Installation Report: Setup

Generated by InCtrl5, version 1.0.0.0
Install program: C:\Documents and Settings\Kobayashi\Desktop\Setup\Setup.exe
4-13-2005 3:19 PM

Contents

• Registry
• Disk Contents
• Ini Files
• Text Files

Registry

Keys ignored: 0

• (none)

Keys added: 37

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Connection Wizard

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Security

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Security\P3Global

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Security\P3Sites

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\TypedURLs

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_DriveFlags

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_GVI

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000\Control

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000\Control

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer\Enum

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer\Security

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv\Enum

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000\Control

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000\Control

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer\Enum

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer\Security

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv\Enum

Keys deleted: 1

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew

Values added: 95

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Connection Wizard "Completed"

Type: REG_BINARY

Data: 01, 00, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"

Type: REG_DWORD

Data: 00, 20, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping "NextId"

Type: REG_DWORD

Data: 01, 20, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main "Check_Associations"

Type: REG_SZ

Data: no

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Security\P3Global "Enabled"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar "Locked"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState "FullPath"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState "Settings"

Type: REG_BINARY

Data: 0C, 00, 02, 00, 0A, 01, 12, 00, 60, 00, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_DriveFlags "Cache"

Type: REG_BINARY

Data: 00, 04, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_DriveFlags "LastUpdate"

Type: REG_DWORD

Data: FB, 68, 02, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_DriveFlags "Version"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_GVI "Cache"

Type: REG_BINARY

Data: 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 06, D2, 7B, D4, FF, 00, 00, 00, FF, 00, 07, 00, 4E, 00, 54, 00, 46, 00, 53, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_GVI "LastUpdate"

Type: REG_DWORD

Data: FB, 68, 02, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints\C\_GVI "Version"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU "MRUListEx"

Type: REG_BINARY

Data: ����

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam "(Default)"

Type: REG_SZ

Data: MEGASECURITY

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache "@shdoclc.dll,-864"

Type: REG_SZ

Data: Show &Related Links

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache "@shdoclc.dll,-865"

Type: REG_SZ

Data: Shows links related to the current page.

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache "@shdoclc.dll,-866"

Type: REG_SZ

Data: Related

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache "LangID"

Type: REG_BINARY

Data:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count "HRZR_EHACNGU:P:\Qbphzragf naq Frggvatf\Xbonlnfuv\Qrfxgbc\Frghc\Frghc.rkr"

Type: REG_BINARY

Data: 0C, 00, 00, 00, 06, 00, 00, 00, 80, 24, E4, C1, 76, 40, C5, 01

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER "NextInstance"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "Class"

Type: REG_SZ

Data: LegacyDriver

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "ClassGUID"

Type: REG_SZ

Data: {8ECC055D-047F-11D1-A537-0000F8753ED1}

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "ConfigFlags"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "DeviceDesc"

Type: REG_SZ

Data: Gray_Pigeon_Server

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "Legacy"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "Service"

Type: REG_SZ

Data: GrayPigeonServer

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000\Control "*NewlyCreated*"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000\Control "ActiveService"

Type: REG_SZ

Data: GrayPigeonServer

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV "NextInstance"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000 "Class"

Type: REG_SZ

Data: LegacyDriver

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000 "ClassGUID"

Type: REG_SZ

Data: {8ECC055D-047F-11D1-A537-0000F8753ED1}

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000 "ConfigFlags"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000 "DeviceDesc"

Type: REG_SZ

Data: mchInjDrv

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000 "Legacy"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000 "Service"

Type: REG_SZ

Data: mchInjDrv

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000\Control "*NewlyCreated*"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV\0000\Control "ActiveService"

Type: REG_SZ

Data: mchInjDrv

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer "Description"

Type: REG_SZ

Data: �Ҹ��ӷ���˳���Զ�̼�ع���.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer "DisplayName"

Type: REG_SZ

Data: Gray_Pigeon_Server

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer "ErrorControl"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer "ImagePath"

Type: REG_EXPAND_SZ

Data: C:\WINNT\G_Server.exe

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer "ObjectName"

Type: REG_SZ

Data: LocalSystem

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer "Start"

Type: REG_DWORD

Data: 02, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer "Type"

Type: REG_DWORD

Data: 10, 01, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer\Enum "0"

Type: REG_SZ

Data: Root\LEGACY_GRAYPIGEONSERVER\0000

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer\Enum "Count"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer\Enum "NextInstance"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GrayPigeonServer\Security "Security"

