Virus in my computer [Closed]

Dear all

This is log of OTL in my computer

I install NIS 2013 but it alway have notice Email error.

Thanks

OTL logfile created on: 7/30/2013 9:51:17 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = H:\Document - Desktop\MY DOCUMENTS\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.89 Gb Total Physical Memory | 0.72 Gb Available Physical Memory | 37.98% Memory free
3.74 Gb Paging File | 2.76 Gb Available in Paging File | 73.80% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 56.48 Gb Total Space | 47.61 Gb Free Space | 84.30% Space Free | Partition Type: NTFS
Drive D: | 26.83 Gb Total Space | 23.30 Gb Free Space | 86.86% Space Free | Partition Type: NTFS
Drive E: | 25.12 Gb Total Space | 20.81 Gb Free Space | 82.85% Space Free | Partition Type: NTFS
Drive F: | 40.62 Gb Total Space | 37.46 Gb Free Space | 92.21% Space Free | Partition Type: NTFS
Drive G: | 1035.07 Gb Total Space | 562.75 Gb Free Space | 54.37% Space Free | Partition Type: NTFS
Drive H: | 827.93 Gb Total Space | 630.03 Gb Free Space | 76.10% Space Free | Partition Type: NTFS
Drive I: | 589.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KHO-SATO | User Name: KHO SATO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/30 09:50:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- H:\Document - Desktop\MY DOCUMENTS\Downloads\Programs\OTL.exe
PRC - [2013/07/30 08:40:25 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/07/29 23:58:47 | 001,175,552 | RH-- | M] (Microsoft Corporation) -- C:\WINDOWS\Temp\temp17.exe
PRC - [2013/07/26 20:32:03 | 003,624,528 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2013/05/25 07:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\KHO SATO\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2013/05/21 11:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
PRC - [2012/12/12 20:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2008/04/14 19:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/19 06:55:00 | 000,217,088 | ---- | M] () -- C:\Program Files\UniKey\UniKeyNT.exe
PRC - [2003/04/17 15:21:52 | 000,138,240 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2SWK.EXE
PRC - [2003/04/17 15:21:52 | 000,061,224 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CAP2RSK.EXE
PRC - [2003/04/17 15:21:52 | 000,030,720 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2LAK.EXE

========== Modules (No Company Name) ==========

MOD - [2013/07/30 09:13:59 | 016,166,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/07/30 08:40:25 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/03/14 03:48:52 | 024,978,944 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Application Data\Dropbox\bin\libcef.dll
MOD - [2012/11/14 06:32:50 | 003,558,400 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Application Data\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/05/30 21:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
MOD - [2008/04/14 19:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 19:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2008/04/14 19:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006/04/19 06:55:00 | 000,217,088 | ---- | M] () -- C:\Program Files\UniKey\UniKeyNT.exe
MOD - [2006/04/19 06:53:51 | 000,188,416 | ---- | M] () -- C:\Program Files\UniKey\UKHook40.dll

========== Services (SafeList) ==========

SRV - [2013/07/30 08:40:25 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/29 23:42:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/21 11:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2012/07/16 18:48:00 | 000,365,376 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/16 18:47:58 | 000,277,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/16 18:47:44 | 000,166,720 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/19 19:03:28 | 000,462,088 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/07/29 23:58:50 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2013/07/29 22:44:19 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/07/29 17:11:10 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130729.007\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/07/29 17:11:10 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/07/29 17:11:10 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/07/29 17:11:10 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130729.007\NAVENG.SYS -- (NAVENG)
DRV - [2013/07/26 15:27:36 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130727.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2013/06/27 16:57:42 | 000,118,344 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2013/05/23 12:25:28 | 000,934,488 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymEFA.sys -- (SymEFA)
DRV - [2013/05/21 12:02:00 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymDS.sys -- (SymDS)
DRV - [2013/05/21 11:41:34 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/16 12:02:14 | 000,603,224 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/04/25 07:43:56 | 000,396,760 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symtdi.sys -- (SYMTDI)
DRV - [2013/04/16 09:41:14 | 000,134,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\ccSetx86.sys -- (ccSet_NIS)
DRV - [2013/03/05 09:14:18 | 000,044,064 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2013/03/05 09:14:18 | 000,044,064 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2013/03/05 08:39:19 | 000,175,264 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\Ironx86.sys -- (SymIRON)
DRV - [2013/03/05 08:21:35 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2012/07/02 22:16:00 | 000,055,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (MEI)
DRV - [2012/04/25 22:09:00 | 000,082,032 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2006/11/25 11:43:04 | 000,067,584 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2003/04/17 15:21:52 | 000,023,232 | ---- | M] (CANON INC.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CAP2LPT.SYS -- (RapidPort2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ch?q={searc---- | m] (microsoft corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.55
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.4.1.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..browser.startup.homepage: ""

