Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Ramnit.inf


  • This topic is locked This topic is locked
16 replies to this topic

#1 Mackeh

Mackeh

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 01 September 2010 - 04:39 PM

My coputer has 2 HDD C is 1 TB and D is 230gig both are infected.

I formatted C: and copied a few files from D: which houses all my backup information and files (yesh I know this is a silly thing to do, I have now learnt the lesson the hard way). I installed Norton 360 on C: and it found Ramnit.inf it said that it was removed but the virus appeared again on reboot. I then booted in safemode and did a full scan, the results found Ramnit on both drives but all threats were removed. Again when i booted normally Norton alerted me to ramnit.inf, I just can not get rid of this virus. To make matters worse I am freelance video editor and my Avid program is now not working as Norton had to delete several key files that became infected. If this is not bad enough I have hundreds of pounds of royalty free music and video on my backup drive as well as key editing programs that I purchased and use daily. If I lose D: I will basically be losing 9 years of work which I can not replace such as DVD backups and showreels. If I do manage to get this situation resolved I am clearly going to buy a removable drive for my backups.

I think I picked up the virus from a website that had a cute puppy picture that my son asked me to use as a desktop background, I did not have any virus protection at the time as ESET had just expired and I was wanting to change to another AV. I clicked on the puppy photo in google and it sent me to the website but as I arrived I noticed media player open and start to download something. I shut it all down but soon after my HDD was going mad, next day I got Norton 360 and here I am.

Anyway someone on the Norton forum sent me here as they said you were the best at removing this particular virus. I do have limited PC skills so I hope I can follow your instructions and pray that you can help me as I am going through hell with this at the moment.

EDIT
As I recently formatted C: it basically has no programs installed other than my video editor which now does not work as Norton had to delete critical infected files, so formatting C: again would be no problem at all, the drive I am concerned about is drive D: which has no OS, it is just a storage drive. I was thinking about disconnecting drive D: then formatting drive C:, installing Norton 360, updating it and then reconnecting drive D: right click on drive D: in "MY computer" and select full scan. Would this fix everything or is it not that simple?


DDS (Ver_10-03-17.01) - NTFSx86
Run by Angel at 19:25:17.82 on 01/09/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2047.1233 [GMT 1:00]

AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\CTAPR2.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Angel\Desktop\dds.scr

============== Pseudo HJT Report ===============

mWinlogon: Userinit=c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\4.2.0.12\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\4.2.0.12\IPSBHO.DLL
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\4.2.0.12\coIEPlg.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [{A18ADC05-71A4-82F7-B02E-EC847EFE9DC7}] "c:\documents and settings\angel\application data\bimeaz\soav.exe"
mRun: [CTAPR2] "c:\program files\creative\sound blaster x-fi\console launcher\CTAPR2.exe" /r
mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanlu.exe" /r
mRun: [SPIRun] Rundll32 SPIRun.dll,RunDLLEntry
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [PinnacleDriverCheck] c:\windows\system32\\PSDrvCheck.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1283279706504
Notify: AtiExtEvent - Ati2evxx.dll

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0402000.00c\symds.sys [2010-9-1 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0402000.00c\symefa.sys [2010-9-1 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20100810.004\BHDrvx86.sys [2010-8-10 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0402000.00c\cchpx86.sys [2010-9-1 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0402000.00c\ironx86.sys [2010-9-1 116784]
R2 N360;Norton 360;c:\program files\norton 360\engine\4.2.0.12\ccsvchst.exe [2010-9-1 126392]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2010-8-31 38656]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-9-1 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20100830.002\IDSXpx86.sys [2010-9-1 331640]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20100831.038\naveng.sys [2010-9-1 85424]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20100831.038\navex15.sys [2010-9-1 1362608]
R3 t3;SB Xtreme Audio Notebook;c:\windows\system32\drivers\t3.sys [2010-8-31 742936]
R3 t3filt;t3filt;c:\windows\system32\drivers\t3filt.sys [2010-8-31 1803136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-09-01 13:41:27 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
2010-08-31 23:46:23 0 d-sh--w- c:\documents and settings\angel\IECompatCache
2010-08-31 23:20:59 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-08-31 23:20:59 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-08-31 23:20:51 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-08-31 23:20:51 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-08-31 23:20:51 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-08-31 23:20:51 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-08-31 23:20:51 0 d-----w- c:\program files\Symantec
2010-08-31 23:20:51 0 d-----w- c:\program files\common files\Symantec Shared
2010-08-31 23:20:18 0 d-----w- c:\windows\system32\drivers\N360
2010-08-31 23:20:16 0 d-----w- c:\program files\Norton 360
2010-08-31 23:20:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-08-31 23:18:32 0 d-----w- c:\program files\NortonInstaller
2010-08-31 23:18:32 0 d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-08-31 23:10:25 89 ----a-w- c:\windows\ULead32.ini
2010-08-31 23:10:25 0 d-----w- c:\windows\Ulead.dat
2010-08-31 23:08:50 49 ----a-w- c:\windows\system32\blue.SITENAME
2010-08-31 23:08:49 503 ----a-w- c:\windows\VFO.VST
2010-08-31 23:03:18 73728 ----a-w- c:\windows\system32\PCLECOInst.dll
2010-08-31 23:03:18 171520 ----a-w- c:\windows\system32\drivers\MarvinBus.sys
2010-08-31 23:01:52 212480 ------w- c:\windows\system32\PCDLIB32.DLL
2010-08-31 22:58:10 0 d-----w- c:\windows\Downloaded Installations
2010-08-31 22:58:03 89088 ----a-w- c:\windows\system32\atl71.dll
2010-08-31 22:58:03 57856 ----a-w- c:\windows\system32\masd32.dll
2010-08-31 22:58:03 32768 ----a-w- c:\windows\system32\MLPagAx.dll
2010-08-31 22:58:03 27648 ----a-w- c:\windows\system32\ma32.dll
2010-08-31 22:58:03 233472 ----a-w- c:\windows\system32\DiskIO.dll
2010-08-31 22:58:03 196096 ----a-w- c:\windows\system32\macd32.dll
2010-08-31 22:58:03 184320 ----a-w- c:\windows\system32\RALmain.dll
2010-08-31 22:58:03 138752 ----a-w- c:\windows\system32\mase32.dll
2010-08-31 22:58:03 136192 ----a-w- c:\windows\system32\mamc32.dll
2010-08-31 22:57:56 90112 ----a-w- c:\windows\unvise32.exe
2010-08-31 22:55:50 580 ----a-w- c:\windows\VFO.INI
2010-08-31 22:54:36 0 d-----w- c:\program files\SmartSound Software
2010-08-31 22:54:36 0 d-----w- c:\docume~1\alluse~1\applic~1\SmartSound Software Inc
2010-08-31 22:53:40 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-08-31 22:53:40 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-08-31 22:53:35 0 d-----w- c:\program files\DivX
2010-08-31 22:37:21 0 d-----w- c:\program files\Pinnacle
2010-08-31 22:37:19 0 d-----w- c:\program files\Avid
2010-08-31 22:36:20 0 d-----w- c:\docume~1\angel\applic~1\Bimeaz
2010-08-31 22:36:20 0 d-----w- c:\docume~1\angel\applic~1\Ahpo
2010-08-31 22:36:15 0 d-----w- c:\program files\temp
2010-08-31 22:36:04 0 d-----w- c:\program files\Microsoft
2010-08-31 22:27:45 0 d-----w- c:\program files\common files\Creative Labs Shared
2010-08-31 22:27:06 30813416 ----a-w- c:\windows\system32\t3apstp.exe
2010-08-31 20:51:25 0 d-----w- c:\windows\system32\XPSViewer
2010-08-31 20:51:08 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-08-31 20:51:08 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-08-31 20:51:08 117760 ------w- c:\windows\system32\prntvpt.dll
2010-08-31 20:51:07 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-08-31 20:51:07 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-08-31 20:51:07 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-08-31 20:51:07 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-08-31 20:51:07 0 d-----w- C:\0f98b27285ace280d52d7b3b0a321e7f
2010-08-31 20:49:33 0 d-----w- c:\windows\system32\URTTemp
2010-08-31 20:31:55 0 d-----w- c:\program files\ATI
2010-08-31 20:31:34 0 d-----w- c:\program files\ATI Technologies
2010-08-31 20:31:03 0 d-----w- C:\ATI
2010-08-31 20:25:18 7062 ----a-w- c:\windows\system32\audiopid.vxd
2010-08-31 20:24:55 647872 ------w- c:\windows\system32\Mscomct2.ocx
2010-08-31 20:24:55 53248 ------w- c:\windows\Ctregrun.exe
2010-08-31 20:24:22 44032 ------w- c:\windows\system32\CTSVCCDA.EXE
2010-08-31 20:24:22 25088 ------w- c:\windows\system32\CTSVCCTL.EXE
2010-08-31 20:24:13 0 d-----w- c:\program files\common files\Creative
2010-08-31 20:24:12 0 d--h--w- c:\program files\Creative Installation Information
2010-08-31 20:23:05 8888 ------w- c:\windows\system32\AudioDrv.ini
2010-08-31 20:23:00 584 ----a-w- c:\windows\system32\settingsbkup.sfm
2010-08-31 20:23:00 584 ----a-w- c:\windows\system32\settings.sfm
2010-08-31 20:21:30 0 d-----w- c:\program files\Creative
2010-08-31 20:00:40 0 d-----w- c:\windows\system32\scripting
2010-08-31 20:00:40 0 d-----w- c:\windows\system32\en
2010-08-31 20:00:40 0 d-----w- c:\windows\l2schemas
2010-08-31 19:10:56 0 d-----w- c:\program files\common files\ODBC
2010-08-31 19:10:53 0 d-----w- c:\program files\common files\SpeechEngines
2010-08-31 19:10:36 0 d-----r- c:\documents and settings\all users\Documents
2010-08-31 18:32:16 0 d-----w- c:\program files\Attansic
2010-08-31 18:18:50 0 d-sh--w- c:\documents and settings\all users\DRM
2010-08-31 18:17:50 0 d-----w- c:\program files\common files\MSSoap
2010-08-31 18:17:17 0 d--h--w- c:\program files\WindowsUpdate
2010-08-31 18:17:17 0 d-----w- c:\program files\Online Services
2010-08-31 18:17:14 0 d-----w- c:\program files\Messenger
2010-08-31 18:17:10 0 d-----w- c:\program files\MSN Gaming Zone
2010-08-31 18:16:39 0 d-----w- c:\program files\Windows NT

==================== Find3M ====================

2010-08-31 22:27:19 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-08-31 22:27:19 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-08-31 18:17:26 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-08-04 02:20:12 5243392 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-08-04 01:59:10 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-04 01:59:00 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-04 01:57:40 4358144 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-04 01:53:22 15900672 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-04 01:47:50 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-08-04 01:47:00 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-04 01:46:04 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-08-04 01:41:40 3901280 ----a-w- c:\windows\system32\ati3duag.dll
2010-08-04 01:31:16 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-04 01:31:04 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-04 01:30:56 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-08-04 01:30:50 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-04 01:30:38 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-08-04 01:29:26 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-08-04 01:28:12 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-08-04 01:28:06 2537728 ----a-w- c:\windows\system32\ativvaxx.dll
2010-08-04 01:27:38 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-08-04 01:27:20 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-04 01:24:04 610304 ----a-w- c:\windows\system32\atikvmag.dll
2010-08-04 01:23:52 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-08-04 01:22:28 188416 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-04 01:22:08 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-08-04 01:16:50 700416 ----a-w- c:\windows\system32\ati2cqag.dll
2010-08-04 01:15:20 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-04 01:15:20 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-04 01:14:38 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22:03 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-16 13:22:56 219348 ----a-w- c:\windows\system32\atiicdxx.dat
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
2006-06-23 22:48:54 32768 ----a-r- c:\windows\inf\UpdateUSB.exe

============= FINISH: 19:26:08.17 ===============

Attached Files


Edited by Mackeh, 02 September 2010 - 05:31 AM.