Type: REG_BINARY

Data: 01, 00, 14, 80, A0, 00, 00, 00, AC, 00, 00, 00, 14, 00, 00, 00, 30, 00, 00, 00, 02, 00, 1C, 00, 01, 00, 00, 00, 02, 80, 14, 00, FF, 01, 0F, 00, 01, 01, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 02, 00, 70, 00, 04, 00, 00, 00, 00, 00, 18, 00, FD, 01, 02, 00, 01, 01, 00, 00, 00, 00, 00, 05, 12, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1C, 00, FF, 01, 0F, 00, 01, 02, 00, 00, 00, 00, 00, 05, 20, 00, 00, 00, 20, 02, 00, 00, 00, 00, 00, 00, 00, 00, 18, 00, 8D, 01, 02, 00, 01, 01, 00, 00, 00, 00, 00, 05, 0B, 00, 00, 00, 20, 02, 00, 00, 00, 00, 1C, 00, FD, 01, 02, 00, 01, 02, 00, 00, 00, 00, 00, 05, 20, 00, 00, 00, 23, 02, 00, 00, 00, 00, 00, 00, 01, 01, 00, 00, 00, 00, 00, 05, 12, 00, 00, 00, 01, 01, 00, 00, 00, 00, 00, 05, 12, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv "DeleteFlag"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv "ErrorControl"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv "ImagePath"

Type: REG_SZ

Data: \??\C:\WINNT\TEMP\mc21.tmp

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv "Start"

Type: REG_DWORD

Data: 04, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv "Type"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv\Enum "0"

Type: REG_SZ

Data: Root\LEGACY_MCHINJDRV\0000

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv\Enum "Count"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mchInjDrv\Enum "NextInstance"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER "NextInstance"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "Class"

Type: REG_SZ

Data: LegacyDriver

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "ClassGUID"

Type: REG_SZ

Data: {8ECC055D-047F-11D1-A537-0000F8753ED1}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "ConfigFlags"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "DeviceDesc"

Type: REG_SZ

Data: Gray_Pigeon_Server

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "Legacy"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000 "Service"

Type: REG_SZ

Data: GrayPigeonServer

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000\Control "*NewlyCreated*"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GRAYPIGEONSERVER\0000\Control "ActiveService"

Type: REG_SZ

Data: GrayPigeonServer

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV "NextInstance"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000 "Class"

Type: REG_SZ

Data: LegacyDriver

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000 "ClassGUID"

Type: REG_SZ

Data: {8ECC055D-047F-11D1-A537-0000F8753ED1}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000 "ConfigFlags"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000 "DeviceDesc"

Type: REG_SZ

Data: mchInjDrv

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000 "Legacy"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000 "Service"

Type: REG_SZ

Data: mchInjDrv

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000\Control "*NewlyCreated*"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MCHINJDRV\0000\Control "ActiveService"

Type: REG_SZ

Data: mchInjDrv

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer "Description"

Type: REG_SZ

Data: �Ҹ��ӷ���˳���Զ�̼�ع���.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer "DisplayName"

Type: REG_SZ

Data: Gray_Pigeon_Server

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer "ErrorControl"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer "ImagePath"

Type: REG_EXPAND_SZ

Data: C:\WINNT\G_Server.exe

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer "ObjectName"

Type: REG_SZ

Data: LocalSystem

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer "Start"

Type: REG_DWORD

Data: 02, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer "Type"

Type: REG_DWORD

Data: 10, 01, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer\Enum "0"

Type: REG_SZ

Data: Root\LEGACY_GRAYPIGEONSERVER\0000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer\Enum "Count"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer\Enum "NextInstance"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GrayPigeonServer\Security "Security"