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\ [2013/07/29 22:44:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ [2013/07/30 08:53:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\KHO SATO\Application Data\IDM\idmmzcc5 [2013/07/29 23:06:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\KHO SATO\Application Data\IDM\idmmzcc5 [2013/07/29 23:06:38 | 000,000,000 | ---D | M]

[2013/07/29 22:43:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KHO SATO\Application Data\Mozilla\Extensions
[2013/07/29 23:24:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KHO SATO\Application Data\Mozilla\Firefox\Profiles\3usn91m5.default\extensions
[2013/07/29 22:52:46 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\KHO SATO\Application Data\Mozilla\Firefox\Profiles\3usn91m5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/07/29 23:06:05 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\KHO SATO\Application Data\Mozilla\Firefox\Profiles\3usn91m5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/07/29 23:18:37 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Application Data\Mozilla\Firefox\Profiles\3usn91m5.default\searchplugins\safesearch.xml
[2013/07/30 08:40:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/30 08:40:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/07/30 08:53:07 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\COFFPLGN
[2013/07/29 23:06:38 | 000,000,000 | ---D | M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\KHO SATO\APPLICATION DATA\IDM\IDMMZCC5

O1 HOSTS File: ([2008/04/14 19:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [CAP2ON] C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2ONN.EXE (CANON INC.)
O4 - HKLM..\Run: [NetworkSaver] C:\WINDOWS\Temp\temp17.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Documents and Settings\KHO SATO\Application Data\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Canon LASER SHOT LBP-1210 Status Window.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP2LAK.EXE (CANON INC.)
O4 - Startup: C:\Documents and Settings\KHO SATO\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\KHO SATO\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73FB71E1-CE70-451E-A46F-1D7100E9980B}: DhcpNameServer = 192.168.1.250
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/07/29 22:14:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2013/07/10 08:23:13 | 000,000,000 | ---D | M] - G:\Autoreiji.2010.720p.Bluray.DD5.1.x264-ESiR -- [ NTFS ]
O32 - AutoRun File - [2008/04/14 19:00:00 | 000,000,110 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0ed1a938-f898-11e2-b04b-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{0ed1a938-f898-11e2-b04b-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0ed1a938-f898-11e2-b04b-806d6172696f}\Shell\AutoRun\command - "" = I:\SETUP.EXE -- [2008/04/14 19:00:00 | 001,314,816 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/30 09:36:02 | 000,044,064 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2013/07/30 09:36:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013/07/30 09:15:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/30 09:14:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\MSNInstaller
[2013/07/30 08:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/07/30 08:39:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon LASER SHOT LBP-1210
[2013/07/30 08:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2013/07/30 05:01:45 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2013/07/30 05:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2013/07/30 05:01:42 | 000,000,000 | R--D | C] -- C:\Program Files
[2013/07/30 05:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2013/07/30 05:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2013/07/30 05:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2013/07/30 05:01:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2013/07/30 05:01:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013/07/30 05:01:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013/07/30 05:01:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2013/07/30 05:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2013/07/30 05:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2013/07/30 05:01:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/07/30 05:01:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2013/07/30 05:01:09 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013/07/30 05:01:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/07/30 05:00:51 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/07/30 05:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2013/07/30 04:55:58 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013/07/30 04:55:58 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/07/30 04:55:58 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013/07/30 04:55:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2013/07/30 04:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2013/07/30 03:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2013/07/30 03:36:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\KHO SATO\IETldCache
[2013/07/30 03:18:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/07/30 03:18:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/07/30 03:17:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/07/29 23:58:50 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2013/07/29 23:58:50 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2013/07/29 23:58:50 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2013/07/29 23:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/07/29 23:50:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/07/29 23:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/07/29 23:49:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/07/29 23:49:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/07/29 23:48:40 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/07/29 23:48:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013/07/29 23:47:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/07/29 23:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Local Settings\Application Data\Adobe
[2013/07/29 23:45:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2013/07/29 23:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/07/29 23:42:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2013/07/29 23:39:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2013/07/29 23:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/07/29 23:35:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\KHO SATO\UserData
[2013/07/29 23:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\uTorrent