BC AdBot (Login to Remove)

 


#2 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:07:10 PM

Posted 03 September 2010 - 09:48 AM

Hello and welcome to Bleeping Computer. smile.gif

*Please Subscribe to this Thread to get immediate notification of replies. See HERE

*It is important not to make any further changes or run any other tools/updates unless instructed to. This may hinder the cleaning process of your machine.

*Please be patient, all Bleeping Computer helpers are volunteers and have lives outside this forum.

*You must reply within 5 days otherwise this topic will be closed.


=======================


Your PC is infected with a very nasty virus, aside from the difficulty of its removal; some system files are also infected and contain backdoor trojan.

Please note that we're dealing with a file infector so trying to clean the PC is a long process and I can't guarantee a satisfying outcome. Also, due to the nature and the severity of the infection, trying to do the repair is very crucial and some unexpected problems may happen (worst case scenario is that the PC will become unbootable) and will give us no other option but reformat. Please let me know if you concur with me before we proceed.



One or more of the identified infections is a Rootkit/backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterward. Let me know what you decide to do.

Edited by sempai, 03 September 2010 - 09:50 AM.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#3 Mackeh

Mackeh
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 03 September 2010 - 03:28 PM

Hello Sempai

Due to the severity of the infection I am currently formatting drive C:. What shall I do about drive D: which Norton was giving me security warnings about certain files being infected. Will the format of drive C: stop the infections to drive D: or are we looking at a format of D: as well.

EDIT

I have informed my banks that the PC has been compromised and all passwords have been changed.

The format of drive C has been completed, I followed the instructions in the link that you posted. I did have a problem with Norton 360 as it required SP2 to be installed, so I had to download this from Microsoft before I could install Norton. I updated Norton and did 5 or 6 full scans and nothing at all was found.

I then scanned drive D: and again nothing was found, this puzzles me as when I was infected I saw many warnings of the virus infecting files on D:

Anyway I am not installing anything from drive D onto my C until you say it's safe as I have many programs on there which have .exe and am worried that the virus may still be lurking about somewhere.

I await your next instruction.

Edited by Mackeh, 04 September 2010 - 03:53 AM.


#4 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:07:10 PM

Posted 04 September 2010 - 06:17 AM

Hi,

Wiping the D: drive is a good choice. But, if you have a lot of important documents/files there (as you mentioned on your first post) then it's better that we try to clean it first.



Download OTL to your Desktop.
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Copy and Paste the following code into the Custom Scan/Fixes box. Do not include the word "Code"

    CODE

    c:\*srv.exe /s
    d:\*srv.exe /s
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post them when you reply.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#5 Mackeh

Mackeh
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 04 September 2010 - 09:04 AM

Here is the log content:

OTL logfile created on: 04/09/2010 15:00:33 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\ACEDIT\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 74.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 898.47 Gb Free Space | 96.45% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 12.13 Gb Free Space | 5.21% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANGEL
Current User Name: ACEDIT
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/04 14:57:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ACEDIT\Desktop\OTL.exe
PRC - [2010/02/26 01:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.2.0.12\ccsvchst.exe
PRC - [2008/04/30 10:35:20 | 000,425,984 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/09/04 14:57:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ACEDIT\Desktop\OTL.exe
MOD - [2010/05/14 06:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.2.0.12\asoehook.dll
MOD - [2009/07/12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/09/03 21:18:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 01:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe -- (N360)
SRV - [2008/04/30 10:35:20 | 000,425,984 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV - [2010/09/04 09:42:00 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100903.050\navex15.sys -- (NAVEX15)
DRV - [2010/09/04 09:42:00 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100903.050\naveng.sys -- (NAVENG)
DRV - [2010/09/03 12:55:23 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/09/03 12:47:14 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/09/03 04:24:32 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/08/26 17:47:24 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100903.003\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/08/10 01:16:24 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/08/04 03:20:12 | 005,243,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/05/06 05:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0402000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 06:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/22 04:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/22 03:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0402000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/22 03:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/26 01:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys -- (ccHP)
DRV - [2009/10/15 04:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009/06/04 03:23:14 | 000,742,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\t3.sys -- (t3)
DRV - [2009/02/27 10:45:30 | 000,171,008 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2009/02/05 16:34:16 | 001,803,136 | ---- | M] (Creative) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\t3filt.sys -- (t3filt)
DRV - [2009/01/14 10:47:24 | 000,142,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2009/01/14 10:47:24 | 000,114,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2009/01/14 10:47:24 | 000,008,704 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Pfmodnt.sys -- (PfModNT)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/03/15 15:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2004/08/13 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/09/03 13:00:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/09/03 12:47:23 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2002/08/29 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.2.0.12\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [SPIRun] C:\WINDOWS\System32\SPIRun.dll (Creative Technology Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1283532934203 (WUWebControl Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/03 11:49:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/08/13 15:14:34 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/04 14:57:47 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ACEDIT\Desktop\OTL.exe
[2010/09/04 12:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2010/09/04 12:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010/09/04 12:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\World of Warcraft
[2010/09/04 01:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\ApplicationHistory
[2010/09/04 01:00:36 | 002,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010/09/04 01:00:36 | 002,157,568 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2010/09/04 01:00:36 | 001,822,720 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2010/09/04 01:00:36 | 000,086,016 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2010/09/04 01:00:36 | 000,069,632 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2010/09/04 01:00:35 | 009,715,200 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2010/09/04 01:00:35 | 004,395,008 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2010/09/04 01:00:35 | 001,191,936 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2010/09/04 01:00:35 | 000,299,008 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.cpl
[2010/09/04 01:00:35 | 000,282,624 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.cpl
[2010/09/04 01:00:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010/09/04 01:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/09/04 00:59:59 | 000,520,192 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2010/09/04 00:59:59 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2010/09/04 00:39:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\Identities
[2010/09/03 21:18:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative Labs Shared
[2010/09/03 21:18:05 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2010/09/03 21:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative
[2010/09/03 21:17:47 | 000,171,008 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctusfsyn.sys
[2010/09/03 21:17:47 | 000,142,336 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctsfm2k.sys
[2010/09/03 21:17:47 | 000,120,832 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\sfms32.dll
[2010/09/03 21:17:47 | 000,114,688 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctoss2k.sys
[2010/09/03 21:17:47 | 000,073,728 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\MIDIDEF.EXE
[2010/09/03 21:17:47 | 000,021,504 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\sfman32.dll
[2010/09/03 21:17:44 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/09/03 21:17:43 | 000,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010/09/03 21:17:42 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/09/03 21:17:41 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/09/03 21:17:40 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/09/03 21:17:38 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/09/03 21:17:37 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/09/03 21:17:36 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/09/03 21:17:35 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/09/03 21:17:33 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/09/03 21:17:32 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/09/03 21:17:31 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/09/03 21:17:30 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/09/03 21:17:25 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/09/03 21:17:25 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/09/03 21:17:25 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/09/03 21:17:25 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/09/03 21:17:25 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/09/03 21:17:25 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/09/03 21:17:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/09/03 21:17:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/09/03 21:17:22 | 000,809,496 | ---- | C] (Creative Labs Inc.) -- C:\WINDOWS\OALInst.exe
[2010/09/03 21:17:22 | 000,197,632 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\SF32.exe
[2010/09/03 21:17:22 | 000,053,248 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\resdef.exe
[2010/09/03 21:17:22 | 000,008,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\SPIRun.dll
[2010/09/03 21:17:21 | 030,813,416 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\t3apstp.exe
[2010/09/03 21:17:21 | 001,803,136 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\t3filt.sys
[2010/09/03 21:17:21 | 000,742,936 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\t3.sys
[2010/09/03 21:17:21 | 000,008,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Pfmodnt.sys
[2010/09/03 21:16:06 | 086,827,000 | ---- | C] (Creative Technology Ltd) -- C:\Documents and Settings\ACEDIT\Desktop\XFXA_PCDRV_LB_1_04_0000.exe
[2010/09/03 21:11:28 | 015,900,672 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2010/09/03 21:11:28 | 004,358,144 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll
[2010/09/03 21:11:28 | 000,610,304 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll
[2010/09/03 21:11:28 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll
[2010/09/03 21:11:28 | 000,393,216 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiok3x2.dll
[2010/09/03 21:11:28 | 000,311,296 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2010/09/03 21:11:28 | 000,208,896 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2010/09/03 21:11:28 | 000,188,416 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll
[2010/09/03 21:11:28 | 000,159,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll
[2010/09/03 21:11:28 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010/09/03 21:11:28 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe
[2010/09/03 21:11:28 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibtmon.exe
[2010/09/03 21:11:28 | 000,065,024 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll
[2010/09/03 21:11:28 | 000,065,024 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll
[2010/09/03 21:11:28 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll
[2010/09/03 21:11:28 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalrt.dll
[2010/09/03 21:11:28 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalcl.dll
[2010/09/03 21:11:28 | 000,053,248 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL
[2010/09/03 21:11:28 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2010/09/03 21:11:28 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2010/09/03 21:11:28 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2010/09/03 21:11:28 | 000,017,408 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll
[2010/09/03 21:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010/09/03 21:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/09/03 21:10:14 | 000,000,000 | ---D | C] -- C:\ATI
[2010/09/03 21:09:41 | 030,418,952 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Documents and Settings\ACEDIT\Desktop\10-8_xp32_dd.exe
[2010/09/03 20:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/09/03 20:54:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/09/03 20:54:43 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/09/03 20:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/09/03 20:54:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/09/03 20:54:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/09/03 20:54:21 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/09/03 20:54:21 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/09/03 20:54:21 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/09/03 20:54:21 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/09/03 20:54:21 | 000,000,000 | ---D | C] -- C:\289999bd09d5ff3dc4
[2010/09/03 20:52:12 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/09/03 20:52:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/09/03 20:52:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/09/03 20:17:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ACEDIT\PrivacIE
[2010/09/03 20:16:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ACEDIT\IETldCache
[2010/09/03 20:15:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/09/03 20:14:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/09/03 20:14:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/09/03 20:08:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/03 20:01:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/09/03 20:01:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/09/03 20:01:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/09/03 20:01:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/09/03 20:01:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/09/03 19:58:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/09/03 19:54:21 | 002,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2010/09/03 19:54:21 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2010/09/03 19:54:21 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2010/09/03 19:54:21 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2010/09/03 19:54:21 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2010/09/03 19:54:21 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2010/09/03 19:54:21 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010/09/03 19:54:21 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2010/09/03 19:54:21 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2010/09/03 19:54:21 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010/09/03 19:54:21 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2010/09/03 19:54:21 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2010/09/03 19:54:21 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010/09/03 19:54:21 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2010/09/03 19:54:21 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2010/09/03 19:54:21 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/09/03 19:54:21 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2010/09/03 19:54:21 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2010/09/03 19:54:21 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2010/09/03 19:54:21 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2010/09/03 19:54:21 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2010/09/03 19:54:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010/09/03 19:54:21 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010/09/03 19:54:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2010/09/03 19:54:21 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2010/09/03 19:54:21 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2010/09/03 19:54:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2010/09/03 19:54:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2010/09/03 19:54:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2010/09/03 19:54:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2010/09/03 19:54:20 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2010/09/03 19:54:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010/09/03 19:54:19 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/09/03 19:54:18 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2010/09/03 19:54:18 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2010/09/03 19:54:17 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010/09/03 19:54:17 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/09/03 19:54:17 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010/09/03 19:54:17 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010/09/03 19:54:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010/09/03 19:54:17 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010/09/03 19:54:17 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010/09/03 19:54:16 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010/09/03 19:54:16 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/09/03 19:54:16 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/09/03 19:54:16 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010/09/03 19:54:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/09/03 19:54:15 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010/09/03 19:54:15 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2010/09/03 19:54:15 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010/09/03 19:54:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010/09/03 19:54:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2010/09/03 19:54:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010/09/03 19:54:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010/09/03 19:54:14 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2010/09/03 19:54:14 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2010/09/03 19:54:14 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2010/09/03 19:54:14 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010/09/03 19:54:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010/09/03 19:54:14 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2010/09/03 19:54:14 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2010/09/03 19:54:13 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010/09/03 19:54:13 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2010/09/03 19:54:13 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2010/09/03 19:54:13 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010/09/03 19:54:13 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2010/09/03 19:54:13 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2010/09/03 19:54:13 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2010/09/03 19:54:13 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2010/09/03 19:54:13 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2010/09/03 19:54:13 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2010/09/03 19:54:13 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010/09/03 19:54:13 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2010/09/03 19:54:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2010/09/03 19:54:13 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/09/03 19:54:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2010/09/03 19:54:11 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2010/09/03 19:54:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010/09/03 19:54:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2010/09/03 19:54:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2010/09/03 19:54:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2010/09/03 19:54:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2010/09/03 19:54:10 | 000,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2010/09/03 19:54:08 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2010/09/03 19:54:08 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010/09/03 19:54:08 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2010/09/03 19:54:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2010/09/03 19:54:08 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010/09/03 19:54:08 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010/09/03 19:54:08 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010/09/03 19:54:08 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010/09/03 19:54:08 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2010/09/03 19:54:08 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010/09/03 19:54:08 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010/09/03 19:54:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2010/09/03 19:54:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010/09/03 19:54:08 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010/09/03 19:54:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010/09/03 19:54:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010/09/03 19:54:08 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010/09/03 19:54:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010/09/03 19:54:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010/09/03 19:54:07 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2010/09/03 19:54:07 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010/09/03 19:54:07 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2010/09/03 19:54:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010/09/03 19:54:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/09/03 19:54:06 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/09/03 19:54:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2010/09/03 19:43:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/03 19:38:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/09/03 19:38:38 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/09/03 19:38:37 | 001,986,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/09/03 19:38:37 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/09/03 19:38:35 | 011,077,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/09/03 19:32:17 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/09/03 19:30:08 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/09/03 19:29:03 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/09/03 19:28:57 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/09/03 19:28:41 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010/09/03 19:28:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010/09/03 19:28:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010/09/03 19:27:55 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/09/03 19:24:09 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010/09/03 19:22:32 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/09/03 19:22:32 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/09/03 19:22:31 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/09/03 19:22:31 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/09/03 19:22:07 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010/09/03 19:21:30 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2010/09/03 19:21:23 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/09/03 19:21:19 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/09/03 19:20:36 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/09/03 19:20:32 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010/09/03 18:56:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/09/03 17:58:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/09/03 17:58:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/09/03 17:57:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/09/03 17:56:01 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2010/09/03 17:56:01 | 000,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2010/09/03 17:56:01 | 000,017,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2010/09/03 17:56:01 | 000,015,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2010/09/03 17:56:01 | 000,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2010/09/03 17:56:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/09/03 17:54:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ACEDIT\UserData
[2010/09/03 13:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Desktop\Avid_Liquid_7.2_Full_Upgrade
[2010/09/03 13:29:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Macromedia
[2010/09/03 13:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Adobe
[2010/09/03 13:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Tific
[2010/09/03 12:58:34 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symtdi.sys
[2010/09/03 12:58:34 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symtdiv.sys
[2010/09/03 12:58:34 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symds.sys
[2010/09/03 12:58:34 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtsp.sys
[2010/09/03 12:58:34 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symefa.sys
[2010/09/03 12:58:34 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtspx.sys
[2010/09/03 12:58:33 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\cchpx86.sys
[2010/09/03 12:58:33 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\ironx86.sys
[2010/09/03 12:58:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0402000.00C
[2010/09/03 12:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\My Documents\Symantec
[2010/09/03 12:47:16 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010/09/03 12:47:14 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/09/03 12:47:14 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/09/03 12:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/09/03 12:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/09/03 12:46:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/09/03 12:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/09/03 12:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2010/09/03 12:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/09/03 12:45:06 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/09/03 12:44:23 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2010/09/03 12:43:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/09/03 12:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/09/03 12:43:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010/09/03 12:43:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010/09/03 12:43:34 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010/09/03 12:43:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010/09/03 12:43:33 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/09/03 12:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/09/03 12:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/09/03 12:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/09/03 12:43:31 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/09/03 12:43:31 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/09/03 12:43:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010/09/03 12:43:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010/09/03 12:43:31 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/09/03 12:43:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010/09/03 12:43:30 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/09/03 12:43:30 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/09/03 12:43:30 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/09/03 12:43:30 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/09/03 12:43:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010/09/03 12:43:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010/09/03 12:43:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010/09/03 12:43:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010/09/03 12:43:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/09/03 12:43:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/09/03 12:43:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/09/03 12:43:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/09/03 12:43:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/09/03 12:43:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/09/03 12:43:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/09/03 12:43:29 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/09/03 12:43:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010/09/03 12:43:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010/09/03 12:43:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010/09/03 12:43:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010/09/03 12:43:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010/09/03 12:43:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010/09/03 12:43:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010/09/03 12:43:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010/09/03 12:43:28 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/09/03 12:43:28 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010/09/03 12:43:28 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/09/03 12:43:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010/09/03 12:43:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/09/03 12:43:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/09/03 12:43:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010/09/03 12:43:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010/09/03 12:43:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/09/03 12:43:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/09/03 12:43:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/09/03 12:43:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010/09/03 12:43:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010/09/03 12:43:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010/09/03 12:43:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/09/03 12:43:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/09/03 12:43:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/09/03 12:43:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010/09/03 12:43:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010/09/03 12:43:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010/09/03 12:43:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/09/03 12:43:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/09/03 12:43:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010/09/03 12:43:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010/09/03 12:43:25 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/09/03 12:43:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010/09/03 12:43:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/09/03 12:43:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/09/03 12:43:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/09/03 12:43:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/09/03 12:43:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/09/03 12:43:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/09/03 12:43:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/09/03 12:43:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/09/03 12:43:25 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/09/03 12:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010/09/03 12:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010/09/03 12:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010/09/03 12:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010/09/03 12:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010/09/03 12:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010/09/03 12:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010/09/03 12:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010/09/03 12:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010/09/03 12:43:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/09/03 12:43:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/09/03 12:43:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/09/03 12:43:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010/09/03 12:43:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010/09/03 12:43:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010/09/03 12:43:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/09/03 12:43:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/09/03 12:43:23 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010/09/03 12:43:23 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/09/03 12:43:23 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/09/03 12:43:23 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010/09/03 12:43:23 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010/09/03 12:43:23 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/09/03 12:43:23 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/09/03 12:43:23 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/09/03 12:43:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2010/09/03 12:43:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/09/03 12:43:23 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2010/09/03 12:43:23 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/09/03 12:43:23 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2010/09/03 12:43:23 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/09/03 12:43:23 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2010/09/03 12:43:23 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/09/03 12:43:23 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2010/09/03 12:43:23 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/09/03 12:43:23 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2010/09/03 12:43:23 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/09/03 12:43:22 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2010/09/03 12:43:22 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/09/03 12:43:22 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2010/09/03 12:43:22 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/09/03 12:43:22 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2010/09/03 12:43:22 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/09/03 12:43:22 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2010/09/03 12:43:22 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/09/03 12:43:22 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2010/09/03 12:43:22 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/09/03 12:43:22 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2010/09/03 12:43:22 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2010/09/03 12:43:22 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/09/03 12:43:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2010/09/03 12:43:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/09/03 12:43:22 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2010/09/03 12:43:22 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/09/03 12:43:22 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2010/09/03 12:43:22 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/09/03 12:43:22 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2010/09/03 12:43:22 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/09/03 12:43:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2010/09/03 12:43:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/09/03 12:43:22 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2010/09/03 12:43:22 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/09/03 12:43:22 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2010/09/03 12:43:22 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/09/03 12:43:22 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2010/09/03 12:43:22 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/09/03 12:43:22 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2010/09/03 12:43:22 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/09/03 12:43:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010/09/03 12:43:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/09/03 12:43:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010/09/03 12:43:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/09/03 12:43:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/09/03 12:43:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/09/03 12:43:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/09/03 12:43:16 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/09/03 12:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/09/03 12:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/09/03 12:43:07 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/09/03 12:42:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/09/03 12:42:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/09/03 12:42:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/09/03 12:42:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/09/03 12:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/09/03 12:41:28 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2010/09/03 12:41:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2010/09/03 12:41:27 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2010/09/03 12:41:27 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2010/09/03 12:41:27 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2010/09/03 12:41:27 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2010/09/03 12:41:27 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2010/09/03 12:41:27 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2010/09/03 12:41:27 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2010/09/03 12:41:27 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2010/09/03 12:41:26 | 005,243,392 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010/09/03 12:41:26 | 005,243,392 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2010/09/03 12:41:26 | 003,901,280 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll
[2010/09/03 12:41:26 | 003,901,280 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2010/09/03 12:41:26 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/09/03 12:41:26 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010/09/03 12:41:26 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2010/09/03 12:41:26 | 000,700,416 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll
[2010/09/03 12:41:26 | 000,700,416 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2010/09/03 12:41:26 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010/09/03 12:41:26 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010/09/03 12:41:26 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2010/09/03 12:41:26 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010/09/03 12:41:26 | 000,300,544 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll
[2010/09/03 12:41:26 | 000,300,544 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2010/09/03 12:41:26 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010/09/03 12:41:26 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010/09/03 12:41:26 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010/09/03 12:41:26 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010/09/03 12:41:26 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010/09/03 12:41:26 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010/09/03 12:41:26 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010/09/03 12:41:26 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010/09/03 12:41:26 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010/09/03 12:41:26 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010/09/03 12:41:26 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010/09/03 12:41:26 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010/09/03 12:41:26 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010/09/03 12:41:26 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010/09/03 12:41:26 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010/09/03 12:41:26 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010/09/03 12:41:26 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2010/09/03 12:41:26 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010/09/03 12:41:26 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010/09/03 12:41:26 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010/09/03 12:41:26 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010/09/03 12:41:26 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010/09/03 12:41:26 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010/09/03 12:41:26 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010/09/03 12:41:26 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2010/09/03 12:41:26 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2010/09/03 12:41:26 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010/09/03 12:41:26 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010/09/03 12:41:26 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2010/09/03 12:41:26 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2010/09/03 12:41:26 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2010/09/03 12:41:26 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010/09/03 12:41:26 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2010/09/03 12:41:26 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010/09/03 12:41:26 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010/09/03 12:41:26 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010/09/03 12:41:26 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010/09/03 12:41:26 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010/09/03 12:41:26 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010/09/03 12:41:26 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010/09/03 12:41:26 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010/09/03 12:41:26 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010/09/03 12:41:26 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010/09/03 12:41:26 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2010/09/03 12:41:26 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010/09/03 12:41:26 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010/09/03 12:41:26 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2010/09/03 12:41:26 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2010/09/03 12:41:26 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2010/09/03 12:41:25 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/09/03 12:41:25 | 002,537,728 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll
[2010/09/03 12:41:25 | 002,537,728 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2010/09/03 12:41:25 | 002,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2010/09/03 12:41:25 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2010/09/03 12:41:25 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2010/09/03 12:41:25 | 000,848,384 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.ax
[2010/09/03 12:41:25 | 000,755,200 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir50_32.dll
[2010/09/03 12:41:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2010/09/03 12:41:25 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2010/09/03 12:41:25 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2010/09/03 12:41:25 | 000,338,432 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qcx.dll
[2010/09/03 12:41:25 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2010/09/03 12:41:25 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2010/09/03 12:41:25 | 000,200,192 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qc.dll
[2010/09/03 12:41:25 | 000,199,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2010/09/03 12:41:25 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2010/09/03 12:41:25 | 000,183,808 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qcx.dll
[2010/09/03 12:41:25 | 000,154,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2010/09/03 12:41:25 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2010/09/03 12:41:25 | 000,120,320 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qc.dll
[2010/09/03 12:41:25 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2010/09/03 12:41:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2010/09/03 12:41:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2010/09/03 12:41:25 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2010/09/03 12:41:25 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010/09/03 12:41:25 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2010/09/03 12:41:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2010/09/03 12:41:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2010/09/03 12:41:25 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2010/09/03 12:41:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2010/09/03 12:41:25 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2010/09/03 12:41:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2010/09/03 12:41:25 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2010/09/03 12:41:25 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010/09/03 12:41:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2010/09/03 12:41:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2010/09/03 12:41:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2010/09/03 12:41:25 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/09/03 12:41:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2010/09/03 12:41:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2010/09/03 12:41:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2010/09/03 12:41:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2010/09/03 12:41:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2010/09/03 12:41:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/09/03 12:41:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2010/09/03 12:41:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2010/09/03 12:41:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2010/09/03 12:41:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2010/09/03 12:41:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2010/09/03 12:41:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2010/09/03 12:41:24 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2010/09/03 12:41:24 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2010/09/03 12:41:24 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2010/09/03 12:41:24 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/09/03 12:41:24 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010/09/03 12:41:24 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2010/09/03 12:41:24 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2010/09/03 12:41:24 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2010/09/03 12:41:24 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/09/03 12:41:24 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010/09/03 12:41:24 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2010/09/03 12:41:24 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010/09/03 12:41:24 | 000,209,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010/09/03 12:41:24 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2010/09/03 12:41:24 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/09/03 12:41:24 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2010/09/03 12:41:24 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/09/03 12:41:24 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2010/09/03 12:41:24 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2010/09/03 12:41:24 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2010/09/03 12:41:24 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2010/09/03 12:41:24 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2010/09/03 12:41:24 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2010/09/03 12:41:24 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2010/09/03 12:41:24 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/09/03 12:41:24 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010/09/03 12:41:24 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2010/09/03 12:41:24 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2010/09/03 12:41:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2010/09/03 12:41:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010/09/03 12:41:24 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2010/09/03 12:41:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2010/09/03 12:41:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2010/09/03 12:41:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2010/09/03 12:41:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/09/03 12:40:49 | 002,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2010/09/03 12:40:40 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/09/03 12:40:36 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/09/03 12:40:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/09/03 12:40:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/09/03 12:39:28 | 278,927,592 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\ACEDIT\Desktop\WindowsXP-KB835935-SP2-ENU.exe
[2010/09/03 12:34:28 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/09/03 12:34:28 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/09/03 12:34:28 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/09/03 12:34:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/09/03 12:08:41 | 000,038,656 | R--- | C] (Attansic Technology corporation.) -- C:\WINDOWS\System32\drivers\atl01_xp.sys
[2010/09/03 12:08:41 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/09/03 12:08:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Attansic
[2010/09/03 12:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Attansic
[2010/09/03 12:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/09/03 12:04:13 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2010/09/03 12:04:13 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/09/03 12:03:57 | 000,135,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\System32\DRIVERS\usbport.sys
[2010/09/03 12:03:57 | 000,086,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\System32\DRIVERS\atapi.sys
[2010/09/03 12:03:57 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\System32\usbui.dll
[2010/09/03 12:03:57 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\System32\DRIVERS\pci.sys
[2010/09/03 12:03:57 | 000,051,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\System32\DRIVERS\usbhub.sys
[2010/09/03 12:03:57 | 000,023,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\System32\DRIVERS\pciidex.sys
[2010/09/03 12:03:57 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\System32\DRIVERS\usbuhci.sys
[2010/09/03 12:03:57 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\System32\DRIVERS\pciide.sys
[2010/09/03 12:03:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\System32
[2010/09/03 12:03:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\INF
[2010/09/03 12:03:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\System32\DRIVERS
[2010/09/03 12:03:27 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2010/09/03 12:03:27 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciide.sys
[2010/09/03 12:03:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/09/03 12:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/09/03 12:03:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/09/03 12:03:11 | 000,000,000 | ---D | C] -- C:\Intel
[2010/09/03 11:54:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/09/03 11:53:44 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/09/03 11:53:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Identities
[2010/09/03 11:53:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\My Documents\My Pictures
[2010/09/03 11:53:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\My Documents\My Music
[2010/09/03 11:53:39 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/09/03 11:53:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft
[2010/09/03 11:53:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ACEDIT\SendTo
[2010/09/03 11:53:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ACEDIT\Recent
[2010/09/03 11:53:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ACEDIT\Application Data
[2010/09/03 11:53:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\Start Menu
[2010/09/03 11:53:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\My Documents
[2010/09/03 11:53:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\Favorites
[2010/09/03 11:53:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ACEDIT\Cookies
[2010/09/03 11:53:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\ACEDIT\Templates
[2010/09/03 11:53:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\ACEDIT\PrintHood
[2010/09/03 11:53:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\ACEDIT\NetHood
[2010/09/03 11:53:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\ACEDIT\Local Settings
[2010/09/03 11:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\Microsoft
[2010/09/03 11:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Desktop
[2010/09/03 11:52:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/09/03 11:52:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/09/03 11:52:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/09/03 11:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/09/03 11:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/09/03 11:50:49 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/09/03 11:50:49 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/09/03 11:50:49 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/09/03 11:50:49 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/09/03 11:50:49 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/09/03 11:50:49 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/09/03 11:50:49 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/09/03 11:50:49 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/09/03 11:50:48 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/09/03 11:50:48 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/09/03 11:50:48 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/09/03 11:50:48 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/09/03 11:50:48 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/09/03 11:50:47 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/09/03 11:50:47 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/09/03 11:50:47 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/09/03 11:50:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/09/03 11:50:47 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/09/03 11:50:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/09/03 11:50:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/09/03 11:50:46 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/09/03 11:50:46 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/09/03 11:50:46 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/09/03 11:50:46 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/09/03 11:50:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/09/03 11:50:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/09/03 11:50:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/09/03 11:50:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/09/03 11:50:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/09/03 11:50:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/09/03 11:50:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/09/03 11:50:44 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/09/03 11:50:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/09/03 11:50:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/09/03 11:50:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/09/03 11:50:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/09/03 11:50:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/09/03 11:50:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/09/03 11:50:44 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/09/03 11:50:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/09/03 11:50:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/09/03 11:50:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/09/03 11:50:44 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2010/09/03 11:50:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/09/03 11:50:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/09/03 11:50:43 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2010/09/03 11:50:43 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/09/03 11:50:43 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/09/03 11:50:43 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/09/03 11:50:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/09/03 11:50:43 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2010/09/03 11:50:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/09/03 11:50:42 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/09/03 11:50:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/09/03 11:50:42 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/09/03 11:50:41 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/09/03 11:50:41 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/09/03 11:50:41 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/09/03 11:50:41 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/09/03 11:50:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/09/03 11:50:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/09/03 11:50:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/09/03 11:50:40 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/09/03 11:50:40 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/09/03 11:50:40 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/09/03 11:50:40 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/09/03 11:50:40 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/09/03 11:50:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/09/03 11:50:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/09/03 11:50:39 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/09/03 11:50:39 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/09/03 11:50:37 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/09/03 11:50:37 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/09/03 11:50:36 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/09/03 11:50:36 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/09/03 11:50:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/09/03 11:50:35 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/09/03 11:50:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/09/03 11:50:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/09/03 11:50:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/09/03 11:50:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/09/03 11:50:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/09/03 11:50:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/09/03 11:50:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/09/03 11:50:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/09/03 11:50:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/09/03 11:50:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/09/03 11:50:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/09/03 11:50:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/09/03 11:50:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/09/03 11:50:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/09/03 11:50:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/09/03 11:50:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/09/03 11:50:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/09/03 11:50:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/09/03 11:50:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/09/03 11:50:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/09/03 11:50:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/09/03 11:50:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/09/03 11:50:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/09/03 11:50:32 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/09/03 11:50:32 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/09/03 11:50:32 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/09/03 11:50:32 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/09/03 11:50:32 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/09/03 11:50:32 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/09/03 11:50:31 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/09/03 11:50:31 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/09/03 11:50:31 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/09/03 11:50:31 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/09/03 11:50:31 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/09/03 11:50:31 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/09/03 11:50:31 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/09/03 11:50:31 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/09/03 11:50:30 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/09/03 11:50:30 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/09/03 11:50:30 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/09/03 11:50:30 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/09/03 11:50:30 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/09/03 11:50:30 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/09/03 11:50:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/09/03 11:50:30 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/09/03 11:50:30 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/09/03 11:50:25 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/09/03 11:50:13 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/09/03 11:50:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/09/03 11:50:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/09/03 11:50:12 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/09/03 11:50:11 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/09/03 11:50:11 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/09/03 11:50:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/09/03 11:50:11 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/09/03 11:50:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/09/03 11:50:10 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/09/03 11:50:10 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/09/03 11:50:10 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/09/03 11:50:10 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/09/03 11:50:10 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/09/03 11:50:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/09/03 11:50:08 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/09/03 11:50:08 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/09/03 11:50:08 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/09/03 11:50:08 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/09/03 11:50:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/09/03 11:50:07 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/09/03 11:50:07 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/09/03 11:50:07 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/09/03 11:50:07 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/09/03 11:50:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/09/03 11:50:06 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/09/03 11:50:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/09/03 11:50:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/09/03 11:50:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/09/03 11:50:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/09/03 11:50:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/09/03 11:50:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/09/03 11:50:05 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2010/09/03 11:50:05 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/09/03 11:50:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/09/03 11:50:03 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2010/09/03 11:50:03 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2010/09/03 11:49:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/09/03 11:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/09/03 11:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/09/03 11:49:43 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/09/03 11:49:28 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/09/03 11:49:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/09/03 11:49:25 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/09/03 11:49:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/09/03 11:48:46 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/09/03 11:48:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/09/03 11:48:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/09/03 11:48:46 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/09/03 11:48:45 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010/09/03 11:48:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010/09/03 11:48:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010/09/03 11:48:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010/09/03 11:48:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/09/03 11:48:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/09/03 11:48:37 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010/09/03 11:48:36 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/09/03 11:48:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/09/03 11:48:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010/09/03 11:48:35 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010/09/03 11:48:35 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/09/03 11:48:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010/09/03 11:48:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010/09/03 11:48:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010/09/03 11:48:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/09/03 11:48:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/09/03 11:48:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/09/03 11:48:30 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/09/03 11:48:30 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/09/03 11:48:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/09/03 11:48:30 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/09/03 11:48:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/09/03 11:48:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010/09/03 11:48:29 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010/09/03 11:48:29 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010/09/03 11:48:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010/09/03 11:48:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010/09/03 11:48:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/09/03 11:48:28 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010/09/03 11:48:28 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010/09/03 11:48:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/09/03 11:48:27 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010/09/03 11:48:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/09/03 11:48:23 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2010/09/03 11:48:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/09/03 11:48:22 | 000,319,542 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2010/09/03 11:48:22 | 000,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2010/09/03 11:48:22 | 000,110,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2010/09/03 11:48:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/09/03 11:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/09/03 11:48:17 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/09/03 11:48:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/09/03 11:48:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2010/09/03 11:48:16 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/09/03 11:48:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/09/03 11:48:16 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/09/03 11:48:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/09/03 11:48:14 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/09/03 11:48:14 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/09/03 11:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/09/03 11:48:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/09/03 11:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/09/03 11:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/09/03 11:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/09/03 11:48:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/09/03 11:48:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/09/03 11:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/09/03 11:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/09/03 11:47:55 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/09/03 11:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/09/03 11:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/09/03 11:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/09/03 11:47:51 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010/09/03 11:47:51 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010/09/03 11:47:51 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010/09/03 11:47:51 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010/09/03 11:47:51 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010/09/03 11:47:51 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010/09/03 11:47:50 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010/09/03 11:47:50 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010/09/03 11:47:50 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010/09/03 11:47:50 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010/09/03 11:47:50 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010/09/03 11:47:50 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010/09/03 11:47:50 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010/09/03 11:47:50 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010/09/03 11:47:50 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010/09/03 11:47:50 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010/09/03 11:47:49 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010/09/03 11:47:49 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010/09/03 11:47:49 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010/09/03 11:47:49 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010/09/03 11:47:49 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010/09/03 11:47:49 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010/09/03 11:47:48 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010/09/03 11:47:48 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010/09/03 11:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/09/03 11:47:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010/09/03 11:47:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/09/03 11:47:41 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/09/03 11:47:41 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/09/03 11:47:41 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/09/03 11:47:41 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010/09/03 11:47:41 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/09/03 11:47:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010/09/03 11:47:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/09/03 11:47:41 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/09/03 11:47:41 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/09/03 11:47:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010/09/03 11:47:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/09/03 11:47:41 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010/09/03 11:47:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010/09/03 11:47:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/09/03 11:47:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/09/03 11:47:40 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010/09/03 11:47:35 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/09/03 11:47:35 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010/09/03 11:47:35 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010/09/03 11:47:35 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/09/03 11:47:34 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/09/03 11:47:34 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010/09/03 11:47:34 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/09/03 11:47:34 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010/09/03 11:47:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010/09/03 11:47:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/09/03 11:47:34 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/09/03 11:47:34 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010/09/03 11:47:33 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/09/03 11:47:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/09/03 11:47:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010/09/03 11:47:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/09/03 11:47:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010/09/03 11:47:33 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/09/03 11:47:33 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010/09/03 11:47:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/09/03 11:47:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/09/03 11:47:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010/09/03 11:47:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/09/03 11:47:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010/09/03 11:47:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/09/03 11:47:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010/09/03 11:47:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/09/03 11:47:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010/09/03 11:47:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/09/03 11:47:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010/09/03 11:47:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/09/03 11:47:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010/09/03 11:47:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/09/03 11:47:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010/09/03 11:47:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/09/03 11:47:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010/09/03 11:47:32 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/09/03 11:47:32 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/09/03 11:47:32 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/09/03 11:47:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/09/03 11:47:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010/09/03 11:47:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/09/03 11:47:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010/09/03 11:47:32 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010/09/03 11:47:32 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/09/03 11:47:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/09/03 11:47:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010/09/03 11:47:32 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/09/03 11:47:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/09/03 11:47:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010/09/03 11:47:30 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/09/03 11:47:30 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/09/03 11:47:30 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/09/03 11:47:30 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/09/03 11:47:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/09/03 11:47:30 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/09/03 11:47:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/09/03 11:47:30 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/09/03 11:47:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/09/03 11:47:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/09/03 11:47:29 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/09/03 11:47:29 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/09/03 11:47:29 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/09/03 11:47:29 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010/09/03 11:47:26 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010/09/03 11:47:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010/09/03 11:47:26 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2010/09/03 11:47:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010/09/03 11:47:25 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010/09/03 11:47:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010/09/03 11:47:25 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010/09/03 11:47:25 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010/09/03 11:47:25 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010/09/03 11:47:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010/09/03 11:47:25 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010/09/03 11:47:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010/09/03 11:47:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010/09/03 11:47:24 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010/09/03 11:47:24 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010/09/03 11:47:24 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/09/03 11:47:24 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010/09/03 11:47:24 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/09/03 11:47:23 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/09/03 11:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/09/03 11:47:17 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/09/03 11:47:17 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/09/03 11:47:17 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/09/03 11:47:17 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/09/03 11:47:17 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010/09/03 11:47:17 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/09/03 11:47:16 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010/09/03 11:47:16 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/09/03 11:47:15 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/09/03 11:47:15 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/09/03 11:47:15 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/09/03 11:47:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010/09/03 11:47:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/09/03 11:47:15 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/09/03 11:47:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/09/03 11:47:14 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/09/03 11:47:14 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/09/03 11:47:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/09/03 11:47:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/09/03 11:47:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/09/03 11:47:13 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/09/03 11:47:10 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/04 14:57:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ACEDIT\Desktop\OTL.exe
[2010/09/04 12:50:28 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/09/04 11:49:04 | 000,013,104 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/04 11:46:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/04 11:46:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/04 10:02:36 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\ACEDIT\NTUSER.DAT
[2010/09/04 10:02:36 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\ACEDIT\ntuser.ini
[2010/09/04 01:30:42 | 002,454,766 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\Cat.DB
[2010/09/04 01:29:33 | 000,581,790 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/04 01:29:33 | 000,502,128 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/04 01:29:33 | 000,087,652 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/04 01:00:42 | 004,280,306 | -H-- | M] () -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\IconCache.db
[2010/09/04 00:59:59 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2010/09/04 00:59:08 | 000,012,608 | ---- | M] () -- C:\WINDOWS\Ascd_log.ini
[2010/09/04 00:58:25 | 000,012,570 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/09/04 00:15:34 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/09/03 21:18:28 | 000,000,882 | RH-- | M] () -- C:\WINDOWS\ctfile.rfc
[2010/09/03 21:17:44 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/09/03 21:17:44 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010/09/03 21:12:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/03 21:11:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2010/09/03 21:09:41 | 030,418,952 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Documents and Settings\ACEDIT\Desktop\10-8_xp32_dd.exe
[2010/09/03 21:02:03 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/03 20:57:15 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/03 20:16:50 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/03 20:09:54 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/03 19:57:56 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/03 19:44:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/03 19:18:56 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010/09/03 17:50:13 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/03 12:59:45 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/09/03 12:47:14 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/09/03 12:47:14 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/09/03 12:47:14 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/09/03 12:47:14 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/09/03 12:45:57 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/03 12:41:41 | 000,000,487 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/03 12:41:41 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/09/03 12:40:48 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/09/03 12:39:28 | 278,927,592 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\ACEDIT\Desktop\WindowsXP-KB835935-SP2-ENU.exe
[2010/09/03 12:03:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem6.PNF
[2010/09/03 12:03:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem6.inf
[2010/09/03 12:03:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem5.PNF
[2010/09/03 12:03:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem5.inf
[2010/09/03 12:03:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem4.PNF
[2010/09/03 12:03:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem4.inf
[2010/09/03 12:03:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem3.PNF
[2010/09/03 12:03:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem3.inf
[2010/09/03 12:03:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem2.PNF
[2010/09/03 12:03:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem2.inf
[2010/09/03 12:03:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem1.PNF
[2010/09/03 12:03:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem1.inf
[2010/09/03 12:02:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem0.PNF
[2010/09/03 12:02:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem0.inf
[2010/09/03 11:53:45 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/03 11:53:43 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2010/09/03 11:52:29 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/03 11:50:52 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/09/03 11:49:48 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/03 11:49:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/09/03 11:49:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/03 11:49:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/09/03 11:49:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/09/03 11:49:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/09/03 11:49:47 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/09/03 11:49:47 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/09/03 11:49:46 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2010/09/03 11:49:43 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/09/03 11:49:25 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/03 11:49:25 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/03 11:48:04 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/03 11:48:03 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/09/03 11:48:03 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/04 12:39:30 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/09/04 12:25:25 | 002,244,066 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\graduation photos 008.jpg
[2010/09/04 01:00:35 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/09/04 00:58:25 | 000,012,570 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/09/03 21:18:26 | 000,007,062 | ---- | C] () -- C:\WINDOWS\System32\audiopid.vxd
[2010/09/03 21:17:47 | 004,174,814 | ---- | C] () -- C:\WINDOWS\System32\ct4mgm.sf2
[2010/09/03 21:17:47 | 000,000,059 | ---- | C] () -- C:\WINDOWS\System32\default4.sfm
[2010/09/03 21:17:22 | 000,145,920 | ---- | C] () -- C:\WINDOWS\System32\OemSpi.dll
[2010/09/03 21:17:22 | 000,118,850 | ---- | C] () -- C:\WINDOWS\System32\CTPcie.dll
[2010/09/03 21:17:22 | 000,008,535 | ---- | C] () -- C:\WINDOWS\sfsyn.ini
[2010/09/03 21:17:22 | 000,001,046 | ---- | C] () -- C:\WINDOWS\SB0820.reg
[2010/09/03 21:17:22 | 000,000,938 | ---- | C] () -- C:\WINDOWS\SB0710.reg
[2010/09/03 21:17:22 | 000,000,534 | ---- | C] () -- C:\WINDOWS\SB1042.reg
[2010/09/03 21:17:22 | 000,000,534 | ---- | C] () -- C:\WINDOWS\SB1040.reg
[2010/09/03 21:17:21 | 000,000,882 | RH-- | C] () -- C:\WINDOWS\ctfile.rfc
[2010/09/03 21:11:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/09/03 21:11:28 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/09/03 21:11:28 | 000,455,872 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/09/03 21:11:28 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010/09/03 21:11:28 | 000,219,348 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/09/03 21:11:28 | 000,071,096 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010/09/03 21:11:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010/09/03 21:11:28 | 000,022,053 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2010/09/03 21:11:28 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/09/03 19:54:21 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/09/03 19:54:21 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/09/03 19:54:21 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/09/03 19:54:21 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/09/03 19:54:21 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/09/03 19:54:21 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/09/03 19:54:21 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/09/03 19:54:21 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/09/03 19:54:21 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/09/03 19:54:21 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/09/03 19:54:21 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010/09/03 19:54:21 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2010/09/03 19:54:21 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010/09/03 19:54:21 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/09/03 19:54:21 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/09/03 19:54:21 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/09/03 19:54:21 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/09/03 19:54:21 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/09/03 19:54:21 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/09/03 19:54:21 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/09/03 19:54:21 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/09/03 19:54:21 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/09/03 19:54:21 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/09/03 19:54:21 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/09/03 19:54:21 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/09/03 19:54:21 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/09/03 19:54:21 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/09/03 19:54:21 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/09/03 19:54:20 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/09/03 19:54:20 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/09/03 19:54:20 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/09/03 19:54:19 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/09/03 19:54:19 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/09/03 19:54:19 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/09/03 19:54:19 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/09/03 19:54:19 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/09/03 19:54:19 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/09/03 19:54:19 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/09/03 19:54:19 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/09/03 19:54:19 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/09/03 19:54:19 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/09/03 19:54:18 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/09/03 19:54:18 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/09/03 19:54:17 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/09/03 19:54:17 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010/09/03 19:54:16 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/09/03 19:54:16 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/09/03 19:54:16 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/09/03 19:54:16 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010/09/03 19:54:16 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010/09/03 19:54:16 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010/09/03 19:54:16 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010/09/03 19:54:16 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010/09/03 19:54:16 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010/09/03 19:54:16 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010/09/03 19:54:16 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010/09/03 19:54:16 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010/09/03 19:54:16 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010/09/03 19:54:16 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010/09/03 19:54:16 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010/09/03 19:54:16 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010/09/03 19:54:16 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010/09/03 19:54:16 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010/09/03 19:54:16 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/09/03 19:54:13 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2010/09/03 19:54:13 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/09/03 19:54:13 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/09/03 19:54:13 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2010/09/03 19:54:13 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/09/03 19:54:13 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/09/03 19:54:13 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/09/03 19:54:12 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/09/03 19:54:10 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2010/09/03 19:54:08 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2010/09/03 19:54:08 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/09/03 19:54:07 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/09/03 19:54:07 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010/09/03 19:54:07 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/09/03 19:54:07 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/09/03 19:54:07 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/09/03 19:54:07 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/09/03 19:54:07 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/09/03 19:54:07 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/09/03 19:54:07 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/09/03 19:54:07 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/09/03 19:54:07 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/09/03 19:18:57 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010/09/03 17:50:13 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/03 12:59:27 | 002,454,766 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\Cat.DB
[2010/09/03 12:58:34 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symefa.cat
[2010/09/03 12:58:34 | 000,007,787 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnetv.cat
[2010/09/03 12:58:34 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtspx.cat
[2010/09/03 12:58:34 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtsp.cat
[2010/09/03 12:58:34 | 000,007,425 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symds.cat
[2010/09/03 12:58:34 | 000,007,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnet.cat
[2010/09/03 12:58:34 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symefa.inf
[2010/09/03 12:58:34 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symds.inf
[2010/09/03 12:58:34 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnetv.inf
[2010/09/03 12:58:34 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnet.inf
[2010/09/03 12:58:34 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtspx.inf
[2010/09/03 12:58:34 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtsp.inf
[2010/09/03 12:58:33 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\iron.cat
[2010/09/03 12:58:33 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\cchpx86.cat
[2010/09/03 12:58:33 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\cchpx86.inf
[2010/09/03 12:58:33 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\iron.inf
[2010/09/03 12:58:18 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\isolate.ini
[2010/09/03 12:47:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/03 12:47:14 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/09/03 12:47:14 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/09/03 12:47:10 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/09/03 12:43:38 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/09/03 12:43:34 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/09/03 12:43:34 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/09/03 12:43:34 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/09/03 12:43:33 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/09/03 12:43:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/09/03 12:43:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/09/03 12:43:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/09/03 12:43:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/09/03 12:43:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/09/03 12:43:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/09/03 12:43:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/09/03 12:43:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/09/03 12:43:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/09/03 12:43:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/09/03 12:43:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/09/03 12:43:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/09/03 12:43:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/09/03 12:43:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/09/03 12:43:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/09/03 12:43:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/09/03 12:43:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/09/03 12:43:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/09/03 12:43:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/09/03 12:43:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/09/03 12:43:21 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/09/03 12:42:47 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2010/09/03 12:42:47 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/09/03 12:42:47 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2010/09/03 12:42:47 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2010/09/03 12:42:47 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2010/09/03 12:42:47 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/09/03 12:42:47 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/09/03 12:42:47 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/09/03 12:42:46 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/09/03 12:42:46 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2010/09/03 12:42:46 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/09/03 12:42:46 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2010/09/03 12:42:46 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2010/09/03 12:42:18 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/03 12:41:38 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/03 12:41:26 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/09/03 12:41:26 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/09/03 12:41:26 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/09/03 12:41:25 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2010/09/03 12:38:35 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/09/03 12:38:35 | 000,000,211 | RHS- | C] () -- C:\boot.ini
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem6.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem6.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem5.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem5.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem4.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem4.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem3.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem3.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem2.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem2.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem1.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem1.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem0.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem0.inf
[2010/09/03 12:02:48 | 000,012,608 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010/09/03 12:02:43 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010/09/03 12:02:36 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/09/03 11:53:45 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/03 11:53:42 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/09/03 11:53:39 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/03 11:53:33 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\ACEDIT\NTUSER.DAT
[2010/09/03 11:53:33 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\ACEDIT\ntuser.dat.LOG
[2010/09/03 11:53:33 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\ACEDIT\ntuser.ini
[2010/09/03 11:52:29 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/03 11:50:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/09/03 11:50:40 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/09/03 11:50:35 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/09/03 11:50:32 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/09/03 11:50:31 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/09/03 11:50:30 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/09/03 11:50:18 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/09/03 11:50:13 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/09/03 11:50:08 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/09/03 11:49:48 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/03 11:49:48 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/09/03 11:49:48 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/09/03 11:49:48 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/09/03 11:49:48 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/09/03 11:49:47 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2010/09/03 11:49:47 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/09/03 11:49:47 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/09/03 11:49:46 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2010/09/03 11:49:25 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/03 11:49:25 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/03 11:49:17 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/09/03 11:48:43 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/09/03 11:48:43 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/09/03 11:48:37 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/09/03 11:48:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/03 11:47:36 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/09/03 11:47:36 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/09/03 11:47:36 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/09/03 11:47:36 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/09/03 11:47:36 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/09/03 11:47:36 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/09/03 11:47:36 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/09/03 11:47:36 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/09/03 11:47:36 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/09/03 11:47:36 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/09/03 11:47:36 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/09/03 11:47:35 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/09/03 11:47:35 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/09/03 11:47:35 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/09/03 11:47:35 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/09/03 11:47:35 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/09/03 11:47:35 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/09/03 11:47:35 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/09/03 11:47:35 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/09/03 11:47:33 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/09/03 11:47:33 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/09/03 11:47:31 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/09/03 11:47:24 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/04/14 15:34:28 | 000,033,080 | ---- | C] () -- C:\WINDOWS\System32\t3.ini

========== Custom Scans ==========


< c:\*srv.exe /s >
[2004/08/04 00:56:48 | 000,033,280 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe
[2004/08/04 00:56:58 | 000,126,464 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe
[2008/04/14 01:12:14 | 000,033,280 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\ServicePackFiles\i386\clipsrv.exe
[2008/04/14 01:12:40 | 000,126,464 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe
[2008/04/14 01:12:14 | 000,033,280 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\clipsrv.exe
[2008/04/14 01:12:40 | 000,126,464 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wmiapsrv.exe
[2008/04/14 01:12:14 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clipsrv.exe
[2002/08/29 13:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qappsrv.exe
[4 c:\WINDOWS\system32\*.tmp files -> c:\WINDOWS\system32\*.tmp -> ]
[2002/08/29 13:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllcache\qappsrv.exe
[2 c:\WINDOWS\system32\dllcache\*.tmp files -> c:\WINDOWS\system32\dllcache\*.tmp -> ]
[2008/04/14 01:12:40 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe

< d:\*srv.exe /s >

< >
< End of report >


#6 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:07:10 PM

Posted 04 September 2010 - 09:30 AM

Hi,

Thanks for the log, let's scan with MBAM and make sure that D: drive will be included on the scan.


Please download Malwarebytes' Anti-Malware from here:
MalwareBytes' AntiMalware download link

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#7 Mackeh

Mackeh
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 04 September 2010 - 10:45 AM

Here is the log file from Mbam

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4542

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

04/09/2010 16:42:35
mbam-log-2010-09-04 (16-42-35).txt

Scan type: Quick scan
Objects scanned: 126759
Time elapsed: 3 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I ran the program on D Drive and this is the log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4542

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

04/09/2010 17:22:16
mbam-log-2010-09-04 (17-22-16).txt

Scan type: Quick scan
Objects scanned: 20249
Time elapsed: 7 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

When I returned to my PC after the scan I noticed Norton had found Adware.UCMore

Edited by Mackeh, 04 September 2010 - 11:26 AM.


#8 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:07:10 PM

Posted 04 September 2010 - 11:41 AM

Can you please post the extra.txt file of OTL.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#9 Mackeh

Mackeh
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 04 September 2010 - 12:44 PM

Extras.txt as follows

OTL Extras logfile created on: 04/09/2010 15:00:33 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\ACEDIT\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 74.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 898.47 Gb Free Space | 96.45% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 12.13 Gb Free Space | 5.21% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANGEL
Current User Name: ACEDIT
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1829AFBC-19F5-B1FE-73B1-30FF9DA49062}" = ATI Catalyst Install Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AtcL1" = Attansic L1 Gigabit Ethernet Driver
"AudioCS" = Creative Audio Control Panel
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Host OpenAL" = Host OpenAL
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"N360" = Norton 360
"Windows XP Service Pack" = Windows XP Service Pack 3
"World of Warcraft" = World of Warcraft

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03/09/2010 13:48:46 | Computer Name = ANGEL | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The server name or address could not be resolved

Error - 03/09/2010 13:54:15 | Computer Name = ANGEL | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module ntdll.dll, version 5.1.2600.2180, fault address 0x00010f29.

Error - 03/09/2010 14:16:38 | Computer Name = ANGEL | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.2180, faulting
module ntdll.dll, version 5.1.2600.2180, fault address 0x000106c3.

Error - 03/09/2010 19:58:08 | Computer Name = ANGEL | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041F from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 03/09/2010 20:03:19 | Computer Name = ANGEL | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041F from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 03/09/2010 20:33:14 | Computer Name = ANGEL | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 03/09/2010 20:33:14 | Computer Name = ANGEL | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041F from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 04/09/2010 04:27:16 | Computer Name = ANGEL | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041F from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 04/09/2010 06:48:07 | Computer Name = ANGEL | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 04/09/2010 06:48:07 | Computer Name = ANGEL | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 8007041F from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

[ System Events ]
Error - 03/09/2010 19:58:08 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 03/09/2010 20:03:19 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 03/09/2010 20:03:19 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 03/09/2010 20:33:14 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 03/09/2010 20:33:14 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 04/09/2010 04:27:16 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 04/09/2010 04:27:16 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 04/09/2010 06:48:07 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service winmgmt with
arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error - 04/09/2010 06:48:07 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 04/09/2010 06:48:07 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = DCOM got error "%1055" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}


< End of report >


#10 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:07:10 PM

Posted 04 September 2010 - 01:57 PM

Please do the following:


1. Please reopen OTL on your desktop.
  • Copy and Paste the following code into the Custom Scan/Fixes text box. Do not include the word "Code".

    CODE
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "AntiVirusOverride"=-
    "FirewallOverride"=-

    :Commands
    [EMPTYTEMP]

  • Push the Run Fix button.
  • OTL may ask to reboot the machine. Please do so if asked.
  • A massage box "Fix complete! Click OK to open the fix log." will pop-up.
  • Click the OK button and a report will open.
  • Copy and Paste that report in your next reply.



2. Please go to Kaspersky website and perform an online antivirus scan.
  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply .
Note: Kaspersky online scan may take time to complete, please be patient.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#11 Mackeh

Mackeh
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 04 September 2010 - 04:18 PM

The OTL report

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: ACEDIT
->Temp folder emptied: 40356208 bytes
->Temporary Internet Files folder emptied: 14615793 bytes
->Flash cache emptied: 2827629 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1138887 bytes
%systemroot%\System32 .tmp files removed: 854545 bytes
%systemroot%\System32\dllcache .tmp files removed: 240640 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 802422 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3021499 bytes

Total Files Cleaned = 61.00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 09042010_200232

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\ACEDIT\Local Settings\Temp\~DF6EAF.tmp not found!
File\Folder C:\Documents and Settings\ACEDIT\Local Settings\Temp\~DF6EC9.tmp not found!
File\Folder C:\Documents and Settings\ACEDIT\Local Settings\Temp\~DF6F34.tmp not found!
File\Folder C:\Documents and Settings\ACEDIT\Local Settings\Temp\~DF6F4E.tmp not found!
File\Folder C:\Documents and Settings\ACEDIT\Local Settings\Temp\~DF6F91.tmp not found!
File\Folder C:\Documents and Settings\ACEDIT\Local Settings\Temp\~DF6FAB.tmp not found!
C:\Documents and Settings\ACEDIT\Local Settings\Temporary Internet Files\Content.IE5\41154LOC\iframe[2].htm moved successfully.
C:\Documents and Settings\ACEDIT\Local Settings\Temporary Internet Files\Content.IE5\41154LOC\topic344517[1].htm moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_200.dat not found!

Registry entries deleted on Reboot...

The Kaspersky report

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Saturday, September 4, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Saturday, September 04, 2010 16:14:21
Records in database: 4191699
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: no

Scan area - My Computer:
A:\
C:\
D:\
E:\

Scan statistics:
Objects scanned: 73099
Threats found: 4
Infected objects found: 7
Suspicious objects found: 0
Scan duration: 01:47:37


File name / Threat / Threats count
C:\System Volume Information\_restore{CFD48C6F-00D2-4C03-B156-A7D34BEC3EE1}\RP16\A0010221.exe Infected: Trojan-Downloader.Win32.Agent.dsta 1
D:\System Volume Information\_restore{B9FE06C0-EC93-4157-A8BE-F29BA6E40FAE}\RP289\A0039763.exe Infected: not-a-virus:AdWare.Win32.Aureate 2
D:\System Volume Information\_restore{B9FE06C0-EC93-4157-A8BE-F29BA6E40FAE}\RP289\A0039763.exe Infected: not-a-virus:AdWare.Win32.Aureate.a 3
D:\System Volume Information\_restore{B9FE06C0-EC93-4157-A8BE-F29BA6E40FAE}\RP289\A0039774.exe Infected: Backdoor.Win32.DarkMoon.lv 1

Selected area has been scanned.


#12 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:07:10 PM

Posted 04 September 2010 - 10:08 PM

Hi,

Looks good.


1. Now you should Set a New Restore Point to prevent possible reinfection from an old one.
Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.




