Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

spyware and malware

Started by subhajit , Mar 07 2013 01:56 AM

  • Please log in to reply

#1
subhajit
Posted 07 March 2013 - 01:56 AM

subhajit

    New Member

  • Member
  • Pip
  • 2 posts
OTL logfile created on: 3/7/2013 1:30:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1011.77 Mb Total Physical Memory | 345.63 Mb Available Physical Memory | 34.16% Memory free
3.33 Gb Paging File | 2.27 Gb Available in Paging File | 68.12% Paging File free
Paging file location(s): F:\pagefile.sys 2500 5000 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 350.00 Mb Total Space | 137.59 Mb Free Space | 39.31% Space Free | Partition Type: NTFS
Drive D: | 488.28 Gb Total Space | 435.42 Gb Free Space | 89.17% Space Free | Partition Type: NTFS
Drive E: | 443.23 Gb Total Space | 354.38 Gb Free Space | 79.95% Space Free | Partition Type: NTFS
Drive F: | 28.95 Gb Total Space | 17.10 Gb Free Space | 59.05% Space Free | Partition Type: NTFS
Drive L: | 58.59 Gb Total Space | 56.01 Gb Free Space | 95.60% Space Free | Partition Type: NTFS
Drive S: | 61.16 Gb Total Space | 59.87 Gb Free Space | 97.88% Space Free | Partition Type: NTFS

Computer Name: SUBHAJIT-7B5B45 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/07 13:29:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2013/03/02 11:48:30 | 000,920,472 | ---- | M] (Mozilla Corporation) -- F:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/12/05 07:10:03 | 000,143,928 | R--- | M] (Symantec Corporation) -- F:\Program Files\Norton Internet Security\Engine\20.2.1.22\ccsvchst.exe
PRC - [2012/10/25 18:46:14 | 000,056,120 | ---- | M] (SurveilStar Inc. ) -- F:\WINDOWS\system32\winrdlv3.exe
PRC - [2006/04/06 10:00:00 | 000,122,880 | ---- | M] (WinZip Computing LP) -- F:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- F:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/02 11:48:30 | 003,133,336 | ---- | M] () -- F:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/03/01 13:08:36 | 014,718,320 | ---- | M] () -- F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_175.dll
MOD - [2012/11/30 03:29:32 | 000,093,696 | ---- | M] () -- F:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2012/05/30 20:21:08 | 000,699,280 | R--- | M] () -- F:\Program Files\Norton Internet Security\Engine\20.2.1.22\wincfi39.dll
MOD - [2009/02/03 07:45:28 | 003,771,296 | ---- | M] () -- F:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008/07/23 19:19:32 | 000,132,608 | ---- | M] () -- F:\Program Files\WinRAR\RarExt.dll
MOD - [2004/08/04 00:56:44 | 000,014,336 | ---- | M] () -- F:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- F:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2013/03/02 11:48:30 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/01 13:08:46 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/05 07:10:03 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- F:\Program Files\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe -- (NIS)
SRV - [2012/10/17 15:12:02 | 000,665,064 | ---- | M] (SurveilStar Inc. ) [Auto | Stopped] -- F:\Program Files\Common Files\System\winrdgv3.exe -- (.Winhlpsvr)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- F:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Running] -- F:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/02/13 12:01:38 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- F:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130306.035\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/02/13 12:01:37 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- F:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130306.035\NAVENG.SYS -- (NAVENG)
DRV - [2013/02/13 11:51:09 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/02/12 16:26:42 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- F:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130306.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2013/02/08 00:53:20 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- F:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/10/25 18:48:14 | 000,334,704 | ---- | M] (SurveilStar Inc. ) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\tvdisk.sys -- (TVDisk)
DRV - [2012/10/25 18:48:00 | 000,035,304 | ---- | M] (SurveilStar Inc. ) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\tfsfltdrv.sys -- (TFsfltdrv)
DRV - [2012/10/25 18:47:58 | 000,078,056 | ---- | M] (SurveilStar Inc. ) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\tsysdrv.sys -- (TSysDrv)
DRV - [2012/10/25 18:47:32 | 000,078,992 | ---- | M] (SurveilStar Inc. ) [Kernel | Boot | Running] -- F:\WINDOWS\system32\drivers\tpacket.sys -- (TPacket)
DRV - [2012/10/25 18:47:10 | 000,042,736 | ---- | M] (SurveilStar Inc. ) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\ipnpf.sys -- (IPNPF)
DRV - [2012/10/09 06:30:02 | 000,586,400 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- F:\WINDOWS\system32\drivers\NIS\1402010.016\srtsp.sys -- (SRTSP)
DRV - [2012/10/04 07:10:35 | 000,927,904 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- F:\WINDOWS\system32\drivers\NIS\1402010.016\symefa.sys -- (SymEFA)
DRV - [2012/10/04 07:10:20 | 000,368,288 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- F:\WINDOWS\system32\drivers\NIS\1402010.016\symds.sys -- (SymDS)
DRV - [2012/09/07 07:35:14 | 000,394,656 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\NIS\1402010.016\symtdi.sys -- (SYMTDI)
DRV - [2012/09/07 07:18:08 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\NIS\1402010.016\ironx86.sys -- (SymIRON)
DRV - [2012/08/21 01:19:49 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\NIS\1402010.016\ccsetx86.sys -- (ccSet_NIS)
DRV - [2012/08/18 14:30:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- F:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/18 14:30:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- F:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/25 11:06:55 | 000,032,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\NIS\1402010.016\srtspx.sys -- (SRTSPX)
DRV - [2008/01/16 06:42:40 | 000,098,944 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/01/16 06:40:51 | 004,609,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.in/"
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: F:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\ [2013/02/13 11:51:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: F:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\ [2013/03/07 11:59:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2013/03/06 16:48:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins

[2013/02/13 12:03:23 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2013/02/13 12:03:23 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\bdvi4e2f.default\extensions
[2013/02/13 12:03:23 | 000,615,655 | ---- | M] () (No name found) -- F:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\bdvi4e2f.default\extensions\[email protected]
[2013/03/02 11:48:21 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions
[2013/03/02 11:48:30 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\distribution\extensions
[2013/03/07 12:36:13 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\updated\extensions
[2013/03/07 12:36:13 | 000,000,000 | ---D | M] (Default) -- F:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/03/07 12:36:19 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\updated\distribution\extensions
[2013/03/02 11:48:30 | 000,263,064 | ---- | M] (Mozilla Foundation) -- F:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/02/25 16:12:04 | 000,002,465 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/25 16:12:04 | 000,002,086 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://start.roboform.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://start.roboform.com