[2013/07/29 23:27:10 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/07/29 23:23:54 | 000,508,416 | ---- | C] (VNG Corporation) -- C:\Documents and Settings\KHO SATO\Application Data\laban.exe
[2013/07/29 23:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\PANDORA.TV
[2013/07/29 23:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\The KMPlayer
[2013/07/29 23:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2013/07/29 23:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\BabSolution
[2013/07/29 23:15:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/07/29 23:14:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2013/07/29 23:14:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\Babylon
[2013/07/29 23:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Your Uninstaller! 7
[2013/07/29 23:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\Your Uninstaller! 7
[2013/07/29 23:13:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\URSoft
[2013/07/29 23:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/07/29 23:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
[2013/07/29 23:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\IDM
[2013/07/29 23:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IDM
[2013/07/29 23:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\DMCache
[2013/07/29 23:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\Internet Download Manager
[2013/07/29 23:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Internet Download Manager
[2013/07/29 23:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2013/07/29 23:04:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Local Settings\Application Data\Google
[2013/07/29 23:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2013/07/29 23:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/07/29 23:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\Dropbox
[2013/07/29 23:00:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\Dropbox
[2013/07/29 22:55:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\Skype
[2013/07/29 22:55:46 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/07/29 22:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/07/29 22:55:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/07/29 22:55:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2013/07/29 22:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\Macromedia
[2013/07/29 22:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\Adobe
[2013/07/29 22:54:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\WinRAR
[2013/07/29 22:54:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2013/07/29 22:54:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\Softland
[2013/07/29 22:54:00 | 000,023,376 | ---- | C] (Softland) -- C:\WINDOWS\System32\dopdfmn7.dll
[2013/07/29 22:54:00 | 000,020,816 | ---- | C] (Softland) -- C:\WINDOWS\System32\dopdfmi7.dll
[2013/07/29 22:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\doPDF 7
[2013/07/29 22:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2013/07/29 22:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\UltraISO
[2013/07/29 22:53:10 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2013/07/29 22:53:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2013/07/29 22:52:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\Yahoo!
[2013/07/29 22:52:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2013/07/29 22:52:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2013/07/29 22:47:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\TuneUp Software
[2013/07/29 22:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013
[2013/07/29 22:47:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2013/07/29 22:47:18 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/07/29 22:47:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/07/29 22:47:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\UniKey Vietnamese Input Method
[2013/07/29 22:47:08 | 000,000,000 | ---D | C] -- C:\Program Files\UniKey
[2013/07/29 22:46:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2013/07/29 22:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\WinRAR
[2013/07/29 22:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/07/29 22:44:19 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013/07/29 22:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/07/29 22:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/07/29 22:44:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Desktop
[2013/07/29 22:44:08 | 000,934,488 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.sys
[2013/07/29 22:44:08 | 000,603,224 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.sys
[2013/07/29 22:44:08 | 000,396,760 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symtdi.sys
[2013/07/29 22:44:08 | 000,367,704 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.sys
[2013/07/29 22:44:08 | 000,352,344 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symtdiv.sys
[2013/07/29 22:44:08 | 000,339,544 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symnets.sys
[2013/07/29 22:44:08 | 000,175,264 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Ironx86.sys
[2013/07/29 22:44:08 | 000,134,744 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccSetx86.sys
[2013/07/29 22:44:08 | 000,032,344 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.sys
[2013/07/29 22:44:08 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymELAM.sys
[2013/07/29 22:43:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2013/07/29 22:43:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1404000.028
[2013/07/29 22:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2013/07/29 22:43:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton Internet Security
[2013/07/29 22:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Local Settings\Application Data\Mozilla
[2013/07/29 22:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\Mozilla
[2013/07/29 22:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2013/07/29 22:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2013/07/29 22:43:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2013/07/29 22:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2013/07/29 22:41:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2013/07/29 22:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/07/29 22:39:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2013/07/29 22:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Local Settings\Application Data\Microsoft Help
[2013/07/29 22:39:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/07/29 22:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2013/07/29 22:39:34 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/07/29 22:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2013/07/29 22:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013/07/29 22:30:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2013/07/29 22:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent
[2013/07/29 22:29:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2013/07/29 22:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/07/29 22:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/07/29 22:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox.bak
[2013/07/29 22:28:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Atheros_L1e
[2013/07/29 22:28:02 | 000,000,000 | ---D | C] -- C:\Intel
[2013/07/29 22:28:00 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013/07/29 22:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013/07/29 22:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\InstallShield
[2013/07/29 22:19:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Application Data\Identities
[2013/07/29 22:19:58 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2013/07/29 22:19:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft
[2013/07/29 22:19:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\KHO SATO\SendTo
[2013/07/29 22:19:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\KHO SATO\Recent
[2013/07/29 22:19:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\KHO SATO\Application Data
[2013/07/29 22:19:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\Startup
[2013/07/29 22:19:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\KHO SATO\Start Menu
[2013/07/29 22:19:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\KHO SATO\Favorites
[2013/07/29 22:19:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\Accessories
[2013/07/29 22:19:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\KHO SATO\Cookies
[2013/07/29 22:19:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\KHO SATO\Templates
[2013/07/29 22:19:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\KHO SATO\PrintHood
[2013/07/29 22:19:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\KHO SATO\NetHood
[2013/07/29 22:19:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\KHO SATO\Local Settings
[2013/07/29 22:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KHO SATO\Local Settings\Application Data\Microsoft
[2013/07/29 22:19:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/07/29 22:19:13 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2013/07/29 22:19:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/07/29 22:19:12 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2013/07/29 22:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2013/07/29 22:16:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2013/07/29 22:16:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2013/07/29 22:15:44 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/07/29 22:15:44 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/07/29 22:15:44 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2013/07/29 22:15:07 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/07/29 22:14:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2013/07/29 22:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2013/07/29 22:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2013/07/29 22:14:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2013/07/29 22:13:58 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013/07/29 22:13:58 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013/07/29 22:13:53 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2013/07/29 22:13:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2013/07/29 22:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2013/07/29 22:13:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013/07/29 22:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2013/07/29 22:13:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013/07/29 22:13:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2013/07/29 22:13:14 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2013/07/29 22:12:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2013/07/29 22:12:54 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2013/07/29 22:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2013/07/29 22:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2013/07/29 22:12:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013/07/29 22:12:46 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2013/07/29 22:12:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2013/07/29 22:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013/07/29 22:12:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/07/29 22:12:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013/07/29 22:12:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2013/07/29 22:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2013/07/29 22:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2013/07/29 22:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2013/07/29 22:12:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2013/07/29 22:11:39 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2013/07/29 22:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2013/07/29 22:11:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2013/07/29 22:11:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013/07/29 22:11:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013/07/29 22:11:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013/07/29 22:11:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2013/07/29 22:11:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2013/07/29 20:45:58 | 000,000,000 | ---D | C] -- H:\Document - Desktop\MY DOCUMENTS\My ISO Files
[2013/07/29 02:53:21 | 000,082,032 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\l1c51x86.sys
[2013/07/26 19:55:29 | 000,118,344 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\System32\drivers\idmtdi.sys
[2013/07/23 20:40:31 | 000,000,000 | ---D | C] -- H:\Document - Desktop\Desktop\FB32. HDSD
[2013/07/20 16:33:34 | 000,000,000 | --SD | C] -- H:\Document - Desktop\MY DOCUMENTS\My Data Sources
[2013/07/17 11:29:11 | 000,000,000 | ---D | C] -- H:\Document - Desktop\Desktop\an
[2013/07/13 10:51:48 | 000,000,000 | ---D | C] -- H:\Document - Desktop\Desktop\C Linh
[2013/07/12 13:52:35 | 000,000,000 | ---D | C] -- H:\Document - Desktop\Desktop\Trang
[2013/07/10 16:27:44 | 000,000,000 | ---D | C] -- H:\Document - Desktop\Desktop\HEAT PUMP
[2013/07/08 14:24:26 | 000,000,000 | ---D | C] -- H:\Document - Desktop\Desktop\PHAN MEM
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/30 09:50:34 | 000,518,701 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Cat.DB