2. Please run OTL and click the quick scan button, it will produce a new log. Please post that log for my review. Thanks.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#13 Mackeh

Mackeh
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 05 September 2010 - 04:48 AM

New Log

OTL logfile created on: 05/09/2010 10:47:36 - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\ACEDIT\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 900.26 Gb Free Space | 96.65% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 12.14 Gb Free Space | 5.21% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANGEL
Current User Name: ACEDIT
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/04 14:57:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ACEDIT\Desktop\OTL.exe
PRC - [2010/02/26 01:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.2.0.12\ccsvchst.exe
PRC - [2008/04/30 10:35:20 | 000,425,984 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/09/04 14:57:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ACEDIT\Desktop\OTL.exe
MOD - [2010/05/14 06:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.2.0.12\asoehook.dll
MOD - [2009/07/12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/09/03 21:18:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 01:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe -- (N360)
SRV - [2008/04/30 10:35:20 | 000,425,984 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV - [2010/09/04 09:42:00 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100904.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/04 09:42:00 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100904.003\NAVENG.SYS -- (NAVENG)
DRV - [2010/09/03 12:55:23 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/09/03 12:47:14 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/09/03 04:24:32 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/08/26 17:47:24 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100903.003\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/08/10 01:16:24 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/08/04 03:20:12 | 005,243,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/05/06 05:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0402000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 06:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/22 04:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/22 03:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0402000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/22 03:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/26 01:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys -- (ccHP)
DRV - [2009/10/15 04:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009/06/04 03:23:14 | 000,742,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\t3.sys -- (t3)
DRV - [2009/02/27 10:45:30 | 000,171,008 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2009/02/05 16:34:16 | 001,803,136 | ---- | M] (Creative) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\t3filt.sys -- (t3filt)
DRV - [2009/01/14 10:47:24 | 000,142,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2009/01/14 10:47:24 | 000,114,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2009/01/14 10:47:24 | 000,008,704 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Pfmodnt.sys -- (PfModNT)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/03/15 15:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2004/08/13 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/09/03 13:00:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/09/03 12:47:23 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2002/08/29 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.2.0.12\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [SPIRun] C:\WINDOWS\System32\SPIRun.dll (Creative Technology Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1283532934203 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/03 11:49:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/08/13 15:14:34 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/05 10:40:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Desktop\otldocs
[2010/09/04 20:11:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/09/04 20:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/09/04 20:10:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/09/04 20:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/09/04 20:09:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Sun
[2010/09/04 20:02:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/04 16:47:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010/09/04 16:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Malwarebytes
[2010/09/04 16:38:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/04 16:38:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/04 16:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/04 16:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/09/04 16:37:30 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\ACEDIT\Desktop\mbam-setup.exe
[2010/09/04 14:57:47 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ACEDIT\Desktop\OTL.exe
[2010/09/04 12:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2010/09/04 12:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010/09/04 12:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\World of Warcraft
[2010/09/04 01:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\ApplicationHistory
[2010/09/04 01:00:36 | 002,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010/09/04 01:00:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010/09/04 01:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/09/04 00:39:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\Identities
[2010/09/03 21:18:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative Labs Shared
[2010/09/03 21:18:05 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2010/09/03 21:17:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative
[2010/09/03 21:17:44 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/09/03 21:17:43 | 000,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010/09/03 21:17:22 | 000,809,496 | ---- | C] (Creative Labs Inc.) -- C:\WINDOWS\OALInst.exe
[2010/09/03 21:17:21 | 001,803,136 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\t3filt.sys
[2010/09/03 21:11:28 | 000,208,896 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2010/09/03 21:11:28 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010/09/03 21:11:28 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2010/09/03 21:11:28 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2010/09/03 21:11:28 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2010/09/03 21:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010/09/03 21:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/09/03 21:10:14 | 000,000,000 | ---D | C] -- C:\ATI
[2010/09/03 20:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/09/03 20:54:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/09/03 20:54:43 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/09/03 20:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/09/03 20:54:21 | 000,000,000 | ---D | C] -- C:\289999bd09d5ff3dc4
[2010/09/03 20:52:12 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/09/03 20:52:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/09/03 20:52:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/09/03 20:17:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ACEDIT\PrivacIE
[2010/09/03 20:16:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ACEDIT\IETldCache
[2010/09/03 20:15:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/09/03 20:14:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/09/03 20:14:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/09/03 20:08:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/03 20:01:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2010/09/03 20:01:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/09/03 20:01:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/09/03 20:01:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/09/03 20:01:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/09/03 19:58:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/09/03 19:43:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/03 18:56:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/09/03 17:58:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/09/03 17:58:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/09/03 17:57:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/09/03 17:56:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/09/03 17:54:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ACEDIT\UserData
[2010/09/03 13:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Desktop\Avid_Liquid_7.2_Full_Upgrade
[2010/09/03 13:29:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Macromedia
[2010/09/03 13:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Adobe
[2010/09/03 13:28:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Tific
[2010/09/03 12:58:34 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symtdi.sys
[2010/09/03 12:58:34 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symtdiv.sys
[2010/09/03 12:58:34 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symds.sys
[2010/09/03 12:58:34 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtsp.sys
[2010/09/03 12:58:34 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symefa.sys
[2010/09/03 12:58:34 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtspx.sys
[2010/09/03 12:58:33 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\cchpx86.sys
[2010/09/03 12:58:33 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0402000.00C\ironx86.sys
[2010/09/03 12:58:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0402000.00C
[2010/09/03 12:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\My Documents\Symantec
[2010/09/03 12:47:14 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/09/03 12:47:14 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/09/03 12:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/09/03 12:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/09/03 12:46:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/09/03 12:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/09/03 12:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2010/09/03 12:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/09/03 12:45:06 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/09/03 12:43:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/09/03 12:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/09/03 12:43:33 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/09/03 12:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010/09/03 12:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010/09/03 12:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010/09/03 12:43:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2010/09/03 12:43:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/09/03 12:43:16 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2010/09/03 12:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2010/09/03 12:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2010/09/03 12:43:07 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/09/03 12:42:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/09/03 12:42:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/09/03 12:42:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/09/03 12:42:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/09/03 12:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/09/03 12:41:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2010/09/03 12:41:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2010/09/03 12:41:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/09/03 12:40:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/09/03 12:40:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/09/03 12:34:28 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/09/03 12:34:28 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010/09/03 12:34:28 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/09/03 12:34:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/09/03 12:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010/09/03 12:08:41 | 000,038,656 | R--- | C] (Attansic Technology corporation.) -- C:\WINDOWS\System32\drivers\atl01_xp.sys
[2010/09/03 12:08:41 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/09/03 12:08:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Attansic
[2010/09/03 12:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Attansic
[2010/09/03 12:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/09/03 12:03:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\System32
[2010/09/03 12:03:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\INF
[2010/09/03 12:03:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\System32\DRIVERS
[2010/09/03 12:03:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/09/03 12:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/09/03 12:03:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/09/03 12:03:11 | 000,000,000 | ---D | C] -- C:\Intel
[2010/09/03 11:54:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/09/03 11:53:44 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/09/03 11:53:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Application Data\Identities
[2010/09/03 11:53:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\My Documents\My Pictures
[2010/09/03 11:53:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\My Documents\My Music
[2010/09/03 11:53:39 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/09/03 11:53:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft
[2010/09/03 11:53:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ACEDIT\SendTo
[2010/09/03 11:53:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ACEDIT\Recent
[2010/09/03 11:53:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ACEDIT\Application Data
[2010/09/03 11:53:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\Start Menu
[2010/09/03 11:53:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\My Documents
[2010/09/03 11:53:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\ACEDIT\Favorites
[2010/09/03 11:53:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ACEDIT\Cookies
[2010/09/03 11:53:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\ACEDIT\Templates
[2010/09/03 11:53:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\ACEDIT\PrintHood
[2010/09/03 11:53:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\ACEDIT\NetHood
[2010/09/03 11:53:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\ACEDIT\Local Settings
[2010/09/03 11:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\Microsoft
[2010/09/03 11:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ACEDIT\Desktop
[2010/09/03 11:52:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/09/03 11:52:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/09/03 11:52:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/09/03 11:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/09/03 11:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/09/03 11:50:43 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/09/03 11:50:43 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/09/03 11:50:06 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/09/03 11:49:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010/09/03 11:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2010/09/03 11:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2010/09/03 11:49:28 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/09/03 11:49:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/09/03 11:49:25 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010/09/03 11:49:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/09/03 11:48:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010/09/03 11:48:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/09/03 11:48:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/09/03 11:48:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/09/03 11:48:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/09/03 11:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/09/03 11:48:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/09/03 11:48:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2010/09/03 11:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/09/03 11:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/09/03 11:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010/09/03 11:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/09/03 11:48:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2010/09/03 11:48:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2010/09/03 11:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/09/03 11:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/09/03 11:47:55 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/09/03 11:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/09/03 11:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/09/03 11:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010/09/03 11:47:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/09/03 11:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/09/03 11:47:17 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/09/03 11:47:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/09/03 11:47:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com

========== Files - Modified Within 90 Days ==========

[2010/09/05 10:24:05 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/05 10:24:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/05 02:14:29 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\ACEDIT\NTUSER.DAT
[2010/09/05 02:14:29 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\ACEDIT\ntuser.ini
[2010/09/05 02:14:20 | 004,817,722 | -H-- | M] () -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\IconCache.db
[2010/09/04 23:25:13 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/09/04 16:38:04 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/04 16:37:37 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\ACEDIT\Desktop\mbam-setup.exe
[2010/09/04 14:57:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ACEDIT\Desktop\OTL.exe
[2010/09/04 11:49:04 | 000,013,104 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/04 01:30:42 | 002,454,766 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\Cat.DB
[2010/09/04 01:29:33 | 000,581,790 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/04 01:29:33 | 000,502,128 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/04 01:29:33 | 000,087,652 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/04 00:59:08 | 000,012,608 | ---- | M] () -- C:\WINDOWS\Ascd_log.ini
[2010/09/04 00:58:25 | 000,012,570 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/09/04 00:15:34 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/09/03 21:18:28 | 000,000,882 | RH-- | M] () -- C:\WINDOWS\ctfile.rfc
[2010/09/03 21:17:44 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/09/03 21:17:44 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010/09/03 21:12:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/03 21:11:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2010/09/03 21:02:03 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/03 20:57:15 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/03 20:16:50 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/03 20:09:54 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/03 19:57:56 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/03 19:44:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/03 19:18:56 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010/09/03 17:50:13 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/03 12:59:45 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/09/03 12:47:14 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/09/03 12:47:14 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/09/03 12:47:14 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/09/03 12:47:14 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/09/03 12:45:57 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/03 12:41:41 | 000,000,487 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/03 12:41:41 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/09/03 12:40:48 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/09/03 12:03:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem6.PNF
[2010/09/03 12:03:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem6.inf
[2010/09/03 12:03:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem5.PNF
[2010/09/03 12:03:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem5.inf
[2010/09/03 12:03:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem4.PNF
[2010/09/03 12:03:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem4.inf
[2010/09/03 12:03:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem3.PNF
[2010/09/03 12:03:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem3.inf
[2010/09/03 12:03:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem2.PNF
[2010/09/03 12:03:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem2.inf
[2010/09/03 12:03:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem1.PNF
[2010/09/03 12:03:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem1.inf
[2010/09/03 12:02:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem0.PNF
[2010/09/03 12:02:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\INF\oem0.inf
[2010/09/03 11:53:45 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/03 11:53:43 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2010/09/03 11:52:29 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/03 11:50:52 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/09/03 11:49:48 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/03 11:49:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/09/03 11:49:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/03 11:49:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/09/03 11:49:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/09/03 11:49:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/09/03 11:49:47 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/09/03 11:49:47 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/09/03 11:49:46 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2010/09/03 11:49:43 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/09/03 11:49:25 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/03 11:49:25 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/03 11:48:04 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/03 11:48:03 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/09/03 11:48:03 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/08/04 02:31:16 | 000,208,896 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2010/08/04 02:31:04 | 000,155,648 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2010/08/04 02:30:56 | 000,026,112 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2010/08/04 02:30:50 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2010/08/04 02:27:48 | 000,455,872 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/08/04 02:27:38 | 000,887,724 | ---- | M] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/08/04 02:27:38 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/08/04 02:27:36 | 000,071,096 | ---- | M] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010/07/27 06:54:44 | 000,022,053 | ---- | M] () -- C:\WINDOWS\atiogl.xml
[2010/07/09 11:54:40 | 002,244,066 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\graduation photos 008.jpg
[2010/06/16 14:22:56 | 000,219,348 | ---- | M] () -- C:\WINDOWS\System32\atiicdxx.dat