Type: REG_BINARY

Data: 01, 00, 14, 80, A0, 00, 00, 00, AC, 00, 00, 00, 14, 00, 00, 00, 30, 00, 00, 00, 02, 00, 1C, 00, 01, 00, 00, 00, 02, 80, 14, 00, FF, 01, 0F, 00, 01, 01, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 02, 00, 70, 00, 04, 00, 00, 00, 00, 00, 18, 00, FD, 01, 02, 00, 01, 01, 00, 00, 00, 00, 00, 05, 12, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1C, 00, FF, 01, 0F, 00, 01, 02, 00, 00, 00, 00, 00, 05, 20, 00, 00, 00, 20, 02, 00, 00, 00, 00, 00, 00, 00, 00, 18, 00, 8D, 01, 02, 00, 01, 01, 00, 00, 00, 00, 00, 05, 0B, 00, 00, 00, 20, 02, 00, 00, 00, 00, 1C, 00, FD, 01, 02, 00, 01, 02, 00, 00, 00, 00, 00, 05, 20, 00, 00, 00, 23, 02, 00, 00, 00, 00, 00, 00, 01, 01, 00, 00, 00, 00, 00, 05, 12, 00, 00, 00, 01, 01, 00, 00, 00, 00, 00, 05, 12, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv "DeleteFlag"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv "ErrorControl"

Type: REG_DWORD

Data: 00, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv "ImagePath"

Type: REG_SZ

Data: \??\C:\WINNT\TEMP\mc21.tmp

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv "Start"

Type: REG_DWORD

Data: 04, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv "Type"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv\Enum "0"

Type: REG_SZ

Data: Root\LEGACY_MCHINJDRV\0000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv\Enum "Count"

Type: REG_DWORD

Data: 01, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mchInjDrv\Enum "NextInstance"

Type: REG_DWORD

Data: 01, 00, 00, 00

Values deleted: 11

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup "OpenAsList"

Type: REG_SZ

Data:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "~reserved~"

Type: REG_BINARY

Data: 18, 00, 00, 00, 01, 00, 01, 00, D4, 07, 04, 00, 05, 00, 17, 00, 0A, 00, 35, 00, 32, 00, FA, 00

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "Bitmap Image"

Type: REG_BINARY

Data: (data too large: 540 bytes)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "Briefcase"

Type: REG_BINARY

Data: (data too large: 540 bytes)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "Language"

Type: REG_DWORD

Data: 09, 04, 00, 00

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "Rich Text Document"

Type: REG_BINARY

Data: (data too large: 540 bytes)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "Text Document"

Type: REG_BINARY

Data: (data too large: 540 bytes)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "Wave Sound"

Type: REG_BINARY

Data: (data too large: 540 bytes)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "WinRAR archive"

Type: REG_BINARY

Data: (data too large: 540 bytes)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "WinRAR ZIP archive"

Type: REG_BINARY

Data: (data too large: 540 bytes)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew "WordPad Document"

Type: REG_BINARY

Data: (data too large: 540 bytes)

Values changed: 15

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections "SavedLegacySettings"

Old type: REG_BINARY

New type: REG_BINARY

Old data: 3C, 00, 00, 00, 1B, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, C0, A9, A9, 4D, 1E, 24, C4, 01, 01, 00, 00, 00, C0, A8, 00, 07, 00, 00, 00, 00, 00, 00, 00, 00

New data: 3C, 00, 00, 00, 1C, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, C0, A9, A9, 4D, 1E, 24, C4, 01, 01, 00, 00, 00, C0, A8, 00, 07, 00, 00, 00, 00, 00, 00, 00, 00

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{00021493-0000-0000-C000-000000000046}\Enum "Implementing"

Old type: REG_BINARY

New type: REG_BINARY

Old data: 1C, 00, 00, 00, 01, 00, 00, 00, D5, 07, 04, 00, 03, 00, 0D, 00, 16, 00, 11, 00, 1B, 00, 3C, 01, 06, 00, 00, 00, 01, 24, D0, 30, 81, 6A, D0, 11, 82, 74, 00, C0, 4F, D5, AE, 38, 83, 31, 68, 32, A0, 48, 1B, 44, A3, 42, 7C, 2A, 44, 0A, 94, 78, F3, 31, EE, C4, 68, 47, D2, 11, BE, 5C, 00, A0, C9, A8, 3D, A1, 61, 4E, A2, EF, 78, B0, D0, 11, 89, E4, 00, C0, 4F, C9, E2, 6E, 62, 4E, A2, EF, 78, B0, D0, 11, 89, E4, 00, C0, 4F, C9, E2, 6E, 64, 4E, A2, EF, 78, B0, D0, 11, 89, E4, 00, C0, 4F, C9, E2, 6E