CHR - plugin: Shockwave Flash (Enabled) = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.1\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.1\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.1\pdf.dll
CHR - plugin: Norton Identity Safe (Enabled) = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.1.0.32_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = F:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = F:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = F:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - Extension: Google Docs = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Norton Identity Protection = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.1.36_0\
CHR - Extension: Gmail = F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/03/01 16:51:16 | 000,000,763 | ---- | M]) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - F:\Program Files\Norton Internet Security\Engine\20.2.1.22\ips\ipsbho.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] F:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing LP)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eintelli.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15ABFF1E-29B0-4BF0-BFB5-F7419D651611}: NameServer = 192.168.0.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (F:\WINDOWS\system32\userinit.exe) - F:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: F:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: F:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {A16CA976-4B8D-47FC-A9F4-651C17B636EF} - F:\WINDOWS\system32\msowcnv3.dll (SurveilStar Inc. )
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/02/12 06:23:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/07 12:19:58 | 000,000,000 | ---D | C] -- F:\Program Files\Adobe
[2013/03/06 18:36:55 | 000,000,000 | ---D | C] -- F:\WINDOWS\SxsCaPendDel
[2013/03/06 18:29:56 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\Apple Computer
[2013/03/06 16:46:58 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Local Settings\Application Data\Apple
[2013/03/06 16:46:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
[2013/03/06 12:08:08 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\FileZilla
[2013/03/06 12:07:55 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Desktop\FileZilla-3.5.3
[2013/03/05 17:28:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Local Settings\Application Data\ZeoBIT_LLC
[2013/03/05 16:59:57 | 000,000,000 | ---D | C] -- F:\Program Files\ZeoBIT
[2013/03/05 16:55:49 | 000,000,000 | ---D | C] -- F:\WINDOWS\assembly
[2013/03/05 16:55:12 | 000,000,000 | ---D | C] -- F:\WINDOWS\Microsoft.NET
[2013/03/05 16:46:17 | 000,000,000 | ---D | C] -- F:\WINDOWS\l2schemas
[2013/03/05 16:44:19 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\ZeoBIT
[2013/03/04 14:04:44 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\My Documents\Edraw Max
[2013/03/04 14:04:32 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Edraw Max 6.8
[2013/03/02 15:54:00 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Realtek
[2013/03/02 15:53:43 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\InstallShield
[2013/03/02 13:51:06 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2013/03/02 13:17:19 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\LogFiles
[2013/03/02 11:48:21 | 000,000,000 | ---D | C] -- F:\Program Files\Mozilla Firefox
[2013/03/01 15:11:09 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\Hackety Hack
[2013/03/01 15:11:09 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\.shoes
[2013/03/01 15:11:00 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Start Menu\Programs\Hackety Hack
[2013/03/01 15:10:52 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\Hackety Hack
[2013/03/01 14:44:43 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\Adobe AIR
[2013/03/01 14:44:15 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Adobe
[2013/03/01 11:49:39 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\vlc
[2013/02/25 13:44:49 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\SoftwareDistribution
[2013/02/25 13:43:53 | 000,058,720 | ---- | C] (CACE Technologies) -- F:\WINDOWS\System32\IPWPacket.dll
[2013/02/25 13:43:52 | 000,285,408 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\ippcap.dll
[2013/02/25 13:43:52 | 000,096,992 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\ippacket.dll
[2013/02/25 13:43:51 | 000,000,000 | -HSD | C] -- F:\WINDOWS\System32\Ocular
[2013/02/25 13:43:49 | 001,640,320 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\ifocmsdll.dll
[2013/02/25 13:43:49 | 000,625,488 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winoacnac.dll
[2013/02/25 13:43:49 | 000,342,840 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winoacfdt.dll
[2013/02/25 13:43:42 | 001,210,880 | ---- | C] (CPUID) -- F:\WINDOWS\System32\cpuidsdk.dll
[2013/02/25 13:43:42 | 001,210,880 | ---- | C] (CPUID) -- F:\WINDOWS\bakcpuid.sys
[2013/02/25 13:43:42 | 001,106,688 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakola64.sys
[2013/02/25 13:43:42 | 000,961,408 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakmenusl64.sys
[2013/02/25 13:43:42 | 000,801,616 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baknacAgent.sys
[2013/02/25 13:43:42 | 000,801,152 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakssb2p64.sys
[2013/02/25 13:43:42 | 000,718,720 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakwdgv364.sys
[2013/02/25 13:43:42 | 000,625,920 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakusrmd64.sys
[2013/02/25 13:43:42 | 000,625,488 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakoacnac.sys
[2013/02/25 13:43:42 | 000,546,232 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winoatmm.dll
[2013/02/25 13:43:42 | 000,546,232 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakoatmm.sys
[2013/02/25 13:43:42 | 000,465,768 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\wlfunc.dll
[2013/02/25 13:43:42 | 000,465,768 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakwlfc.sys
[2013/02/25 13:43:42 | 000,395,136 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakthv364.sys
[2013/02/25 13:43:42 | 000,358,640 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktvd64.sys
[2013/02/25 13:43:42 | 000,320,384 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakencyx64.sys
[2013/02/25 13:43:42 | 000,306,000 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winbrohca.dll
[2013/02/25 13:43:42 | 000,306,000 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakbrohca.sys
[2013/02/25 13:43:42 | 000,268,672 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakifocms64.sys
[2013/02/25 13:43:42 | 000,185,088 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakorch364.sys
[2013/02/25 13:43:42 | 000,084,192 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakrdlv364.sys
[2013/02/25 13:43:42 | 000,068,336 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktfsdrv64.sys
[2013/02/25 13:43:42 | 000,063,760 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktpktv64.sys
[2013/02/25 13:43:42 | 000,041,712 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\toa32pd564.sys
[2013/02/25 13:43:41 | 002,351,488 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakhadnt64.sys
[2013/02/25 13:43:41 | 000,953,216 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakhafnt64.sys
[2013/02/25 13:43:41 | 000,874,752 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakdtframe64.sys
[2013/02/25 13:43:41 | 000,668,544 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakoauv364.sys
[2013/02/25 13:43:41 | 000,482,120 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winusrmd.dll