========== Files Created - No Company Name ==========

[2010/09/04 16:38:04 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/04 12:39:30 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/09/04 12:25:25 | 002,244,066 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\graduation photos 008.jpg
[2010/09/04 01:00:35 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/09/04 00:58:25 | 000,012,570 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/09/03 21:18:26 | 000,007,062 | ---- | C] () -- C:\WINDOWS\System32\audiopid.vxd
[2010/09/03 21:17:47 | 004,174,814 | ---- | C] () -- C:\WINDOWS\System32\ct4mgm.sf2
[2010/09/03 21:17:47 | 000,000,059 | ---- | C] () -- C:\WINDOWS\System32\default4.sfm
[2010/09/03 21:17:22 | 000,145,920 | ---- | C] () -- C:\WINDOWS\System32\OemSpi.dll
[2010/09/03 21:17:22 | 000,118,850 | ---- | C] () -- C:\WINDOWS\System32\CTPcie.dll
[2010/09/03 21:17:22 | 000,008,535 | ---- | C] () -- C:\WINDOWS\sfsyn.ini
[2010/09/03 21:17:22 | 000,001,046 | ---- | C] () -- C:\WINDOWS\SB0820.reg
[2010/09/03 21:17:22 | 000,000,938 | ---- | C] () -- C:\WINDOWS\SB0710.reg
[2010/09/03 21:17:22 | 000,000,534 | ---- | C] () -- C:\WINDOWS\SB1042.reg
[2010/09/03 21:17:22 | 000,000,534 | ---- | C] () -- C:\WINDOWS\SB1040.reg
[2010/09/03 21:17:21 | 000,000,882 | RH-- | C] () -- C:\WINDOWS\ctfile.rfc
[2010/09/03 21:11:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/09/03 21:11:28 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/09/03 21:11:28 | 000,455,872 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/09/03 21:11:28 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010/09/03 21:11:28 | 000,219,348 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/09/03 21:11:28 | 000,071,096 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2010/09/03 21:11:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010/09/03 21:11:28 | 000,022,053 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2010/09/03 21:11:28 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/09/03 19:54:21 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/09/03 19:54:21 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/09/03 19:54:21 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/09/03 19:54:21 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/09/03 19:54:21 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/09/03 19:54:21 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/09/03 19:54:21 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/09/03 19:54:21 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/09/03 19:54:21 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/09/03 19:54:21 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/09/03 19:54:21 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010/09/03 19:54:21 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2010/09/03 19:54:21 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010/09/03 19:54:21 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/09/03 19:54:21 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/09/03 19:54:21 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/09/03 19:54:21 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/09/03 19:54:21 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/09/03 19:54:21 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/09/03 19:54:21 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/09/03 19:54:21 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/09/03 19:54:21 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/09/03 19:54:21 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/09/03 19:54:21 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/09/03 19:54:21 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/09/03 19:54:21 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/09/03 19:54:21 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/09/03 19:54:21 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/09/03 19:54:20 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/09/03 19:54:20 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/09/03 19:54:20 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/09/03 19:54:19 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/09/03 19:54:19 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/09/03 19:54:19 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/09/03 19:54:19 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/09/03 19:54:19 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/09/03 19:54:19 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/09/03 19:54:19 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/09/03 19:54:19 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/09/03 19:54:19 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/09/03 19:54:19 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/09/03 19:54:18 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/09/03 19:54:18 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/09/03 19:54:17 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/09/03 19:54:17 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010/09/03 19:54:16 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/09/03 19:54:16 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/09/03 19:54:16 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/09/03 19:54:16 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010/09/03 19:54:16 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010/09/03 19:54:16 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010/09/03 19:54:16 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010/09/03 19:54:16 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010/09/03 19:54:16 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010/09/03 19:54:16 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010/09/03 19:54:16 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010/09/03 19:54:16 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010/09/03 19:54:16 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010/09/03 19:54:16 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010/09/03 19:54:16 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010/09/03 19:54:16 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010/09/03 19:54:16 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010/09/03 19:54:16 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010/09/03 19:54:16 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/09/03 19:54:13 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2010/09/03 19:54:13 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010/09/03 19:54:13 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/09/03 19:54:13 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2010/09/03 19:54:13 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/09/03 19:54:13 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/09/03 19:54:13 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010/09/03 19:54:12 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/09/03 19:54:10 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2010/09/03 19:54:08 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2010/09/03 19:54:08 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/09/03 19:54:07 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/09/03 19:54:07 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010/09/03 19:54:07 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/09/03 19:54:07 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/09/03 19:54:07 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/09/03 19:54:07 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/09/03 19:54:07 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/09/03 19:54:07 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/09/03 19:54:07 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/09/03 19:54:07 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/09/03 19:54:07 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/09/03 19:18:57 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010/09/03 17:50:13 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\ACEDIT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/03 12:59:27 | 002,454,766 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\Cat.DB
[2010/09/03 12:58:34 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symefa.cat
[2010/09/03 12:58:34 | 000,007,787 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnetv.cat
[2010/09/03 12:58:34 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtspx.cat
[2010/09/03 12:58:34 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtsp.cat
[2010/09/03 12:58:34 | 000,007,425 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symds.cat
[2010/09/03 12:58:34 | 000,007,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnet.cat
[2010/09/03 12:58:34 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symefa.inf
[2010/09/03 12:58:34 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symds.inf
[2010/09/03 12:58:34 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnetv.inf
[2010/09/03 12:58:34 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\symnet.inf
[2010/09/03 12:58:34 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtspx.inf
[2010/09/03 12:58:34 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\srtsp.inf
[2010/09/03 12:58:33 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\iron.cat
[2010/09/03 12:58:33 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\cchpx86.cat
[2010/09/03 12:58:33 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\cchpx86.inf
[2010/09/03 12:58:33 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\iron.inf
[2010/09/03 12:58:18 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0402000.00C\isolate.ini
[2010/09/03 12:47:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/03 12:47:14 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/09/03 12:47:14 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/09/03 12:47:10 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2010/09/03 12:43:38 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/09/03 12:43:34 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010/09/03 12:43:34 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010/09/03 12:43:34 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010/09/03 12:43:33 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010/09/03 12:43:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/09/03 12:43:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/09/03 12:43:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/09/03 12:43:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/09/03 12:43:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/09/03 12:43:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/09/03 12:43:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/09/03 12:43:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/09/03 12:43:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/09/03 12:43:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/09/03 12:43:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/09/03 12:43:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/09/03 12:43:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/09/03 12:43:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/09/03 12:43:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/09/03 12:43:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/09/03 12:43:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/09/03 12:43:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/09/03 12:43:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/09/03 12:43:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/09/03 12:43:21 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/09/03 12:42:47 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2010/09/03 12:42:47 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/09/03 12:42:47 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2010/09/03 12:42:47 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2010/09/03 12:42:47 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2010/09/03 12:42:47 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/09/03 12:42:47 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/09/03 12:42:47 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/09/03 12:42:46 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/09/03 12:42:46 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2010/09/03 12:42:46 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/09/03 12:42:46 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2010/09/03 12:42:46 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2010/09/03 12:42:18 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/03 12:41:38 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/03 12:41:26 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/09/03 12:41:26 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/09/03 12:41:26 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/09/03 12:41:25 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2010/09/03 12:38:35 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/09/03 12:38:35 | 000,000,211 | RHS- | C] () -- C:\boot.ini
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem6.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem6.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem5.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem5.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem4.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem4.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem3.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem3.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem2.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem2.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem1.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem1.inf
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem0.PNF
[2010/09/03 12:03:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\INF\oem0.inf
[2010/09/03 12:02:48 | 000,012,608 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010/09/03 12:02:43 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010/09/03 12:02:36 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/09/03 11:53:45 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/03 11:53:42 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/09/03 11:53:39 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\ACEDIT\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/03 11:53:33 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\ACEDIT\NTUSER.DAT
[2010/09/03 11:53:33 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\ACEDIT\ntuser.dat.LOG
[2010/09/03 11:53:33 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\ACEDIT\ntuser.ini
[2010/09/03 11:52:29 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/03 11:50:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/09/03 11:50:40 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/09/03 11:50:35 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/09/03 11:50:32 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/09/03 11:50:31 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/09/03 11:50:30 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/09/03 11:50:18 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/09/03 11:50:13 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/09/03 11:50:08 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/09/03 11:49:48 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/03 11:49:48 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/09/03 11:49:48 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/09/03 11:49:48 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/09/03 11:49:48 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/09/03 11:49:47 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2010/09/03 11:49:47 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/09/03 11:49:47 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/09/03 11:49:46 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2010/09/03 11:49:25 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/09/03 11:49:25 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/09/03 11:49:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/09/03 11:49:17 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010/09/03 11:48:43 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/09/03 11:48:43 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/09/03 11:48:37 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010/09/03 11:48:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/09/03 11:47:36 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2010/09/03 11:47:36 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2010/09/03 11:47:36 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2010/09/03 11:47:36 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2010/09/03 11:47:36 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2010/09/03 11:47:36 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/09/03 11:47:36 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2010/09/03 11:47:36 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2010/09/03 11:47:36 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2010/09/03 11:47:36 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/09/03 11:47:36 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2010/09/03 11:47:35 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/09/03 11:47:35 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/09/03 11:47:35 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/09/03 11:47:35 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/09/03 11:47:35 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/09/03 11:47:35 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/09/03 11:47:35 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/09/03 11:47:35 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/09/03 11:47:33 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/09/03 11:47:33 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/09/03 11:47:31 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/09/03 11:47:24 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/04/14 15:34:28 | 000,033,080 | ---- | C] () -- C:\WINDOWS\System32\t3.ini

========== LOP Check ==========

[2010/09/03 13:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ACEDIT\Application Data\Tific

========== Purity Check ==========


< End of report >


#14 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:07:10 PM

Posted 05 September 2010 - 05:16 AM

Hi,

Log is clean. Do you still have any questions/concerns?


============================

CleanUp! with OTL
  • Double click OTL.exe to launch the program.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • When finished exit out of OTL
  • The tool will delete itself once it finishes, if not delete it by yourself.


============================


Your Log is Clean, please take the time to read below to secure your machine and take the necessary steps to keep it Clean smile.gif

How to prevent malware

How to increase PC speed


Visit Microsoft's Windows Update Site Frequently
It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Make sure your applications have all of their updates
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.

Install SpywareBlaster
SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
A tutorial on installing & using this product can be found here:
Using SpywareBlaster to protect your computer from Spyware and Malware


Make Internet Explorer more secure
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    1. Change the Download signed ActiveX controls to Prompt
    2. Change the Download unsigned ActiveX controls to Disable
    3. Change the Initialize and script ActiveX controls not marked as safe to Disable
    4. Change the Installation of desktop items to Prompt
    5. Change the Launching programs and files in an IFRAME to Prompt
    6. Change the Navigate sub-frames across different domains to Prompt
    7. When all these settings have been made, click on the OK button.
    8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
  5. Next press the Apply button and then the OK to exit the Internet Properties page.


Practice Safe Internet
One of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will. Below are a list of simple precautions to take to keep your computer clean and running securely:
  1. If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
  2. If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.
  3. If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know infected with a malware that is trying to infect everyone in their address book.
  4. If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software. For an example of these types of popups, or Foistware, you should read this article: Foistware, And how to avoid it.
    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. For a list of these types of programs we recommend you visit this link: Rogue/Suspect Anti-Spyware Products & Web Sites
  5. Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you. We suggest that you close these windows by clicking on the X instead of the OK button. Alternatively, you can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake.
  6. Do not go to adult sites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do.
  7. When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link, message back to the person asking if it is legit before you click on it.
  8. Stay away from Warez and Crack sites! In addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.
  9. Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download a piece of software a from a site, and are not sure if they are legitimate, you can use McAfee Siteadvisor to look up info on the site.
  10. DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.




Thanks,
Semp

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#15 Mackeh

Mackeh
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 05 September 2010 - 05:55 AM

Hi Sempai

You guys have restored my confidence in the Internet, you are using your talent and knowledge to help people who are in dire need, keep up this amazing work you are doing, I will certainly be dropping a donation off for you guys in the coming weeks.

I will now proceed with installing all my video editing software and get my business back up and running, thank you so much.

Mack




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users