New data: 1C, 00, 00, 00, 01, 00, 00, 00, D5, 07, 04, 00, 03, 00, 0D, 00, 16, 00, 12, 00, 30, 00, 58, 01, 06, 00, 00, 00, 01, 24, D0, 30, 81, 6A, D0, 11, 82, 74, 00, C0, 4F, D5, AE, 38, 83, 31, 68, 32, A0, 48, 1B, 44, A3, 42, 7C, 2A, 44, 0A, 94, 78, F3, 31, EE, C4, 68, 47, D2, 11, BE, 5C, 00, A0, C9, A8, 3D, A1, 61, 4E, A2, EF, 78, B0, D0, 11, 89, E4, 00, C0, 4F, C9, E2, 6E, 62, 4E, A2, EF, 78, B0, D0, 11, 89, E4, 00, C0, 4F, C9, E2, 6E, 64, 4E, A2, EF, 78, B0, D0, 11, 89, E4, 00, C0, 4F, C9, E2, 6E

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{00021494-0000-0000-C000-000000000046}\Enum "Implementing"

Old type: REG_BINARY

New type: REG_BINARY

Old data: 1C, 00, 00, 00, 01, 00, 00, 00, D5, 07, 04, 00, 03, 00, 0D, 00, 16, 00, 11, 00, 1C, 00, 89, 00, 01, 00, 00, 00, 25, 8C, 5C, 4D, 75, D0, D0, 11, B4, 16, 00, C0, 4F, B9, 03, 76

New data: 1C, 00, 00, 00, 01, 00, 00, 00, D5, 07, 04, 00, 03, 00, 0D, 00, 16, 00, 12, 00, 31, 00, 69, 00, 01, 00, 00, 00, 25, 8C, 5C, 4D, 75, D0, D0, 11, B4, 16, 00, C0, 4F, B9, 03, 76

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\Desktop "Taskbar"

Old type: REG_BINARY

New type: REG_BINARY

Old data: (data too large: 912 bytes)

New data: (data too large: 912 bytes)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count "HRZR_EHACNGU"

Old type: REG_BINARY

New type: REG_BINARY

Old data: 0C, 00, 00, 00, 92, 01, 00, 00, 00, DF, B3, A3, 76, 40, C5, 01

New data: 0C, 00, 00, 00, 94, 01, 00, 00, 90, 3D, 63, C9, 76, 40, C5, 01

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count "HRZR_EHACNGU:P:\Cebtenz Svyrf\Cbeg Rkcybere\CbegRkcybere.rkr"

Old type: REG_BINARY

New type: REG_BINARY

Old data: 0B, 00, 00, 00, 0B, 00, 00, 00, 60, 8E, EF, 7E, 0D, 48, C4, 01

New data: 0C, 00, 00, 00, 0C, 00, 00, 00, 90, 3D, 63, C9, 76, 40, C5, 01

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count "HRZR_HVFPHG"

Old type: REG_BINARY

New type: REG_BINARY

Old data: 0C, 00, 00, 00, 53, 00, 00, 00, 60, 23, A6, A3, 76, 40, C5, 01

New data: 0C, 00, 00, 00, 54, 00, 00, 00, A0, 4D, 52, C9, 76, 40, C5, 01

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG "Seed"

Old type: REG_BINARY

New type: REG_BINARY

Old data: 4F, 3D, 09, 1F, 74, 93, 67, 6D, C7, 3A, B4, 57, CA, 56, BF, 86, A4, 41, 76, 1F, D4, 9E, 1A, 5A, 30, 02, 9E, 5D, 83, 92, 7F, F0, 5A, 42, 05, A0, A3, 89, 1E, 23, 30, 59, E7, CE, AB, 1D, 3B, 00, B5, F1, 83, 98, 46, C3, 32, C1, 4C, 6E, 80, 1F, B2, 8D, 3F, 0C, 47, EE, 45, E0, 28, 10, 7A, 87, 1A, 03, 77, DB, DF, 36, EE, 86

New data: 62, 06, 95, 87, 7E, 5F, 5C, 7C, 93, 30, CF, 52, E8, AE, F8, B3, A3, A6, 80, 7F, E9, 7D, 2C, CF, C6, 91, 4C, 20, 2F, F8, CD, 94, 4B, 7C, 84, 7F, 53, 86, 9B, 2D, DD, AE, 45, 25, 06, 12, BD, 5D, 27, 95, 65, 10, 1A, AC, 8C, 0A, F4, 51, E6, 7A, 8B, 6A, AD, CB, 52, 8E, 74, 15, 55, 77, D4, FB, 2D, 74, 30, 84, 4C, 7C, 30, E9

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths "Directory"