[2013/02/25 13:43:41 | 000,482,120 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakusrmd.sys
[2013/02/25 13:43:41 | 000,371,496 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktstszc.sys
[2013/02/25 13:43:41 | 000,342,840 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakoacfdt.sys
[2013/02/25 13:43:41 | 000,056,120 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winrdlv3.exe
[2013/02/25 13:43:41 | 000,056,120 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakrdlv3.sys
[2013/02/25 13:43:41 | 000,027,872 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\funcextv.dll
[2013/02/25 13:43:41 | 000,027,872 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakfextv.sys
[2013/02/25 13:43:40 | 002,208,992 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakdevctrl64.sys
[2013/02/25 13:43:40 | 001,181,408 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\tvdmount.dll
[2013/02/25 13:43:40 | 001,181,408 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakmount.sys
[2013/02/25 13:43:40 | 000,439,784 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\tsysdrv.dll
[2013/02/25 13:43:40 | 000,439,784 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktsdrvd.sys
[2013/02/25 13:43:40 | 000,412,472 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\tsafenetx.dll
[2013/02/25 13:43:40 | 000,412,472 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktsnetx.sys
[2013/02/25 13:43:40 | 000,411,112 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\tsafenet.dll
[2013/02/25 13:43:40 | 000,411,112 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktsnet.sys
[2013/02/25 13:43:40 | 000,387,936 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\orcs3dll.dll
[2013/02/25 13:43:40 | 000,387,936 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakorcs3.sys
[2013/02/25 13:43:40 | 000,382,440 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winencyx.dll
[2013/02/25 13:43:40 | 000,382,440 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakencyx.sys
[2013/02/25 13:43:40 | 000,371,496 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\tsafetszc.dll
[2013/02/25 13:43:40 | 000,345,576 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\trmenushl.dll
[2013/02/25 13:43:40 | 000,345,576 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakmenusl.sys
[2013/02/25 13:43:40 | 000,334,704 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\drivers\tvdisk.sys
[2013/02/25 13:43:40 | 000,334,704 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktvd.sys
[2013/02/25 13:43:40 | 000,121,696 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\orcshk3.dll
[2013/02/25 13:43:40 | 000,121,696 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakorch3.sys
[2013/02/25 13:43:40 | 000,078,056 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\drivers\tsysdrv.sys
[2013/02/25 13:43:40 | 000,078,056 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktsdrv.sys
[2013/02/25 13:43:40 | 000,056,080 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\drivers\tpacketv.sys
[2013/02/25 13:43:40 | 000,056,080 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktpktv.sys
[2013/02/25 13:43:40 | 000,035,304 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\drivers\tfsfltdrv.sys
[2013/02/25 13:43:40 | 000,035,304 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktfsdrv.sys
[2013/02/25 13:43:39 | 001,477,440 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winncap3.dll
[2013/02/25 13:43:39 | 001,477,440 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakncap3.sys
[2013/02/25 13:43:39 | 001,444,664 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winncap3x.dll
[2013/02/25 13:43:39 | 001,444,664 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakncap3x.sys
[2013/02/25 13:43:39 | 001,417,864 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\outlka23.dll
[2013/02/25 13:43:39 | 001,417,864 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakola23.sys
[2013/02/25 13:43:39 | 001,399,736 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\outlka2k.dll
[2013/02/25 13:43:39 | 001,399,736 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakola2k.sys
[2013/02/25 13:43:39 | 001,088,352 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\notesoa.dll
[2013/02/25 13:43:39 | 001,088,352 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baknotes.sys
[2013/02/25 13:43:39 | 000,285,408 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\toa32pcp.sys
[2013/02/25 13:43:39 | 000,273,216 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakimhca.sys
[2013/02/25 13:43:39 | 000,195,376 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\snapdos.dll
[2013/02/25 13:43:39 | 000,195,376 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakssdos.sys
[2013/02/25 13:43:39 | 000,185,832 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\snapb2p.dll
[2013/02/25 13:43:39 | 000,185,832 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakssb2p.sys
[2013/02/25 13:43:39 | 000,172,032 | ---- | C] (Politecnico di Torino) -- F:\WINDOWS\toa32pcpx.sys
[2013/02/25 13:43:39 | 000,121,568 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\ipddraw.dll
[2013/02/25 13:43:39 | 000,121,568 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakddraw.sys
[2013/02/25 13:43:39 | 000,096,992 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\toa32pnt.sys
[2013/02/25 13:43:39 | 000,078,992 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\drivers\tpacket.sys
[2013/02/25 13:43:39 | 000,078,992 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktpktn.sys
[2013/02/25 13:43:39 | 000,064,224 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\tpacketd.dll
[2013/02/25 13:43:39 | 000,064,224 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\baktpktd.sys
[2013/02/25 13:43:39 | 000,061,440 | ---- | C] (Politecnico di Torino) -- F:\WINDOWS\toa32p9x.sys
[2013/02/25 13:43:39 | 000,058,720 | ---- | C] (CACE Technologies) -- F:\WINDOWS\toa32wp5.sys
[2013/02/25 13:43:39 | 000,042,736 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\toa32pd5.sys
[2013/02/25 13:43:39 | 000,042,736 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\drivers\ipnpf.sys
[2013/02/25 13:43:39 | 000,040,044 | ---- | C] (Politecnico di Torino) -- F:\WINDOWS\toa32pd4.sys
[2013/02/25 13:43:38 | 001,640,320 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakifocms.sys
[2013/02/25 13:43:38 | 001,317,696 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winimhcd.dll
[2013/02/25 13:43:38 | 001,317,696 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakimhcd.sys
[2013/02/25 13:43:38 | 000,940,864 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winimhc3.dll
[2013/02/25 13:43:38 | 000,940,864 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakimhc3.sys
[2013/02/25 13:43:38 | 000,875,328 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winimhs3.dll
[2013/02/25 13:43:38 | 000,875,328 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakimhs3.sys
[2013/02/25 13:43:38 | 000,273,216 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winimhca.dll
[2013/02/25 13:43:37 | 002,123,136 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakhadntv.sys
[2013/02/25 13:43:37 | 001,914,344 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winhadnt.dll
[2013/02/25 13:43:37 | 001,914,344 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakhadnt.sys
[2013/02/25 13:43:37 | 001,731,384 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakoaud3.sys
[2013/02/25 13:43:37 | 000,751,080 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winhafnt.dll
[2013/02/25 13:43:37 | 000,751,080 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakhafnt.sys
[2013/02/25 13:43:37 | 000,304,480 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winhad9u.dll
[2013/02/25 13:43:37 | 000,304,480 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakhad9u.sys