[2013/07/30 09:09:11 | 015,692,515 | ---- | M] () -- H:\Document - Desktop\Desktop\Voice 003.m4a
[2013/07/30 09:08:56 | 000,000,000 | ---- | M] () -- H:\Document - Desktop\Desktop\2013-7-29 Folangsi August Special Promo.pdf.part
[2013/07/30 09:08:56 | 000,000,000 | ---- | M] () -- H:\Document - Desktop\Desktop\2013-7-29 Folangsi August Special Promo.pdf
[2013/07/30 08:53:31 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/30 08:51:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/30 08:39:35 | 000,001,059 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Canon LASER SHOT LBP-1210.LNK
[2013/07/30 08:39:35 | 000,001,058 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Canon LASER SHOT LBP-1210 Status Window.LNK
[2013/07/30 05:09:23 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013/07/30 03:41:24 | 000,001,037 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\Startup\Dropbox.lnk
[2013/07/30 03:40:21 | 000,433,186 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/30 03:40:21 | 000,067,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/30 03:36:16 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/07/30 03:35:42 | 002,636,408 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/30 03:19:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/07/29 23:58:50 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2013/07/29 23:58:50 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2013/07/29 23:58:50 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2013/07/29 23:54:13 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/29 23:48:15 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013/07/29 23:07:40 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2013/07/29 22:52:03 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2013/07/29 22:47:08 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\UniKey.lnk
[2013/07/29 22:44:19 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013/07/29 22:44:19 | 000,007,611 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013/07/29 22:44:19 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013/07/29 22:29:05 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/07/29 22:20:05 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/07/29 22:16:33 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013/07/29 22:16:02 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/07/29 22:14:38 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/07/29 22:14:38 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/07/29 22:14:38 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/07/29 22:14:38 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013/07/29 22:14:38 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013/07/29 22:14:36 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/07/29 22:14:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/07/29 22:14:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/07/29 22:14:28 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013/07/29 22:12:32 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/07/26 12:58:48 | 000,236,399 | ---- | M] () -- H:\Document - Desktop\Desktop\A LONG PATAYA 14-6-2013.pdf
[2013/07/25 10:24:18 | 000,134,603 | ---- | M] () -- H:\Document - Desktop\Desktop\20130716_133058.jpg
[2013/07/25 10:22:48 | 000,193,756 | ---- | M] () -- H:\Document - Desktop\Desktop\20130718_100824.jpg
[2013/07/20 21:32:24 | 000,063,146 | ---- | M] () -- H:\Document - Desktop\Desktop\1005752_646977218647150_1555929877_n.jpg
[2013/07/11 19:32:31 | 000,272,754 | ---- | M] () -- H:\Document - Desktop\Desktop\Mast_Guide_Bearings.pdf
[2013/07/10 14:38:41 | 000,213,274 | ---- | M] () -- H:\Document - Desktop\MY DOCUMENTS\SCG T7.pdf
[2013/07/08 17:23:45 | 000,000,833 | ---- | M] () -- H:\Document - Desktop\Desktop\Shortcut to AC-HANG DA BAO GIA.lnk
[2013/07/08 17:23:45 | 000,000,833 | ---- | M] () -- H:\Document - Desktop\Desktop\Shortcut to AB-HANG DA BAO GIA.lnk
[2013/07/08 17:23:45 | 000,000,721 | ---- | M] () -- H:\Document - Desktop\Desktop\Shortcut to HANG CAN BAO GIA.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/30 09:09:01 | 015,692,515 | ---- | C] () -- H:\Document - Desktop\Desktop\Voice 003.m4a
[2013/07/30 09:08:56 | 000,000,000 | ---- | C] () -- H:\Document - Desktop\Desktop\2013-7-29 Folangsi August Special Promo.pdf.part
[2013/07/30 09:08:56 | 000,000,000 | ---- | C] () -- H:\Document - Desktop\Desktop\2013-7-29 Folangsi August Special Promo.pdf
[2013/07/30 08:39:35 | 000,001,058 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Canon LASER SHOT LBP-1210 Status Window.LNK
[2013/07/30 08:39:34 | 000,001,059 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Canon LASER SHOT LBP-1210.LNK
[2013/07/30 05:09:23 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013/07/30 05:01:47 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/07/30 05:01:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/07/30 05:01:43 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/07/30 05:01:43 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/07/30 05:01:43 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/07/30 05:01:43 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/07/30 05:01:31 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013/07/30 05:01:24 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2013/07/30 05:01:24 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2013/07/30 05:01:24 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/07/30 05:01:24 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013/07/30 05:01:24 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/07/30 05:01:24 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2013/07/30 05:01:24 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2013/07/30 05:01:24 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/07/30 05:01:24 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2013/07/30 05:01:24 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2013/07/30 05:01:24 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2013/07/30 05:01:24 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2013/07/30 05:01:24 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2013/07/30 05:01:24 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/07/30 05:01:24 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013/07/30 05:01:24 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013/07/30 05:01:24 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/07/30 05:01:24 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/07/30 05:01:24 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013/07/30 05:00:51 | 002,636,408 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/30 05:00:08 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2013/07/30 05:00:05 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/07/30 03:36:16 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\Internet Explorer.lnk
