:24 AM | Attr = ]
2349.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2349.dat -> [Ver = | Size = 14250 bytes | Modified Date = 11/6/2007 11:36:22 AM | Attr = ]
2374.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2374.dat -> [Ver = | Size = 14322 bytes | Modified Date = 11/6/2007 11:36:28 AM | Attr = ]
2380.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2380.dat -> [Ver = | Size = 14604 bytes | Modified Date = 11/6/2007 11:36:22 AM | Attr = ]
2387.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2387.dat -> [Ver = | Size = 14594 bytes | Modified Date = 11/6/2007 11:36:16 AM | Attr = ]
2393.dat -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\2393.dat -> [Ver = | Size = 14796 bytes | Modified Date = 11/6/2007 11:36:30 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea -> [Folder | Modified Date = 5/18/2008 2:59:57 PM | Attr = ]
4593.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4593.ini -> [Ver = | Size = 99142 bytes | Modified Date = 9/19/2007 7:11:40 AM | Attr = ]
4597.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4597.ini -> [Ver = | Size = 1216 bytes | Modified Date = 9/19/2007 7:11:40 AM | Attr = ]
4598.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4598.ini -> [Ver = | Size = 1064 bytes | Modified Date = 9/19/2007 7:11:36 AM | Attr = ]
4599.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4599.ini -> [Ver = | Size = 105 bytes | Modified Date = 9/19/2007 7:11:36 AM | Attr = ]
4607.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4607.ini -> [Ver = | Size = 21897 bytes | Modified Date = 9/19/2007 7:11:38 AM | Attr = ]
4608.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4608.ini -> [Ver = | Size = 57565 bytes | Modified Date = 9/19/2007 7:11:42 AM | Attr = ]
4610.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4610.ini -> [Ver = | Size = 20077 bytes | Modified Date = 9/19/2007 7:11:38 AM | Attr = ]
4611.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4424\StagingArea\4611.ini -> [Ver = | Size = 4454 bytes | Modified Date = 9/19/2007 7:11:42 AM | Attr = ]
C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\ -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea -> [Folder | Modified Date = 5/18/2008 2:55:07 PM | Attr = ]
1309.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1309.ini -> [Ver = | Size = 99142 bytes | Modified Date = 11/6/2007 11:36:28 AM | Attr = ]
1322.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1322.ini -> [Ver = | Size = 21897 bytes | Modified Date = 11/6/2007 11:36:26 AM | Attr = ]
1323.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1323.ini -> [Ver = | Size = 57565 bytes | Modified Date = 11/6/2007 11:36:32 AM | Attr = ]
1325.ini -> C:\Documents and Settings\Tom Jr\Local Settings\Temp\Patcher\Patcher4596\StagingArea\1325.ini -> [Ver = | Size = 20077 bytes | Modified Date = 11/6/2007 11:36:28 AM | Attr = ]
C:\WINDOWS\Temp\gis544a5e\ -> C:\WINDOWS\Temp\gis544a5e -> [Folder | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
GoogleUpdater.exe -> C:\WINDOWS\Temp\gis544a5e\GoogleUpdater.exe -> Google [Ver = 2.0.748.20414.beta | Size = 123640 bytes | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
GoogleUpdaterAdminPrefs.exe -> C:\WINDOWS\Temp\gis544a5e\GoogleUpdaterAdminPrefs.exe -> Google [Ver = 2.0.748.20414.beta | Size = 182520 bytes | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
GoogleUpdaterInstallMgr.exe -> C:\WINDOWS\Temp\gis544a5e\GoogleUpdaterInstallMgr.exe -> Google [Ver = 2.0.748.20414.beta | Size = 581880 bytes | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
GoogleUpdaterService.exe -> C:\WINDOWS\Temp\gis544a5e\GoogleUpdaterService.exe -> Google [Ver = 2.0.748.20414.beta | Size = 136952 bytes | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
GoogleUpdaterSetup.exe -> C:\WINDOWS\Temp\gis544a5e\GoogleUpdaterSetup.exe -> Google Inc. [Ver = 2.0.748.20414.beta | Size = 123128 bytes | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
SearchWithGoogleUpdate_en.exe -> C:\WINDOWS\Temp\gis544a5e\SearchWithGoogleUpdate_en.exe -> Google Inc. [Ver = 1, 2, 1128, 2480 | Size = 602552 bytes | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
C:\WINDOWS\Temp\gis6e11b\ -> C:\WINDOWS\Temp\gis6e11b -> [Folder | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
GoogleUpdater.exe -> C:\WINDOWS\Temp\gis6e11b\GoogleUpdater.exe -> Google [Ver = 2.1.810.31257.beta | Size = 124152 bytes | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
GoogleUpdaterAdminPrefs.exe -> C:\WINDOWS\Temp\gis6e11b\GoogleUpdaterAdminPrefs.exe -> Google [Ver = 2.1.810.31257.beta | Size = 184056 bytes | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
GoogleUpdaterInstallMgr.exe -> C:\WINDOWS\Temp\gis6e11b\GoogleUpdaterInstallMgr.exe -> Google [Ver = 2.1.810.31257.beta | Size = 645880 bytes | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
GoogleUpdaterService.exe -> C:\WINDOWS\Temp\gis6e11b\GoogleUpdaterService.exe -> Google [Ver = 2.0.767.25472.beta | Size = 136952 bytes | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
GoogleUpdaterSetup.exe -> C:\WINDOWS\Temp\gis6e11b\GoogleUpdaterSetup.exe -> Google Inc. [Ver = 2.1.810.31257.beta | Size = 123640 bytes | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
SearchWithGoogleUpdate_en.exe -> C:\WINDOWS\Temp\gis6e11b\SearchWithGoogleUpdate_en.exe -> Google Inc. [Ver = 2, 0, 301, 3558 | Size = 741304 bytes | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
C:\WINDOWS\Temp\gis79cf9\ -> C:\WINDOWS\Temp\gis79cf9 -> [Folder | Modified Date = 8/21/2007 8:48:28 PM | Attr = ]
GoogleUpdater.exe -> C:\WINDOWS\Temp\gis79cf9\GoogleUpdater.exe -> Google [Ver = 2.2.940.34809.beta | Size = 124912 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
GoogleUpdaterAdminPrefs.exe -> C:\WINDOWS\Temp\gis79cf9\GoogleUpdaterAdminPrefs.exe -> Google [Ver = 2.2.940.34809.beta | Size = 185840 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
GoogleUpdaterInstallMgr.exe -> C:\WINDOWS\Temp\gis79cf9\GoogleUpdaterInstallMgr.exe -> Google [Ver = 2.2.940.34809.beta | Size = 664560 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
GoogleUpdaterService.exe -> C:\WINDOWS\Temp\gis79cf9\GoogleUpdaterService.exe -> Google [Ver = 2.2.824.5515.beta | Size = 138680 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
GoogleUpdaterSetup.exe -> C:\WINDOWS\Temp\gis79cf9\GoogleUpdaterSetup.exe -> Google Inc. [Ver = 2.2.940.34809.beta | Size = 124400 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
gtfirstboot.exe -> C:\WINDOWS\Temp\gis79cf9\gtfirstboot.exe -> [Ver = | Size = 65536 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
C:\WINDOWS\Temp\gisd05dc\ -> C:\WINDOWS\Temp\gisd05dc -> [Folder | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
GoogleUpdater.exe -> C:\WINDOWS\Temp\gisd05dc\GoogleUpdater.exe -> Google [Ver = 2.0.755.22488.beta | Size = 123640 bytes | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
GoogleUpdaterAdminPrefs.exe -> C:\WINDOWS\Temp\gisd05dc\GoogleUpdaterAdminPrefs.exe -> Google [Ver = 2.0.755.22488.beta | Size = 182520 bytes | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
GoogleUpdaterInstallMgr.exe -> C:\WINDOWS\Temp\gisd05dc\GoogleUpdaterInstallMgr.exe -> Google [Ver = 2.0.755.22488.beta | Size = 581880 bytes | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