[2013/02/25 13:43:37 | 000,111,968 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winhad9k.dll
[2013/02/25 13:43:37 | 000,111,968 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakhad9k.sys
[2013/02/25 13:43:37 | 000,103,776 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winhaf9u.dll
[2013/02/25 13:43:37 | 000,103,776 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakhaf9u.sys
[2013/02/25 13:43:37 | 000,066,912 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winhaf9k.dll
[2013/02/25 13:43:37 | 000,066,912 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakhaf9k.sys
[2013/02/25 13:43:36 | 005,465,576 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winoav3.dll
[2013/02/25 13:43:36 | 005,465,576 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakoav3.sys
[2013/02/25 13:43:36 | 003,180,008 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winoauv3.dll
[2013/02/25 13:43:36 | 003,180,008 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakoauv3.sys
[2013/02/25 13:43:36 | 001,731,384 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\oagentud.dll
[2013/02/25 13:43:36 | 000,792,040 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winwdgv3.dll
[2013/02/25 13:43:36 | 000,792,040 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakwdgv3.sys
[2013/02/25 13:43:36 | 000,665,064 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakrdgv3.sys
[2013/02/25 13:43:36 | 000,452,072 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\winoauve3.dll
[2013/02/25 13:43:36 | 000,452,072 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakoauve3.sys
[2013/02/25 13:43:36 | 000,431,592 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\msowcnv3.dll
[2013/02/25 13:43:36 | 000,431,592 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakowv3.sys
[2013/02/25 13:43:36 | 000,288,232 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\System32\thooksv3.dll
[2013/02/25 13:43:36 | 000,288,232 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakthv3.sys
[2013/02/25 13:43:36 | 000,210,408 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakwdgsvr.sys
[2013/02/25 13:43:35 | 000,935,400 | ---- | C] (SurveilStar Inc. ) -- F:\WINDOWS\bakstec3.sys
[2013/02/25 13:42:31 | 000,000,000 | ---D | C] -- F:\Program Files\Microsoft SQL Server
[2013/02/25 13:42:13 | 000,000,000 | ---D | C] -- F:\Program Files\FastReports
[2013/02/25 13:42:06 | 000,000,000 | ---D | C] -- F:\Program Files\SurveilStar
[2013/02/16 17:00:03 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\WinRAR
[2013/02/16 16:50:00 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\phpDesigner
[2013/02/16 16:43:54 | 000,000,000 | ---D | C] -- F:\xampp-portable
[2013/02/16 11:55:41 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\appmgmt
[2013/02/14 13:42:58 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\Macromedia
[2013/02/14 10:47:31 | 000,927,904 | ---- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symefa.sys
[2013/02/14 10:47:31 | 000,586,400 | ---- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\srtsp.sys
[2013/02/14 10:47:31 | 000,394,656 | ---- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symtdi.sys
[2013/02/14 10:47:31 | 000,368,288 | ---- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symds.sys
[2013/02/14 10:47:31 | 000,350,368 | ---- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symtdiv.sys
[2013/02/14 10:47:31 | 000,338,592 | ---- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symnets.sys
[2013/02/14 10:47:31 | 000,032,888 | R--- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\srtspx.sys
[2013/02/14 10:47:31 | 000,021,400 | R--- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symelam.sys
[2013/02/14 10:47:30 | 000,175,264 | ---- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\ironx86.sys
[2013/02/14 10:47:30 | 000,134,304 | ---- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\NIS\1402010.016\ccsetx86.sys
[2013/02/14 10:47:17 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\drivers\NIS\1402010.016
[2013/02/13 13:51:16 | 000,000,000 | -HSD | C] -- F:\RECYCLER
[2013/02/13 12:22:03 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\Hewlett-Packard
[2013/02/13 12:20:02 | 000,000,000 | ---D | C] -- F:\TEMP
[2013/02/13 12:19:25 | 000,000,000 | ---D | C] -- F:\Program Files\HP
[2013/02/13 12:18:58 | 000,000,000 | -H-D | C] -- F:\Config.Msi
[2013/02/13 12:18:04 | 000,098,304 | ---- | C] (Hewlett Packard Company) -- F:\WINDOWS\System32\hpzjsn01.dll
[2013/02/13 12:13:36 | 000,000,000 | ---D | C] -- F:\Program Files\CPUID
[2013/02/13 12:13:36 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\CPUID
[2013/02/13 12:11:24 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2013/02/13 12:11:05 | 000,000,000 | ---D | C] -- F:\Program Files\VideoLAN
[2013/02/13 12:09:20 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\RoboForm
[2013/02/13 12:09:16 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\My Documents\My RoboForm Data
[2013/02/13 12:08:13 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2013/02/13 12:08:12 | 000,000,000 | ---D | C] -- F:\Program Files\FileZilla FTP Client
[2013/02/13 12:07:31 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2013/02/13 12:07:31 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
[2013/02/13 12:07:28 | 000,000,000 | ---D | C] -- F:\Program Files\WinRAR
[2013/02/13 12:07:16 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\WinZip
[2013/02/13 12:07:04 | 000,000,000 | ---D | C] -- F:\Program Files\WinZip
[2013/02/13 12:03:47 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\My Documents\Downloads
[2013/02/13 12:03:17 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
[2013/02/13 12:03:17 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\Mozilla
[2013/02/13 12:03:13 | 000,000,000 | ---D | C] -- F:\Program Files\Mozilla Maintenance Service
[2013/02/13 12:03:13 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Mozilla
[2013/02/13 12:01:22 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Start Menu\Programs\Google Chrome
[2013/02/13 12:01:10 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2013/02/13 12:00:18 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2013/02/13 11:59:37 | 000,000,000 | ---D | C] -- F:\Program Files\Microsoft Works
[2013/02/13 11:59:33 | 000,000,000 | ---D | C] -- F:\Program Files\MSBuild
[2013/02/13 11:59:22 | 000,000,000 | ---D | C] -- F:\Program Files\Microsoft Visual Studio
[2013/02/13 11:59:22 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\DESIGNER
[2013/02/13 11:57:23 | 000,000,000 | ---D | C] -- F:\WINDOWS\SHELLNEW
[2013/02/13 11:57:11 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
[2013/02/13 11:57:06 | 000,000,000 | ---D | C] -- F:\Program Files\Microsoft Office
[2013/02/13 11:57:06 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Microsoft Help
[2013/02/13 11:56:55 | 000,000,000 | RH-D | C] -- F:\MSOCache
[2013/02/13 11:51:09 | 000,142,496 | ---- | C] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013/02/13 11:51:09 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\Symantec Shared
[2013/02/13 11:51:09 | 000,000,000 | ---D | C] -- F:\Program Files\Symantec
[2013/02/13 11:50:36 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\drivers\NIS
[2013/02/13 11:50:33 | 000,000,000 | ---D | C] -- F:\Program Files\Norton Internet Security
[2013/02/13 11:50:33 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Norton Internet Security
[2013/02/13 11:50:29 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Norton
[2013/02/13 11:50:14 | 000,000,000 | ---D | C] -- F:\Program Files\NortonInstaller
[2013/02/13 11:50:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\NortonInstaller
[2013/02/13 11:37:42 | 000,000,000 | -HSD | C] -- F:\WINDOWS\CSC