[2013/07/30 00:04:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/07/30 00:04:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/07/29 23:54:10 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\KHO SATO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/29 23:51:41 | 001,175,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/07/29 23:45:17 | 000,001,002 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Extension Manager CS4.lnk
[2013/07/29 23:44:37 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
[2013/07/29 23:08:13 | 000,014,818 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\VT20130115.021
[2013/07/29 23:07:40 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2013/07/29 23:01:25 | 000,001,037 | ---- | C] () -- C:\Documents and Settings\KHO SATO\Start Menu\Programs\Startup\Dropbox.lnk
[2013/07/29 22:54:00 | 000,007,549 | ---- | C] () -- C:\WINDOWS\System32\dopdf7.ctm
[2013/07/29 22:52:03 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2013/07/29 22:47:08 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\UniKey.lnk
[2013/07/29 22:44:22 | 000,518,701 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Cat.DB
[2013/07/29 22:44:19 | 000,007,611 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013/07/29 22:44:19 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013/07/29 22:44:01 | 000,003,434 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.inf
[2013/07/29 22:44:01 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.inf
[2013/07/29 22:44:01 | 000,001,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNetV.inf
[2013/07/29 22:44:01 | 000,001,440 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.inf
[2013/07/29 22:44:01 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.inf
[2013/07/29 22:44:01 | 000,001,388 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.inf
[2013/07/29 22:44:01 | 000,000,996 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symELAM.inf
[2013/07/29 22:44:01 | 000,000,827 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccSetx86.inf
[2013/07/29 22:44:01 | 000,000,737 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Iron.inf
[2013/07/29 22:43:47 | 000,014,818 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymVTcer.dat
[2013/07/29 22:43:47 | 000,009,670 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymELAM.cat
[2013/07/29 22:43:47 | 000,008,067 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.cat
[2013/07/29 22:43:47 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.cat
[2013/07/29 22:43:47 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.cat
[2013/07/29 22:43:47 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symnetv.cat
[2013/07/29 22:43:47 | 000,007,667 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccsetx86.cat
[2013/07/29 22:43:47 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\iron.cat
[2013/07/29 22:43:47 | 000,007,583 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.cat
[2013/07/29 22:43:47 | 000,007,581 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.cat
[2013/07/29 22:43:47 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini
[2013/07/29 22:35:37 | 000,156,020 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.he-IL.resources
[2013/07/29 22:35:37 | 000,143,191 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.ro-RO.resources
[2013/07/29 22:35:37 | 000,139,623 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.fi-FI.resources
[2013/07/29 22:35:37 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013/07/29 22:35:36 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013/07/29 22:35:36 | 000,261,208 | ---- | C] () -- C:\WINDOWS\System32\igfcg600m.bin
[2013/07/29 22:35:36 | 000,206,074 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.el-GR.resources
[2013/07/29 22:35:36 | 000,190,306 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.ru-RU.resources
[2013/07/29 22:35:36 | 000,163,151 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.ar-SA.resources
[2013/07/29 22:35:36 | 000,139,095 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.sk-SK.resources
[2013/07/29 22:35:36 | 000,138,414 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.hr-HR.resources
[2013/07/29 22:35:36 | 000,135,443 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.sl-SI.resources
[2013/07/29 22:35:36 | 000,122,610 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.zh-CN.resources
[2013/07/29 22:35:36 | 000,009,216 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[2013/07/29 22:35:35 | 000,146,945 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.it-IT.resources
[2013/07/29 22:35:35 | 000,145,559 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.ko-KR.resources
[2013/07/29 22:35:35 | 000,142,754 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.fr-FR.resources
[2013/07/29 22:35:35 | 000,142,035 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.tr-TR.resources
[2013/07/29 22:35:35 | 000,141,601 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.pt-BR.resources
[2013/07/29 22:35:35 | 000,141,258 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.nl-NL.resources
[2013/07/29 22:35:35 | 000,140,501 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.pt-PT.resources
[2013/07/29 22:35:35 | 000,140,404 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.sv-SE.resources
[2013/07/29 22:35:35 | 000,139,864 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.pl-PL.resources
[2013/07/29 22:35:35 | 000,130,387 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.en-US.resources
[2013/07/29 22:35:35 | 000,042,616 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2013/07/29 22:35:34 | 000,963,144 | ---- | C] () -- C:\WINDOWS\System32\igkrng600.bin
[2013/07/29 22:35:34 | 000,219,089 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.th-TH.resources
[2013/07/29 22:35:34 | 000,160,273 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.ja-JP.resources
[2013/07/29 22:35:34 | 000,145,804 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng600.bin
[2013/07/29 22:35:34 | 000,144,621 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.es-ES.resources
[2013/07/29 22:35:34 | 000,144,501 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.de-DE.resources
[2013/07/29 22:35:34 | 000,141,134 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.hu-HU.resources
[2013/07/29 22:35:34 | 000,139,839 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.cs-CZ.resources
[2013/07/29 22:35:34 | 000,135,396 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.nb-NO.resources
[2013/07/29 22:35:34 | 000,134,952 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.da-DK.resources
[2013/07/29 22:35:34 | 000,124,032 | ---- | C] () -- C:\WINDOWS\System32\Gfxres.zh-TW.resources
[2013/07/29 22:35:34 | 000,058,558 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2013/07/29 22:35:34 | 000,000,264 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2013/07/29 22:29:05 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/07/29 22:25:15 | 000,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2013/07/29 22:25:14 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2013/07/29 22:25:14 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013/07/29 22:25:14 | 000,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2013/07/29 22:25:08 | 000,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2013/07/29 22:25:08 | 000,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2013/07/29 22:25:08 | 000,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2013/07/29 22:25:08 | 000,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2013/07/29 22:25:08 | 000,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2013/07/29 22:25:08 | 000,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2013/07/29 22:25:08 | 000,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2013/07/29 22:25:08 | 000,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2013/07/29 22:25:08 | 000,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2013/07/29 22:25:07 | 000,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2013/07/29 22:25:07 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2013/07/29 22:25:07 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2013/07/29 22:25:07 | 000,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2013/07/29 22:25:07 | 000,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2013/07/29 22:25:07 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2013/07/29 22:25:05 | 001,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2013/07/29 22:25:05 | 001,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2013/07/29 22:25:05 | 001,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2013/07/29 22:25:02 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013/07/29 22:25:02 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013/07/29 22:24:46 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013/07/29 22:24:44 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013/07/29 22:24:41 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013/07/29 22:24:35 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013/07/29 22:24:35 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013/07/29 22:20:05 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/07/29 22:19:58 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\KHO SATO\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/07/29 22:16:33 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013/07/29 22:16:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/07/29 22:15:14 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2013/07/29 22:14:38 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/07/29 22:14:38 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/07/29 22:14:38 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/07/29 22:14:38 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013/07/29 22:14:38 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013/07/29 22:14:36 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/07/29 22:14:36 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/07/29 22:14:35 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013/07/29 22:13:44 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/07/29 22:13:32 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013/07/29 22:13:32 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013/07/29 22:13:28 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/07/29 22:12:59 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2013/07/29 22:12:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/07/29 22:11:55 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2013/07/29 22:11:55 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2013/07/29 22:11:55 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2013/07/29 22:11:55 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2013/07/29 22:11:55 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2013/07/29 22:11:55 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2013/07/29 22:11:55 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2013/07/29 22:11:55 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2013/07/29 22:11:55 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2013/07/29 22:11:55 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/07/29 22:11:55 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2013/07/29 22:11:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013/07/29 22:11:53 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/07/29 22:11:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013/07/29 22:11:48 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/07/29 03:30:33 | 011,705,846 | ---- | C] () -- H:\Document - Desktop\Desktop\YS_FORKLIFT PARTS.pdf
[2013/07/29 03:30:32 | 000,272,754 | ---- | C] () -- H:\Document - Desktop\Desktop\Mast_Guide_Bearings.pdf
[2013/07/29 03:30:32 | 000,000,833 | ---- | C] () -- H:\Document - Desktop\Desktop\Shortcut to AC-HANG DA BAO GIA.lnk
[2013/07/29 03:30:32 | 000,000,833 | ---- | C] () -- H:\Document - Desktop\Desktop\Shortcut to AB-HANG DA BAO GIA.lnk
[2013/07/29 03:30:32 | 000,000,721 | ---- | C] () -- H:\Document - Desktop\Desktop\Shortcut to HANG CAN BAO GIA.lnk
[2013/07/29 03:30:30 | 010,255,672 | ---- | C] () -- H:\Document - Desktop\Desktop\Excel_Function_and_Formulas.chm
[2013/07/29 03:30:29 | 034,749,969 | ---- | C] () -- H:\Document - Desktop\Desktop\CLUTCH KITS CATALOGE.pdf
[2013/07/29 03:30:28 | 045,155,328 | ---- | C] () -- H:\Document - Desktop\Desktop\CLUTCH DISC CATALOGE.pdf
[2013/07/29 03:30:24 | 000,236,399 | ---- | C] () -- H:\Document - Desktop\Desktop\A LONG PATAYA 14-6-2013.pdf
[2013/07/29 03:30:24 | 000,193,756 | ---- | C] () -- H:\Document - Desktop\Desktop\20130718_100824.jpg
[2013/07/29 03:30:24 | 000,134,603 | ---- | C] () -- H:\Document - Desktop\Desktop\20130716_133058.jpg
[2013/07/29 03:30:24 | 000,063,146 | ---- | C] () -- H:\Document - Desktop\Desktop\1005752_646977218647150_1555929877_n.jpg
[2013/07/10 14:38:35 | 000,213,274 | ---- | C] () -- H:\Document - Desktop\MY DOCUMENTS\SCG T7.pdf
[2012/06/19 18:48:46 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System32\IusEventLog.dll

========== ZeroAccess Check ==========

[2013/07/29 23:48:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013/05/29 14:42:02 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 19:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 19:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/07/29 23:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2013/07/29 22:47:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/07/29 23:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IDM
[2013/07/30 09:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/07/29 22:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2013/07/29 22:47:18 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/07/29 23:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\BabSolution
[2013/07/29 23:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\Babylon
[2013/07/30 09:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\DMCache
[2013/07/30 09:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\Dropbox
[2013/07/29 23:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\IDM
[2013/07/30 09:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\MSNInstaller
[2013/07/29 22:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\Softland
[2013/07/29 22:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\TuneUp Software
[2013/07/29 23:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\URSoft
[2013/07/30 09:05:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KHO SATO\Application Data\uTorrent

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2013/07/30 09:11:41 | 000,000,000 | ---D | M](H:\Document - Desktop\MY DOCUMENTS\Trang t?i xu?ng) -- H:\Document - Desktop\MY DOCUMENTS\Trang tải xuống
[2013/07/29 03:30:24 | 000,137,728 | ---- | C] ()(H:\Document - Desktop\Desktop\16-7 confirm AC??.xls) -- H:\Document - Desktop\Desktop\16-7 confirm AC确认.xls
[2013/07/26 13:05:08 | 000,137,728 | ---- | M] ()(H:\Document - Desktop\Desktop\16-7 confirm AC??.xls) -- H:\Document - Desktop\Desktop\16-7 confirm AC确认.xls
[2013/07/19 08:37:17 | 000,000,000 | ---D | M](H:\Document - Desktop\Desktop\ch? ha) -- H:\Document - Desktop\Desktop\chị ha
[2013/07/08 14:24:11 | 000,000,000 | ---D | C](H:\Document - Desktop\Desktop\ch? ha) -- H:\Document - Desktop\Desktop\chị ha
[2013/06/14 10:15:36 | 000,232,608 | ---- | M] ()(H:\Document - Desktop\MY DOCUMENTS\A NGUYÊN ÐÔNG H?I B?N TRE 14-6-2013.pdf) -- H:\Document - Desktop\MY DOCUMENTS\A NGUYÊN ĐÔNG HẢI BẾN TRE 14-6-2013.pdf
[2013/06/14 10:15:25 | 000,232,608 | ---- | C] ()(H:\Document - Desktop\MY DOCUMENTS\A NGUYÊN ÐÔNG H?I B?N TRE 14-6-2013.pdf) -- H:\Document - Desktop\MY DOCUMENTS\A NGUYÊN ĐÔNG HẢI BẾN TRE 14-6-2013.pdf
[2013/04/18 09:03:35 | 000,000,000 | ---D | C](H:\Document - Desktop\MY DOCUMENTS\Trang t?i xu?ng) -- H:\Document - Desktop\MY DOCUMENTS\Trang tải xuống

========== Alternate Data Streams ==========

@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51

< End of report >

Edited by cachep, 29 July 2013 - 08:59 PM.

#1
cachep

Posted 29 July 2013 - 08:59 PM

Advertisements

#2
crooleeck

Posted 30 July 2013 - 09:01 AM

#3
Essexboy

Posted 05 August 2013 - 03:24 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Virus in my computer [Closed]

#1 cachep Posted 29 July 2013 - 08:59 PM

Advertisements

#2 crooleeck Posted 30 July 2013 - 09:01 AM

#3 Essexboy Posted 05 August 2013 - 03:24 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
cachep

Posted 29 July 2013 - 08:59 PM

#2
crooleeck

Posted 30 July 2013 - 09:01 AM

#3
Essexboy

Posted 05 August 2013 - 03:24 PM