Old type: REG_SZ

New type: REG_SZ

Old data: C:\Documents and Settings\Kobayashi\Local Settings\Temporary Internet Files\Content.IE5

New data: C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1 "CachePath"

Old type: REG_SZ

New type: REG_SZ

Old data: C:\Documents and Settings\Kobayashi\Local Settings\Temporary Internet Files\Content.IE5\Cache1

New data: C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\Cache1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2 "CachePath"

Old type: REG_SZ

New type: REG_SZ

Old data: C:\Documents and Settings\Kobayashi\Local Settings\Temporary Internet Files\Content.IE5\Cache2

New data: C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\Cache2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3 "CachePath"

Old type: REG_SZ

New type: REG_SZ

Old data: C:\Documents and Settings\Kobayashi\Local Settings\Temporary Internet Files\Content.IE5\Cache3

New data: C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\Cache3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path4 "CachePath"

Old type: REG_SZ

New type: REG_SZ

Old data: C:\Documents and Settings\Kobayashi\Local Settings\Temporary Internet Files\Content.IE5\Cache4

New data: C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\Cache4

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent "(Default)"

Old type: REG_DWORD

New type: REG_DWORD

Old data: 0B, 00, 00, 00

New data: 0C, 00, 00, 00

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent "(Default)"

Old type: REG_DWORD

New type: REG_DWORD

Old data: 0B, 00, 00, 00

New data: 0C, 00, 00, 00

To Contents

Disk contents

Drives tracked: 1

• c:\

Folders added: 1

c:\Documents and Settings\Default User\Favorites\Links

Files changed: 11

c:\Documents and Settings\Default User\Cookies\index.dat

Old date: 6-2-2004 11:12 AM

New date: 4-13-2005 3:18 PM

Old size: 16,384 bytes

New size: 16,384 bytes

c:\Documents and Settings\Default User\Local Settings\History\History.IE5\index.dat

Old date: 6-2-2004 11:12 AM

New date: 4-13-2005 3:18 PM

Old size: 16,384 bytes

New size: 32,768 bytes

c:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\index.dat

Old date: 6-2-2004 11:12 AM

New date: 4-13-2005 3:18 PM

Old size: 32,768 bytes

New size: 32,768 bytes

c:\Documents and Settings\Kobayashi\NTUSER.DAT

Old date: 4-13-2005 3:18 PM

New date: 4-13-2005 3:19 PM

Old size: 544,768 bytes

New size: 544,768 bytes

c:\Documents and Settings\Kobayashi\ntuser.dat.LOG

Old date: 4-13-2005 3:18 PM

New date: 4-13-2005 3:19 PM

Old size: 1,024 bytes

New size: 1,024 bytes

c:\WINNT\system32\config\default

Old date: 4-13-2005 3:17 PM

New date: 4-13-2005 3:19 PM

Old size: 135,168 bytes

New size: 139,264 bytes

c:\WINNT\system32\config\default.LOG

Old date: 4-13-2005 3:17 PM

New date: 4-13-2005 3:19 PM

Old size: 1,024 bytes

New size: 1,024 bytes

c:\WINNT\system32\config\software

Old date: 4-13-2005 3:18 PM

New date: 4-13-2005 3:19 PM

Old size: 10,903,552 bytes

New size: 10,903,552 bytes

c:\WINNT\system32\config\software.LOG

Old date: 4-13-2005 3:18 PM

New date: 4-13-2005 3:19 PM

Old size: 1,024 bytes

New size: 1,024 bytes

c:\WINNT\system32\config\system

Old date: 4-13-2005 3:18 PM

New date: 4-13-2005 3:19 PM

Old size: 2,576,384 bytes

New size: 2,580,480 bytes

c:\WINNT\system32\config\SYSTEM.ALT

Old date: 4-13-2005 3:18 PM

New date: 4-13-2005 3:19 PM

Old size: 2,576,384 bytes

New size: 2,580,480 bytes

To Contents

INI file

Ini files tracked: 4

• C:\boot.ini
• c:\winnt\control.ini
• c:\winnt\system.ini
• c:\winnt\win.ini

To Contents

Text file

Text files tracked: 2

• c:\winnt\system32\autoexec.nt
• c:\winnt\system32\config.nt

To Contents

InCtrl5, Copyright © 2000 by Ziff Davis Media, Inc.
Written by Neil J. Rubenking
First published in PC Magazine, December 5, 2000.