[2013/02/13 10:49:29 | 000,185,776 | R--- | C] (SRS Labs, Inc.) -- F:\WINDOWS\System32\SRSTSHD.dll
[2013/02/13 10:49:29 | 000,167,936 | R--- | C] (SRS Labs, Inc.) -- F:\WINDOWS\System32\SRSHP360.dll
[2013/02/13 10:49:29 | 000,135,168 | R--- | C] (SRS Labs, Inc.) -- F:\WINDOWS\System32\SRSWOW.dll
[2013/02/13 10:49:29 | 000,126,976 | R--- | C] (Waves Audio Ltd.) -- F:\WINDOWS\System32\maxxaudioapo.dll
[2013/02/13 10:49:28 | 000,339,968 | R--- | C] (SRS Labs, Inc.) -- F:\WINDOWS\System32\SRSTSXT.dll
[2013/02/13 10:49:24 | 004,702,208 | R--- | C] (Realtek Semiconductor) -- F:\WINDOWS\RtHDVCpl.exe
[2013/02/13 10:48:08 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\RTCOM
[2013/02/13 10:47:16 | 002,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- F:\WINDOWS\alcwzrd.exe
[2013/02/13 10:47:07 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\InstallShield
[2013/02/12 21:25:51 | 000,000,000 | ---D | C] -- F:\Program Files\Realtek
[2013/02/12 21:25:51 | 000,000,000 | ---D | C] -- F:\WINDOWS\OPTIONS
[2013/02/12 21:25:49 | 000,000,000 | -H-D | C] -- F:\Program Files\InstallShield Installation Information
[2013/02/12 21:25:11 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\Lang
[2013/02/12 21:21:30 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\Adobe
[2013/02/12 21:21:30 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\Adobe
[2013/02/12 21:16:19 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\ReinstallBackups
[2013/02/12 21:16:17 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- F:\WINDOWS\System32\CSVer.dll
[2013/02/12 21:16:17 | 000,000,000 | ---D | C] -- F:\Program Files\Intel
[2013/02/12 21:16:17 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\DRVSTORE
[2013/02/12 21:16:13 | 000,000,000 | ---D | C] -- F:\Intel
[2013/02/12 21:15:20 | 000,000,000 | ---D | C] -- F:\TempEI4
[2013/02/12 11:44:39 | 000,000,000 | -HSD | C] -- F:\WINDOWS\Installer
[2013/02/12 11:44:39 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\ODBC
[2013/02/12 11:44:36 | 000,000,000 | R--D | C] -- F:\Program Files
[2013/02/12 11:44:36 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\SpeechEngines
[2013/02/12 11:44:36 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\Microsoft Shared
[2013/02/12 11:44:36 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files
[2013/02/12 11:44:14 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2013/02/12 11:44:14 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Start Menu
[2013/02/12 11:44:14 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Documents
[2013/02/12 11:44:14 | 000,000,000 | -H-D | C] -- F:\Documents and Settings\All Users\Templates
[2013/02/12 11:44:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Favorites
[2013/02/12 11:44:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Desktop
[2013/02/12 11:44:04 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\CatRoot2
[2013/02/12 11:44:04 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\CatRoot
[2013/02/12 11:43:59 | 000,000,000 | --SD | C] -- F:\Documents and Settings\All Users\Application Data\Microsoft
[2013/02/12 11:43:59 | 000,000,000 | RH-D | C] -- F:\Documents and Settings\All Users\Application Data
[2013/02/12 11:43:37 | 000,000,000 | ---D | C] -- F:\Documents and Settings
[2013/02/12 11:43:36 | 000,000,000 | -HSD | C] -- F:\System Volume Information
[2013/02/12 11:38:09 | 000,000,000 | R-SD | C] -- F:\WINDOWS\Fonts
[2013/02/12 11:38:09 | 000,000,000 | RHSD | C] -- F:\WINDOWS\System32\dllcache
[2013/02/12 11:38:09 | 000,000,000 | R--D | C] -- F:\WINDOWS\Web
[2013/02/12 11:38:09 | 000,000,000 | -H-D | C] -- F:\WINDOWS\inf
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\WinSxS
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\wins
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\wbem
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\usmt
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\twain_32
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Temp
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\system32
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\system
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\spool
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\ShellExt
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\Setup
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\security
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Resources
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\repair
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\ras
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Provisioning
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\PeerNet
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\pchealth
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\oobe
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\npp
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\mui
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\mui
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\msapps
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\msagent
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Media
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\java
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\inetsrv
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\IME
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\ime
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\icsxml
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\ias
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Help
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\export
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\drivers\etc
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\ehome
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\drivers
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Driver Cache
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\drivers\disdn
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\dhcp
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Debug
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Cursors
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Connection Wizard
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\config
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\Config
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\AppPatch
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\addins
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\3com_dmi
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\3076
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\2052
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\1054
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\1042
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\1041
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\1037
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\1033
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\1031
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\1028
[2013/02/12 11:38:09 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\1025
[2013/02/12 06:26:53 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\Identities
[2013/02/12 06:26:52 | 000,000,000 | -H-D | C] -- F:\Program Files\Uninstall Information
[2013/02/12 06:26:50 | 000,000,000 | R--D | C] -- F:\Documents and Settings\Administrator\My Documents\My Pictures
[2013/02/12 06:26:50 | 000,000,000 | R--D | C] -- F:\Documents and Settings\Administrator\My Documents\My Music
[2013/02/12 06:26:48 | 000,000,000 | --SD | C] -- F:\Documents and Settings\Administrator\Application Data\Microsoft
[2013/02/12 06:26:48 | 000,000,000 | --SD | C] -- F:\Documents and Settings\Administrator\Cookies
[2013/02/12 06:26:48 | 000,000,000 | RH-D | C] -- F:\Documents and Settings\Administrator\Application Data