GoogleUpdaterService.exe -> C:\WINDOWS\Temp\gisd05dc\GoogleUpdaterService.exe -> Google [Ver = 2.0.755.22488.beta | Size = 136952 bytes | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
GoogleUpdaterSetup.exe -> C:\WINDOWS\Temp\gisd05dc\GoogleUpdaterSetup.exe -> Google Inc. [Ver = 2.0.755.22488.beta | Size = 123128 bytes | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
SearchWithGoogleUpdate_en.exe -> C:\WINDOWS\Temp\gisd05dc\SearchWithGoogleUpdate_en.exe -> Google Inc. [Ver = 1, 2, 1128, 2480 | Size = 602552 bytes | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\ -> C:\WINDOWS\Temp\McAfeeInstall (2) -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
Install.exe -> C:\WINDOWS\Temp\McAfeeInstall (2)\Install.exe -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 656984 bytes | Modified Date = 1/8/2007 1:46:56 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
mcclean.exe -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\mcclean.exe -> McAfee, Inc. [Ver = 1.0.118.0 | Size = 230952 bytes | Modified Date = 8/28/2006 8:53:18 AM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
mcclean.exe -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\mcclean.exe -> McAfee, Inc. [Ver = 1.0.118.0 | Size = 230952 bytes | Modified Date = 8/28/2006 8:53:18 AM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\ -> C:\WINDOWS\Temp\McAfeeInstall (3) -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
Install.exe -> C:\WINDOWS\Temp\McAfeeInstall (3)\Install.exe -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 656984 bytes | Modified Date = 1/8/2007 1:46:56 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
mcclean.exe -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\mcclean.exe -> McAfee, Inc. [Ver = 1.0.118.0 | Size = 230952 bytes | Modified Date = 8/28/2006 8:53:18 AM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
mcclean.exe -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\mcclean.exe -> McAfee, Inc. [Ver = 1.0.118.0 | Size = 230952 bytes | Modified Date = 8/28/2006 8:53:18 AM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
McInst.exe -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\McInst.exe -> McAfee, Inc. [Ver = 2,2,107,0 | Size = 291944 bytes | Modified Date = 1/9/2007 9:04:20 AM | Attr = ]
C:\WINDOWS\Temp\mcu17.tmp\ -> C:\WINDOWS\Temp\mcu17.tmp\ -> [Folder | Modified Date = 1/21/2007 9:55:15 PM | Attr = ]
McAppIns.exe -> C:\WINDOWS\Temp\mcu17.tmp\McAppIns.exe -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 131072 bytes | Modified Date = 1/23/2006 6:55:06 PM | Attr = ]
C:\WINDOWS\Temp\mcu19.tmp\ -> C:\WINDOWS\Temp\mcu19.tmp\ -> [Folder | Modified Date = 1/30/2007 11:44:23 AM | Attr = ]
McAppIns.exe -> C:\WINDOWS\Temp\mcu19.tmp\McAppIns.exe -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 131072 bytes | Modified Date = 1/23/2006 6:55:06 PM | Attr = ]
C:\WINDOWS\Temp\mcu21.tmp\ -> C:\WINDOWS\Temp\mcu21.tmp\ -> [Folder | Modified Date = 12/24/2006 5:58:08 PM | Attr = ]
McAppIns.exe -> C:\WINDOWS\Temp\mcu21.tmp\McAppIns.exe -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 131072 bytes | Modified Date = 1/23/2006 6:55:06 PM | Attr = ]
C:\WINDOWS\Temp\mcu26.tmp\ -> C:\WINDOWS\Temp\mcu26.tmp\ -> [Folder | Modified Date = 1/15/2007 7:30:37 PM | Attr = ]
McAppIns.exe -> C:\WINDOWS\Temp\mcu26.tmp\McAppIns.exe -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 131072 bytes | Modified Date = 1/23/2006 6:55:06 PM | Attr = ]
C:\WINDOWS\Temp\mcu3A.tmp\ -> C:\WINDOWS\Temp\mcu3A.tmp\ -> [Folder | Modified Date = 1/14/2007 10:24:15 PM | Attr = ]
McAppIns.exe -> C:\WINDOWS\Temp\mcu3A.tmp\McAppIns.exe -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 131072 bytes | Modified Date = 1/23/2006 6:55:06 PM | Attr = ]
C:\WINDOWS\Temp\mcu80.tmp\ -> C:\WINDOWS\Temp\mcu80.tmp\ -> [Folder | Modified Date = 2/8/2007 8:26:02 AM | Attr = ]
McAppIns.exe -> C:\WINDOWS\Temp\mcu80.tmp\McAppIns.exe -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 131072 bytes | Modified Date = 1/23/2006 6:55:06 PM | Attr = ]
C:\WINDOWS\Temp\mcuE.tmp\ -> C:\WINDOWS\Temp\mcuE.tmp\ -> [Folder | Modified Date = 1/28/2007 8:52:24 PM | Attr = ]
McAppIns.exe -> C:\WINDOWS\Temp\mcuE.tmp\McAppIns.exe -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 131072 bytes | Modified Date = 1/23/2006 6:55:06 PM | Attr = ]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CRSLMR2P\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CRSLMR2P -> [Folder | Modified Date = 2/12/2007 9:19:20 PM | Attr = S]
DMSetup[1].exe -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CRSLMR2P\DMSetup[1].exe -> McAfee, Inc. [Ver = 1,2,104,0 | Size = 591400 bytes | Modified Date = 2/12/2007 9:46:42 PM | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemRoot%\Temp\Temporary Internet Files\Content.IE5\CRSLMR2P\DMSetup[1].exe:Zone.Identifier
C:\WINDOWS\Temp\gis544a5e\ -> C:\WINDOWS\Temp\gis544a5e -> [Folder | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
ci.dll -> C:\WINDOWS\Temp\gis544a5e\ci.dll -> Google [Ver = 2.0.748.20414.beta | Size = 824320 bytes | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
cires_en.dll -> C:\WINDOWS\Temp\gis544a5e\cires_en.dll -> [Ver = | Size = 123392 bytes | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
npCIDetect9.dll -> C:\WINDOWS\Temp\gis544a5e\npCIDetect9.dll -> Google [Ver = 2.0.748.20414.beta | Size = 82944 bytes | Modified Date = 1/25/2007 9:50:19 PM | Attr = ]
C:\WINDOWS\Temp\gis6e11b\ -> C:\WINDOWS\Temp\gis6e11b -> [Folder | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
ci.dll -> C:\WINDOWS\Temp\gis6e11b\ci.dll -> Google [Ver = 2.1.810.31257.beta | Size = 882176 bytes | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
cires_en.dll -> C:\WINDOWS\Temp\gis6e11b\cires_en.dll -> [Ver = | Size = 124928 bytes | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
npCIDetect10.dll -> C:\WINDOWS\Temp\gis6e11b\npCIDetect10.dll -> Google [Ver = 2.1.810.31257.beta | Size = 83968 bytes | Modified Date = 4/10/2007 8:01:29 PM | Attr = ]
C:\WINDOWS\Temp\gis79cf9\ -> C:\WINDOWS\Temp\gis79cf9 -> [Folder | Modified Date = 8/21/2007 8:48:28 PM | Attr = ]
ci.dll -> C:\WINDOWS\Temp\gis79cf9\ci.dll -> Google [Ver = 2.2.940.34809.beta | Size = 908800 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
cires_en.dll -> C:\WINDOWS\Temp\gis79cf9\cires_en.dll -> [Ver = | Size = 126464 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
npCIDetect11.dll -> C:\WINDOWS\Temp\gis79cf9\npCIDetect11.dll -> Google [Ver = 2.2.940.34809.beta | Size = 83968 bytes | Modified Date = 8/15/2007 10:05:59 AM | Attr = ]
C:\WINDOWS\Temp\gisd05dc\ -> C:\WINDOWS\Temp\gisd05dc -> [Folder | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
ci.dll -> C:\WINDOWS\Temp\gisd05dc\ci.dll -> Google [Ver = 2.0.755.22488.beta | Size = 824320 bytes | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
cires_en.dll -> C:\WINDOWS\Temp\gisd05dc\cires_en.dll -> [Ver = | Size = 123392 bytes | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
npCIDetect9.dll -> C:\WINDOWS\Temp\gisd05dc\npCIDetect9.dll -> Google [Ver = 2.0.755.22488.beta | Size = 82944 bytes | Modified Date = 2/7/2007 4:09:04 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\ -> C:\WINDOWS\Temp\McAfeeInstall (2) -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
CodeRes.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\CodeRes.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 210520 bytes | Modified Date = 1/8/2007 1:46:52 PM | Attr = ]
EulaRes.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\EulaRes.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 1254952 bytes | Modified Date = 1/20/2007 9:20:32 AM | Attr = ]
InstProg.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\InstProg.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 198232 bytes | Modified Date = 1/8/2007 1:46:54 PM | Attr = ]
L10NRes.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\L10NRes.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 26152 bytes | Modified Date = 1/20/2007 9:20:34 AM | Attr = ]
McBrwsr2.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\McBrwsr2.dll -> McAfee, Inc. [Ver = 7,2,112,0 | Size = 239216 bytes | Modified Date = 1/8/2007 11:46:22 AM | Attr = ]
McUtil.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\McUtil.dll -> McAfee, Inc. [Ver = 7,2,112,0 | Size = 110704 bytes | Modified Date = 1/8/2007 11:46:18 AM | Attr = ]
MispLF.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\MispLF.dll -> McAfee, Inc. [Ver = 7,2,112,0 | Size = 231024 bytes | Modified Date = 1/8/2007 11:46:20 AM | Attr = ]
OEMRes.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\OEMRes.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 8232 bytes | Modified Date = 1/20/2007 9:20:02 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
mfwchck.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\mfwchck.dll -> McAfee, Inc. [Ver = 8.2.154.0 | Size = 271912 bytes | Modified Date = 1/10/2007 1:25:02 PM | Attr = ]
mpfinst.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\mpfinst.dll -> McAfee Corporation [Ver = 8.2.115.0 | Size = 59432 bytes | Modified Date = 1/15/2007 1:16:06 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
checkmps.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\checkmps.dll -> McAfee, Inc. [Ver = 9.2.128.0 | Size = 176680 bytes | Modified Date = 1/16/2007 3:41:38 PM | Attr = ]
Uninst.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\Uninst.dll -> Network Associates, Inc. [Ver = 6.1.0.132 | Size = 108080 bytes | Modified Date = 8/4/2006 3:41:08 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
MSADPre.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad\MSADPre.dll -> McAfee, Inc. [Ver = 2,3,0,6028 | Size = 222760 bytes | Modified Date = 2/8/2007 7:40:16 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
mcmscins.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc\mcmscins.dll -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 218712 bytes | Modified Date = 1/5/2007 2:21:32 PM | Attr = ]
mscinres.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc\mscinres.dll -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 16936 bytes | Modified Date = 1/18/2007 5:39:14 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
mcmskins.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\mcmskins.dll -> McAfee Inc. [Ver = 8.2.125.0 | Size = 183888 bytes | Modified Date = 1/17/2007 3:30:22 PM | Attr = ]
mskres.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\mskres.dll -> McAfee Inc. [Ver = 8.2.125.0 | Size = 51752 bytes | Modified Date = 1/20/2007 5:26:10 PM | Attr = ]
uninst.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\uninst.dll -> Network Associates, Inc. [Ver = 6.1.0.132 | Size = 108080 bytes | Modified Date = 7/21/2006 8:41:22 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
mcvsoins.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\mcvsoins.dll -> McAfee, Inc. [Ver = 11,2,121,0 | Size = 153168 bytes | Modified Date = 1/16/2007 4:03:42 PM | Attr = ]
uninst.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\uninst.dll -> Network Associates, Inc. [Ver = 6.1.0.132 | Size = 102400 bytes | Modified Date = 3/23/2006 3:41:42 PM | Attr = ]
vsinsres.dll -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\vsinsres.dll -> McAfee, Inc. [Ver = 11,2,121,0 | Size = 75344 bytes | Modified Date = 1/25/2007 4:45:42 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\ -> C:\WINDOWS\Temp\McAfeeInstall (3) -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
CodeRes.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\CodeRes.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 210520 bytes | Modified Date = 1/8/2007 1:46:52 PM | Attr = ]
EulaRes.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\EulaRes.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 1254952 bytes | Modified Date = 1/20/2007 9:20:32 AM | Attr = ]
InstProg.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\InstProg.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 198232 bytes | Modified Date = 1/8/2007 1:46:54 PM | Attr = ]
L10NRes.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\L10NRes.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 26152 bytes | Modified Date = 1/20/2007 9:20:34 AM | Attr = ]
McBrwsr2.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\McBrwsr2.dll -> McAfee, Inc. [Ver = 7,2,112,0 | Size = 239216 bytes | Modified Date = 1/8/2007 11:46:22 AM | Attr = ]
McUtil.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\McUtil.dll -> McAfee, Inc. [Ver = 7,2,112,0 | Size = 110704 bytes | Modified Date = 1/8/2007 11:46:18 AM | Attr = ]
MispLF.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\MispLF.dll -> McAfee, Inc. [Ver = 7,2,112,0 | Size = 231024 bytes | Modified Date = 1/8/2007 11:46:20 AM | Attr = ]
OEMRes.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\OEMRes.dll -> McAfee, Inc. [Ver = 1,2,105,0 | Size = 8232 bytes | Modified Date = 1/20/2007 9:20:02 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
mfwchck.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\mfwchck.dll -> McAfee, Inc. [Ver = 8.2.154.0 | Size = 271912 bytes | Modified Date = 1/10/2007 1:25:02 PM | Attr = ]
mpfinst.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\mpfinst.dll -> McAfee Corporation [Ver = 8.2.115.0 | Size = 59432 bytes | Modified Date = 1/15/2007 1:16:06 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
checkmps.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\checkmps.dll -> McAfee, Inc. [Ver = 9.2.128.0 | Size = 176680 bytes | Modified Date = 1/16/2007 3:41:38 PM | Attr = ]
Uninst.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\Uninst.dll -> Network Associates, Inc. [Ver = 6.1.0.132 | Size = 108080 bytes | Modified Date = 8/4/2006 3:41:08 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
MSADPre.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad\MSADPre.dll -> McAfee, Inc. [Ver = 2,3,0,6028 | Size = 222760 bytes | Modified Date = 2/8/2007 7:40:16 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
mcmscins.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc\mcmscins.dll -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 218712 bytes | Modified Date = 1/5/2007 2:21:32 PM | Attr = ]
mscinres.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc\mscinres.dll -> McAfee, Inc. [Ver = 7,2,142,0 | Size = 16936 bytes | Modified Date = 1/18/2007 5:39:14 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
mcmskins.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\mcmskins.dll -> McAfee Inc. [Ver = 8.2.125.0 | Size = 183888 bytes | Modified Date = 1/17/2007 3:30:22 PM | Attr = ]
mskres.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\mskres.dll -> McAfee Inc. [Ver = 8.2.125.0 | Size = 51752 bytes | Modified Date = 1/20/2007 5:26:10 PM | Attr = ]
uninst.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\uninst.dll -> Network Associates, Inc. [Ver = 6.1.0.132 | Size = 108080 bytes | Modified Date = 7/21/2006 8:41:22 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
mcvsoins.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\mcvsoins.dll -> McAfee, Inc. [Ver = 11,2,121,0 | Size = 153168 bytes | Modified Date = 1/16/2007 4:03:42 PM | Attr = ]
uninst.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\uninst.dll -> Network Associates, Inc. [Ver = 6.1.0.132 | Size = 102400 bytes | Modified Date = 3/23/2006 3:41:42 PM | Attr = ]
vsinsres.dll -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\vsinsres.dll -> McAfee, Inc. [Ver = 11,2,121,0 | Size = 75344 bytes | Modified Date = 1/25/2007 4:45:42 PM | Attr = ]
C:\WINDOWS\Temp\mcu17.tmp\ -> C:\WINDOWS\Temp\mcu17.tmp\ -> [Folder | Modified Date = 1/21/2007 9:55:15 PM | Attr = ]
mcinsres.dll -> C:\WINDOWS\Temp\mcu17.tmp\mcinsres.dll -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 33280 bytes | Modified Date = 1/23/2006 6:54:54 PM | Attr = ]
C:\WINDOWS\Temp\mcu19.tmp\ -> C:\WINDOWS\Temp\mcu19.tmp\ -> [Folder | Modified Date = 1/30/2007 11:44:23 AM | Attr = ]
mcinsres.dll -> C:\WINDOWS\Temp\mcu19.tmp\mcinsres.dll -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 33280 bytes | Modified Date = 1/23/2006 6:54:54 PM | Attr = ]
C:\WINDOWS\Temp\mcu21.tmp\ -> C:\WINDOWS\Temp\mcu21.tmp\ -> [Folder | Modified Date = 12/24/2006 5:58:08 PM | Attr = ]
mcinsres.dll -> C:\WINDOWS\Temp\mcu21.tmp\mcinsres.dll -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 33280 bytes | Modified Date = 1/23/2006 6:54:54 PM | Attr = ]
C:\WINDOWS\Temp\mcu26.tmp\ -> C:\WINDOWS\Temp\mcu26.tmp\ -> [Folder | Modified Date = 1/15/2007 7:30:37 PM | Attr = ]
mcinsres.dll -> C:\WINDOWS\Temp\mcu26.tmp\mcinsres.dll -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 33280 bytes | Modified Date = 1/23/2006 6:54:54 PM | Attr = ]
C:\WINDOWS\Temp\mcu3A.tmp\ -> C:\WINDOWS\Temp\mcu3A.tmp\ -> [Folder | Modified Date = 1/14/2007 10:24:15 PM | Attr = ]
mcinsres.dll -> C:\WINDOWS\Temp\mcu3A.tmp\mcinsres.dll -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 33280 bytes | Modified Date = 1/23/2006 6:54:54 PM | Attr = ]
C:\WINDOWS\Temp\mcu80.tmp\ -> C:\WINDOWS\Temp\mcu80.tmp\ -> [Folder | Modified Date = 2/8/2007 8:26:02 AM | Attr = ]
mcinsres.dll -> C:\WINDOWS\Temp\mcu80.tmp\mcinsres.dll -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 33280 bytes | Modified Date = 1/23/2006 6:54:54 PM | Attr = ]
C:\WINDOWS\Temp\mcuE.tmp\ -> C:\WINDOWS\Temp\mcuE.tmp\ -> [Folder | Modified Date = 1/28/2007 8:52:24 PM | Attr = ]
mcinsres.dll -> C:\WINDOWS\Temp\mcuE.tmp\mcinsres.dll -> McAfee, Inc [Ver = 6, 0, 0, 22 | Size = 33280 bytes | Modified Date = 1/23/2006 6:54:54 PM | Attr = ]
C:\WINDOWS\Temp\nsb7E.tmp\ -> C:\WINDOWS\Temp\nsb7E.tmp\ -> [Folder | Modified Date = 10/31/2007 9:08:12 PM | Attr = ]
NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsb7E.tmp\NSIS_Picasa.dll -> [Ver = | Size = 55808 bytes | Modified Date = 10/31/2007 9:08:12 PM | Attr = ]
C:\WINDOWS\Temp\nsbA5.tmp\ -> C:\WINDOWS\Temp\nsbA5.tmp\ -> [Folder | Modified Date = 7/28/2007 7:46:58 PM | Attr = ]
NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsbA5.tmp\NSIS_Picasa.dll -> [Ver = | Size = 54784 bytes | Modified Date = 7/28/2007 7:46:45 PM | Attr = ]
C:\WINDOWS\Temp\nsc90.tmp\ -> C:\WINDOWS\Temp\nsc90.tmp\ -> [Folder | Modified Date = 9/11/2007 3:09:09 PM | Attr = ]
NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsc90.tmp\NSIS_Picasa.dll -> [Ver = | Size = 55808 bytes | Modified Date = 9/11/2007 3:09:09 PM | Attr = ]
C:\WINDOWS\Temp\nsiB9.tmp\ -> C:\WINDOWS\Temp\nsiB9.tmp\ -> [Folder | Modified Date = 4/12/2008 8:39:38 AM | Attr = ]
NSIS_Picasa.dll -> C:\WINDOWS\Temp\nsiB9.tmp\NSIS_Picasa.dll -> [Ver = | Size = 51200 bytes | Modified Date = 4/12/2008 8:39:38 AM | Attr = ]
C:\WINDOWS\Temp\nst1E.tmp\ -> C:\WINDOWS\Temp\nst1E.tmp\ -> [Folder | Modified Date = 3/25/2007 7:37:28 PM | Attr = ]
NSIS_Picasa.dll -> C:\WINDOWS\Temp\nst1E.tmp\NSIS_Picasa.dll -> [Ver = | Size = 54784 bytes | Modified Date = 3/25/2007 7:37:19 PM | Attr = ]
C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 8/24/2008 7:13:36 PM | Attr = ]
Perflib_Perfdata_14c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_14c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/4/2008 9:47:59 AM | Attr = ]
Perflib_Perfdata_154.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_154.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/8/2008 10:15:15 AM | Attr = ]
Perflib_Perfdata_158.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_158.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/6/2008 12:05:19 AM | Attr = ]
Perflib_Perfdata_17c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_17c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 7/1/2008 5:30:29 AM | Attr = ]
Perflib_Perfdata_184.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_184.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/6/2008 3:02:53 PM | Attr = ]
Perflib_Perfdata_188.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_188.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/7/2008 9:12:25 AM | Attr = ]
Perflib_Perfdata_190.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_190.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/4/2008 6:57:14 PM | Attr = ]
Perflib_Perfdata_2ac.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_2ac.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/6/2008 8:41:38 PM | Attr = ]
Perflib_Perfdata_4bc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_4bc.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/21/2007 9:16:42 PM | Attr = ]
Perflib_Perfdata_558.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_558.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/4/2008 10:48:47 PM | Attr = ]
Perflib_Perfdata_794.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_794.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/16/2008 4:19:45 PM | Attr = ]
Perflib_Perfdata_79c.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_79c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/20/2008 8:05:41 AM | Attr = ]
Perflib_Perfdata_7ac.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7ac.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/20/2008 10:04:10 PM | Attr = ]
Perflib_Perfdata_7b0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7b0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/21/2008 8:22:02 AM | Attr = ]
Perflib_Perfdata_7b4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7b4.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/24/2008 9:23:22 AM | Attr = ]
Perflib_Perfdata_7c0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7c0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/5/2008 5:42:38 PM | Attr = ]
Perflib_Perfdata_7e0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7e0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/23/2008 6:46:17 PM | Attr = ]
Perflib_Perfdata_7e8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7e8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/5/2008 12:17:50 PM | Attr = ]
Perflib_Perfdata_7ec.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7ec.dat -> [Ver = | Size = 16384 bytes | Modified Date = 8/24/2008 6:34:46 PM | Attr = ]
Perflib_Perfdata_e24.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_e24.dat -> [Ver = | Size = 16384 bytes | Modified Date = 6/14/2007 7:40:09 PM | Attr = ]
30 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
C:\WINDOWS\Temp\Cookies\ -> C:\WINDOWS\Temp\Cookies -> [Folder | Modified Date = 2/12/2007 8:19:27 PM | Attr = HS]
index.dat -> C:\WINDOWS\Temp\Cookies\index.dat -> [Ver = | Size = 32768 bytes | Modified Date = 7/1/2008 10:09:09 AM | Attr = ]
C:\WINDOWS\Temp\History\History.IE5\ -> C:\WINDOWS\Temp\History\History.IE5\ -> [Folder | Modified Date = 12/24/2006 5:23:36 PM | Attr = HS]
index.dat -> C:\WINDOWS\Temp\History\History.IE5\index.dat -> [Ver = | Size = 49152 bytes | Modified Date = 7/1/2008 10:09:09 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\subinfo.dat -> [Ver = | Size = 2385 bytes | Modified Date = 2/12/2007 8:38:39 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\subinfo.dat -> [Ver = | Size = 2381 bytes | Modified Date = 2/12/2007 8:38:39 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad\subinfo.dat -> [Ver = | Size = 2371 bytes | Modified Date = 2/12/2007 8:38:39 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
mskuicfg.dat -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\mskuicfg.dat -> [Ver = | Size = 265 bytes | Modified Date = 3/31/2006 10:59:40 AM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\subinfo.dat -> [Ver = | Size = 2361 bytes | Modified Date = 2/12/2007 8:38:39 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\subinfo.dat -> [Ver = | Size = 2357 bytes | Modified Date = 2/12/2007 8:38:39 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\subinfo.dat -> [Ver = | Size = 2385 bytes | Modified Date = 2/12/2007 8:54:16 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\subinfo.dat -> [Ver = | Size = 2381 bytes | Modified Date = 2/12/2007 8:54:16 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad\subinfo.dat -> [Ver = | Size = 2371 bytes | Modified Date = 2/12/2007 8:54:16 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
mskuicfg.dat -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\mskuicfg.dat -> [Ver = | Size = 265 bytes | Modified Date = 3/31/2006 10:59:40 AM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\subinfo.dat -> [Ver = | Size = 2361 bytes | Modified Date = 2/12/2007 8:54:16 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
subinfo.dat -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\subinfo.dat -> [Ver = | Size = 2357 bytes | Modified Date = 2/12/2007 8:54:16 PM | Attr = ]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> [Folder | Modified Date = 12/4/2006 7:45:53 PM | Attr = HS]
index.dat -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat -> [Ver = | Size = 65536 bytes | Modified Date = 7/1/2008 10:09:09 AM | Attr = ]
C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp -> [Folder | Modified Date = 8/24/2008 7:13:36 PM | Attr = ]
{AC76BA86-7AD7-1033-7B44-A81000000003}.ini -> C:\WINDOWS\Temp\{AC76BA86-7AD7-1033-7B44-A81000000003}.ini -> [Ver = | Size = 660 bytes | Modified Date = 8/15/2007 11:08:37 AM | Attr = ]
30 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
C:\WINDOWS\Temp\History\History.IE5\ -> C:\WINDOWS\Temp\History\History.IE5\ -> [Folder | Modified Date = 12/24/2006 5:23:36 PM | Attr = HS]
desktop.ini -> C:\WINDOWS\Temp\History\History.IE5\desktop.ini -> [Ver = | Size = 113 bytes | Modified Date = 12/4/2006 7:45:53 PM | Attr = HS]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
depend.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\depend.ini -> [Ver = | Size = 196 bytes | Modified Date = 5/23/2006 10:44:30 AM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\install.ini -> [Ver = | Size = 361 bytes | Modified Date = 4/20/2006 12:57:16 PM | Attr = ]
master.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\master.ini -> [Ver = | Size = 234 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
mpfp.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\mpfp.ini -> [Ver = | Size = 189 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
mpfp1.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\mpfp1.ini -> [Ver = | Size = 3301 bytes | Modified Date = 11/28/2006 1:01:58 PM | Attr = ]
mpfpcu.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\mpfpcu.ini -> [Ver = | Size = 95 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
mpfpcu1.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\mpfpcu1.ini -> [Ver = | Size = 309 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
msc.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\msc.ini -> [Ver = | Size = 134 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
msc1.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mpf\msc1.ini -> [Ver = | Size = 408 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
depend.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\depend.ini -> [Ver = | Size = 139 bytes | Modified Date = 3/29/2006 9:25:06 AM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\install.ini -> [Ver = | Size = 389 bytes | Modified Date = 5/4/2006 3:04:32 PM | Attr = ]
master.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\master.ini -> [Ver = | Size = 228 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
mps.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\mps.ini -> [Ver = | Size = 494 bytes | Modified Date = 1/23/2007 5:23:04 PM | Attr = ]
mps7.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\mps7.ini -> [Ver = | Size = 3696 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
mps8.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\mps8.ini -> [Ver = | Size = 3908 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
mps9.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\mps9.ini -> [Ver = | Size = 1209 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
mps_un.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\mps_un.ini -> [Ver = | Size = 207 bytes | Modified Date = 6/28/2006 2:18:30 PM | Attr = ]
shredder.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\shredder.ini -> [Ver = | Size = 702 bytes | Modified Date = 5/23/2006 1:18:54 PM | Attr = ]
shred_un.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\shred_un.ini -> [Ver = | Size = 206 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
uninst.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\mps\uninst.ini -> [Ver = | Size = 92817 bytes | Modified Date = 1/10/2007 1:41:26 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msad\install.ini -> [Ver = | Size = 302 bytes | Modified Date = 11/2/2006 8:27:30 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msc\install.ini -> [Ver = | Size = 387 bytes | Modified Date = 12/17/2006 4:38:40 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\install.ini -> [Ver = | Size = 382 bytes | Modified Date = 4/18/2006 12:38:40 PM | Attr = ]
uninst.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\msk\uninst.ini -> [Ver = | Size = 92121 bytes | Modified Date = 1/10/2007 12:21:36 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\ -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso -> [Folder | Modified Date = 2/12/2007 8:51:49 PM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\install.ini -> [Ver = | Size = 352 bytes | Modified Date = 6/26/2006 9:19:34 PM | Attr = ]
uninst.ini -> C:\WINDOWS\Temp\McAfeeInstall (2)\Apps\vso\uninst.ini -> [Ver = | Size = 146818 bytes | Modified Date = 1/16/2007 12:32:02 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
depend.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\depend.ini -> [Ver = | Size = 196 bytes | Modified Date = 5/23/2006 10:44:30 AM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\install.ini -> [Ver = | Size = 361 bytes | Modified Date = 4/20/2006 12:57:16 PM | Attr = ]
master.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\master.ini -> [Ver = | Size = 234 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
mpfp.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\mpfp.ini -> [Ver = | Size = 189 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
mpfp1.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\mpfp1.ini -> [Ver = | Size = 3301 bytes | Modified Date = 11/28/2006 1:01:58 PM | Attr = ]
mpfpcu.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\mpfpcu.ini -> [Ver = | Size = 95 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
mpfpcu1.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\mpfpcu1.ini -> [Ver = | Size = 309 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
msc.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\msc.ini -> [Ver = | Size = 134 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
msc1.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mpf\msc1.ini -> [Ver = | Size = 408 bytes | Modified Date = 5/23/2006 10:44:32 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
depend.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\depend.ini -> [Ver = | Size = 139 bytes | Modified Date = 3/29/2006 9:25:06 AM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\install.ini -> [Ver = | Size = 389 bytes | Modified Date = 5/4/2006 3:04:32 PM | Attr = ]
master.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\master.ini -> [Ver = | Size = 228 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
mps.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\mps.ini -> [Ver = | Size = 494 bytes | Modified Date = 1/23/2007 5:23:04 PM | Attr = ]
mps7.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\mps7.ini -> [Ver = | Size = 3696 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
mps8.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\mps8.ini -> [Ver = | Size = 3908 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
mps9.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\mps9.ini -> [Ver = | Size = 1209 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
mps_un.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\mps_un.ini -> [Ver = | Size = 207 bytes | Modified Date = 6/28/2006 2:18:30 PM | Attr = ]
shredder.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\shredder.ini -> [Ver = | Size = 702 bytes | Modified Date = 5/23/2006 1:18:54 PM | Attr = ]
shred_un.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\shred_un.ini -> [Ver = | Size = 206 bytes | Modified Date = 6/15/2006 10:25:12 AM | Attr = ]
uninst.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\mps\uninst.ini -> [Ver = | Size = 92817 bytes | Modified Date = 1/10/2007 1:41:26 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msad\install.ini -> [Ver = | Size = 302 bytes | Modified Date = 11/2/2006 8:27:30 AM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msc\install.ini -> [Ver = | Size = 387 bytes | Modified Date = 12/17/2006 4:38:40 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\install.ini -> [Ver = | Size = 382 bytes | Modified Date = 4/18/2006 12:38:40 PM | Attr = ]
uninst.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\msk\uninst.ini -> [Ver = | Size = 92121 bytes | Modified Date = 1/10/2007 12:21:36 PM | Attr = ]
C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\ -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso -> [Folder | Modified Date = 2/12/2007 9:05:04 PM | Attr = ]
install.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\install.ini -> [Ver = | Size = 352 bytes | Modified Date = 6/26/2006 9:19:34 PM | Attr = ]
uninst.ini -> C:\WINDOWS\Temp\McAfeeInstall (3)\Apps\vso\uninst.ini -> [Ver = | Size = 146818 bytes | Modified Date = 1/16/2007 12:32:02 PM | Attr = ]
C:\WINDOWS\Temp\mcu10.tmp\vso\ -> C:\WINDOWS\Temp\mcu10.tmp\vso -> [Folder | Modified Date = 1/15/2007 7:36:14 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu10.tmp\vso\mcdelta.ini -> [Ver = | Size = 996 bytes | Modified Date = 1/15/2007 7:36:13 PM | Attr = ]
C:\WINDOWS\Temp\mcu15.tmp\vso\ -> C:\WINDOWS\Temp\mcu15.tmp\vso -> [Folder | Modified Date = 1/28/2007 8:57:46 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu15.tmp\vso\mcdelta.ini -> [Ver = | Size = 998 bytes | Modified Date = 1/28/2007 8:57:46 PM | Attr = ]
C:\WINDOWS\Temp\mcu16.tmp\vso\ -> C:\WINDOWS\Temp\mcu16.tmp\vso -> [Folder | Modified Date = 1/25/2007 8:26:18 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu16.tmp\vso\mcdelta.ini -> [Ver = | Size = 998 bytes | Modified Date = 1/25/2007 8:26:18 PM | Attr = ]
C:\WINDOWS\Temp\mcu18.tmp\vso\ -> C:\WINDOWS\Temp\mcu18.tmp\vso -> [Folder | Modified Date = 12/24/2006 5:57:22 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu18.tmp\vso\mcdelta.ini -> [Ver = | Size = 996 bytes | Modified Date = 12/24/2006 5:57:22 PM | Attr = ]
C:\WINDOWS\Temp\mcu1A.tmp\vso\ -> C:\WINDOWS\Temp\mcu1A.tmp\vso -> [Folder | Modified Date = 1/14/2007 10:29:43 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu1A.tmp\vso\mcdelta.ini -> [Ver = | Size = 996 bytes | Modified Date = 1/14/2007 10:29:42 PM | Attr = ]
C:\WINDOWS\Temp\mcu1C.tmp\vso\ -> C:\WINDOWS\Temp\mcu1C.tmp\vso -> [Folder | Modified Date = 1/30/2007 11:46:23 AM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu1C.tmp\vso\mcdelta.ini -> [Ver = | Size = 998 bytes | Modified Date = 1/30/2007 11:46:23 AM | Attr = ]
C:\WINDOWS\Temp\mcu1D.tmp\vso\ -> C:\WINDOWS\Temp\mcu1D.tmp\vso -> [Folder | Modified Date = 1/20/2007 7:37:48 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu1D.tmp\vso\mcdelta.ini -> [Ver = | Size = 997 bytes | Modified Date = 1/20/2007 7:37:48 PM | Attr = ]
C:\WINDOWS\Temp\mcu21.tmp\ -> C:\WINDOWS\Temp\mcu21.tmp\ -> [Folder | Modified Date = 12/24/2006 5:58:08 PM | Attr = ]
AgentVer.ini -> C:\WINDOWS\Temp\mcu21.tmp\AgentVer.ini -> [Ver = | Size = 11725 bytes | Modified Date = 12/24/2006 5:24:33 PM | Attr = ]
MSKVer.ini -> C:\WINDOWS\Temp\mcu21.tmp\MSKVer.ini -> [Ver = | Size = 7253 bytes | Modified Date = 12/24/2006 5:24:32 PM | Attr = ]
C:\WINDOWS\Temp\mcu27.tmp\vso\ -> C:\WINDOWS\Temp\mcu27.tmp\vso -> [Folder | Modified Date = 2/8/2007 9:11:55 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu27.tmp\vso\mcdelta.ini -> [Ver = | Size = 995 bytes | Modified Date = 2/8/2007 9:11:54 PM | Attr = ]
C:\WINDOWS\Temp\mcu28.tmp\vso\ -> C:\WINDOWS\Temp\mcu28.tmp\vso -> [Folder | Modified Date = 2/12/2007 8:17:24 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu28.tmp\vso\mcdelta.ini -> [Ver = | Size = 995 bytes | Modified Date = 2/12/2007 8:17:24 PM | Attr = ]
C:\WINDOWS\Temp\mcu2E.tmp\vso\ -> C:\WINDOWS\Temp\mcu2E.tmp\vso -> [Folder | Modified Date = 2/10/2007 3:38:56 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu2E.tmp\vso\mcdelta.ini -> [Ver = | Size = 995 bytes | Modified Date = 2/10/2007 3:38:55 PM | Attr = ]
C:\WINDOWS\Temp\mcu32.tmp\vso\ -> C:\WINDOWS\Temp\mcu32.tmp\vso -> [Folder | Modified Date = 1/1/2007 9:34:11 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu32.tmp\vso\mcdelta.ini -> [Ver = | Size = 995 bytes | Modified Date = 1/1/2007 9:34:10 PM | Attr = ]
C:\WINDOWS\Temp\mcu66.tmp\vso\ -> C:\WINDOWS\Temp\mcu66.tmp\vso -> [Folder | Modified Date = 2/5/2007 7:43:08 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu66.tmp\vso\mcdelta.ini -> [Ver = | Size = 996 bytes | Modified Date = 2/5/2007 7:43:07 PM | Attr = ]
C:\WINDOWS\Temp\mcu7F.tmp\vso\ -> C:\WINDOWS\Temp\mcu7F.tmp\vso -> [Folder | Modified Date = 2/2/2007 2:52:04 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu7F.tmp\vso\mcdelta.ini -> [Ver = | Size = 997 bytes | Modified Date = 2/2/2007 2:52:04 PM | Attr = ]
C:\WINDOWS\Temp\mcu84.tmp\vso\ -> C:\WINDOWS\Temp\mcu84.tmp\vso -> [Folder | Modified Date = 2/7/2007 4:04:24 PM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu84.tmp\vso\mcdelta.ini -> [Ver = | Size = 995 bytes | Modified Date = 2/7/2007 4:04:23 PM | Attr = ]
C:\WINDOWS\Temp\mcu96.tmp\vso\ -> C:\WINDOWS\Temp\mcu96.tmp\vso -> [Folder | Modified Date = 2/2/2007 7:24:54 AM | Attr = ]
mcdelta.ini -> C:\WINDOWS\Temp\mcu96.tmp\vso\mcdelta.ini -> [Ver = | Size = 998 bytes | Modified Date = 2/2/2007 7:24:53 AM | Attr = ]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> [Folder | Modified Date = 12/4/2006 7:45:53 PM | Attr = HS]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 12/4/2006 7:45:53 PM | Attr = HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8TSZOHSN\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8TSZOHSN -> [Folder | Modified Date = 2/12/2007 9:46:45 PM | Attr = S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\8TSZOHSN\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 12/4/2006 7:45:53 PM | Attr = HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CRSLMR2P\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CRSLMR2P -> [Folder | Modified Date = 2/12/2007 9:19:20 PM | Attr = S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\CRSLMR2P\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 12/4/2006 7:45:53 PM | Attr = HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\OH2XMB6P\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\OH2XMB6P -> [Folder | Modified Date = 2/12/2007 9:46:50 PM | Attr = S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\OH2XMB6P\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 12/4/2006 7:45:53 PM | Attr = HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S12LSDAT\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S12LSDAT -> [Folder | Modified Date = 2/12/2007 8:53:31 PM | Attr = S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S12LSDAT\desktop.ini -> [Ver = | Size = 67 bytes | Modified Date = 12/4/2006 7:45:53 PM | Attr = HS]
mcltvers[1].ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\S12LSDAT\mcltvers[1].ini -> [Ver = | Size = 2657 bytes | Modified Date = 12/10/2006 6:34:33 PM | Attr = ]
[File - Lop Check: Additional Folder Scans - Non-Microsoft Only]
Application Data -> C:\Documents and Settings\All Users\Application Data -> [Folder | Modified Date = 8/22/2008 7:48:47 PM | Attr = RH ]
Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [Folder | Modified Date = 2/24/2008 7:22:50 PM | Attr = ]
AOL -> C:\Documents and Settings\All Users\Application Data\AOL -> [Folder | Modified Date = 5/23/2008 9:56:18 PM | Attr = ]
AOL Downloads -> C:\Documents and Settings\All Users\Application Data\AOL Downloads -> [Folder | Modified Date = 5/23/2008 9:53:07 PM | Attr = ]
AOL OCP -> C:\Documents and Settings\All Users\Application Data\AOL OCP -> [Folder | Modified Date = 5/23/2008 9:54:17 PM | Attr = ]
Corel -> C:\Documents and Settings\All Users\Application Data\Corel -> [Folder | Modified Date = 11/28/2006 1:06:58 PM | Attr = ]
CyberLink -> C:\Documents and Settings\All Users\Application Data\CyberLink -> [Folder | Modified Date = 11/28/2006 1:19:53 PM | Attr = ]
Dell -> C:\Documents and Settings\All Users\Application Data\Dell -> [Folder | Modified Date = 2/16/2008 9:04:40 PM | Attr = ]
DIGStream -> C:\Documents and Settings\All Users\Application Data\DIGStream -> [Folder | Modified Date = 8/16/2005 7:54:52 PM | Attr = ]
espionServerData -> C:\Documents and Settings\All Users\Application Data\espionServerData -> [Folder | Modified Date = 2/17/2008 7:47:41 PM | Attr = ]
FLEXnet -> C:\Documents and Settings\All Users\Application Data\FLEXnet -> [Folder | Modified Date = 3/20/2008 12:58:31 AM | Attr = ]
Google -> C:\Documents and Settings\All Users\Application Data\Google -> [Folder | Modified Date = 11/28/2006 1:17:05 PM | Attr = ]
Google Updater -> C:\Documents and Settings\All Users\Application Data\Google Updater -> [Folder | Modified Date = 8/23/2008 6:54:49 PM | Attr = ]
GTek -> C:\Documents and Settings\All Users\Application Data\GTek -> [Folder | Modified Date = 11/28/2006 1:19:15 PM | Attr = ]
InstallShield -> C:\Documents and Settings\All Users\Application Data\InstallShield -> [Folder | Modified Date = 11/28/2006 1:10:34 PM | Attr = ]
Intel -> C:\Documents and Settings\All Users\Application Data\Intel -> [Folder | Modified Date = 9/24/2007 9:23:07 AM | Attr = ]
Macromedia -> C:\Documents and Settings\All Users\Application Data\Macromedia -> [Folder | Modified Date = 5/23/2008 9:56:23 PM | Attr = ]
McAfee -> C:\Documents and Settings\All Users\Application Data\McAfee -> [Folder | Modified Date = 8/18/2008 6:03:15 PM | Attr = ]
McAfee.com -> C:\Documents and Settings\All Users\Application Data\McAfee.com -> [Folder | Modified Date = 2/17/2007 7:16:05 PM | Attr = ]
Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [Folder | Modified Date = 5/30/2008 5:57:40 PM | Attr = S]
QuickTime -> C:\Documents and Settings\All Users\Application Data\QuickTime -> [Folder | Modified Date = 10/20/2007 10:25:01 PM | Attr = ]
SiteAdvisor -> C:\Documents and Settings\All Users\Application Data\SiteAdvisor -> [Folder | Modified Date = 6/4/2008 9:41:11 PM | Attr = ]
TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [Folder | Modified Date = 8/24/2008 2:58:38 PM | Attr = ]
@Alternate Data Stream - 120 bytes -> %AllUsersProfile%\Application Data\TEMP:5C321E34
Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [Folder | Modified Date = 11/28/2006 1:10:01 PM | Attr = ]
WildTangent -> C:\Documents and Settings\All Users\Application Data\WildTangent -> [Folder | Modified Date = 12/14/2006 10:00:13 PM | Attr = ]
Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 12/24/2006 5:43:45 PM | Attr = ]
YAHOO -> C:\Documents and Settings\All Users\Application Data\YAHOO -> [Folder | Modified Date = 11/28/2006 1:17:14 PM | Attr = ]
Application Data -> C:\Documents and Settings\Tom Jr\Application Data -> [Folder | Modified Date = 8/23/2008 9:21:37 PM | Attr = RH ]
Adobe -> C:\Documents and Settings\Tom Jr\Application Data\Adobe -> [Folder | Modified Date = 8/21/2008 10:04:05 PM | Attr = ]
AdobeUM -> C:\Documents and Settings\Tom Jr\Application Data\AdobeUM -> [Folder | Modified Date = 7/3/2007 8:55:04 AM | Attr = ]
AOL -> C:\Documents and Settings\Tom Jr\Application Data\AOL -> [Folder | Modified Date = 5/23/2008 9:56:40 PM | Attr = ]
Corel -> C:\Documents and Settings\Tom Jr\Application Data\Corel -> [Folder | Modified Date = 8/21/2008 6:29:52 PM | Attr = ]
CyberLink -> C:\Documents and Settings\Tom Jr\Application Data\CyberLink -> [Folder | Modified Date = 1/11/2008 7:58:28 AM | Attr = ]
EPSON -> C:\Documents and Settings\Tom Jr\Application Data\EPSON -> [Folder | Modified Date = 2/17/2008 7:42:34 PM | Attr = ]
Google -> C:\Documents and Settings\Tom Jr\Application Data\Google -> [Folder | Modified Date = 2/5/2007 2:59:22 PM | Attr = ]
Gtek -> C:\Documents and Settings\Tom Jr\Application Data\Gtek -> [Folder | Modified Date = 11/28/2006 1:19:15 PM | Attr = H ]
Identities -> C:\Documents and Settings\Tom Jr\Application Data\Identities -> [Folder | Modified Date = 8/16/2005 3:50:20 AM | Attr = ]
InstallShield -> C:\Documents and Settings\Tom Jr\Application Data\InstallShield -> [Folder | Modified Date = 11/28/2006 1:17:47 PM | Attr = ]
Intel -> C:\Documents and Settings\Tom Jr\Application Data\Intel -> [Folder | Modified Date = 9/24/2007 9:22:13 AM | Attr = ]
Leadertech -> C:\Documents and Settings\Tom Jr\Application Data\Leadertech -> [Folder | Modified Date = 9/11/2007 5:56:58 PM | Attr = ]
Macromedia -> C:\Documents and Settings\Tom Jr\Application Data\Macromedia -> [Folder | Modified Date = 11/28/2006 1:13:02 PM | Attr = ]
Microsoft -> C:\Documents and Settings\Tom Jr\Application Data\Microsoft -> [Folder | Modified Date = 7/8/2008 12:42:38 AM | Attr = S]
Mozilla -> C:\Documents and Settings\Tom Jr\Application Data\Mozilla -> [Folder | Modified Date = 5/23/2008 9:53:08 PM | Attr = ]
Opera -> C:\Documents and Settings\Tom Jr\Application Data\Opera -> [Folder | Modified Date = 11/16/2007 11:02:30 PM | Attr = ]
Real -> C:\Documents and Settings\Tom Jr\Application Data\Real -> [Folder | Modified Date = 3/16/2008 7:02:33 PM | Attr = ]
Sonic -> C:\Documents and Settings\Tom Jr\Application Data\Sonic -> [Folder | Modified Date = 9/11/2007 6:21:31 PM | Attr = ]
Sun -> C:\Documents and Settings\Tom Jr\Application Data\Sun -> [Folder | Modified Date = 1/21/2007 10:45:20 PM | Attr = ]
Talkback -> C:\Documents and Settings\Tom Jr\Application Data\Talkback -> [Folder | Modified Date = 9/11/2007 9:02:47 PM | Attr = ]
U3 -> C:\Documents and Settings\Tom Jr\Application Data\U3 -> [Folder | Modified Date = 8/24/2008 7:11:55 PM | Attr = ]
Viewpoint -> C:\Documents and Settings\Tom Jr\Application Data\Viewpoint -> [Folder | Modified Date = 2/18/2007 10:27:56 PM | Attr = ]
C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [Folder | Modified Date = 8/24/2008 6:37:46 PM | Attr = S]
desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 8/10/2004 4:00:00 AM | Attr = RH ]
MP Scheduled Scan.job -> C:\WINDOWS\Tasks\MP Scheduled Scan.job -> [Ver = | Size = 330 bytes | Modified Date = 8/24/2008 6:37:46 PM | Attr = H ]
SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 8/24/2008 6:34:46 PM | Attr = H ]
[File - Purity Scan: Additional Folder Scans - Non-Microsoft Only]
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
IPC error: 2 The system cannot find the file specified.
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:4f43edb1
"s2"=dword:992a06cd
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\Thumbs.db:encryptable 0 bytes
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 2
< Document and Settings folder & sub folders >
scanning hidden files ...
IPC error: 2 The system cannot find the file specified.
C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 120 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Impressionism - GalleryPlayer\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Landscapes - GalleryPlayer\ehthumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Landscapes - GalleryPlayer\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Masterpieces - GalleryPlayer\ehthumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Masterpieces - GalleryPlayer\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Nature - GalleryPlayer\ehthumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Nature - GalleryPlayer\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Travel - GalleryPlayer\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Pictures\Vintage - GalleryPlayer\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\All Users\Documents\My Videos\ehthumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\Desktop\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\Favorites\Diving\Dive Frontier Scuba British dive resort in Puerto Galera, Philippine.url:favicon 1406 bytes
C:\Documents and Settings\Tom Jr\Favorites\Diving\Save Money Diving -- Scuba diving, diving holidays, liveaboards, dive packages worldwide.url:favicon 1406 bytes
C:\Documents and Settings\Tom Jr\Favorites\Diving\ScubaBoard - Scuba Forums, Articles, Dive Buddies, Social Network - Equipment and Travel.url:favicon 1406 bytes
C:\Documents and Settings\Tom Jr\Favorites\India\Cheap flights from India to Bangkok - India Travel Forum IndiaMike.com.url:favicon 1406 bytes
C:\Documents and Settings\Tom Jr\Favorites\India\India.url:favicon 2038 bytes
C:\Documents and Settings\Tom Jr\Favorites\India\Train travel in India - a beginner's guide.url:favicon 318 bytes
C:\Documents and Settings\Tom Jr\Favorites\Weather\National Weather Service - NWS San Francisco-Monterey Bay Area.url:favicon 1406 bytes
C:\Documents and Settings\Tom Jr\Favorites\Weather\SFOnws.url:favicon 1406 bytes
C:\Documents and Settings\Tom Jr\Local Settings\Application Data\Microsoft\ehome\Image.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\Local Settings\Application Data\Microsoft\ehome\musicThumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Pictures\Adobe\Digital Camera Photos\2008-07-01-0645-38\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Pictures\Adobe\Digital Camera Photos\My Vespa\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Pictures\Adobe\Digital Camera Photos\Pronence 2008\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Pictures\Christmas and Cruise 2007\ehthumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Pictures\Christmas and Cruise 2007\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Pictures\colorado shots\Colorado2\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Pictures\colorado shots\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Pictures\Picture\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Pictures\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Videos\Experience.mpg:SummaryInformation 352 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Videos\Experience.mpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\My Videos\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\PhiIndon2007\813CANON\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\PhiIndon2007\814CANON\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\PhiIndon2007\815CANON\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\PhiIndon2007\816CANON\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Jr\My Documents\PhiIndon2007\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Sr\01mywork-shop\Thumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Sr\Local Settings\Application Data\Microsoft\ehome\Image.db:encryptable 0 bytes
C:\Documents and Settings\Tom Sr\Local Settings\Application Data\Microsoft\ehome\musicThumbs.db:encryptable 0 bytes
C:\Documents and Settings\Tom Sr\Thumbs.db:encryptable 0 bytes
scan completed successfully
hidden files: 52
< End of report >