[2013/02/12 06:26:48 | 000,000,000 | R--D | C] -- F:\Documents and Settings\Administrator\Favorites
[2013/02/12 06:26:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2013/02/12 06:26:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Desktop
[2013/02/12 06:26:47 | 000,000,000 | RH-D | C] -- F:\Documents and Settings\Administrator\SendTo
[2013/02/12 06:26:47 | 000,000,000 | RH-D | C] -- F:\Documents and Settings\Administrator\Recent
[2013/02/12 06:26:47 | 000,000,000 | R--D | C] -- F:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2013/02/12 06:26:47 | 000,000,000 | R--D | C] -- F:\Documents and Settings\Administrator\Start Menu
[2013/02/12 06:26:47 | 000,000,000 | R--D | C] -- F:\Documents and Settings\Administrator\My Documents
[2013/02/12 06:26:47 | 000,000,000 | R--D | C] -- F:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2013/02/12 06:26:47 | 000,000,000 | -H-D | C] -- F:\Documents and Settings\Administrator\Templates
[2013/02/12 06:26:47 | 000,000,000 | -H-D | C] -- F:\Documents and Settings\Administrator\PrintHood
[2013/02/12 06:26:47 | 000,000,000 | -H-D | C] -- F:\Documents and Settings\Administrator\NetHood
[2013/02/12 06:26:47 | 000,000,000 | -H-D | C] -- F:\Documents and Settings\Administrator\Local Settings
[2013/02/12 06:26:33 | 000,000,000 | ---D | C] -- F:\WINDOWS\SoftwareDistribution
[2013/02/12 06:26:32 | 000,000,000 | --SD | C] -- F:\WINDOWS\System32\Microsoft
[2013/02/12 06:26:32 | 000,000,000 | ---D | C] -- F:\WINDOWS\Prefetch
[2013/02/12 06:26:31 | 000,000,000 | --SD | C] -- F:\Documents and Settings\LocalService\Application Data\Microsoft
[2013/02/12 06:26:31 | 000,000,000 | ---D | C] -- F:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2013/02/12 06:25:52 | 000,000,000 | ---D | C] -- F:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2013/02/12 06:25:51 | 000,000,000 | --SD | C] -- F:\Documents and Settings\NetworkService\Application Data\Microsoft
[2013/02/12 06:24:20 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- F:\WINDOWS\System32\dllcache\rwia330.dll
[2013/02/12 06:24:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- F:\WINDOWS\System32\dllcache\rwia001.dll
[2013/02/12 06:24:19 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- F:\WINDOWS\System32\dllcache\rw330ext.dll
[2013/02/12 06:23:38 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- F:\WINDOWS\System32\dllcache\cap7146.sys
[2013/02/12 06:23:16 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\xircom
[2013/02/12 06:23:16 | 000,000,000 | ---D | C] -- F:\Program Files\xerox
[2013/02/12 06:23:16 | 000,000,000 | ---D | C] -- F:\Program Files\microsoft frontpage
[2013/02/12 06:22:26 | 000,000,000 | -HSD | C] -- F:\Documents and Settings\All Users\DRM
[2013/02/12 06:22:20 | 000,000,000 | --SD | C] -- F:\WINDOWS\Downloaded Program Files
[2013/02/12 06:22:20 | 000,000,000 | R--D | C] -- F:\WINDOWS\Offline Web Pages
[2013/02/12 06:22:12 | 000,000,000 | -H-D | C] -- F:\Program Files\WindowsUpdate
[2013/02/12 06:21:56 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\DirectX
[2013/02/12 06:21:27 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\Services
[2013/02/12 06:21:24 | 000,000,000 | --SD | C] -- F:\WINDOWS\Tasks
[2013/02/12 06:21:23 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\MSSoap
[2013/02/12 06:21:20 | 000,000,000 | ---D | C] -- F:\WINDOWS\srchasst
[2013/02/12 06:21:19 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\Macromed
[2013/02/12 06:21:12 | 000,000,000 | ---D | C] -- F:\Program Files\Movie Maker
[2013/02/12 06:21:05 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\Restore
[2013/02/12 06:21:01 | 000,000,000 | ---D | C] -- F:\Program Files\NetMeeting
[2013/02/12 06:20:58 | 000,000,000 | ---D | C] -- F:\Program Files\Outlook Express
[2013/02/12 06:20:52 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\System
[2013/02/12 06:20:47 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Documents\My Pictures
[2013/02/12 06:20:47 | 000,000,000 | ---D | C] -- F:\Program Files\Internet Explorer
[2013/02/12 06:20:34 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Games
[2013/02/12 06:20:26 | 000,000,000 | ---D | C] -- F:\Program Files\ComPlus Applications
[2013/02/12 06:20:21 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/02/12 06:20:21 | 000,000,000 | ---D | C] -- F:\WINDOWS\Registration
[2013/02/12 06:20:15 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Documents\My Music
[2013/02/12 06:20:15 | 000,000,000 | ---D | C] -- F:\Program Files\Windows Media Player
[2013/02/12 06:20:15 | 000,000,000 | ---D | C] -- F:\Program Files\Online Services
[2013/02/12 06:20:11 | 000,000,000 | ---D | C] -- F:\Program Files\Messenger
[2013/02/12 06:20:08 | 000,000,000 | ---D | C] -- F:\Program Files\MSN Gaming Zone
[2013/02/12 06:19:36 | 000,000,000 | ---D | C] -- F:\Program Files\MSN
[2013/02/12 06:19:35 | 000,281,088 | ---- | C] (Cinematronics) -- F:\WINDOWS\System32\dllcache\pinball.exe
[2013/02/12 06:19:34 | 000,000,000 | ---D | C] -- F:\Program Files\Windows NT
[2013/02/12 06:19:31 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\MsDtc
[2013/02/12 06:19:29 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\Com
[2013/02/12 06:19:15 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Documents\My Videos
[2013/02/12 06:19:00 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[5 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]
[3 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]
[2 F:\WINDOWS\System32\dllcache\*.tmp files -> F:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/07 13:05:01 | 000,000,830 | ---- | M] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/07 12:20:17 | 000,001,738 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2013/03/07 11:58:12 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2013/03/07 11:58:07 | 1060,986,880 | -HS- | M] () -- F:\hiberfil.sys
[2013/03/07 11:57:59 | 000,452,952 | ---- | M] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\Cat.DB
[2013/03/06 18:57:01 | 000,026,485 | ---- | M] () -- F:\Documents and Settings\Administrator\Desktop\8223-chill-house-melody-2.html
[2013/03/06 18:18:08 | 000,329,434 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2013/03/06 18:18:08 | 000,047,608 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2013/03/05 16:46:18 | 000,001,355 | ---- | M] () -- F:\WINDOWS\imsins.BAK
[2013/03/04 14:04:35 | 000,000,462 | ---- | M] () -- F:\Documents and Settings\Administrator\Desktop\Edraw Max.lnk
[2013/03/04 14:04:35 | 000,000,462 | ---- | M] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Edraw Max 6.8.lnk
[2013/03/04 10:08:01 | 000,002,206 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2013/03/01 16:51:16 | 000,000,763 | ---- | M] () -- F:\WINDOWS\System32\drivers\etc\hosts
[2013/02/14 17:16:38 | 000,263,024 | ---- | M] () -- F:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/14 17:16:27 | 000,014,818 | ---- | M] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\VT20130115.021
[2013/02/14 13:57:59 | 000,102,259 | ---- | M] () -- F:\WINDOWS\hpoins05.dat
[2013/02/13 12:26:03 | 000,000,813 | ---- | M] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/02/13 12:22:20 | 000,102,259 | ---- | M] () -- F:\WINDOWS\hpoins05.dat.temp
[2013/02/13 12:21:55 | 000,000,313 | ---- | M] () -- F:\WINDOWS\hpntwksetup.ini
[2013/02/13 12:13:37 | 000,000,726 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2013/02/13 12:11:25 | 000,000,728 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2013/02/13 12:07:17 | 000,001,527 | ---- | M] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2013/02/13 12:07:17 | 000,000,745 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2013/02/13 12:03:15 | 000,000,751 | ---- | M] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/13 12:03:15 | 000,000,733 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/02/13 12:01:22 | 000,002,371 | ---- | M] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/13 12:01:22 | 000,002,353 | ---- | M] () -- F:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2013/02/13 11:51:09 | 000,142,496 | ---- | M] (Symantec Corporation) -- F:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013/02/13 11:51:09 | 000,007,446 | ---- | M] () -- F:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013/02/13 11:51:09 | 000,000,806 | ---- | M] () -- F:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013/02/13 11:37:52 | 000,002,412 | RHS- | M] () -- F:\Documents and Settings\All Users\ntuser.pol
[2013/02/13 10:51:23 | 000,940,794 | ---- | M] () -- F:\WINDOWS\System32\LoopyMusic.wav
[2013/02/13 10:51:23 | 000,146,650 | ---- | M] () -- F:\WINDOWS\System32\BuzzingBee.wav
[2013/02/12 06:26:59 | 000,000,779 | ---- | M] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/12 06:26:58 | 000,000,079 | ---- | M] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/02/12 06:25:54 | 000,008,192 | ---- | M] () -- F:\WINDOWS\REGLOCS.OLD
[2013/02/12 06:24:43 | 000,000,261 | ---- | M] () -- F:\WINDOWS\System32\$winnt$.inf
[2013/02/12 06:23:05 | 000,002,577 | ---- | M] () -- F:\WINDOWS\System32\CONFIG.NT
[2013/02/12 06:23:03 | 000,316,640 | ---- | M] () -- F:\WINDOWS\WMSysPr9.prx
[2013/02/12 06:23:03 | 000,023,392 | ---- | M] () -- F:\WINDOWS\System32\nscompat.tlb
[2013/02/12 06:23:03 | 000,016,832 | ---- | M] () -- F:\WINDOWS\System32\amcompat.tlb
[2013/02/12 06:22:56 | 000,004,161 | ---- | M] () -- F:\WINDOWS\ODBCINST.INI
[2013/02/12 06:20:33 | 000,021,640 | ---- | M] () -- F:\WINDOWS\System32\emptyregdb.dat
[5 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]
[3 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]
[2 F:\WINDOWS\System32\dllcache\*.tmp files -> F:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/07 12:20:16 | 000,001,804 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2013/03/07 12:20:16 | 000,001,738 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2013/03/06 18:57:00 | 000,026,485 | ---- | C] () -- F:\Documents and Settings\Administrator\Desktop\8223-chill-house-melody-2.html
[2013/03/04 14:04:35 | 000,000,462 | ---- | C] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Edraw Max 6.8.lnk
[2013/03/04 14:04:34 | 000,000,462 | ---- | C] () -- F:\Documents and Settings\Administrator\Desktop\Edraw Max.lnk
[2013/02/25 15:13:32 | 1060,986,880 | -HS- | C] () -- F:\hiberfil.sys
[2013/02/25 13:43:42 | 002,027,958 | ---- | C] () -- F:\WINDOWS\bakoatool64.sys
[2013/02/25 13:43:42 | 001,861,506 | ---- | C] () -- F:\WINDOWS\bakoatool.sys
[2013/02/25 13:43:42 | 000,320,952 | ---- | C] () -- F:\WINDOWS\LInstSvr.exe
[2013/02/25 13:43:41 | 001,604,456 | ---- | C] () -- F:\WINDOWS\Agt3Tool.exe
[2013/02/25 13:43:41 | 000,003,430 | ---- | C] () -- F:\WINDOWS\pwddict.ini
[2013/02/25 13:43:39 | 000,041,060 | ---- | C] () -- F:\WINDOWS\System32\tpacket.vxd
[2013/02/25 13:43:39 | 000,041,060 | ---- | C] () -- F:\WINDOWS\baktpkt9.sys
[2013/02/25 13:43:39 | 000,022,629 | ---- | C] () -- F:\WINDOWS\toa32pd9.sys
[2013/02/14 17:16:27 | 000,452,952 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\Cat.DB
[2013/02/14 17:16:27 | 000,014,818 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\VT20130115.021
[2013/02/14 13:56:20 | 000,102,259 | ---- | C] () -- F:\WINDOWS\hpoins05.dat.temp
[2013/02/14 13:56:20 | 000,017,505 | ---- | C] () -- F:\WINDOWS\hpomdl07.dat.temp
[2013/02/14 10:47:31 | 000,009,670 | R--- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symelam.cat
[2013/02/14 10:47:31 | 000,007,877 | R--- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symnetv.cat
[2013/02/14 10:47:31 | 000,007,601 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symnet.cat
[2013/02/14 10:47:31 | 000,007,599 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symefa.cat
[2013/02/14 10:47:31 | 000,007,597 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\srtspx.cat
[2013/02/14 10:47:31 | 000,007,593 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symds.cat
[2013/02/14 10:47:31 | 000,007,593 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\srtsp.cat
[2013/02/14 10:47:31 | 000,003,433 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symefa.inf
[2013/02/14 10:47:31 | 000,002,851 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symds.inf
[2013/02/14 10:47:31 | 000,001,468 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symnetv.inf
[2013/02/14 10:47:31 | 000,001,440 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symnet.inf
[2013/02/14 10:47:31 | 000,001,388 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\srtsp.inf
[2013/02/14 10:47:31 | 000,001,387 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\srtspx.inf
[2013/02/14 10:47:31 | 000,000,996 | R--- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symelam.inf
[2013/02/14 10:47:30 | 000,007,611 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\ccsetx86.cat
[2013/02/14 10:47:30 | 000,007,593 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\iron.cat
[2013/02/14 10:47:30 | 000,000,827 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\ccsetx86.inf
[2013/02/14 10:47:30 | 000,000,737 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\iron.inf
[2013/02/14 10:47:17 | 000,009,103 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\symvtcer.dat
[2013/02/14 10:47:17 | 000,000,172 | ---- | C] () -- F:\WINDOWS\System32\drivers\NIS\1402010.016\isolate.ini
[2013/02/13 12:26:02 | 000,000,813 | ---- | C] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/02/13 12:20:23 | 000,000,313 | ---- | C] () -- F:\WINDOWS\hpntwksetup.ini
[2013/02/13 12:18:08 | 000,102,259 | ---- | C] () -- F:\WINDOWS\hpoins05.dat
[2013/02/13 12:18:08 | 000,017,505 | ---- | C] () -- F:\WINDOWS\hpomdl07.dat
[2013/02/13 12:13:36 | 000,000,726 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
[2013/02/13 12:11:25 | 000,000,728 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2013/02/13 12:07:17 | 000,001,527 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2013/02/13 12:07:17 | 000,000,745 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2013/02/13 12:06:46 | 000,000,830 | ---- | C] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/13 12:03:15 | 000,000,751 | ---- | C] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/13 12:03:15 | 000,000,733 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/02/13 12:03:14 | 000,000,739 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2013/02/13 12:01:22 | 000,002,371 | ---- | C] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/13 12:01:22 | 000,002,353 | ---- | C] () -- F:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2013/02/13 11:51:09 | 000,007,446 | ---- | C] () -- F:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013/02/13 11:51:09 | 000,000,806 | ---- | C] () -- F:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013/02/13 11:37:52 | 000,002,412 | RHS- | C] () -- F:\Documents and Settings\All Users\ntuser.pol
[2013/02/13 10:51:23 | 000,940,794 | ---- | C] () -- F:\WINDOWS\System32\LoopyMusic.wav
[2013/02/13 10:51:23 | 000,146,650 | ---- | C] () -- F:\WINDOWS\System32\BuzzingBee.wav
[2013/02/13 10:48:27 | 000,049,152 | R--- | C] () -- F:\WINDOWS\System32\ChCfg.exe
[2013/02/12 21:25:31 | 000,147,456 | R--- | C] () -- F:\WINDOWS\System32\igfxCoIn_v4885.dll
[2013/02/12 21:25:31 | 000,026,960 | R--- | C] () -- F:\WINDOWS\System32\igxpxs32.vp
[2013/02/12 21:25:31 | 000,002,096 | R--- | C] () -- F:\WINDOWS\System32\igxpxk32.vp
[2013/02/12 11:44:42 | 000,001,355 | ---- | C] () -- F:\WINDOWS\imsins.BAK
[2013/02/12 11:44:39 | 000,004,161 | ---- | C] () -- F:\WINDOWS\ODBCINST.INI
[2013/02/12 11:44:37 | 001,685,606 | ---- | C] () -- F:\WINDOWS\System32\dllcache\sam.spd
[2013/02/12 11:44:37 | 000,605,050 | ---- | C] () -- F:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/02/12 11:44:37 | 000,000,888 | ---- | C] () -- F:\WINDOWS\System32\dllcache\sam.sdf
[2013/02/12 11:44:36 | 000,643,717 | ---- | C] () -- F:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/02/12 11:44:21 | 000,001,688 | ---- | C] () -- F:\WINDOWS\System32\AUTOEXEC.NT
[2013/02/12 11:44:14 | 000,141,702 | ---- | C] () -- F:\WINDOWS\System32\dllcache\netfx.cat
[2013/02/12 11:44:14 | 000,110,116 | ---- | C] () -- F:\WINDOWS\System32\dllcache\tabletpc.cat
[2013/02/12 11:44:14 | 000,031,965 | ---- | C] () -- F:\WINDOWS\System32\dllcache\mediactr.cat
[2013/02/12 11:44:14 | 000,024,209 | ---- | C] () -- F:\WINDOWS\System32\dllcache\msn7.cat
[2013/02/12 11:44:14 | 000,011,651 | ---- | C] () -- F:\WINDOWS\System32\dllcache\msn9.cat
[2013/02/12 11:44:14 | 000,008,574 | ---- | C] () -- F:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/02/12 11:44:14 | 000,007,382 | ---- | C] () -- F:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/02/12 11:44:14 | 000,007,245 | ---- | C] () -- F:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013/02/12 11:44:13 | 002,012,670 | ---- | C] () -- F:\WINDOWS\System32\dllcache\NT5.CAT
[2013/02/12 11:44:13 | 001,042,903 | ---- | C] () -- F:\WINDOWS\System32\dllcache\SP2.CAT
[2013/02/12 11:44:13 | 000,797,189 | ---- | C] () -- F:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/02/12 11:44:13 | 000,502,724 | ---- | C] () -- F:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013/02/12 11:44:13 | 000,399,645 | ---- | C] () -- F:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/02/12 11:44:13 | 000,037,484 | ---- | C] () -- F:\WINDOWS\System32\dllcache\MW770.CAT
[2013/02/12 11:44:13 | 000,031,281 | ---- | C] () -- F:\WINDOWS\System32\dllcache\FP4.CAT
[2013/02/12 11:44:13 | 000,013,753 | ---- | C] () -- F:\WINDOWS\System32\dllcache\IMS.CAT
[2013/02/12 11:44:13 | 000,013,472 | ---- | C] () -- F:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/02/12 11:44:13 | 000,009,581 | ---- | C] () -- F:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013/02/12 11:44:13 | 000,007,334 | ---- | C] () -- F:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013/02/12 11:43:36 | 000,263,024 | ---- | C] () -- F:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/12 11:42:13 | 000,000,261 | ---- | C] () -- F:\WINDOWS\System32\$winnt$.inf
[2013/02/12 06:26:58 | 000,000,079 | ---- | C] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/02/12 06:26:53 | 000,000,738 | ---- | C] () -- F:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2013/02/12 06:26:52 | 000,000,779 | ---- | C] () -- F:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/12 06:26:52 | 000,000,767 | ---- | C] () -- F:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2013/02/12 06:26:48 | 000,001,599 | ---- | C] () -- F:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2013/02/12 06:26:48 | 000,000,801 | ---- | C] () -- F:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
[2013/02/12 06:25:54 | 000,008,192 | ---- | C] () -- F:\WINDOWS\REGLOCS.OLD
[2013/02/12 06:24:43 | 000,002,048 | --S- | C] () -- F:\WINDOWS\bootstat.dat
[2013/02/12 06:24:16 | 000,175,104 | ---- | C] () -- F:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013/02/12 06:24:04 | 001,158,818 | ---- | C] () -- F:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013/02/12 06:24:00 | 000,059,392 | ---- | C] () -- F:\WINDOWS\System32\dllcache\imscinst.exe
[2013/02/12 06:23:59 | 000,196,665 | ---- | C] () -- F:\WINDOWS\System32\dllcache\imjpinst.exe
[2013/02/12 06:23:58 | 000,134,339 | ---- | C] () -- F:\WINDOWS\System32\dllcache\imekr.lex
[2013/02/12 06:23:52 | 013,463,552 | ---- | C] () -- F:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013/02/12 06:23:49 | 000,108,827 | ---- | C] () -- F:\WINDOWS\System32\dllcache\hanja.lex
[2013/02/12 06:23:46 | 000,094,208 | ---- | C] () -- F:\WINDOWS\System32\dllcache\fpencode.dll
[2013/02/12 06:23:40 | 000,173,568 | ---- | C] () -- F:\WINDOWS\System32\dllcache\chtskf.dll
[2013/02/12 06:23:05 | 000,002,577 | ---- | C] () -- F:\WINDOWS\System32\CONFIG.NT
[2013/02/12 06:23:03 | 000,023,392 | ---- | C] () -- F:\WINDOWS\System32\nscompat.tlb
[2013/02/12 06:23:03 | 000,016,832 | ---- | C] () -- F:\WINDOWS\System32\amcompat.tlb
[2013/02/12 06:23:02 | 000,316,640 | ---- | C] () -- F:\WINDOWS\WMSysPr9.prx
[2013/02/12 06:22:11 | 000,000,786 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2013/02/12 06:22:03 | 004,399,505 | ---- | C] () -- F:\WINDOWS\System32\dllcache\nls302en.lex
[2013/02/12 06:21:35 | 000,048,680 | -HS- | C] () -- F:\WINDOWS\winnt256.bmp
[2013/02/12 06:21:35 | 000,048,680 | -HS- | C] () -- F:\WINDOWS\winnt.bmp
[2013/02/12 06:21:29 | 000,000,984 | ---- | C] () -- F:\WINDOWS\System32\dllcache\srframe.mmf
[2013/02/12 06:21:17 | 000,004,639 | ---- | C] () -- F:\WINDOWS\System32\dllcache\mplayer2.exe
[2013/02/12 06:21:06 | 000,376,320 | ---- | C] () -- F:\WINDOWS\System32\dllcache\msinfo.dll
[2013/02/12 06:20:34 | 000,000,609 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2013/02/12 06:20:33 | 000,021,640 | ---- | C] () -- F:\WINDOWS\System32\emptyregdb.dat
[2013/02/12 06:20:15 | 000,001,986 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2013/02/12 06:19:56 | 000,065,832 | ---- | C] () -- F:\WINDOWS\Santa Fe Stucco.bmp
[2013/02/12 06:19:56 | 000,026,680 | ---- | C] () -- F:\WINDOWS\River Sumida.bmp
[2013/02/12 06:19:56 | 000,009,522 | ---- | C] () -- F:\WINDOWS\Zapotec.bmp
[2013/02/12 06:19:55 | 000,065,978 | ---- | C] () -- F:\WINDOWS\Soap Bubbles.bmp
[2013/02/12 06:19:55 | 000,065,954 | ---- | C] () -- F:\WINDOWS\Prairie Wind.bmp
[2013/02/12 06:19:55 | 000,026,582 | ---- | C] () -- F:\WINDOWS\Greenstone.bmp
[2013/02/12 06:19:55 | 000,017,362 | ---- | C] () -- F:\WINDOWS\Rhododendron.bmp
[2013/02/12 06:19:55 | 000,017,336 | ---- | C] () -- F:\WINDOWS\Gone Fishing.bmp
[2013/02/12 06:19:55 | 000,017,062 | ---- | C] () -- F:\WINDOWS\Coffee Bean.bmp
[2013/02/12 06:19:55 | 000,016,730 | ---- | C] () -- F:\WINDOWS\FeatherTexture.bmp
[2013/02/12 06:19:55 | 000,001,272 | ---- | C] () -- F:\WINDOWS\Blue Lace 16.bmp
[2013/02/12 06:19:53 | 000,001,161 | ---- | C] () -- F:\WINDOWS\System32\usrlogon.cmd
[2013/02/12 06:19:52 | 000,003,286 | ---- | C] () -- F:\WINDOWS\System32\tslabels.h
[2013/02/12 06:19:51 | 000,000,768 | ---- | C] () -- F:\WINDOWS\System32\msdtcprf.h
[2013/02/12 06:19:46 | 000,063,488 | ---- | C] () -- F:\WINDOWS\System32\wmimgmt.msc

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004/08/04 00:56:46 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = F:\WINDOWS\system32\wbem\fastprox.dll -- [2004/08/04 00:56:44 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = F:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/04 00:56:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/03/06 16:45:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Administrator\Application Data\FileZilla
[2013/03/02 15:14:11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Administrator\Application Data\Hackety Hack
[2013/02/16 16:50:00 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\phpDesigner
[2013/02/13 12:09:20 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\RoboForm
[2013/03/05 16:44:19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ZeoBIT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Jintan
Posted 12 March 2013 - 04:29 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Welcome to Geeks2Go subhajit,

No infection showing here. The logs do show monitoring software in use, such as used by employers to monitor employee activities. Is this a business-owned system?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP