Author Topic: [ Done ] I have a Pop Up MSC that Spyware.Ispynow (Read 2701 times)

RobSedona · « **on:** December 02, 2008, 08:40:28 AM »

I removed anything I could Find This POP UP I can not find where it is launched From

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:16:18, on 12/2/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\LOGI_MWX.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\FileOpen\plug_ins\FileOpenAPI.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo RX680 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICJA.EXE /FU "C:\WINDOWS\TEMP\E_S343.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_1_0 -reboot 1
O4 - HKCU\..\Run: [HPsetm] "C:\Documents and Settings\Owner.SusanPsychic\Application Data\Google\ijdkq13324484.exe"
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: FileOpenAPI.exe.lnk = C:\Program Files\FileOpen\plug_ins\FileOpenAPI.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212376501765
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 12567 bytes

Thank you
Rob

bamajim · « **Reply #1 on:** December 03, 2008, 09:08:54 AM »

RobSedona

1. Go HERE and download File Lister.

Save it to your Desktop
Rt Click ->> Extract all ->> And extract it to your Desktop
Additional help on extracting zip files can be found HERE
Open the File Lister Folder.
Rt Click FileLister.vbe ->>Select Open Then Open to confirm.
As the program runs, it will appear that nothing is happening.
When the program is fnished it will produce a log for you C:\Files.txt

Copy and paste the contents of that log in your reply.

RobSedona · « **Reply #2 on:** December 03, 2008, 09:30:43 AM »

File to Big for 1 Post
+++++++++++++++++++++++++++++++++
+
+ File Lister
+
+ Version 1.0.4
+
+ By bamajim / bamajim.com
+
+++++++++++++++++++++++++++++++++

Report ran on --->>> 12/3/2008 8:15:20 AM

====== Values under HKLM\~\Run ======

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Reminder"=hex(2):25,57,49,4e,44,49,52,25,5c,43,72,65,61,74,6f,72,5c,52,65,6d,\
69,6e,64,5f,58,50,2e,65,78,65,00
"Recguard"=hex(2):25,57,49,4e,44,49,52,25,5c,53,4d,49,4e,53,54,5c,52,45,43,47,\
55,41,52,44,2e,45,58,45,00
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"Broadcom Wireless Manager UI"="C:\\WINDOWS\\system32\\WLTRAY"
"MSKDetectorExe"="C:\\Program Files\\McAfee\\SpamKiller\\MSKDetct.exe /uninstall"
"Logitech Utility"="LOGI_MWX.EXE"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\Program Files\\Norton 360\\osCheck.exe\""
"LogitechCommunicationsManager"="\"C:\\Program Files\\Common Files\\LogiShrd\\LComMgr\\Communications_Helper.exe\""
"LogitechQuickCamRibbon"="\"C:\\Program Files\\Logitech\\QuickCam\\Quickcam.exe\" /hide"
"Acrobat Assistant 7.0"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\Acrotray.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

====== Values under HKCU\~\Run ======

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"EPSON Stylus Photo RX680 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATICJA.EXE /FU \"C:\\WINDOWS\\TEMP\\E_S343.tmp\" /EF \"HKCU\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\""
"updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Acrobat\\AdobeUpdateManager.exe\" AcPro7_1_0 -reboot 1"
"HPsetm"="\"C:\\Documents and Settings\\Owner.SusanPsychic\\Application Data\\Google\\ijdkq13324484.exe\""

====== Folders and Files from "%\" and "%\Windows" Created Last 30 Days ======

11/6/2008 11:58:10 AM 95252202 C:\BCM_REL_4_100_15_5_WHQL
11/6/2008 11:58:45 AM 6723584 C:\BCM_REL_4_100_15_5_WHQL\AMD64
11/6/2008 10:03:01 AM 118618010 C:\cabs
11/6/2008 11:57:01 AM 79909521 C:\cabs\BCM40100
11/6/2008 10:18:10 AM 4463377 C:\cabs\D00148-001-001
11/6/2008 11:45:06 AM 33128569 C:\cabs\D00452-002-001
11/6/2008 11:45:06 AM 1733800 C:\cabs\D00452-002-001\BIN
11/6/2008 11:45:07 AM 11869322 C:\cabs\D00452-002-001\CPanel
11/6/2008 11:45:08 AM 13186978 C:\cabs\D00452-002-001\Driver
11/6/2008 11:45:08 AM 9056707 C:\cabs\D00452-002-001\Driver\2KXP_INF
11/6/2008 11:45:08 AM 8972327 C:\cabs\D00452-002-001\Driver\2KXP_INF\B_23113
11/6/2008 11:45:12 AM 3344761 C:\cabs\D00452-002-001\SBDrv
11/6/2008 11:45:12 AM 9420 C:\cabs\D00452-002-001\SBDrv\SMBUS
11/6/2008 10:03:01 AM 1116543 C:\cabs\gtwupd
12/1/2008 2:04:10 PM 8122966 C:\cmdcons
12/1/2008 2:04:11 PM 860672 C:\cmdcons\SYSTEM32
11/5/2008 5:11:43 PM 0 C:\NeroCash
12/1/2008 2:01:28 PM 2772058 C:\Qoobox
12/1/2008 2:01:28 PM 20582 C:\Qoobox\BackEnv
12/1/2008 2:01:28 PM 773574 C:\Qoobox\Quarantine
12/1/2008 2:04:56 PM 758187 C:\Qoobox\Quarantine\C
12/1/2008 2:05:53 PM 3852 C:\Qoobox\Quarantine\C\Documents and Settings
12/1/2008 2:05:53 PM 3852 C:\Qoobox\Quarantine\C\Documents and Settings\Owner.SusanPsychic
12/1/2008 2:05:21 PM 754335 C:\Qoobox\Quarantine\C\WINDOWS
12/1/2008 2:05:21 PM 754335 C:\Qoobox\Quarantine\C\WINDOWS\system32
12/1/2008 2:01:28 PM 15213 C:\Qoobox\Quarantine\Registry_backups
12/2/2008 8:25:03 AM 3348082 C:\RECYCLER
12/2/2008 8:25:03 AM 3348082 C:\RECYCLER\S-1-5-21-2549547884-2292626637-1367465656-1006
11/9/2008 7:32:16 AM 8268480800 C:\temp
12/1/2008 2:04:17 PM 199 32 C:\Boot.bak
12/1/2008 2:04:13 PM 260272 32 C:\cmldr
11/21/2008 6:02:52 AM 319488288 32 C:\CNCTFD.c2d
12/1/2008 3:14:36 PM 22007 32 C:\ComboFix.txt
12/3/2008 8:15:20 AM 4788 32 C:\Files.txt
11/15/2008 10:17:36 PM 18976 32 C:\install.log
12/1/2008 2:58:16 PM 2904 32 C:\JavaRa.log
11/16/2008 10:35:55 AM 1666 32 C:\rapport.txt
11/15/2008 10:17:31 PM 512 32 C:\uninstall.log
11/28/2008 12:36:41 PM 943287 C:\WINDOWS\$NtUninstallKB915800-v4$
11/28/2008 12:36:41 PM 623287 C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst
11/28/2008 12:32:16 PM 11332013 C:\WINDOWS\$NtUninstallKB925766$
11/28/2008 12:32:16 PM 600493 C:\WINDOWS\$NtUninstallKB925766$\spuninst
11/28/2008 4:58:33 PM 1007860 C:\WINDOWS\$NtUninstallKB929399$
11/28/2008 4:58:33 PM 593652 C:\WINDOWS\$NtUninstallKB929399$\spuninst
11/28/2008 4:57:57 PM 11438427 C:\WINDOWS\$NtUninstallKB936782_WMP11$
11/28/2008 4:57:57 PM 593660 C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst
11/28/2008 4:57:19 PM 909172 C:\WINDOWS\$NtUninstallKB939683$
11/28/2008 4:57:19 PM 593268 C:\WINDOWS\$NtUninstallKB939683$\spuninst
11/28/2008 12:36:58 PM 1375385 C:\WINDOWS\$NtUninstallKB940157$
11/28/2008 12:36:58 PM 949401 C:\WINDOWS\$NtUninstallKB940157$\spuninst
11/28/2008 4:58:38 PM 918508 C:\WINDOWS\$NtUninstallKB954154_WM11$
11/28/2008 4:58:38 PM 622572 C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst
11/12/2008 3:05:06 AM 1929246 C:\WINDOWS\$NtUninstallKB954459$
11/12/2008 3:05:06 AM 622622 C:\WINDOWS\$NtUninstallKB954459$\spuninst
11/12/2008 3:03:18 AM 1727400 C:\WINDOWS\$NtUninstallKB955069$
11/12/2008 3:03:18 AM 622504 C:\WINDOWS\$NtUninstallKB955069$\spuninst
11/12/2008 3:05:23 AM 1079570 C:\WINDOWS\$NtUninstallKB957097$
11/12/2008 3:05:23 AM 622994 C:\WINDOWS\$NtUninstallKB957097$\spuninst
11/28/2008 12:36:17 PM 608722 C:\WINDOWS\$NtUninstallMSCompPackV1$
11/28/2008 12:36:17 PM 608722 C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst
11/28/2008 12:34:17 PM 19876022 C:\WINDOWS\$NtUninstallWMFDist11$
11/28/2008 12:34:17 PM 633595 C:\WINDOWS\$NtUninstallWMFDist11$\spuninst
11/28/2008 12:35:35 PM 14423358 C:\WINDOWS\$NtUninstallwmp11$
11/28/2008 12:35:35 PM 618000 C:\WINDOWS\$NtUninstallwmp11$\spuninst
11/28/2008 12:33:17 PM 668217 C:\WINDOWS\$NtUninstallWudf01000$
11/28/2008 12:33:17 PM 668217 C:\WINDOWS\$NtUninstallWudf01000$\spuninst
12/1/2008 2:01:28 PM 47050388 C:\WINDOWS\ERDNT
12/1/2008 2:14:03 PM 47050064 C:\WINDOWS\ERDNT\Hiv-backup
12/1/2008 3:09:56 PM 7356416 C:\WINDOWS\ERDNT\Hiv-backup\Users
12/1/2008 3:09:56 PM 241664 C:\WINDOWS\ERDNT\Hiv-backup\Users\00000001
12/1/2008 3:09:57 PM 8192 C:\WINDOWS\ERDNT\Hiv-backup\Users\00000002
12/1/2008 3:09:57 PM 241664 C:\WINDOWS\ERDNT\Hiv-backup\Users\00000003
12/1/2008 3:09:57 PM 8192 C:\WINDOWS\ERDNT\Hiv-backup\Users\00000004
12/1/2008 3:09:57 PM 6594560 C:\WINDOWS\ERDNT\Hiv-backup\Users\00000005
12/1/2008 3:09:59 PM 262144 C:\WINDOWS\ERDNT\Hiv-backup\Users\00000006
11/28/2008 10:02:06 AM 24606 C:\WINDOWS\Logs
11/21/2008 11:11:11 AM 188416 C:\WINDOWS\Minidump
11/21/2008 11:09:56 AM 3564 32 C:\WINDOWS\C2I17.tmp
11/21/2008 11:28:03 AM 3564 32 C:\WINDOWS\C2I2.tmp
11/21/2008 5:45:32 AM 236928 32 C:\WINDOWS\C2I22.tmp
11/21/2008 5:45:32 AM 3564 32 C:\WINDOWS\C2I23.tmp
11/12/2008 11:02:54 PM 308680 32 C:\WINDOWS\DirectX.log
12/1/2008 2:01:38 PM 89504 32 C:\WINDOWS\fdsv.exe
12/1/2008 2:01:38 PM 80412 32 C:\WINDOWS\grep.exe
11/30/2008 5:51:57 AM 22 32 C:\WINDOWS\HexEditor_FindList.hed
11/28/2008 12:36:34 PM 7617 32 C:\WINDOWS\KB915800-v4.log
11/28/2008 12:31:27 PM 22441 32 C:\WINDOWS\KB925766.log
11/28/2008 4:58:06 PM 12779 32 C:\WINDOWS\KB929399.log
11/28/2008 4:56:53 PM 12497 32 C:\WINDOWS\KB939683.log
11/28/2008 12:36:26 PM 40609 32 C:\WINDOWS\KB940157.log
11/28/2008 4:58:38 PM 4428 32 C:\WINDOWS\KB954154.log
11/11/2008 5:59:08 PM 13302 32 C:\WINDOWS\KB954459.log
11/12/2008 3:01:46 AM 9050 32 C:\WINDOWS\KB955069.log
11/12/2008 3:05:20 AM 8731 32 C:\WINDOWS\KB957097.log
11/28/2008 12:36:16 PM 5599 32 C:\WINDOWS\MSCompPackV1.log
11/12/2008 3:00:43 AM 308272 32 C:\WINDOWS\msxml4-KB954430-enu.LOG
12/1/2008 2:01:38 PM 28672 32 C:\WINDOWS\NIRCMD.exe
11/6/2008 12:27:07 PM 4 32 C:\WINDOWS\Pix1111.dat
12/2/2008 7:32:14 AM 1409 32 C:\WINDOWS\QTFont.for
12/2/2008 7:32:14 AM 54156 34 C:\WINDOWS\QTFont.qfn
11/10/2008 6:12:51 AM 31470 32 C:\WINDOWS\scunin.dat
11/10/2008 6:12:50 AM 94208 32 C:\WINDOWS\ScUnin.exe
11/10/2008 6:12:50 AM 967 32 C:\WINDOWS\ScUnin.pif
12/1/2008 2:01:38 PM 98816 32 C:\WINDOWS\sed.exe
11/6/2008 12:12:05 PM 8 32 C:\WINDOWS\sess_f889bb62a98d6c353f506a21620e1a00
12/1/2008 2:01:38 PM 161792 32 C:\WINDOWS\SWREG.exe
12/1/2008 2:01:38 PM 136704 32 C:\WINDOWS\SWSC.exe
12/1/2008 2:01:38 PM 212480 32 C:\WINDOWS\SWXCACLS.exe
11/30/2008 5:51:57 AM 1816 32 C:\WINDOWS\TSearch.INI
12/1/2008 2:01:38 PM 49152 32 C:\WINDOWS\VFIND.exe
11/12/2008 8:58:09 PM 62 32 C:\WINDOWS\WININIT.INI
11/28/2008 12:33:33 PM 57220 32 C:\WINDOWS\WMFDist11.log
11/28/2008 12:34:58 PM 38966 32 C:\WINDOWS\wmp11.log
11/28/2008 12:32:49 PM 17875 32 C:\WINDOWS\Wudf01000Inst.log
12/1/2008 2:01:38 PM 68096 32 C:\WINDOWS\zip.exe
11/12/2008 5:06:09 PM 4503379 C:\WINDOWS\system32\Adobe
11/12/2008 5:06:09 PM 4503379 C:\WINDOWS\system32\Adobe\SVG Viewer 3.0
11/12/2008 11:03:30 PM 16896 32 C:\WINDOWS\system32\bdaplgin.ax
12/1/2008 3:04:57 PM 410984 32 C:\WINDOWS\system32\deploytk.dll
11/12/2008 11:03:24 PM 46592 32 C:\WINDOWS\system32\dxdllreg.exe
11/12/2008 5:06:09 PM 16384 32 C:\WINDOWS\system32\FileOps.exe
12/2/2008 5:25:05 AM 20480 32 C:\WINDOWS\system32\H@tKeysH@@k.DLL
11/6/2008 8:40:36 AM 86095 32 C:\WINDOWS\system32\ImageDrive.cpl
12/1/2008 3:04:57 PM 144792 32 C:\WINDOWS\system32\java.exe
12/1/2008 3:04:57 PM 73728 32 C:\WINDOWS\system32\javacpl.cpl
12/1/2008 3:04:57 PM 144792 32 C:\WINDOWS\system32\javaw.exe
12/1/2008 3:04:57 PM 148888 32 C:\WINDOWS\system32\javaws.exe
11/12/2008 11:03:30 PM 12288 32 C:\WINDOWS\system32\ksolay.ax
11/12/2008 11:44:02 PM 56832 0 C:\WINDOWS\system32\pxcpya64.exe
11/12/2008 11:44:02 PM 108544 0 C:\WINDOWS\system32\pxcpyi64.exe
11/12/2008 11:44:01 PM 53248 0 C:\WINDOWS\system32\pxhpinst.exe
11/12/2008 11:44:01 PM 56320 0 C:\WINDOWS\system32\pxinsa64.exe
11/12/2008 11:44:02 PM 109568 0 C:\WINDOWS\system32\pxinsi64.exe
11/28/2008 12:36:18 PM 16760 0 C:\WINDOWS\system32\spmsg.dll
11/16/2008 10:36:00 AM 4038 32 C:\WINDOWS\system32\tmp.reg
11/16/2008 10:36:00 AM 0 32 C:\WINDOWS\system32\tmp.txt
11/5/2008 4:53:14 PM 364544 0 C:\WINDOWS\system32\TwnLib4.dll

====== Files under "\Administrator\Startup" Last 30 Days======

====== Files under "\All Users\Startup" Last 30 Days======

11/8/2008 8:51:55 AM 2335 32 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
11/12/2008 11:43:11 PM 988 32 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk
11/15/2008 10:17:51 PM 820 32 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FileOpenAPI.exe.lnk
11/28/2008 12:37:23 PM 1787 32 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk

====== Folders under "\Program Files" Last 30 Days======

11/6/2008 10:19:15 AM 110547 C:\Program Files\AMD
11/6/2008 10:19:15 AM 110547 C:\Program Files\AMD\Athlon 64 Processor Driver
11/12/2008 8:51:23 PM 1609326 C:\Program Files\DivX
11/12/2008 8:51:23 PM 0 C:\Program Files\DivX\Artwork
11/12/2008 8:51:23 PM 0 C:\Program Files\DivX\AutoUpdate
11/12/2008 8:51:24 PM 1468186 C:\Program Files\DivX\DivX
11/15/2008 10:17:51 PM 1032192 C:\Program Files\FileOpen
11/15/2008 10:17:51 PM 1032192 C:\Program Files\FileOpen\plug_ins
11/6/2008 10:03:46 AM 3472205 C:\Program Files\Gateway
11/6/2008 10:03:46 AM 3472205 C:\Program Files\Gateway\HPA
11/6/2008 10:03:58 AM 0 C:\Program Files\Gateway\SRCD
12/2/2008 8:21:27 AM 888490 C:\Program Files\Karen's Power Tools
12/2/2008 8:21:27 AM 888490 C:\Program Files\Karen's Power Tools\Time Sync
11/6/2008 6:21:13 AM 346167640 C:\Program Files\Macromedia
11/6/2008 6:22:31 AM 152822429 C:\Program Files\Macromedia\Dreamweaver 8
11/6/2008 6:22:42 AM 66952601 C:\Program Files\Macromedia\Dreamweaver 8\Configuration
11/6/2008 6:22:47 AM 610915 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Behaviors
11/6/2008 6:22:47 AM 448948 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Behaviors\Actions
11/6/2008 6:22:51 AM 25389 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Behaviors\Actions\Set Text
11/6/2008 6:22:51 AM 22320 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Behaviors\Actions\Timeline
11/6/2008 6:22:51 AM 161967 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Behaviors\Events
11/6/2008 6:22:52 AM 1189553 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BrowserProfiles
11/6/2008 6:22:52 AM 899337 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn
11/6/2008 6:22:52 AM 83373 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\css
11/6/2008 6:22:53 AM 8547 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\css\_notes
11/6/2008 6:22:53 AM 40233 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\framesets
11/6/2008 6:22:53 AM 5300 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\framesets\_notes
11/6/2008 6:22:53 AM 145619 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\PageDesigns
11/6/2008 6:22:54 AM 4399 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\PageDesigns\images
11/6/2008 6:22:54 AM 36716 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\PageDesigns\styles
11/6/2008 6:22:54 AM 666 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\PageDesigns\styles\_notes
11/6/2008 6:22:54 AM 2591 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\PageDesigns\_notes
11/6/2008 6:22:54 AM 504376 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\StarterPages
11/6/2008 6:22:56 AM 17870 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\StarterPages\_notes
11/6/2008 6:22:56 AM 125736 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\TemplatesAccessible
11/6/2008 6:22:56 AM 9104 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\BuiltIn\TemplatesAccessible\_notes
11/6/2008 6:22:57 AM 3718247 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Classes
11/6/2008 6:22:57 AM 19025 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Classes\com
11/6/2008 6:22:57 AM 19025 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Classes\com\Macromedia
11/6/2008 6:22:57 AM 15623 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Classes\com\Macromedia\JavaBeans
11/6/2008 6:22:57 AM 3402 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Classes\com\Macromedia\Taglib
11/6/2008 6:22:57 AM 3586 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Classes\TestCollection
11/6/2008 6:22:57 AM 263219 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\CodeColoring
11/6/2008 6:22:57 AM 582909 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\CodeHints
11/6/2008 6:22:57 AM 6345 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\CodeHints\Descriptions
11/6/2008 6:22:57 AM 2578828 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands
11/6/2008 6:23:06 AM 9892 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\CFLoginWizard
11/6/2008 6:23:06 AM 38871 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\ServerObjects
11/6/2008 6:23:06 AM 4949 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\ServerObjects\ASP.Net_Csharp
11/6/2008 6:23:07 AM 4951 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\ServerObjects\ASP.Net_VB
11/6/2008 6:23:07 AM 1259 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\ServerObjects\ASP_Js
11/6/2008 6:23:07 AM 1322 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\ServerObjects\ASP_Vbs
11/6/2008 6:23:07 AM 9481 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\ServerObjects\ColdFusion
11/6/2008 6:23:08 AM 1038 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\ServerObjects\Jsp
11/6/2008 6:23:08 AM 15871 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\ServerObjects\PHP_MySQL
11/6/2008 6:23:08 AM 266340 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components
11/6/2008 6:23:08 AM 8439 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP.NET_Csharp
11/6/2008 6:23:08 AM 3108 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP.NET_Csharp\Connections
11/6/2008 6:23:08 AM 5331 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP.NET_Csharp\WebServices
11/6/2008 6:23:08 AM 8438 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP.NET_VB
11/6/2008 6:23:08 AM 3113 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP.NET_VB\Connections
11/6/2008 6:23:08 AM 5325 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP.NET_VB\WebServices
11/6/2008 6:23:09 AM 3113 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP_Js
11/6/2008 6:23:09 AM 3113 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP_Js\Connections
11/6/2008 6:23:09 AM 3297 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP_Vbs
11/6/2008 6:23:09 AM 3297 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ASP_Vbs\Connections
11/6/2008 6:23:09 AM 15632 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ColdFusion
11/6/2008 6:23:09 AM 1441 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ColdFusion\CFCs
11/6/2008 6:23:09 AM 6314 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ColdFusion\Connections
11/6/2008 6:23:09 AM 3380 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ColdFusion\DataSources
11/6/2008 6:23:09 AM 4497 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\ColdFusion\WebServices
11/6/2008 6:23:09 AM 214654 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Common
11/6/2008 6:23:10 AM 60309 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Common\CFCs
11/6/2008 6:23:10 AM 30020 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Common\Connections
11/6/2008 6:23:10 AM 27334 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Common\DataSources
11/6/2008 6:23:11 AM 12875 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Common\JavaBeans
11/6/2008 6:23:11 AM 51875 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Common\WebServices
11/6/2008 6:23:11 AM 9645 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Jsp
11/6/2008 6:23:11 AM 3108 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Jsp\Connections
11/6/2008 6:23:11 AM 1968 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Jsp\JavaBeans
11/6/2008 6:23:11 AM 4569 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\Jsp\WebServices
11/6/2008 6:23:11 AM 3122 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\PHP_MySQL
11/6/2008 6:23:11 AM 3122 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Components\PHP_MySQL\Connections
11/6/2008 6:23:11 AM 1029069 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections
11/6/2008 6:23:11 AM 18221 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP.NET_Csharp
11/6/2008 6:23:11 AM 8256 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP.NET_Csharp\Mac
11/6/2008 6:23:11 AM 8609 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP.NET_Csharp\Win
11/6/2008 6:23:11 AM 18231 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP.NET_VB
11/6/2008 6:23:11 AM 8161 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP.NET_VB\Mac
11/6/2008 6:23:11 AM 8714 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP.NET_VB\Win
11/6/2008 6:23:11 AM 31662 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP_Js
11/6/2008 6:23:11 AM 2907 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP_Js\Mac
11/6/2008 6:23:11 AM 4279 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP_Js\Win
11/6/2008 6:23:11 AM 31389 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP_Vbs
11/6/2008 6:23:11 AM 2907 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP_Vbs\Mac
11/6/2008 6:23:11 AM 4279 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ASP_Vbs\Win
11/6/2008 6:23:11 AM 367896 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ColdFusion
11/6/2008 6:23:11 AM 31601 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ColdFusion\AdvancedSettings
11/6/2008 6:23:12 AM 163954 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ColdFusion\mac
11/6/2008 6:23:12 AM 164011 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\ColdFusion\Win
11/6/2008 6:23:12 AM 29368 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\JSP
11/6/2008 6:23:12 AM 7344 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\JSP\Mac
11/6/2008 6:23:12 AM 7338 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\JSP\Win
11/6/2008 6:24:47 AM 241664 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\libraries
11/6/2008 6:23:12 AM 21041 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\PHP_MySQL
11/6/2008 6:23:12 AM 1846 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\PHP_MySQL\Mac
11/6/2008 6:23:12 AM 2025 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\PHP_MySQL\Win
11/6/2008 6:23:12 AM 211241 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts
11/6/2008 6:23:12 AM 39657 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ASP.NET_Csharp
11/6/2008 6:23:12 AM 39657 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ASP.NET_Csharp\_mmDBScripts
11/6/2008 6:23:12 AM 39657 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ASP.NET_VB
11/6/2008 6:23:12 AM 39657 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ASP.NET_VB\_mmDBScripts
11/6/2008 6:23:12 AM 39657 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ASP_Js
11/6/2008 6:23:12 AM 39657 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ASP_Js\_mmDBScripts
11/6/2008 6:23:13 AM 39657 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ASP_Vbs
11/6/2008 6:23:13 AM 39657 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ASP_Vbs\_mmDBScripts
11/6/2008 6:23:13 AM 7601 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ColdFusion
11/6/2008 6:23:13 AM 7601 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\ColdFusion\_mmDBScripts
11/6/2008 6:23:13 AM 20697 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\Jsp
11/6/2008 6:23:13 AM 20697 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\Jsp\_mmDBScripts
11/6/2008 6:23:13 AM 16714 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\PHP_MySQL
11/6/2008 6:23:13 AM 16714 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\PHP_MySQL\_mmDBScripts
11/6/2008 6:23:13 AM 7601 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\UD4-ColdFusion
11/6/2008 6:23:13 AM 7601 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Scripts\UD4-ColdFusion\_mmDBScripts
11/6/2008 6:23:13 AM 14845 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Shared
11/6/2008 6:23:13 AM 10307 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\Shared\ASP.NET
11/6/2008 6:23:13 AM 43511 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\UD4-ColdFusion
11/6/2008 6:23:13 AM 19782 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\UD4-ColdFusion\Mac
11/6/2008 6:23:13 AM 22154 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Connections\UD4-ColdFusion\Win
11/6/2008 6:23:13 AM 25344626 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content
11/6/2008 6:23:13 AM 8948551 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Dictionaries
11/6/2008 6:23:15 AM 16250585 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference
11/6/2008 6:23:15 AM 1121164 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\ASP
11/6/2008 6:23:16 AM 546008 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\ASPNET
11/6/2008 6:23:17 AM 1707325 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\CFFunctions
11/6/2008 6:23:29 AM 1867907 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\CFML
11/6/2008 6:23:32 AM 522801 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\CSS
11/6/2008 6:23:33 AM 2166656 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML
11/6/2008 6:23:34 AM 11206 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\images
11/6/2008 6:23:34 AM 4857731 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\JavaScript
11/6/2008 6:23:37 AM 293731 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\JSP
11/6/2008 6:23:38 AM 1302018 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\PHP
11/6/2008 6:23:38 AM 624499 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\SQL
11/6/2008 6:23:39 AM 584582 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\UsableNet_508ASOEM
11/6/2008 6:23:40 AM 131852 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\XML
11/6/2008 6:23:40 AM 522755 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\XSLT
11/6/2008 6:23:41 AM 45358 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Tutorial
11/6/2008 6:23:41 AM 35985 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Tutorial\Assets
11/6/2008 6:23:41 AM 35057 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Tutorial\Assets\images
11/6/2008 6:23:41 AM 100132 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Welcome
11/6/2008 6:23:42 AM 100132 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash
11/6/2008 6:23:42 AM 314168 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources
11/6/2008 6:23:42 AM 2970 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources\ASP.NET_Csharp
11/6/2008 6:23:42 AM 2966 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources\ASP.NET_VB
11/6/2008 6:23:42 AM 42987 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources\ASP_Js
11/6/2008 6:23:42 AM 42986 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources\ASP_Vbs
11/6/2008 6:23:42 AM 100294 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources\ColdFusion
11/6/2008 6:23:42 AM 43308 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources\JSP
11/6/2008 6:23:43 AM 47585 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources\PHP_MySQL
11/6/2008 6:23:43 AM 17978 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources\Shared
11/6/2008 6:23:43 AM 17978 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DataSources\Shared\ASP.Net
11/6/2008 6:23:43 AM 51706 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Debugger
11/6/2008 6:23:43 AM 31446 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DocumentTypes
11/6/2008 6:23:43 AM 12033 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\DocumentTypes\NewDocuments
11/6/2008 6:23:44 AM 129099 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Encodings
11/6/2008 6:23:44 AM 32715 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ExtensionData
11/6/2008 6:23:44 AM 32715 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ExtensionData\MM
11/6/2008 6:23:44 AM 32715 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ExtensionData\MM\Live Objects
11/6/2008 6:23:44 AM 8818 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ExtensionData\MM\Live Objects\MasterDetail
11/6/2008 6:23:44 AM 19515 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ExtensionData\MM\Live Objects\Record Edit Form
11/6/2008 6:23:44 AM 3277 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ExtensionData\MM\Live Objects\Recordset Navigation Bar
11/6/2008 6:23:44 AM 1105 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ExtensionData\MM\Live Objects\Recordset Navigation Status
11/6/2008 6:23:44 AM 229216 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Flash Objects
11/6/2008 6:23:44 AM 133420 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Flash Objects\Flash Buttons
11/6/2008 6:23:45 AM 95300 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Flash Objects\Flash Buttons Preview
11/6/2008 6:23:45 AM 496 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Flash Objects\Flash Text
11/6/2008 6:22:43 AM 1052672 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\flash player
11/6/2008 6:23:45 AM 1222 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Floaters
11/6/2008 6:23:45 AM 1953 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Formatters
11/6/2008 6:22:43 AM 2751248 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Generator
11/6/2008 6:23:45 AM 2038188 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Generator\bin
11/6/2008 6:23:45 AM 609781 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Generator\classes
11/6/2008 6:23:45 AM 33332 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Generator\extras
11/6/2008 6:23:45 AM 315 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Generator\properties
11/6/2008 6:23:45 AM 743613 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Inspectors
11/6/2008 6:23:47 AM 8333 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Inspectors\Img
11/6/2008 6:23:47 AM 159301 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Inspectors\nav
11/6/2008 6:23:48 AM 0 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\JDBCDrivers
11/6/2008 6:22:42 AM 3603456 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\JSExtensions
11/6/2008 6:23:48 AM 1290100 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Menus
11/6/2008 6:23:48 AM 165167 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Menus\Custom Sets
11/6/2008 6:23:48 AM 325407 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Menus\MM
11/6/2008 6:23:50 AM 422 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Menus\MM\_notes
11/6/2008 6:23:50 AM 843049 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects
11/6/2008 6:23:50 AM 9234 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\ASP
11/6/2008 6:23:50 AM 88418 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\ASP.NET
11/6/2008 6:23:50 AM 11547 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\CFForm
11/6/2008 6:23:50 AM 9173 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\CFML Advanced
11/6/2008 6:23:51 AM 3415 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\CFML Basic
11/6/2008 6:23:51 AM 4513 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\CFML Flow
11/6/2008 6:23:51 AM 13488 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Characters
11/6/2008 6:23:51 AM 47400 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Common
11/6/2008 6:23:51 AM 99 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Favorites
11/6/2008 6:23:51 AM 111934 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\FlashElements
11/6/2008 6:23:52 AM 25513 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Forms
11/6/2008 6:23:52 AM 24514 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Frames
11/6/2008 6:23:52 AM 15023 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Head
11/6/2008 6:23:52 AM 4 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\HTML
11/6/2008 6:23:52 AM 8421 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\JSP
11/6/2008 6:23:52 AM 9972 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Layout
11/6/2008 6:23:52 AM 22483 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Media
11/6/2008 6:23:53 AM 4703 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\MM_XMLXSL
11/6/2008 6:23:53 AM 11462 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\PHP
11/6/2008 6:23:53 AM 8964 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Script
11/6/2008 6:23:53 AM 264310 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Server
11/6/2008 6:23:54 AM 4898 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Tables
11/6/2008 6:23:54 AM 38645 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Templates
11/6/2008 6:23:54 AM 30098 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Text
11/6/2008 6:23:54 AM 6 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\Tools
11/6/2008 6:23:54 AM 22125 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Objects\XSLT
11/6/2008 6:22:45 AM 1312404 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Plugins
11/6/2008 6:23:55 AM 143204 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Reports
11/6/2008 6:23:55 AM 61824 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Reports\HTML Reports
11/6/2008 6:23:55 AM 66320 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Reports\WorkFlow
11/6/2008 6:23:55 AM 17 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Reports\WorkFlow\Output
11/6/2008 6:23:55 AM 511 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Reports\WorkFlow\_notes
11/6/2008 6:22:42 AM 2754295 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors
11/6/2008 6:23:55 AM 69608 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\ASP.NET_Csharp
11/6/2008 6:23:55 AM 69290 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\ASP.NET_VB
11/6/2008 6:23:56 AM 177320 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\ASP_Js
11/6/2008 6:23:57 AM 183796 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\ASP_Vbs

RobSedona · « **Reply #3 on:** December 03, 2008, 09:33:01 AM »

11/6/2008 6:24:00 AM 589105 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\ColdFusion
11/6/2008 6:24:01 AM 271063 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\JSP
11/6/2008 6:24:02 AM 458456 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\PHP_MySQL
11/6/2008 6:22:43 AM 934871 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\Shared
11/6/2008 6:22:43 AM 535746 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\Shared\ASP.Net
11/6/2008 6:22:43 AM 102827 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\Shared\ASP.Net\Scripts
11/6/2008 6:24:04 AM 61867 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\Shared\ASP.Net\Scripts\Source
11/6/2008 6:24:04 AM 786 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\XSLT
11/6/2008 6:24:04 AM 50539 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerDebugOutput
11/6/2008 6:24:04 AM 50539 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerDebugOutput\ColdFusion
11/6/2008 6:24:04 AM 213400 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats
11/6/2008 6:24:04 AM 5808 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\ASP.Net_Csharp
11/6/2008 6:24:04 AM 5808 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\ASP.Net_VB
11/6/2008 6:24:05 AM 50804 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\ASP_Js
11/6/2008 6:24:05 AM 51266 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\ASP_Vbs
11/6/2008 6:24:05 AM 21541 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\ColdFusion
11/6/2008 6:24:05 AM 48769 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\JSP
11/6/2008 6:24:05 AM 6111 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\PHP_MySQL
11/6/2008 6:24:05 AM 2494 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\Shared
11/6/2008 6:24:05 AM 2494 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\Shared\ASP.Net
11/6/2008 6:24:05 AM 20799 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerFormats\XSLT
11/6/2008 6:24:05 AM 260882 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels
11/6/2008 6:24:05 AM 21152 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\ASP.NET_CSharp
11/6/2008 6:24:05 AM 21398 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\ASP.NET_VB
11/6/2008 6:24:05 AM 11895 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\ASP_JS
11/6/2008 6:24:05 AM 11463 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\ASP_VBS
11/6/2008 6:24:05 AM 25913 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\ColdFusion
11/6/2008 6:24:05 AM 22257 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\Jsp
11/6/2008 6:24:05 AM 23203 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\PHP_MySQL
11/6/2008 6:24:05 AM 4839 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\ServerInfo
11/6/2008 6:24:05 AM 4839 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\ServerInfo\ColdFusion
11/6/2008 6:24:05 AM 8197 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\Shared
11/6/2008 6:24:06 AM 7547 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ServerModels\XSLT
11/6/2008 6:24:06 AM 3538768 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared
11/6/2008 6:24:06 AM 894037 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\Common
11/6/2008 6:24:06 AM 0 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\Common\Cache
11/6/2008 6:24:06 AM 894037 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\Common\Scripts
11/6/2008 6:24:06 AM 289179 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\Controls
11/6/2008 6:24:06 AM 569 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\Controls\Node Menu
11/6/2008 6:24:06 AM 269233 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\Controls\Scripts
11/6/2008 6:24:06 AM 12290 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\Controls\String Menu
11/6/2008 6:24:06 AM 30795 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\Fireworks
11/6/2008 6:24:06 AM 954448 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\MM
11/6/2008 6:24:06 AM 224 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\MM\Cache
11/6/2008 6:24:06 AM 468982 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\MM\Images
11/6/2008 6:24:08 AM 483512 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\MM\Scripts
11/6/2008 6:24:08 AM 89386 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\MM\Scripts\Class
11/6/2008 6:24:08 AM 183897 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\MM\Scripts\CMN
11/6/2008 6:24:09 AM 1730 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\MM\Styles
11/6/2008 6:24:09 AM 24589 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\RDSAPI
11/6/2008 6:24:09 AM 2489 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\Recordset
11/6/2008 6:24:09 AM 287600 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\UltraDev
11/6/2008 6:24:09 AM 1883 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\UltraDev\Images
11/6/2008 6:24:09 AM 285717 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\UltraDev\Scripts
11/6/2008 6:24:09 AM 626192 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\UsableNet_508ASOEM
11/6/2008 6:24:09 AM 5876 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\UsableNet_508ASOEM\data
11/6/2008 6:24:09 AM 522097 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\UsableNet_508ASOEM\rules
11/6/2008 6:24:09 AM 256710 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XHTMLDTD
11/6/2008 6:24:09 AM 90029 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XHTMLDTD\xhtml10
11/6/2008 6:24:09 AM 166681 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XHTMLDTD\xhtml11
11/6/2008 6:24:10 AM 258 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XMLPrefixes
11/6/2008 6:24:10 AM 172471 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XSLTransform
11/6/2008 6:24:10 AM 8143 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XSLTransform\ASP-JS
11/6/2008 6:24:10 AM 8289 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XSLTransform\ASP-VB
11/6/2008 6:24:10 AM 4216 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XSLTransform\ASP.NET_CSharp
11/6/2008 6:24:10 AM 4591 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XSLTransform\ASP.NET_VB
11/6/2008 6:24:10 AM 9348 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XSLTransform\ColdFusion
11/6/2008 6:24:10 AM 124524 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XSLTransform\Help
11/6/2008 6:24:10 AM 13360 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shared\XSLTransform\PHP_MySQL
11/6/2008 6:24:10 AM 1120 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Shutdown
11/6/2008 6:24:10 AM 211718 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets
11/6/2008 6:24:10 AM 72103 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible
11/6/2008 6:24:10 AM 49416 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Content_Tables
11/6/2008 6:24:10 AM 11827 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Content_Tables\icon
11/6/2008 6:24:10 AM 11116 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Content_Tables\no-border
11/6/2008 6:24:10 AM 12816 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Content_Tables\one-pixel-border
11/6/2008 6:24:10 AM 12845 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Content_Tables\tabs
11/6/2008 6:24:10 AM 4948 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Footers
11/6/2008 6:24:10 AM 1376 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Form_Elements
11/6/2008 6:24:10 AM 4832 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Headers
11/6/2008 6:24:10 AM 11521 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Navigation
11/6/2008 6:24:10 AM 1138 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Navigation\Breadcrumb
11/6/2008 6:24:10 AM 3010 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Navigation\Horizontal
11/6/2008 6:24:11 AM 1907 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Navigation\Step-Based
11/6/2008 6:24:11 AM 1131 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Navigation\Tab
11/6/2008 6:24:11 AM 4325 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Accessible\Navigation\Vertical
11/6/2008 6:24:11 AM 1868 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Comments
11/6/2008 6:24:11 AM 780 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Content_Tables
11/6/2008 6:24:11 AM 1545 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Footers
11/6/2008 6:24:11 AM 20561 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Form_Elements
11/6/2008 6:24:11 AM 19565 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Form_Elements\DropDownMenus
11/6/2008 6:24:11 AM 4339 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Headers
11/6/2008 6:24:11 AM 47530 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript
11/6/2008 6:24:11 AM 1674 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\area_calculations
11/6/2008 6:24:11 AM 5156 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\browser_functions
11/6/2008 6:24:11 AM 5223 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\conversions
11/6/2008 6:24:11 AM 917 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\conversions\base_conversion

11/6/2008 6:24:11 AM 715 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\conversions\byte_conversion
11/6/2008 6:24:11 AM 828 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\conversions\temperature_conversion
11/6/2008 6:24:11 AM 2752 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\conversions\time_conversion
11/6/2008 6:24:11 AM 1746 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\cookies
11/6/2008 6:24:11 AM 788 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\date
11/6/2008 6:24:11 AM 1109 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\events
11/6/2008 6:24:11 AM 3349 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\images
11/6/2008 6:24:11 AM 1659 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\layers
11/6/2008 6:24:11 AM 855 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\link
11/6/2008 6:24:11 AM 1137 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\randomizers
11/6/2008 6:24:11 AM 3185 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\readable_MM_functions
11/6/2008 6:24:12 AM 714 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\sort
11/6/2008 6:24:12 AM 2031 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\starter_script
11/6/2008 6:24:12 AM 14018 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\string_manipulations
11/6/2008 6:24:12 AM 4951 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\string_manipulations\Methods
11/6/2008 6:24:12 AM 664 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\styles
11/6/2008 6:24:12 AM 4212 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\windows
11/6/2008 6:24:12 AM 2434 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\JavaScript\windows\dialogs
11/6/2008 6:24:12 AM 408 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Meta
11/6/2008 6:24:12 AM 10835 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Navigation
11/6/2008 6:24:12 AM 1111 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Navigation\Breadcrumb
11/6/2008 6:24:12 AM 2873 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Navigation\Horizontal
11/6/2008 6:24:12 AM 1809 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Navigation\Step-Based
11/6/2008 6:24:12 AM 1039 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Navigation\Tab
11/6/2008 6:24:12 AM 3993 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Navigation\Vertical
11/6/2008 6:24:12 AM 339 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\Text
11/6/2008 6:24:12 AM 51410 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated
11/6/2008 6:24:12 AM 1299 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Accessible
11/6/2008 6:24:12 AM 1289 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Accessible\Content_Tables
11/6/2008 6:24:12 AM 1275 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Accessible\Content_Tables\icon
11/6/2008 6:24:12 AM 43807 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Content_Tables
11/6/2008 6:24:12 AM 11342 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Content_Tables\icon
11/6/2008 6:24:12 AM 9039 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Content_Tables\no-border
11/6/2008 6:24:12 AM 11874 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Content_Tables\one-pixel-border
11/6/2008 6:24:12 AM 11538 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Content_Tables\tabs
11/6/2008 6:24:12 AM 3170 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Footers
11/6/2008 6:24:12 AM 2734 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\JavaScript
11/6/2008 6:24:12 AM 2724 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\JavaScript\layers
11/6/2008 6:24:12 AM 393 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Snippets\~Deprecated\Text
11/6/2008 6:24:12 AM 127701 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Startup
11/6/2008 6:24:13 AM 287626 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Strings
11/6/2008 6:24:13 AM 21163 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibIntrospection
11/6/2008 6:24:13 AM 16789 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibIntrospection\ASPNet
11/6/2008 6:24:13 AM 4374 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibIntrospection\JSP1.2
11/6/2008 6:24:13 AM 4606912 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries
11/6/2008 6:24:13 AM 643 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\Asp
11/6/2008 6:24:13 AM 1064011 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\ASPNet
11/6/2008 6:24:14 AM 676312 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\CFML
11/6/2008 6:24:15 AM 18997 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\CSS
11/6/2008 6:24:15 AM 937365 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\HTML
11/6/2008 6:24:17 AM 1495 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\Icons
11/6/2008 6:24:17 AM 85552 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\JRun
11/6/2008 6:24:17 AM 25365 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\JSP
11/6/2008 6:24:17 AM 874 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\PHP_MySQL
11/6/2008 6:24:17 AM 89631 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\TagImporters
11/6/2008 6:24:17 AM 26121 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\TagImporters\ASPNet
11/6/2008 6:24:17 AM 12040 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\TagImporters\DTDSchema
11/6/2008 6:24:17 AM 34036 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\TagImporters\JSP
11/6/2008 6:24:17 AM 334 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\Templates
11/6/2008 6:24:17 AM 1612365 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\Validator
11/6/2008 6:24:18 AM 12164 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\VTML
11/6/2008 6:24:18 AM 36143 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\WML
11/6/2008 6:24:18 AM 20335 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\TagLibraries\XSLT
11/6/2008 6:24:18 AM 136747 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Templates
11/6/2008 6:24:18 AM 29152 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Templates\images
11/6/2008 6:24:18 AM 84014 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Templates\Video_Controls
11/6/2008 6:24:18 AM 23374 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Templates\Video_Player
11/6/2008 6:24:18 AM 1433863 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Third Party Source Code
11/6/2008 6:24:18 AM 1219474 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Third Party Source Code\JavaScript Interpreter
11/6/2008 6:24:18 AM 214389 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Third Party Source Code\Sablotron
11/6/2008 6:24:18 AM 46999 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ThirdPartyTags
11/6/2008 6:24:18 AM 906 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\ThirdPartyTags\ASPNetTags
11/6/2008 6:24:18 AM 208883 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Toolbars
11/6/2008 6:24:19 AM 156567 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Toolbars\images
11/6/2008 6:24:19 AM 156567 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Toolbars\images\MM
11/6/2008 6:24:20 AM 13213 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Toolbars\MM
11/6/2008 6:24:20 AM 472202 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators
11/6/2008 6:24:20 AM 62335 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators\ASP.NET_Common
11/6/2008 6:24:20 AM 30172 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators\ASP.NET_Csharp
11/6/2008 6:24:20 AM 30170 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators\ASP.NET_VB
11/6/2008 6:24:20 AM 13047 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators\ASP_Js
11/6/2008 6:24:20 AM 13652 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators\ASP_Vbs
11/6/2008 6:24:21 AM 34221 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators\ColdFusion
11/6/2008 6:24:21 AM 13075 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators\Jsp
11/6/2008 6:24:21 AM 22154 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators\PHP_MySQL
11/6/2008 6:24:21 AM 11973 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Translators\XSLT
11/6/2008 6:24:21 AM 2229 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Validators
11/6/2008 6:24:21 AM 104533 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\WebServices
11/6/2008 6:24:21 AM 4923 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\WebServices\Introspectors
11/6/2008 6:24:21 AM 99213 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\WebServices\ProxyGenerators
11/6/2008 6:24:21 AM 222 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\WebServices\UDDI
11/6/2008 6:24:21 AM 175 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\WebServices\WSDL
11/6/2008 6:24:21 AM 6755 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\workspace
11/6/2008 6:24:21 AM 4527 C:\Program Files\Macromedia\Dreamweaver 8\Configuration\WorkspaceMac
11/6/2008 6:24:21 AM 47131 C:\Program Files\Macromedia\Dreamweaver 8\Documentation
11/6/2008 6:24:21 AM 610 C:\Program Files\Macromedia\Dreamweaver 8\Documentation\css
11/6/2008 6:24:21 AM 33036 C:\Program Files\Macromedia\Dreamweaver 8\Documentation\dw_assets
11/6/2008 6:24:22 AM 20133048 C:\Program Files\Macromedia\Dreamweaver 8\Help
11/6/2008 6:22:42 AM 23028452 C:\Program Files\Macromedia\Dreamweaver 8\JVM
11/6/2008 6:22:42 AM 4527501 C:\Program Files\Macromedia\Dreamweaver 8\JVM\bin
11/6/2008 6:24:26 AM 283763 C:\Program Files\Macromedia\Dreamweaver 8\JVM\bin\classic
11/6/2008 6:24:26 AM 775423 C:\Program Files\Macromedia\Dreamweaver 8\JVM\bin\hotspot
11/6/2008 6:22:44 AM 18445373 C:\Program Files\Macromedia\Dreamweaver 8\JVM\lib
11/6/2008 6:24:31 AM 203280 C:\Program Files\Macromedia\Dreamweaver 8\JVM\lib\cmm
11/6/2008 6:22:44 AM 243076 C:\Program Files\Macromedia\Dreamweaver 8\JVM\lib\fonts
11/6/2008 6:24:31 AM 2451 C:\Program Files\Macromedia\Dreamweaver 8\JVM\lib\images
11/6/2008 6:24:31 AM 2451 C:\Program Files\Macromedia\Dreamweaver 8\JVM\lib\images\cursors
11/6/2008 6:24:31 AM 13690 C:\Program Files\Macromedia\Dreamweaver 8\JVM\lib\security
11/6/2008 6:24:31 AM 2896663 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets
11/6/2008 6:24:31 AM 2843305 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend
11/6/2008 6:24:31 AM 1135038 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files
11/6/2008 6:24:31 AM 1135038 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver
11/6/2008 6:24:32 AM 78913 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver\flashContent
11/6/2008 6:24:32 AM 586 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver\flashContent\_notes
11/6/2008 6:24:32 AM 53371 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver\images
11/6/2008 6:24:32 AM 677 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver\images\_notes
11/6/2008 6:24:32 AM 130617 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver\xml
11/6/2008 6:24:32 AM 117532 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver\xml\images
11/6/2008 6:24:33 AM 850 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver\xml\images\_notes
11/6/2008 6:24:33 AM 740 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver\xml\_notes
11/6/2008 6:24:33 AM 959 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\completed_files\dreamweaver\_notes
11/6/2008 6:24:33 AM 152649 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact
11/6/2008 6:24:33 AM 27892 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\asp
11/6/2008 6:24:33 AM 23643 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\asp\assets
11/6/2008 6:24:33 AM 27942 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\aspnet
11/6/2008 6:24:33 AM 23643 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\aspnet\assets
11/6/2008 6:24:34 AM 41035 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\coldfusion
11/6/2008 6:24:34 AM 24177 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\coldfusion\assets
11/6/2008 6:24:34 AM 534 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\coldfusion\assets\_notes
11/6/2008 6:24:34 AM 12437 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\coldfusion\_mmServerScripts
11/6/2008 6:24:34 AM 280 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\coldfusion\_notes
11/6/2008 6:24:34 AM 27996 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\jsp
11/6/2008 6:24:34 AM 23643 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\jsp\assets
11/6/2008 6:24:34 AM 27784 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\php
11/6/2008 6:24:35 AM 23643 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\contact\php\assets
11/6/2008 6:24:35 AM 212666 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\data
11/6/2008 6:24:35 AM 143036 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\fireworks_assets
11/6/2008 6:24:35 AM 78473 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\flashContent
11/6/2008 6:24:35 AM 146 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\flashContent\_notes
11/6/2008 6:24:35 AM 131021 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\images
11/6/2008 6:24:35 AM 128992 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\xml
11/6/2008 6:24:35 AM 116682 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\cafe_townsend\xml\images
11/6/2008 6:24:35 AM 53358 C:\Program Files\Macromedia\Dreamweaver 8\Tutorial_assets\Extending
11/6/2008 6:21:13 AM 5085674 C:\Program Files\Macromedia\Extension Manager
11/6/2008 6:21:14 AM 37472 C:\Program Files\Macromedia\Extension Manager\Help
11/6/2008 6:21:13 AM 20993 C:\Program Files\Macromedia\Extension Manager\Samples
11/6/2008 6:21:13 AM 2294 C:\Program Files\Macromedia\Extension Manager\Samples\Dreamweaver
11/6/2008 6:21:13 AM 751 C:\Program Files\Macromedia\Extension Manager\Samples\Fireworks
11/6/2008 6:21:13 AM 17948 C:\Program Files\Macromedia\Extension Manager\Samples\Flash
11/6/2008 8:25:52 AM 181319462 C:\Program Files\Macromedia\Flash 8
11/6/2008 8:25:52 AM 75708232 C:\Program Files\Macromedia\Flash 8\en
11/6/2008 8:25:52 AM 70188590 C:\Program Files\Macromedia\Flash 8\en\Configuration
11/6/2008 8:27:19 AM 8510 C:\Program Files\Macromedia\Flash 8\en\Configuration\ActionScript
11/6/2008 8:27:19 AM 5462016 C:\Program Files\Macromedia\Flash 8\en\Configuration\ComponentFLA
11/6/2008 8:27:20 AM 2396502 C:\Program Files\Macromedia\Flash 8\en\Configuration\Components
11/6/2008 8:27:20 AM 266356 C:\Program Files\Macromedia\Flash 8\en\Configuration\Components\Data
11/6/2008 8:27:20 AM 46751 C:\Program Files\Macromedia\Flash 8\en\Configuration\Components\FLV Playback - Player 8
11/6/2008 8:27:20 AM 482817 C:\Program Files\Macromedia\Flash 8\en\Configuration\Components\Media - Player 6 - 7
11/6/2008 8:27:20 AM 1380418 C:\Program Files\Macromedia\Flash 8\en\Configuration\Components\User Interface
11/6/2008 8:27:21 AM 9005489 C:\Program Files\Macromedia\Flash 8\en\Configuration\Dictionaries
11/6/2008 8:27:24 AM 7174 C:\Program Files\Macromedia\Flash 8\en\Configuration\Icons
11/6/2008 8:27:24 AM 10078377 C:\Program Files\Macromedia\Flash 8\en\Configuration\Importers
11/6/2008 8:27:26 AM 5859497 C:\Program Files\Macromedia\Flash 8\en\Configuration\Importers\CMap
11/6/2008 8:27:27 AM 3230208 C:\Program Files\Macromedia\Flash 8\en\Configuration\Libraries
11/6/2008 8:25:52 AM 11233076 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile
11/6/2008 8:27:28 AM 9966900 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices
11/6/2008 8:27:31 AM 200898 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Fujitsu_F505i
11/6/2008 8:27:32 AM 320365 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Fujitsu_F505iGPS
11/6/2008 8:27:32 AM 178754 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Fujitsu_F506i
11/6/2008 8:27:32 AM 306825 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Fujitsu_F900i
11/6/2008 8:27:33 AM 196786 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Fujitsu_F900iT
11/6/2008 8:27:33 AM 244698 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Fujitsu_F901iC
11/6/2008 8:27:33 AM 306075 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Fujitsu_F901iS
11/6/2008 8:27:33 AM 36669 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Generic
11/6/2008 8:27:33 AM 210114 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Mitsubishi_D505i
11/6/2008 8:27:34 AM 207098 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Mitsubishi_D506i
11/6/2008 8:27:34 AM 279107 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Mitsubishi_D900i
11/6/2008 8:27:34 AM 163480 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Mitsubishi_D901i
11/6/2008 8:27:34 AM 217596 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\NEC_N505i
11/6/2008 8:27:35 AM 225396 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\NEC_N505iS
11/6/2008 8:27:35 AM 217901 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\NEC_N506i
11/6/2008 8:27:35 AM 285190 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\NEC_N700i
11/6/2008 8:27:35 AM 236689 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\NEC_N900iL
11/6/2008 8:27:35 AM 176991 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\NEC_N900iS
11/6/2008 8:27:36 AM 256135 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\NEC_N901iC
11/6/2008 8:27:36 AM 198186 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\NEC_N901iS
11/6/2008 8:27:36 AM 100106 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_3600-3650
11/6/2008 8:27:36 AM 73381 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_3620-3660
11/6/2008 8:27:36 AM 108563 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_6260
11/6/2008 8:27:36 AM 87025 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_6600
11/6/2008 8:27:36 AM 84313 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_6620
11/6/2008 8:27:37 AM 86224 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_6630
11/6/2008 8:27:37 AM 63966 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_6670
11/6/2008 8:27:37 AM 77564 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_6680
11/6/2008 8:27:37 AM 66529 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_6681
11/6/2008 8:27:38 AM 71337 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_7610
11/6/2008 8:27:38 AM 131519 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Nokia_N-Gage
11/6/2008 8:27:38 AM 110837 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\nokia_n-gage_qd
11/6/2008 8:27:38 AM 272551 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Panasonic_P700i
11/6/2008 8:27:38 AM 249741 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Panasonic_P901i
11/6/2008 8:27:38 AM 265911 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Panasonic_P901iS
11/6/2008 8:27:38 AM 280760 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sharp_SH505i
11/6/2008 8:27:38 AM 259284 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sharp_SH505iS
11/6/2008 8:27:38 AM 295393 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sharp_SH506iC
11/6/2008 8:27:39 AM 245639 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sharp_SH700i
11/6/2008 8:27:39 AM 240273 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sharp_SH901iC
11/6/2008 8:27:39 AM 344154 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sharp_SH901iS
11/6/2008 8:27:40 AM 89669 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Siemens_SX1
11/6/2008 8:27:40 AM 136273 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sony-Ericsson_SO506i
11/6/2008 8:27:40 AM 145347 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sony-Ericsson_V800
11/6/2008 8:27:40 AM 170331 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sony-Ericsson_W21S
11/6/2008 8:27:40 AM 142422 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sony-Ericsson_Z800
11/6/2008 8:27:40 AM 301789 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sony_SO505i
11/6/2008 8:27:41 AM 182961 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sony_SO505iS
11/6/2008 8:27:41 AM 199705 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Devices\Sony_SO506iC
11/6/2008 8:25:52 AM 120320 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Platforms
11/6/2008 8:27:41 AM 120320 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Platforms\FlashLite1_1
11/6/2008 8:25:52 AM 1002496 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Players
11/6/2008 8:27:41 AM 1002496 C:\Program Files\Macromedia\Flash 8\en\Configuration\Mobile\Players\FlashLite 1x
11/6/2008 8:27:41 AM 80134 C:\Program Files\Macromedia\Flash 8\en\Configuration\Players
11/6/2008 8:27:41 AM 10336256 C:\Program Files\Macromedia\Flash 8\en\Configuration\SkinFLA
11/6/2008 8:27:42 AM 127515 C:\Program Files\Macromedia\Flash 8\en\Configuration\Skins
11/6/2008 8:25:52 AM 11162624 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates
11/6/2008 8:27:43 AM 213504 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates\Advertising
11/6/2008 8:27:43 AM 1957376 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates\Form Applications
11/6/2008 8:27:44 AM 66048 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates\Global Phones
11/6/2008 8:27:44 AM 267264 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates\Japanese Phones
11/6/2008 8:27:44 AM 2221056 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates\PDAs
11/6/2008 8:27:45 AM 243200 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates\Photo Slideshows
11/6/2008 8:27:45 AM 1053184 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates\Presentations
11/6/2008 8:27:45 AM 4066304 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates\Quiz
11/6/2008 8:27:46 AM 1074688 C:\Program Files\Macromedia\Flash 8\en\Configuration\Templates\Slide Presentations
11/6/2008 8:25:52 AM 1094970 C:\Program Files\Macromedia\Flash 8\en\Configuration\Third Party Source Code
11/6/2008 8:27:46 AM 1094970 C:\Program Files\Macromedia\Flash 8\en\Configuration\Third Party Source Code\JavaScript Interpreter
11/6/2008 8:27:47 AM 1179 C:\Program Files\Macromedia\Flash 8\en\Configuration\Workspace
11/6/2008 8:25:52 AM 5519642 C:\Program Files\Macromedia\Flash 8\en\First Run
11/6/2008 8:27:47 AM 821084 C:\Program Files\Macromedia\Flash 8\en\First Run\ActionsPanel
11/6/2008 8:27:47 AM 598318 C:\Program Files\Macromedia\Flash 8\en\First Run\ActionsPanel\ActionScript_1_2
11/6/2008 8:27:47 AM 51554 C:\Program Files\Macromedia\Flash 8\en\First Run\ActionsPanel\ActionScript_1_2\CoreActions
11/6/2008 8:27:47 AM 339991 C:\Program Files\Macromedia\Flash 8\en\First Run\ActionsPanel\ActionScript_1_2\CustomActions
11/6/2008 8:27:47 AM 141724 C:\Program Files\Macromedia\Flash 8\en\First Run\ActionsPanel\FlashJavaScript
11/6/2008 8:27:47 AM 15563 C:\Program Files\Macromedia\Flash 8\en\First Run\ActionsPanel\FlashLite1_0
11/6/2008 8:27:47 AM 34755 C:\Program Files\Macromedia\Flash 8\en\First Run\ActionsPanel\FlashLite1_1
11/6/2008 8:27:47 AM 148671 C:\Program Files\Macromedia\Flash 8\en\First Run\Behaviors
11/6/2008 8:25:52 AM 2505705 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes
11/6/2008 8:27:48 AM 40198 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP7
11/6/2008 8:27:49 AM 1741 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP7\System
11/6/2008 8:27:49 AM 620 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP7\TextField
11/6/2008 8:25:52 AM 61899 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8
11/6/2008 8:25:52 AM 18178 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8\flash
11/6/2008 8:27:50 AM 3611 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8\flash\display
11/6/2008 8:27:50 AM 490 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8\flash\external
11/6/2008 8:27:50 AM 7635 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8\flash\filters
11/6/2008 8:27:50 AM 4776 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8\flash\geom
11/6/2008 8:27:50 AM 1224 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8\flash\net
11/6/2008 8:27:50 AM 442 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8\flash\text
11/6/2008 8:27:50 AM 2746 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8\System
11/6/2008 8:27:51 AM 620 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\FP8\TextField
11/6/2008 8:25:52 AM 2373265 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx
11/6/2008 8:27:51 AM 64858 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\accessibility
11/6/2008 8:27:51 AM 2303 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\behaviors
11/6/2008 8:27:51 AM 51598 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\containers
11/6/2008 8:27:51 AM 2605 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\containers\accordionclasses
11/6/2008 8:27:51 AM 841363 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls
11/6/2008 8:27:52 AM 7334 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\alertClasses
11/6/2008 8:27:52 AM 1639 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\cells
11/6/2008 8:27:52 AM 14164 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\gridclasses
11/6/2008 8:27:52 AM 57784 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\listclasses
11/6/2008 8:27:52 AM 11914 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\menuclasses
11/6/2008 8:27:52 AM 23544 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\scrollClasses
11/6/2008 8:27:52 AM 176296 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\streamingmedia

RobSedona · « **Reply #4 on:** December 03, 2008, 09:34:41 AM »

11/6/2008 8:27:53 AM 8563 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\streamingmedia\behaviors
11/6/2008 8:27:53 AM 42013 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\streamingmedia\config
11/6/2008 8:27:54 AM 10210 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\controls\treeclasses
11/6/2008 8:27:54 AM 74219 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\core
11/6/2008 8:27:54 AM 8699 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\core\ext
11/6/2008 8:25:52 AM 483007 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data
11/6/2008 8:27:54 AM 122216 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\binding
11/6/2008 8:27:54 AM 289283 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\components
11/6/2008 8:27:54 AM 2790 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\components\connclasses
11/6/2008 8:27:54 AM 67559 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\components\datasetclasses
11/6/2008 8:27:55 AM 1063 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\components\resclasses
11/6/2008 8:27:55 AM 21166 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\encoders
11/6/2008 8:27:55 AM 16627 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\formatters
11/6/2008 8:27:56 AM 13868 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\kinds
11/6/2008 8:27:56 AM 2536 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\to
11/6/2008 8:27:56 AM 17311 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\data\types
11/6/2008 8:27:56 AM 3549 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\effects
11/6/2008 8:27:56 AM 17691 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\events
11/6/2008 8:27:56 AM 8998 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\lang
11/6/2008 8:27:56 AM 70664 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\managers
11/6/2008 8:27:56 AM 44433 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\screens
11/6/2008 8:27:56 AM 188412 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\services
11/6/2008 8:27:59 AM 61076 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\skins
11/6/2008 8:28:00 AM 30050 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\skins\halo
11/6/2008 8:28:00 AM 18017 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\skins\sample
11/6/2008 8:28:00 AM 21809 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\styles
11/6/2008 8:28:00 AM 57080 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\transitions
11/6/2008 8:28:00 AM 6457 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\transitions\easing
11/6/2008 8:28:01 AM 26866 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\utils
11/6/2008 8:28:01 AM 331694 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\video
11/6/2008 8:28:01 AM 23645 C:\Program Files\Macromedia\Flash 8\en\First Run\Classes\mx\xpath
11/6/2008 8:28:01 AM 17013 C:\Program Files\Macromedia\Flash 8\en\First Run\Color Sets
11/6/2008 8:25:52 AM 0 C:\Program Files\Macromedia\Flash 8\en\First Run\Commands
11/6/2008 8:28:01 AM 35813 C:\Program Files\Macromedia\Flash 8\en\First Run\Data
11/6/2008 8:28:01 AM 12625 C:\Program Files\Macromedia\Flash 8\en\First Run\DataTypes
11/6/2008 8:28:01 AM 13819 C:\Program Files\Macromedia\Flash 8\en\First Run\Detection
11/6/2008 8:28:01 AM 575647 C:\Program Files\Macromedia\Flash 8\en\First Run\Effects
11/6/2008 8:28:02 AM 2456 C:\Program Files\Macromedia\Flash 8\en\First Run\Encoders
11/6/2008 8:28:02 AM 10240 C:\Program Files\Macromedia\Flash 8\en\First Run\External Libraries
11/6/2008 8:28:02 AM 874996 C:\Program Files\Macromedia\Flash 8\en\First Run\FontEmbedding
11/6/2008 8:28:02 AM 3740 C:\Program Files\Macromedia\Flash 8\en\First Run\Formatters
11/6/2008 8:25:52 AM 111038 C:\Program Files\Macromedia\Flash 8\en\First Run\HelpPanel
11/6/2008 8:28:02 AM 111038 C:\Program Files\Macromedia\Flash 8\en\First Run\HelpPanel\_sharedassets
11/6/2008 8:28:02 AM 87793 C:\Program Files\Macromedia\Flash 8\en\First Run\HelpPanel\_sharedassets\icons
11/6/2008 8:28:04 AM 74108 C:\Program Files\Macromedia\Flash 8\en\First Run\HTML
11/6/2008 8:28:04 AM 11548 C:\Program Files\Macromedia\Flash 8\en\First Run\HTML\Learning Extensions Srvr Files
11/6/2008 8:28:04 AM 10479 C:\Program Files\Macromedia\Flash 8\en\First Run\HTML\Learning Extensions Srvr Files\scripts
11/6/2008 8:28:04 AM 7074 C:\Program Files\Macromedia\Flash 8\en\First Run\Include
11/6/2008 8:28:04 AM 19336 C:\Program Files\Macromedia\Flash 8\en\First Run\Javascript
11/6/2008 8:28:04 AM 38520 C:\Program Files\Macromedia\Flash 8\en\First Run\Keyboard Shortcuts
11/6/2008 8:28:04 AM 698 C:\Program Files\Macromedia\Flash 8\en\First Run\Kinds
11/6/2008 8:28:04 AM 804 C:\Program Files\Macromedia\Flash 8\en\First Run\Mobile
11/6/2008 8:25:52 AM 0 C:\Program Files\Macromedia\Flash 8\en\First Run\Players
11/6/2008 8:28:04 AM 5440 C:\Program Files\Macromedia\Flash 8\en\First Run\Publish Profiles
11/6/2008 8:28:04 AM 23569 C:\Program Files\Macromedia\Flash 8\en\First Run\Screen Types
11/6/2008 8:28:04 AM 3260 C:\Program Files\Macromedia\Flash 8\en\First Run\Screen Types\Form
11/6/2008 8:28:04 AM 3235 C:\Program Files\Macromedia\Flash 8\en\First Run\Screen Types\Slide
11/6/2008 8:28:04 AM 146149 C:\Program Files\Macromedia\Flash 8\en\First Run\StartPage
11/6/2008 8:28:04 AM 37840 C:\Program Files\Macromedia\Flash 8\en\First Run\Tools
11/6/2008 8:28:04 AM 3248 C:\Program Files\Macromedia\Flash 8\en\First Run\Video
11/6/2008 8:25:52 AM 0 C:\Program Files\Macromedia\Flash 8\en\First Run\WebServices
11/6/2008 8:25:52 AM 0 C:\Program Files\Macromedia\Flash 8\en\First Run\WebServices\WSDL
11/6/2008 8:25:52 AM 0 C:\Program Files\Macromedia\Flash 8\en\First Run\WindowSWF
11/6/2008 8:28:04 AM 30009 C:\Program Files\Macromedia\Flash 8\en\First Run\XULControls
11/6/2008 8:28:04 AM 27105350 C:\Program Files\Macromedia\Flash 8\Players
11/6/2008 8:28:06 AM 11713580 C:\Program Files\Macromedia\Flash 8\Players\Debug
11/6/2008 8:28:09 AM 11474818 C:\Program Files\Macromedia\Flash 8\Players\Release
11/6/2008 8:25:52 AM 43951134 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials
11/6/2008 8:25:52 AM 26336430 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples
11/6/2008 8:25:52 AM 904192 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Accessibility
11/6/2008 8:28:12 AM 904192 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Accessibility\AccessibleApplications
11/6/2008 8:25:52 AM 9946926 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript
11/6/2008 8:28:12 AM 123392 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\Animation
11/6/2008 8:28:12 AM 912896 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\Arrays
11/6/2008 8:28:12 AM 91648 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\BitmapData
11/6/2008 8:28:12 AM 108032 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\CacheBitmap
11/6/2008 8:28:12 AM 53918 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\CustomizingContextMenu
11/6/2008 8:28:12 AM 40960 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\DataTypes
11/6/2008 8:28:12 AM 541696 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\DrawingAPI
11/6/2008 8:28:12 AM 390279 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\ExternalAPI
11/6/2008 8:28:12 AM 361028 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\ExternalAPI\simple example
11/6/2008 8:28:12 AM 959488 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\FileUpload
11/6/2008 8:28:12 AM 690688 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\Filters
11/6/2008 8:28:13 AM 251904 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\FlashType
11/6/2008 8:28:13 AM 959463 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\Galleries
11/6/2008 8:28:13 AM 461824 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\LoadText
11/6/2008 8:28:13 AM 445952 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\Login
11/6/2008 8:28:13 AM 712192 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\StageSize
11/6/2008 8:28:13 AM 695908 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\Strings
11/6/2008 8:28:13 AM 1264322 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\TextFields
11/6/2008 8:28:13 AM 64000 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\Tween ProgressBar
11/6/2008 8:28:14 AM 750592 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\XML_BlogTracker
11/6/2008 8:28:14 AM 356876 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\XML_LanguagePicker
11/6/2008 8:28:14 AM 70896 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ActionScript\XML_Menu
11/6/2008 8:25:52 AM 119495 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Behaviors
11/6/2008 8:28:14 AM 119495 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Behaviors\BehaviorsScrapbook
11/6/2008 8:28:14 AM 8205689 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Components
11/6/2008 8:28:14 AM 3851741 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Components\ComponentsApplication
11/6/2008 8:28:15 AM 256668 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Components\DialComponent
11/6/2008 8:28:15 AM 3218 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Components\FLVPlayback
11/6/2008 8:28:15 AM 2189866 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Components\Jukebox
11/6/2008 8:28:16 AM 21055 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Components\Jukebox\images
11/6/2008 8:28:16 AM 227779 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Components\Login
11/6/2008 8:28:16 AM 1606612 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Components\TipCalculator
11/6/2008 8:25:52 AM 2780333 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\DataIntegration
11/6/2008 8:28:16 AM 919 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\DataIntegration\DinnerMenu
11/6/2008 8:28:16 AM 825560 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\DataIntegration\Guestbook
11/6/2008 8:28:16 AM 1095230 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\DataIntegration\MacromediaTips
11/6/2008 8:28:16 AM 858624 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\DataIntegration\NewsReader
11/6/2008 8:25:52 AM 1311337 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ExtendingFlash
11/6/2008 8:28:16 AM 424627 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ExtendingFlash\dllSampleComputeSum
11/6/2008 8:28:16 AM 6430 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ExtendingFlash\filtersGetSet
11/6/2008 8:28:16 AM 9983 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ExtendingFlash\PolyStar
11/6/2008 8:28:16 AM 1237 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ExtendingFlash\Shape
11/6/2008 8:28:16 AM 869060 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\ExtendingFlash\TraceBitmapPanel
11/6/2008 8:28:16 AM 1179396 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\FlashLite
11/6/2008 8:28:17 AM 44052 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\FlashLite\Sound
11/6/2008 8:25:52 AM 484864 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Graphics
11/6/2008 8:28:17 AM 286208 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Graphics\AnimatedDropShadow
11/6/2008 8:28:17 AM 198656 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Graphics\AnimationAndGradients
11/6/2008 8:25:52 AM 1255936 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Masking
11/6/2008 8:28:17 AM 446976 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Masking\DeviceFontMasking
11/6/2008 8:28:17 AM 808960 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Masking\ScriptableMasksPart2
11/6/2008 8:25:52 AM 148262 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text
11/6/2008 8:28:17 AM 34742 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent
11/6/2008 8:28:17 AM 729 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent\de
11/6/2008 8:28:17 AM 715 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent\en
11/6/2008 8:28:17 AM 729 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent\es
11/6/2008 8:28:17 AM 726 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent\fr
11/6/2008 8:28:18 AM 725 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent\it
11/6/2008 8:28:18 AM 809 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent\ja
11/6/2008 8:28:18 AM 745 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent\ko
11/6/2008 8:28:18 AM 691 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent\zh-CN
11/6/2008 8:28:18 AM 713 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\MultilingualContent\zh-TW
11/6/2008 8:28:18 AM 113520 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Samples\Text\TextEnhancements
11/6/2008 8:25:52 AM 17614704 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets
11/6/2008 8:25:52 AM 1375643 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\ActionScript
11/6/2008 8:28:18 AM 966144 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\ActionScript\Add Interactivity
11/6/2008 8:28:18 AM 75264 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\ActionScript\Create a Form
11/6/2008 8:28:18 AM 145408 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\ActionScript\Script Assist
11/6/2008 8:28:18 AM 66971 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\ActionScript\Work with Objects and Classes
11/6/2008 8:28:18 AM 121856 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\ActionScript\Write Scripts
11/6/2008 8:25:52 AM 4702844 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks
11/6/2008 8:28:18 AM 82944 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\Add Button Animation and Navigation
11/6/2008 8:28:18 AM 1007616 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\Create a Document
11/6/2008 8:28:19 AM 556032 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\Create Accessible Content
11/6/2008 8:28:19 AM 282112 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\Create an Application
11/6/2008 8:28:19 AM 71680 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\Create Symbols and Instances
11/6/2008 8:25:52 AM 1395836 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\FlashBanner
11/6/2008 8:28:19 AM 374355 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\FlashBanner\Part1
11/6/2008 8:25:52 AM 474145 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\FlashBanner\Part2
11/6/2008 8:28:19 AM 241319 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\FlashBanner\Part2\finish
11/6/2008 8:28:19 AM 232826 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\FlashBanner\Part2\start
11/6/2008 8:25:52 AM 547336 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\FlashBanner\Part3
11/6/2008 8:28:19 AM 52241 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\FlashBanner\Part3\finished
11/6/2008 8:28:20 AM 495095 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\FlashBanner\Part3\start
11/6/2008 8:28:20 AM 966656 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\Presentation with Screens
11/6/2008 8:28:20 AM 117760 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\Use Layout Tools
11/6/2008 8:28:20 AM 222208 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Basic Tasks\Work with Layers
11/6/2008 8:25:52 AM 5211639 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\cafe_townsend
11/6/2008 8:25:52 AM 2372324 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\cafe_townsend\completed_files
11/6/2008 8:28:21 AM 2372324 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\cafe_townsend\completed_files\flash
11/6/2008 8:28:22 AM 78327 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\cafe_townsend\completed_files\flash\images
11/6/2008 8:28:22 AM 78327 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\cafe_townsend\images
11/6/2008 8:25:52 AM 483328 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Creating Graphics
11/6/2008 8:28:22 AM 69120 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Creating Graphics\Animation Easing
11/6/2008 8:28:22 AM 54784 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Creating Graphics\Draw in Flash
11/6/2008 8:28:22 AM 115200 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Creating Graphics\Filters and Blends
11/6/2008 8:28:22 AM 55296 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Creating Graphics\Gradients
11/6/2008 8:28:22 AM 188928 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Creating Graphics\Timeline Animation
11/6/2008 8:25:52 AM 5550621 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Data Integration
11/6/2008 8:28:22 AM 1213037 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Data Integration\Tips
11/6/2008 8:28:22 AM 4337584 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Data Integration\Using XML for a Timesheet
11/6/2008 8:25:52 AM 217600 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Flash Lite
11/6/2008 8:28:23 AM 217600 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Flash Lite\Cafe
11/6/2008 8:25:52 AM 73029 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Text
11/6/2008 8:28:23 AM 73029 C:\Program Files\Macromedia\Flash 8\Samples and Tutorials\Tutorial Assets\Text\Add Text to a Document
11/6/2008 8:19:38 AM 6940075 C:\Program Files\Macromedia\Flash 8 Video Encoder
11/6/2008 8:19:41 AM 875051 C:\Program Files\Macromedia\Flash 8 Video Encoder\en
12/1/2008 6:47:24 AM 4047461 C:\Program Files\Malwarebytes' Anti-Malware
12/1/2008 6:47:25 AM 336247 C:\Program Files\Malwarebytes' Anti-Malware\Languages
11/12/2008 8:51:51 PM 56942796 C:\Program Files\Roxio
11/12/2008 8:57:11 PM 9963897 C:\Program Files\Roxio\CinePlayer
11/12/2008 8:57:14 PM 3069145 C:\Program Files\Roxio\CinePlayer\ENU
11/12/2008 8:51:51 PM 46978899 C:\Program Files\Roxio\Easy Media Creator 8
11/12/2008 8:52:13 PM 1803776 C:\Program Files\Roxio\Easy Media Creator 8\AudioCodecCommon
11/12/2008 8:52:48 PM 1017716 C:\Program Files\Roxio\Easy Media Creator 8\Disc Copier
11/12/2008 8:56:13 PM 236282 C:\Program Files\Roxio\Easy Media Creator 8\Disc Copier\1033
11/12/2008 8:52:50 PM 3194 C:\Program Files\Roxio\Easy Media Creator 8\Disc Copier\Profiles
11/12/2008 8:53:17 PM 41821287 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator
11/12/2008 8:53:27 PM 29777813 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Backgrounds
11/12/2008 8:54:02 PM 978402 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Backgrounds\Thumbnails
11/12/2008 8:54:03 PM 47126 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Page Files
11/12/2008 8:53:23 PM 2584776 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Skin
11/12/2008 8:56:40 PM 1049029 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Skin\1033
11/12/2008 8:56:42 PM 239888 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Skin\1033\Images
11/12/2008 8:56:40 PM 671744 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Skin\1033\Res
11/12/2008 8:56:42 PM 74199 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Skin\1033\Strings
11/12/2008 8:53:23 PM 1535747 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Skin\Generic
11/12/2008 8:54:09 PM 1534357 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Skin\Generic\Images
11/12/2008 8:54:16 PM 3044852 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Themes
11/12/2008 8:54:22 PM 216998 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Themes\Disc Type Icons
11/12/2008 8:54:24 PM 12698 C:\Program Files\Roxio\Easy Media Creator 8\Label Creator\Themes\Media Type Icons
11/12/2008 8:53:14 PM 831488 C:\Program Files\Roxio\Easy Media Creator 8\VideoCore
11/12/2008 8:56:47 PM 1491205 C:\Program Files\Roxio\Easy Media Creator 8\Virtual Drive
11/12/2008 8:56:49 PM 237829 C:\Program Files\Roxio\Easy Media Creator 8\Virtual Drive\1033
11/27/2008 3:06:50 AM 12903449 C:\Program Files\Seagate
11/27/2008 3:06:50 AM 12903449 C:\Program Files\Seagate\SeaTools for Windows
11/27/2008 3:06:51 AM 7680 C:\Program Files\Seagate\SeaTools for Windows\de
11/27/2008 3:06:50 AM 135168 C:\Program Files\Seagate\SeaTools for Windows\de-DE
11/27/2008 3:06:51 AM 7680 C:\Program Files\Seagate\SeaTools for Windows\es
11/27/2008 3:06:50 AM 135168 C:\Program Files\Seagate\SeaTools for Windows\es-ES
11/27/2008 3:06:51 AM 7680 C:\Program Files\Seagate\SeaTools for Windows\fr
11/27/2008 3:06:50 AM 155648 C:\Program Files\Seagate\SeaTools for Windows\fr-FR
11/27/2008 3:06:51 AM 7680 C:\Program Files\Seagate\SeaTools for Windows\it
11/27/2008 3:06:50 AM 135168 C:\Program Files\Seagate\SeaTools for Windows\it-IT
11/27/2008 3:06:51 AM 122880 C:\Program Files\Seagate\SeaTools for Windows\ja-JP
11/27/2008 3:06:51 AM 126976 C:\Program Files\Seagate\SeaTools for Windows\pt-BR
11/27/2008 3:06:50 AM 3139201 C:\Program Files\Seagate\SeaTools for Windows\STXENG
11/27/2008 3:06:50 AM 22346 C:\Program Files\Seagate\SeaTools for Windows\STXENG\StringDatFiles
11/27/2008 3:06:51 AM 90112 C:\Program Files\Seagate\SeaTools for Windows\zh-CN
11/27/2008 3:06:51 AM 90112 C:\Program Files\Seagate\SeaTools for Windows\zh-TW
11/6/2008 9:45:37 AM 8340651 C:\Program Files\Smart Projects
11/6/2008 9:45:37 AM 8340651 C:\Program Files\Smart Projects\IsoBuster
11/6/2008 9:45:37 AM 996331 C:\Program Files\Smart Projects\IsoBuster\Help
11/6/2008 9:45:37 AM 3246592 C:\Program Files\Smart Projects\IsoBuster\Lang
11/6/2008 9:45:37 AM 1147 C:\Program Files\Smart Projects\IsoBuster\Online
11/6/2008 9:45:37 AM 0 C:\Program Files\Smart Projects\IsoBuster\Plug Ins
11/6/2008 9:45:37 AM 651333 C:\Program Files\Smart Projects\IsoBuster\Uninst
11/26/2008 9:18:16 AM 5204480 C:\Program Files\Spyware Cease
12/1/2008 5:59:52 AM 18507665 C:\Program Files\SUPERAntiSpyware
12/1/2008 5:59:53 AM 240297 C:\Program Files\SUPERAntiSpyware\Language
12/1/2008 5:59:53 AM 172032 C:\Program Files\SUPERAntiSpyware\Plugins
11/12/2008 8:08:37 PM 21180430 C:\Program Files\Total Training
11/12/2008 8:08:53 PM 21180430 C:\Program Files\Total Training\VW Creative Suite 2
11/12/2008 8:08:53 PM 8390292 C:\Program Files\Total Training\VW Creative Suite 2\CASTS
11/12/2008 8:09:00 PM 3477 C:\Program Files\Total Training\VW Creative Suite 2\RESOURCES
11/12/2008 8:09:04 PM 6653710 C:\Program Files\Total Training\VW Creative Suite 2\XTRAS
11/12/2008 8:09:04 PM 3794702 C:\Program Files\Total Training\VW Creative Suite 2\XTRAS\Mac
11/12/2008 8:09:09 PM 2859008 C:\Program Files\Total Training\VW Creative Suite 2\XTRAS\Win
11/30/2008 5:22:38 AM 1512915 C:\Program Files\Trainer Maker Kit
11/30/2008 5:27:57 AM 0 C:\Program Files\Trainer Maker Kit\Zero Hr
11/30/2008 5:27:57 AM 0 C:\Program Files\Trainer Maker Kit\Zero Hr\AVI
11/30/2008 5:27:57 AM 0 C:\Program Files\Trainer Maker Kit\Zero Hr\BITMAP
11/30/2008 5:27:57 AM 0 C:\Program Files\Trainer Maker Kit\Zero Hr\CURSOR
11/30/2008 5:27:57 AM 0 C:\Program Files\Trainer Maker Kit\Zero Hr\ICON
11/30/2008 5:27:57 AM 0 C:\Program Files\Trainer Maker Kit\Zero Hr\WAVE
11/16/2008 8:06:56 AM 433799 C:\Program Files\Trend Micro
11/16/2008 8:06:56 AM 433799 C:\Program Files\Trend Micro\HijackThis
11/29/2008 11:21:31 AM 137 C:\Program Files\Trend Micro\HijackThis\backups
11/28/2008 12:37:12 PM 5403908 C:\Program Files\Windows Desktop Search
11/28/2008 12:37:15 PM 136452 C:\Program Files\Windows Desktop Search\en-US
11/28/2008 12:35:53 PM 3581070 C:\Program Files\Windows Media Connect 2
11/8/2008 7:42:30 AM 3576499 C:\Program Files\WinRAR
11/8/2008 7:42:31 AM 899072 C:\Program Files\WinRAR\Formats

====== Files under "\System32\Drivers" Last 30 Days======

11/12/2008 11:03:31 PM 11392 32 C:\WINDOWS\system32\drivers\bdasup.sys
11/5/2008 4:54:58 PM 5888 0 C:\WINDOWS\system32\drivers\imagedrv.sys
11/5/2008 4:54:58 PM 127488 0 C:\WINDOWS\system32\drivers\imagesrv.sys
12/1/2008 6:47:29 AM 15504 32 C:\WINDOWS\system32\drivers\mbam.sys
12/1/2008 6:47:26 AM 38496 32 C:\WINDOWS\system32\drivers\mbamswissarmy.sys
11/12/2008 11:03:31 PM 15104 32 C:\WINDOWS\system32\drivers\mpe.sys
11/12/2008 11:03:31 PM 52096 32 C:\WINDOWS\system32\drivers\msdv.sys
11/26/2008 9:18:20 AM 28672 32 C:\WINDOWS\system32\drivers\RKHit.sys

====== Files under "\User\Local Settings\Temp" Last 30 Days======

====== Files and Folders under "All Users\Application Data" Last 30 Days======

11/8/2008 8:57:24 AM 24903 C:\Documents and Settings\All Users\Application Data\Adobe Systems
11/8/2008 8:57:26 AM 24903 C:\Documents and Settings\All Users\Application Data\Adobe Systems\Product licenses
11/6/2008 8:47:03 AM 12989 C:\Documents and Settings\All Users\Application Data\CyberLink
11/6/2008 8:47:03 AM 12989 C:\Documents and Settings\All Users\Application Data\CyberLink\EvoParser
11/6/2008 8:47:03 AM 12989 C:\Documents and Settings\All Users\Application Data\CyberLink\EvoParser\PowerDVD
11/6/2008 8:47:03 AM 12989 C:\Documents and Settings\All Users\Application Data\CyberLink\EvoParser\PowerDVD\6.00
11/15/2008 10:17:58 PM 0 C:\Documents and Settings\All Users\Application Data\FileOpen
11/15/2008 10:17:58 PM 0 C:\Documents and Settings\All Users\Application Data\FileOpen\Updates
11/12/2008 8:57:25 PM 155 C:\Documents and Settings\All Users\Application Data\InstallShield
11/12/2008 8:57:25 PM 155 C:\Documents and Settings\All Users\Application Data\InstallShield\UpdateService
11/12/2008 8:57:25 PM 155 C:\Documents and Settings\All Users\Application Data\InstallShield\UpdateService\Database
12/2/2008 8:21:11 AM 0 C:\Documents and Settings\All Users\Application Data\Karen's Power Tools
11/6/2008 6:22:44 AM 62296367 C:\Documents and Settings\All Users\Application Data\Macromedia
11/6/2008 8:25:52 AM 62294099 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8
11/6/2008 8:25:52 AM 62294099 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en
11/6/2008 8:25:52 AM 62294099 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration
11/6/2008 8:25:52 AM 62294099 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel
11/6/2008 8:26:00 AM 65 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Dump
11/6/2008 8:25:52 AM 62182274 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help
11/6/2008 8:26:00 AM 11490328 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\ActionScriptLangRef
11/6/2008 8:26:18 AM 661722 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\ActionScriptLangRef\images
11/6/2008 8:26:20 AM 11217278 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\ComponentRef
11/6/2008 8:26:34 AM 177261 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\ComponentRef\images
11/6/2008 8:26:34 AM 213068 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\ComponentRef\movies
11/6/2008 8:26:34 AM 4273045 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\ExtendingFlash
11/6/2008 8:26:40 AM 4963 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\ExtendingFlash\images
11/6/2008 8:26:40 AM 1099326 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\FlashLiteAPIReference
11/6/2008 8:26:42 AM 1738 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\FlashLiteAPIReference\images
11/6/2008 8:26:42 AM 1306344 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\FlashLiteDevelopersGuide
11/6/2008 8:26:42 AM 719643 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\FlashLiteDevelopersGuide\images
11/6/2008 8:26:43 AM 527983 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\FlashLiteGettingStarted
11/6/2008 8:26:43 AM 322589 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\FlashLiteGettingStarted\images
11/6/2008 8:26:43 AM 213927 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\FlashLiteLearningAS
11/6/2008 8:26:43 AM 52614 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\FlashLiteLearningAS\images
11/6/2008 8:25:52 AM 1811802 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\GettingStarted
11/6/2008 8:26:44 AM 336770 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\GettingStarted\finished_files
11/6/2008 8:26:45 AM 551788 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\GettingStarted\images
11/6/2008 8:25:52 AM 56466 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\GettingStarted\start_files
11/6/2008 8:26:45 AM 56466 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\GettingStarted\start_files\Assets
11/6/2008 8:26:45 AM 10054641 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\LearningActionScript
11/6/2008 8:26:52 AM 476452 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\LearningActionScript\images
11/6/2008 8:26:53 AM 2801904 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\LearningActionScript\movies
11/6/2008 8:26:54 AM 308504 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\Samples
11/6/2008 8:26:55 AM 1738 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\Samples\images
11/6/2008 8:26:55 AM 10712283 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\Tutorials
11/6/2008 8:26:57 AM 5155450 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\Tutorials\finished_files
11/6/2008 8:26:58 AM 1064480 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\Tutorials\images
11/6/2008 8:27:00 AM 2748741 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\Tutorials\start_files
11/6/2008 8:27:01 AM 1883317 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\UsingComponents
11/6/2008 8:27:02 AM 346483 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\UsingComponents\images
11/6/2008 8:27:02 AM 51047 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\UsingComponents\movies
11/6/2008 8:27:02 AM 7156469 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\UsingFlash
11/6/2008 8:27:09 AM 969652 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\UsingFlash\images
11/6/2008 8:27:11 AM 178810 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\UsingFlash\movies
11/6/2008 8:27:11 AM 125492 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\UsingHelp
11/6/2008 8:27:11 AM 4143 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\UsingHelp\images
11/6/2008 8:27:11 AM 1535 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\Help\Welcome
11/6/2008 8:27:11 AM 111038 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\_sharedassets
11/6/2008 8:27:11 AM 87793 C:\Documents and Settings\All Users\Application Data\Macromedia\Flash 8\en\Configuration\HelpPanel\_sharedassets\icons
11/6/2008 6:22:44 AM 2268 C:\Documents and Settings\All Users\Application Data\Macromedia\Licensing
11/6/2008 6:29:20 AM 445 C:\Documents and Settings\All Users\Application Data\Macromedia\Licensing\Licenses
11/6/2008 6:29:20 AM 445 C:\Documents and Settings\All Users\Application Data\Macromedia\Licensing\Licenses\Studio 8.0
11/6/2008 6:22:44 AM 1823 C:\Documents and Settings\All Users\Application Data\Macromedia\Licensing\Products
11/6/2008 6:29:20 AM 191 C:\Documents and Settings\All Users\Application Data\Macromedia\Licensing\Products\Contribute 3.0
11/6/2008 6:22:44 AM 468 C:\Documents and Settings\All Users\Application Data\Macromedia\Licensing\Products\Dreamweaver 8.0
11/6/2008 6:29:20 AM 190 C:\Documents and Settings\All Users\Application Data\Macromedia\Licensing\Products\Fireworks 8.0
11/6/2008 6:29:20 AM 511 C:\Documents and Settings\All Users\Application Data\Macromedia\Licensing\Products\Flash 8 Video Encoder 1.0
11/6/2008 6:29:20 AM 463 C:\Documents and Settings\All Users\Application Data\Macromedia\Licensing\Products\Flash 8.0
12/1/2008 6:47:24 AM 1329300 C:\Documents and Settings\All Users\Application Data\Malwarebytes
12/1/2008 6:47:24 AM 1329300 C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
12/1/2008 1:57:18 PM 2492 C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
12/1/2008 1:57:18 PM 2492 C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage\data
11/12/2008 8:57:07 PM 422 C:\Documents and Settings\All Users\Application Data\Sonic
12/1/2008 6:00:02 AM 0 C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
12/1/2008 6:00:02 AM 0 C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware

====== Possible Rootkit Scan (Note: Items listed here are not necessarily bad)======

====== Values under HKLM\Software\microsoft\shared tools\msconfig\startupreg ======

====== BHO's under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects ======

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
NCO 2.0 IE BHO

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}
Symantec Intrusion Prevention

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
JQSIEStartDetectorImpl

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}

====== Services ( Services that are Whitelisted are not shown) ======

RobSedona · « **Reply #5 on:** December 03, 2008, 09:35:58 AM »

Automatic LiveUpdate Scheduler (Automatic LiveUpdate Scheduler) "C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe" - Auto

Symantec Lic NetConnect service (CLTNetCnService) "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon - Auto

COM Host (comHost) "C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe" - Manual

Media Center Receiver Service (ehRecvr) C:\WINDOWS\eHome\ehRecvr.exe - Auto

Media Center Scheduler Service (ehSched) C:\WINDOWS\eHome\ehSched.exe - Auto

Java Quick Starter (JavaQuickStarterService) "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" - Auto

LiveUpdate Notice (LiveUpdate Notice) "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon - Auto

LVCOMSer (LVCOMSer) "C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe" - Auto

Process Monitor (LVPrcSrv) "C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe" - Auto

LVSrvLauncher (LVSrvLauncher) C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe - Auto

MHN (MHN) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual

Broadcom Wireless LAN Tray Service (wltrysvc) C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe - Auto

Windows Search (WSearch) C:\WINDOWS\system32\SearchIndexer.exe /Embedding - Auto

====== Running Processes ======

System Idle Process

System [4]
smss.exe [860] \SystemRoot\System32\smss.exe
csrss.exe [1260]
winlogon.exe [1288] winlogon.exe
services.exe [1332] C:\WINDOWS\system32\services.exe
lsass.exe [1344] C:\WINDOWS\system32\lsass.exe
ati2evxx.exe [1512] C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe [1528] C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe [1592]
svchost.exe [1648] C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe [1808]
svchost.exe [1960]
ati2evxx.exe [248] Ati2evxx.exe -Client
explorer.exe [308] C:\WINDOWS\Explorer.EXE
CCSVCHST.EXE [344] "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
ccProxy.exe [524] "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"
WLTRYSVC.EXE [940] C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe
BCMWLTRY.EXE [952] C:\WINDOWS\System32\bcmwltry.exe
spoolsv.exe [1008] C:\WINDOWS\system32\spoolsv.exe
LVPrcSrv.exe [1072] "C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"
AluSchedulerSvc.exe [1200] "C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe"
ehrecvr.exe [1264] C:\WINDOWS\eHome\ehRecvr.exe
ehSched.exe [1452] C:\WINDOWS\eHome\ehSched.exe
jqs.exe [1856] "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
LVComSer.exe [2028] "C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe"
PRISMXL.SYS [2156] "C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS"
svchost.exe [2192]
svchost.exe [2252] C:\WINDOWS\system32\svchost.exe -k imgsvc
searchindexer.exe [2316] C:\WINDOWS\system32\SearchIndexer.exe /Embedding
mcrdsvc.exe [2572]
LVComSer.exe [2864] "C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe" /keymon
dllhost.exe [2956] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
alg.exe [3096]
ehtray.exe [3480] "C:\WINDOWS\ehome\ehtray.exe"
PDVDServ.exe [3580] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
SynTPLpr.exe [3612] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
SynTPEnh.exe [3672] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
atiptaxx.exe [3788] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
WLTRAY.EXE [3832] "C:\WINDOWS\system32\WLTRAY.exe"
ehmsas.exe [3940] C:\WINDOWS\eHome\ehmsas.exe -Embedding
LOGI_MWX.EXE [4016] "C:\WINDOWS\LOGI_MWX.EXE"
CCSVCHST.EXE [4044] /a /h ccApp "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
Communications_Helper.exe [288] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
Quickcam.exe [420] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
acrotray.exe [692] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
jusched.exe [768] "C:\Program Files\Java\jre6\bin\jusched.exe"
msmsgs.exe [688] "C:\Program Files\Messenger\msmsgs.exe" /background
ctfmon.exe [2000] "C:\WINDOWS\system32\ctfmon.exe"
wcescomm.exe [2180] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
ijdkq13324484.exe [2444] "C:\Documents and Settings\Owner.SusanPsychic\Application Data\Google\ijdkq13324484.exe"
rapimgr.exe [2516] C:\PROGRA~1\MICROS~3\rapimgr.exe -Embedding
BigFix.exe [3036] "C:\Program Files\BigFix\BigFix.exe" /atstartup
FileOpenAPI.exe [3232] "C:\Program Files\FileOpen\plug_ins\FileOpenAPI.exe"
LogitechDesktopMessenger.exe [2856] "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" -startup
VZAccess Manager.exe [3284] "C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe"
WindowsSearch.exe [392] "C:\Program Files\Windows Desktop Search\WindowsSearch.exe" /startup
COCIManager.exe [2436] "C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe" -Embedding
symlcsvc.exe [2868] C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
firefox.exe [5544] "C:\Program Files\Mozilla Firefox\firefox.exe"
searchprotocolhost.exe [5176] "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot) " "C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
wscript.exe [2944] "C:\WINDOWS\System32\WScript.exe" "C:\Documents and Settings\Owner.SusanPsychic\Desktop\Filelister\FileLister.vbe"
searchfilterhost.exe [1428]
notepad.exe [5428] "C:\WINDOWS\system32\NOTEPAD.EXE" C:\Files.txt
wmiprvse.exe [5816]
wmiprvse.exe [4632]

====== Uninstall List From Registry ======

Adobe Acrobat 7.1.0 Professional
Adobe Flash Player ActiveX
Adobe Flash Player 10 Plugin
Adobe SVG Viewer 3.0
ATI - Software Uninstall Utility
ATI Display Driver
Belarc Advisor 7.2
BigFix
Broadcom 802.11 Network Adapter
Canon Digital Camera USB WIA Driver
Conexant AC-Link Audio
Soft Data Fax Modem with SmartCP
EPSON Printer Software
EPSON Scan
Gateway Drivers and Applications Recovery
HijackThis 2.0.2
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Texas Instruments PCIxx21/x515/xx12 drivers.
Canon Camera Support Core Library
Canon MovieEdit Task for ZoomBrowser EX
Canon Camera Window for ZoomBrowser EX
IsoBuster 1.9
Karen's Time Sync
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Player 10 Hotfix - KB894476
Update Rollup 2 for Windows XP Media Center Edition 2005
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB915800-v4)
Security Update for Windows XP (KB923689)
Windows XP Media Center Edition 2005 KB925766
Hotfix for Windows Media Format 11 SDK (KB929399)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows XP (KB938464)
Hotfix for Windows Media Player 11 (KB939683)
Windows Search 4.0
Security Update for Windows XP (KB941569)
Update for Windows XP (KB942763)
Security Update for Windows XP (KB946648)
Hotfix for Windows Internet Explorer 7 (KB947864)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Update for Windows XP (KB951072-v2)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Update for Windows XP (KB951978)
Hotfix for Windows XP (KB952287)
Security Update for Windows XP (KB952954)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Logitech Legacy USB Camera Driver Package
Logitech QuickCam Driver Package
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Mozilla Firefox (3.0.4)
Microsoft Compression Client Pack 1.0 for Windows XP
MySpaceIM
Nero 6 Ultra Edition
Nero BurnRights
Microsoft National Language Support Downlevel APIs
Canon PhotoRecord
Microsoft Digital Image Starter Edition 2006
LiveUpdate (Symantec Corporation)
PsychicSalesLetter 2.10
QuickTime
RealPlayer Basic
Canon Utilities RemoteCapture 1.3
EPSON RX680 User's Guide
Starcraft
Norton 360 (Symantec Corporation)
Norton Add-on Pack (Symantec Corporation)
Synaptics Pointing Device Driver
Viewpoint Media Player
VZAccess Manager
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Format 11 runtime
Windows Media Player 11
XV6800 User Manual
Windows XP Service Pack 3
WinRAR archiver
Windows Media Format 11 runtime
Windows Media Player 11
Microsoft User-Mode Driver Framework Feature Pack 1.0
Adobe Creative Suite 2
Macromedia Dreamweaver 8
Norton 360 HTMLHelp
ATI Control Panel
Recovery Software Suite Gateway
RAW Image Task
AutoUpdate
EPSON Stylus Photo RX680 Series Scanner Driver Update
GearDrvs
Kyocera Wireless USB Driver for Data Cards
Norton 360
Google Toolbar for Internet Explorer
Adobe Photoshop CS2
Backup
Java(TM) 6 Update 11
Adobe Photoshop CS2 Functional Content
Macromedia Flash 8
RemoteCapture Task 1.0.2
Norton 360
Adobe Encore DVD 2.0
WebFldrs XP
MVision
WModem_Installer
Norton 360
Bonus
Symantec Technical Support Controls
Kyocera Wireless USB Device Drivers
Macromedia Extension Manager
Norton Confidential Core
Sony Sound Forge 8.0d
Norton AntiSpam
Adobe Premiere Pro FC
Logitech MouseWare 9.79
Skype™ 3.8
Microsoft Digital Image Starter Edition 2006 Editor
WModem Driver Installer
Command & Conquer The First Decade
PowerDVD
Microsoft Digital Image Starter Edition 2006 Library
Norton AntiVirus Help
Windows Media Player Firefox Plugin
Microsoft Office Converter Pack
Microsoft Visual C++ 2005 Redistributable
SPBBC 32bit
CC_ccProxyExt
Adobe Stock Photos 1.0
Adobe Stock Photos 1.0
DivX
TIPCI
EPSON Web-To-Page
MSXML 4.0 SP2 (KB954430)
SymNet
Macromedia Flash Player 8
Macromedia Flash 8 Video Encoder
Napster Burn Engine
Adobe Common File Installer
Adobe Help Center 2.0
Logitech Desktop Messenger
Compatibility Pack for the 2007 Office system
Microsoft Office XP Professional with FrontPage
Logitech QuickCam
SeaTools for Windows
Microsoft ActiveSync
Sonic Encoders
Microsoft Digital Image Library 9 - Blocker
Adobe Production Studio
ccPxyCore
Adobe Acrobat 7.0 Professional
Adobe Reader 7.1.0
ccCommon
PANTECH PC USB Modem Software
Microsoft .NET Framework 2.0 Service Pack 1
Adobe ExtendScript Toolkit 1.0
Adobe ExtendScript Toolkit 1.0
Adobe Bridge 1.0
Camera Support Core Library
Napster
Logitech Audio Echo Cancellation Component
FileOpen Plug-in for Adobe Acrobat® and Acrobat Reader®
MSXML 4.0 SP2 (KB936181)
Athlon 64 Processor Driver
Canon Utilities ZoomBrowser EX
Suite Specific
Microsoft .NET Framework 1.1
GearDrvs
Roxio Easy DVD Copy 2
SUPERAntiSpyware Free Edition
Symantec Real Time Storage Protection Component
Adobe After Effects 7.0
MovieEdit Task
LiveUpdate (Symantec Corporation)
CIB
Logitech Video Enumerator
Adobe After Effects 7.0 Functional Content
AppCore
Camera Window
Adobe Encore DVD FC
Adobe Premiere Pro 2.0
ooVoo
EPSON Print CD

======== Other Info ========

TOTAL PHYSICAL RAM: 1542 MB

Thank you
Rob

bamajim · « **Reply #6 on:** December 03, 2008, 10:00:37 AM »

RobSedona

You are most welcome

While I'm looking through this info, I have a question.

Did you recently run Combofix on this PC?

And if you did, post the results of the

C:\Combofix.txt log please.

RobSedona · « **Reply #7 on:** December 03, 2008, 10:06:09 AM »

ComboFix 08-12-01.01 - Owner 2008-12-01 15:10:15.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.769 [GMT -7:00]
Running from: c:\documents and settings\Owner.SusanPsychic\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-11-01 to 2008-12-01 )))))))))))))))))))))))))))))))
.

2008-12-01 15:04 . 2008-12-01 15:04   410,984   --a------   c:\windows\system32\deploytk.dll
2008-12-01 15:04 . 2008-12-01 15:04   73,728   --a------   c:\windows\system32\javacpl.cpl
2008-12-01 13:57 . 2008-12-01 13:57   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2008-12-01 06:47 . 2008-12-01 06:47   <DIR>   d--------   c:\program files\Malwarebytes' Anti-Malware
2008-12-01 06:47 . 2008-12-01 06:47   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\Malwarebytes
2008-12-01 06:47 . 2008-12-01 06:47   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-01 06:47 . 2008-10-22 16:10   38,496   --a------   c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-01 06:47 . 2008-10-22 16:10   15,504   --a------   c:\windows\system32\drivers\mbam.sys
2008-12-01 06:00 . 2008-12-01 06:00   <DIR>   d--------   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-01 05:59 . 2008-12-01 05:59   <DIR>   d--------   c:\program files\SUPERAntiSpyware
2008-12-01 05:59 . 2008-12-01 05:59   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\SUPERAntiSpyware.com
2008-11-30 05:51 . 2008-11-30 05:51   1,816   --a------   c:\windows\TSearch.INI
2008-11-30 05:51 . 2008-11-30 05:51   22   --a------   c:\windows\HexEditor_FindList.hed
2008-11-30 05:22 . 2008-11-30 05:27   <DIR>   d--------   c:\program files\Trainer Maker Kit
2008-11-29 03:47 . 2008-11-29 03:47   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\Windows Search
2008-11-28 12:37 . 2008-11-28 12:37   <DIR>   d--------   c:\program files\Windows Desktop Search
2008-11-28 12:37 . 2008-11-28 12:37   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\Windows Desktop Search
2008-11-28 12:36 . 2008-03-07 10:02   192,000   -----c---   c:\windows\system32\dllcache\offfilt.dll
2008-11-28 12:36 . 2008-03-07 10:02   98,304   -----c---   c:\windows\system32\dllcache\nlhtml.dll
2008-11-28 12:36 . 2008-03-07 10:02   29,696   -----c---   c:\windows\system32\dllcache\mimefilt.dll
2008-11-28 12:35 . 2008-11-28 12:35   <DIR>   d--------   c:\program files\Windows Media Connect 2
2008-11-28 12:33 . 2008-11-28 12:34   <DIR>   d--------   c:\windows\system32\drivers\UMDF
2008-11-28 10:02 . 2008-11-28 10:02   <DIR>   d--------   c:\windows\Logs
2008-11-27 03:06 . 2008-11-27 03:06   <DIR>   d--------   c:\program files\Seagate
2008-11-27 03:04 . 2008-12-01 05:59   <DIR>   d--------   c:\program files\Common Files\Wise Installation Wizard
2008-11-26 09:18 . 2008-11-26 09:28   <DIR>   d--------   c:\program files\Spyware Cease
2008-11-26 09:18 . 2008-11-26 09:19   28,672   --a------   c:\windows\system32\drivers\RKHit.sys
2008-11-21 11:28 . 2008-11-21 11:28   3,564   --a------   c:\windows\C2I2.tmp
2008-11-21 11:09 . 2008-11-21 11:09   3,564   --a------   c:\windows\C2I17.tmp
2008-11-21 06:02 . 2008-11-21 06:02   319,488,288   --a------   C:\CNCTFD.c2d
2008-11-21 05:45 . 2008-11-21 05:45   236,928   --a------   c:\windows\C2I22.tmp
2008-11-21 05:45 . 2008-11-21 05:45   3,564   --a------   c:\windows\C2I23.tmp
2008-11-16 10:36 . 2008-11-27 04:47   4,038   --a------   c:\windows\system32\tmp.reg
2008-11-16 08:06 . 2008-11-16 08:06   <DIR>   d--------   c:\program files\Trend Micro
2008-11-15 22:17 . 2008-11-15 22:17   <DIR>   d--------   c:\program files\FileOpen
2008-11-15 22:17 . 2008-11-26 08:38   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\FileOpen
2008-11-15 22:17 . 2008-11-15 22:17   <DIR>   d--------   c:\documents and settings\All Users\Application Data\FileOpen
2008-11-13 00:46 . 2008-11-13 00:46   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\Roxio
2008-11-12 23:44 . 2008-11-12 23:43   109,568   ---------   c:\windows\system32\pxinsi64.exe
2008-11-12 23:44 . 2008-11-12 23:43   108,544   ---------   c:\windows\system32\pxcpyi64.exe
2008-11-12 20:58 . 2008-11-12 20:58   62   --a------   c:\windows\WININIT.INI
2008-11-12 20:57 . 2008-11-12 20:57   <DIR>   d--------   c:\program files\Common Files\Sonic Shared
2008-11-12 20:57 . 2008-11-12 20:57   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Sonic
2008-11-12 20:57 . 2008-11-12 20:57   <DIR>   d--------   c:\documents and settings\All Users\Application Data\InstallShield
2008-11-12 20:51 . 2008-11-12 20:57   <DIR>   d--------   c:\program files\Roxio
2008-11-12 20:51 . 2008-11-12 20:51   <DIR>   d--------   c:\program files\DivX
2008-11-12 20:08 . 2008-11-12 20:08   <DIR>   d--------   c:\program files\Total Training
2008-11-12 17:06 . 2008-11-12 17:06   <DIR>   d--------   c:\windows\system32\Adobe
2008-11-12 17:06 . 2004-08-16 17:40   16,384   --a------   c:\windows\system32\FileOps.exe
2008-11-11 17:59 . 2008-10-24 04:21   455,296   -----c---   c:\windows\system32\dllcache\mrxsmb.sys
2008-11-11 17:58 . 2008-09-04 10:15   1,106,944   -----c---   c:\windows\system32\dllcache\msxml3.dll
2008-11-10 06:12 . 2008-11-11 06:26   94,208   --a------   c:\windows\ScUnin.exe
2008-11-10 06:12 . 2008-11-11 06:26   31,470   --a------   c:\windows\scunin.dat
2008-11-10 06:12 . 2008-11-11 06:26   967   --a------   c:\windows\ScUnin.pif
2008-11-09 07:32 . 2008-11-21 08:28   <DIR>   d--------   C:\temp
2008-11-09 06:43 . 2008-11-09 06:43   <DIR>   d--------   c:\windows\system32\drivers\5.1.2600.2783
2008-11-08 08:57 . 2008-11-08 08:57   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Adobe Systems
2008-11-08 08:56 . 2008-11-08 08:56   <DIR>   d--------   c:\program files\Common Files\Adobe Systems Shared
2008-11-06 12:27 . 2008-11-06 12:27   4   --a------   c:\windows\Pix1111.dat
2008-11-06 12:12 . 2008-11-06 12:12   8   --a------   c:\windows\sess_f889bb62a98d6c353f506a21620e1a00
2008-11-06 11:58 . 2008-11-06 11:58   <DIR>   d--------   C:\BCM_REL_4_100_15_5_WHQL
2008-11-06 10:19 . 2008-11-06 10:19   <DIR>   d--------   c:\program files\AMD
2008-11-06 10:03 . 2008-11-06 10:03   <DIR>   d--------   c:\program files\Gateway
2008-11-06 10:03 . 2008-11-06 11:57   <DIR>   d--------   C:\cabs
2008-11-06 09:45 . 2008-11-06 09:45   <DIR>   d--------   c:\program files\Smart Projects
2008-11-06 08:47 . 2008-11-26 08:38   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\CyberLink
2008-11-06 08:47 . 2008-11-06 08:47   <DIR>   d--------   c:\documents and settings\All Users\Application Data\CyberLink
2008-11-06 08:40 . 2005-12-15 19:37   86,095   --a------   c:\windows\system32\ImageDrive.cpl
2008-11-06 06:21 . 2008-11-06 08:25   <DIR>   d--------   c:\program files\Macromedia
2008-11-06 06:21 . 2008-11-06 06:24   <DIR>   d--------   c:\program files\Common Files\Macromedia
2008-11-05 17:11 . 2008-11-30 12:32   <DIR>   d--------   C:\NeroCash
2008-11-05 16:54 . 2005-09-01 12:03   127,488   ---------   c:\windows\system32\drivers\imagesrv.sys
2008-11-05 16:54 . 2005-09-01 12:03   5,888   ---------   c:\windows\system32\drivers\imagedrv.sys
2008-11-05 16:53 . 2004-07-09 09:43   364,544   ---------   c:\windows\system32\TwnLib4.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-01 22:13   ---------   d-----w   c:\program files\Common Files\Symantec Shared
2008-12-01 22:04   ---------   d-----w   c:\program files\Java
2008-11-28 05:46   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\Skype
2008-11-28 05:44   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\skypePM
2008-11-28 00:21   ---------   d-----w   c:\documents and settings\All Users\Application Data\Symantec
2008-11-26 15:38   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\ArcSoft
2008-11-26 15:38   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\AdobeUM
2008-11-26 15:34   295,424   ----a-w   c:\windows\system32\termsrv.dll
2008-11-23 23:19   0   ----a-w   c:\windows\system32\drivers\lvuvc.hs
2008-11-23 23:19   0   ----a-w   c:\windows\system32\drivers\logiflt.iad
2008-11-17 21:40   54,480   ----a-w   c:\documents and settings\Owner.SusanPsychic\Application Data\GDIPFONTCACHEV1.DAT
2008-11-16 22:43   ---------   d-----w   c:\program files\Common Files\Adobe
2008-11-16 17:56   ---------   d-----w   c:\program files\Google
2008-11-16 13:50   ---------   d--h--w   c:\program files\InstallShield Installation Information
2008-11-13 03:56   ---------   d-----w   c:\program files\Common Files\Roxio Shared
2008-11-13 03:55   ---------   d-----w   c:\program files\Common Files\InstallShield
2008-11-06 19:24   ---------   d-----w   c:\program files\Common Files\ArcSoft
2008-11-06 19:24   ---------   d-----w   c:\program files\ArcSoft
2008-11-06 19:18   ---------   d-----w   c:\documents and settings\All Users\Application Data\WinZip
2008-11-05 23:52   ---------   d-----w   c:\program files\Ahead
2008-11-04 05:16   ---------   d-----w   c:\program files\Norton 360
2008-10-29 17:11   ---------   d-----w   c:\program files\MySpace
2008-10-29 17:11   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\MySpace
2008-10-24 11:21   455,296   ----a-w   c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 21:13   202,776   ----a-w   c:\windows\system32\wuweb.dll
2008-10-16 21:13   1,809,944   ----a-w   c:\windows\system32\wuaueng.dll
2008-10-16 21:12   561,688   ----a-w   c:\windows\system32\wuapi.dll
2008-10-16 21:12   323,608   ----a-w   c:\windows\system32\wucltui.dll
2008-10-16 21:09   92,696   ----a-w   c:\windows\system32\cdm.dll
2008-10-16 21:09   51,224   ----a-w   c:\windows\system32\wuauclt.exe
2008-10-16 21:09   43,544   ----a-w   c:\windows\system32\wups2.dll
2008-10-16 21:08   34,328   ----a-w   c:\windows\system32\wups.dll
2008-10-10 12:10   ---------   d-----w   c:\program files\EPSON Print CD
2008-10-08 17:43   ---------   d-----w   c:\program files\FriendBlasterPro
2008-10-08 17:42   ---------   d-----w   c:\program files\Link Buzz
2008-10-08 12:55   ---------   d-----w   c:\program files\VSTplugins
2008-10-08 12:55   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\Publish Providers
2008-10-08 12:52   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\Sony
2008-10-08 12:50   ---------   d-----w   c:\program files\Sony
2008-10-07 18:43   ---------   d-----w   c:\program files\Sony Setup
2008-10-07 00:05   ---------   d-----w   c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-01 22:07   ---------   d-----w   c:\program files\Microsoft ActiveSync
2008-09-30 23:43   1,286,152   ----a-w   c:\windows\system32\msxml4.dll
2008-09-15 12:12   1,846,400   ----a-w   c:\windows\system32\win32k.sys
2008-09-10 01:14   1,307,648   ------w   c:\windows\system32\msxml6.dll
2008-09-04 17:15   1,106,944   ----a-w   c:\windows\system32\msxml3.dll
.

------- Sigcheck -------

2005-03-10 07:49 295424 c29a5286e64d97385178452d5f307b98   c:\windows\$NtServicePackUninstall$\termsrv.dll
2004-08-10 12:00 295424 b60c877d16d9c880b952fda04adf16e6   c:\windows\$NtUninstallKB895961$\termsrv.dll
2008-04-13 17:12 295424 ff3477c03be7201c294c35f684b3479f   c:\windows\ServicePackFiles\i386\termsrv.dll
2008-11-26 08:34 295424 63999d0abd8dabfd76a9c07f6e104868   c:\windows\system32\termsrv.dll
.
((((((((((((((((((((((((((((( snapshot@2008-12-01_14.13.37.37 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-03-04 09:06:58   49,248   ----a-w   c:\windows\system32\java.exe
+ 2008-12-01 22:04:31   144,792   ----a-w   c:\windows\system32\java.exe
- 2005-03-04 09:07:06   49,250   ----a-w   c:\windows\system32\javaw.exe
+ 2008-12-01 22:04:32   144,792   ----a-w   c:\windows\system32\javaw.exe
- 2005-03-04 10:36:48   127,078   ----a-w   c:\windows\system32\javaws.exe
+ 2008-12-01 22:04:32   148,888   ----a-w   c:\windows\system32\javaws.exe
+ 2008-12-01 21:09:14   16,384   ----atw   c:\windows\Temp\Perflib_Perfdata_100.dat
+ 2008-12-01 22:05:00   16,384   ----atw   c:\windows\Temp\Perflib_Perfdata_1460.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-10-31 12:24   576352   --a------   c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-10-31 12:24   576352   --a------   c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-10-31 12:24   576352   --a------   c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"EPSON Stylus Photo RX680 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICJA.EXE" [2007-04-13 182272]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" [2006-03-30 313472]
"HPsetm"="c:\documents and settings\Owner.SusanPsychic\Application Data\Google\ijdkq13324484.exe" [2008-11-26 102912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY" [X]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-05 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-05 688218]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2005-02-25 966656]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-28 344064]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-01 136600]
"Logitech Utility"="LOGI_MWX.EXE" [2003-11-07 c:\windows\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-04-17 9117696]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2008-11-08 25214]
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
BigFix.lnk - c:\program files\BigFix\BigFix.exe [2008-06-01 1742384]
FileOpenAPI.exe.lnk - c:\program files\FileOpen\plug_ins\FileOpenAPI.exe [2008-06-01 57344]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-06-02 67128]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:ooVoo TCP port 443
"443:UDP"= 443:UDP:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:ooVoo UDP port 37675
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R2 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [2008-02-18 149352]
R3 COH_Mon;COH_Mon;\??\c:\windows\system32\Drivers\COH_Mon.sys [2008-01-12 23888]
R3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\DRIVERS\PTDMBus.sys [2008-06-04 29952]
R3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\DRIVERS\PTDMMdm.sys [2008-06-04 41856]
R3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\DRIVERS\PTDMVsp.sys [2008-06-04 39936]
R3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\DRIVERS\PTDMWWAN.sys [2008-06-04 59520]
S1 c2scsi;c2scsi; []
S3 el575nd5;3Com Megahertz 10/100 LAN CardBus PC Card Driver;c:\windows\system32\DRIVERS\el575nd5.sys [2008-06-01 69692]
S3 HSFHWATI;HSFHWATI;c:\windows\system32\DRIVERS\HSFHWATI.sys [2008-06-01 200576]
S3 kwkxusb;Kyocera CDMA Wireless Modem Driver;c:\windows\system32\DRIVERS\kwusb2k.sys [2007-08-28 191104]
S3 qcmdmxp;HTC Proprietary USB Driver (PID 0B03);c:\windows\system32\DRIVERS\qcmdmxp.sys [2008-08-25 92800]
S3 qcserxp;HTC Diagnostic Port (PID 0B03);c:\windows\system32\DRIVERS\qcserxp.sys [2008-08-25 92800]
S3 RkHit;RkHit;\??\c:\windows\system32\drivers\RKHit.sys [2008-11-26 28672]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

*Newly Created Service* - COMHOST
*Newly Created Service* - JAVAQUICKSTARTERSERVICE
.
Contents of the 'Scheduled Tasks' folder

2008-06-01 c:\windows\Tasks\ISP signup reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-04-13 17:12]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Owner.SusanPsychic\Application Data\Mozilla\Firefox\Profiles\mvj9bayw.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.com
FF -: plugin - c:\documents and settings\Owner.SusanPsychic\Application Data\Mozilla\Firefox\Profiles\mvj9bayw.default\extensions\npzorap@zorap.com\plugins\npZorap.dll
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdbplug.dll
FF -: plugin - c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-01 15:12:58
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1296)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
Completion time: 2008-12-01 15:14:33
ComboFix-quarantined-files.txt 2008-12-01 22:14:07
ComboFix2.txt 2008-12-01 21:35:17
ComboFix3.txt 2008-12-01 21:14:34

Pre-Run: 38,339,293,184 bytes free
Post-Run: 38,322,880,512 bytes free

286   --- E O F ---   2008-11-12 13:27:53
TKs Again
Rob

bamajim · « **Reply #8 on:** December 03, 2008, 10:43:25 AM »

RobSedona

There are a couple of things that need to be fixed. But you have a suspicious file I would like to look at

1. We need to make sure we can see hidden files and folders

To enable the viewing of Hidden and System files follow these steps:

Right click on Start and select Explore.
Select the Tools menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders. Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Click Yes To confirm
Press the Apply button and then the OK button.

2. Please go HERE

Put Your Name, and SpywareHammer HJT forum

and In the file to submit box, click Browse.Using Windows Explorer
Locate the file

c:\windows\system32\drivers\RKHit.sys

In the comments tell them that I asked you to upload the file
Then Select Send File.

After I examine the file, I 'll get right back to you

RobSedona · « **Reply #9 on:** December 03, 2008, 11:05:43 AM »

File was uploaded

Rob

bamajim · « **Reply #10 on:** December 03, 2008, 11:26:10 AM »

RobSedona

Got the file, thanks. Got one hit on it, however I am still suspicious of it. Before I put together my fix for your PC, I have 2 more questions please:

1. Do you remember about what date this infection started, 11/26 maybe?
2. Did you download Spyware Cease on purpose, and was it before or after the problem started?

:)

RobSedona · « **Reply #11 on:** December 03, 2008, 11:36:52 AM »

Yes 11-26 could be about the date

And I downloaded the Spyware Cease and others to get the stuff gone all seamed to happen at once I think My wife got it in a free download or in her Email.

bamajim · « **Reply #12 on:** December 03, 2008, 11:47:21 AM »

RobSedona

Let's get started:

We are going to use Combofix, since you have it on board.

1. Open NotePad (not wordpad). Copy and paste the following into Notepad

Driver::
RkHit

File::
c:\documents and settings\Owner.SusanPsychic\Application Data\Google\ijdkq13324484.exe
c:\windows\system32\drivers\RKHit.sys

Folder::
c:\program files\Spyware Cease

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPsetm"=-

Save the File as CFScript(exactly as shown no spaces) ->> Save it to your Desktop

Using the Image as a reference, drag CFScript into ComboFix.exe

You will be prompted to run Combofix again, Do so
Following the same rules as indicated in my first post
Then post the contents of the C:\ComboFix.txt log in your reply

2. Rerun Hijackthis and post a fresh Hijackthis log as well

RobSedona · « **Reply #13 on:** December 03, 2008, 12:12:49 PM »

ComboFix 08-12-02.02 - Owner 2008-12-03 10:53:18.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.672 [GMT -7:00]
Running from: c:\documents and settings\Owner.SusanPsychic\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner.SusanPsychic\Desktop\CFScript.txt
* Created a new restore point

FILE ::
c:\documents and settings\Owner.SusanPsychic\Application Data\Google\ijdkq13324484.exe
c:\windows\system32\drivers\RKHit.sys
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Owner.SusanPsychic\Application Data\Google\ijdkq13324484.exe
c:\program files\Spyware Cease
c:\program files\Spyware Cease\md5.dll
c:\program files\Spyware Cease\networkdll.dll
c:\program files\Spyware Cease\opfile.dll
c:\program files\Spyware Cease\RkHitApi.dll
c:\program files\Spyware Cease\spkdll.dll
c:\program files\Spyware Cease\SpywareCease.exe
c:\program files\Spyware Cease\zlib1.dll
c:\windows\system32\drivers\RKHit.sys
c:\windows\system32\h@tkeysh@@k.dll
F:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_RKHIT
-------\Service_RkHit

((((((((((((((((((((((((( Files Created from 2008-11-03 to 2008-12-03 )))))))))))))))))))))))))))))))
.

2008-12-02 08:21 . 2008-12-02 08:21   <DIR>   d--------   c:\program files\Karen's Power Tools
2008-12-02 08:21 . 2008-12-02 08:21   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Karen's Power Tools
2008-12-02 07:32 . 2008-12-02 07:32   54,156   --ah-----   c:\windows\QTFont.qfn
2008-12-02 07:32 . 2008-12-02 07:32   1,409   --a------   c:\windows\QTFont.for
2008-12-01 15:04 . 2008-12-01 15:04   410,984   --a------   c:\windows\system32\deploytk.dll
2008-12-01 15:04 . 2008-12-01 15:04   73,728   --a------   c:\windows\system32\javacpl.cpl
2008-12-01 13:57 . 2008-12-01 13:57   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2008-12-01 06:47 . 2008-12-01 06:47   <DIR>   d--------   c:\program files\Malwarebytes' Anti-Malware
2008-12-01 06:47 . 2008-12-01 06:47   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\Malwarebytes
2008-12-01 06:47 . 2008-12-01 06:47   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-01 06:47 . 2008-10-22 16:10   38,496   --a------   c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-01 06:47 . 2008-10-22 16:10   15,504   --a------   c:\windows\system32\drivers\mbam.sys
2008-12-01 06:00 . 2008-12-01 06:00   <DIR>   d--------   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-01 05:59 . 2008-12-01 05:59   <DIR>   d--------   c:\program files\SUPERAntiSpyware
2008-12-01 05:59 . 2008-12-01 05:59   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\SUPERAntiSpyware.com
2008-11-30 05:51 . 2008-11-30 05:51   1,816   --a------   c:\windows\TSearch.INI
2008-11-30 05:51 . 2008-11-30 05:51   22   --a------   c:\windows\HexEditor_FindList.hed
2008-11-30 05:22 . 2008-11-30 05:27   <DIR>   d--------   c:\program files\Trainer Maker Kit
2008-11-29 03:47 . 2008-11-29 03:47   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\Windows Search
2008-11-28 12:37 . 2008-11-28 12:37   <DIR>   d--------   c:\program files\Windows Desktop Search
2008-11-28 12:37 . 2008-11-28 12:37   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\Windows Desktop Search
2008-11-28 12:36 . 2008-03-07 10:02   192,000   -----c---   c:\windows\system32\dllcache\offfilt.dll
2008-11-28 12:36 . 2008-03-07 10:02   98,304   -----c---   c:\windows\system32\dllcache\nlhtml.dll
2008-11-28 12:36 . 2008-03-07 10:02   29,696   -----c---   c:\windows\system32\dllcache\mimefilt.dll
2008-11-28 12:35 . 2008-11-28 12:35   <DIR>   d--------   c:\program files\Windows Media Connect 2
2008-11-28 12:33 . 2008-11-28 12:34   <DIR>   d--------   c:\windows\system32\drivers\UMDF
2008-11-28 10:02 . 2008-11-28 10:02   <DIR>   d--------   c:\windows\Logs
2008-11-27 03:06 . 2008-11-27 03:06   <DIR>   d--------   c:\program files\Seagate
2008-11-27 03:04 . 2008-12-01 05:59   <DIR>   d--------   c:\program files\Common Files\Wise Installation Wizard
2008-11-21 11:28 . 2008-11-21 11:28   3,564   --a------   c:\windows\C2I2.tmp
2008-11-21 11:09 . 2008-11-21 11:09   3,564   --a------   c:\windows\C2I17.tmp
2008-11-21 05:45 . 2008-11-21 05:45   236,928   --a------   c:\windows\C2I22.tmp
2008-11-21 05:45 . 2008-11-21 05:45   3,564   --a------   c:\windows\C2I23.tmp
2008-11-16 10:36 . 2008-11-27 04:47   4,038   --a------   c:\windows\system32\tmp.reg
2008-11-16 08:06 . 2008-11-16 08:06   <DIR>   d--------   c:\program files\Trend Micro
2008-11-15 22:17 . 2008-11-15 22:17   <DIR>   d--------   c:\program files\FileOpen
2008-11-15 22:17 . 2008-11-26 08:38   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\FileOpen
2008-11-15 22:17 . 2008-11-15 22:17   <DIR>   d--------   c:\documents and settings\All Users\Application Data\FileOpen
2008-11-13 00:46 . 2008-11-13 00:46   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\Roxio
2008-11-12 23:44 . 2008-11-12 23:43   109,568   ---------   c:\windows\system32\pxinsi64.exe
2008-11-12 23:44 . 2008-11-12 23:43   108,544   ---------   c:\windows\system32\pxcpyi64.exe
2008-11-12 20:58 . 2008-11-12 20:58   62   --a------   c:\windows\WININIT.INI
2008-11-12 20:57 . 2008-11-12 20:57   <DIR>   d--------   c:\program files\Common Files\Sonic Shared
2008-11-12 20:57 . 2008-11-12 20:57   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Sonic
2008-11-12 20:57 . 2008-11-12 20:57   <DIR>   d--------   c:\documents and settings\All Users\Application Data\InstallShield
2008-11-12 20:51 . 2008-11-12 20:57   <DIR>   d--------   c:\program files\Roxio
2008-11-12 20:51 . 2008-11-12 20:51   <DIR>   d--------   c:\program files\DivX
2008-11-12 20:08 . 2008-11-12 20:08   <DIR>   d--------   c:\program files\Total Training
2008-11-12 17:06 . 2008-11-12 17:06   <DIR>   d--------   c:\windows\system32\Adobe
2008-11-12 17:06 . 2004-08-16 17:40   16,384   --a------   c:\windows\system32\FileOps.exe
2008-11-11 17:59 . 2008-10-24 04:21   455,296   -----c---   c:\windows\system32\dllcache\mrxsmb.sys
2008-11-11 17:58 . 2008-09-04 10:15   1,106,944   -----c---   c:\windows\system32\dllcache\msxml3.dll
2008-11-10 06:12 . 2008-11-11 06:26   94,208   --a------   c:\windows\ScUnin.exe
2008-11-10 06:12 . 2008-11-11 06:26   31,470   --a------   c:\windows\scunin.dat
2008-11-10 06:12 . 2008-11-11 06:26   967   --a------   c:\windows\ScUnin.pif
2008-11-09 07:32 . 2008-11-21 08:28   <DIR>   d--------   C:\temp
2008-11-09 06:43 . 2008-11-09 06:43   <DIR>   d--------   c:\windows\system32\drivers\5.1.2600.2783
2008-11-08 08:57 . 2008-11-08 08:57   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Adobe Systems
2008-11-08 08:56 . 2008-11-08 08:56   <DIR>   d--------   c:\program files\Common Files\Adobe Systems Shared
2008-11-06 12:27 . 2008-11-06 12:27   4   --a------   c:\windows\Pix1111.dat
2008-11-06 12:12 . 2008-11-06 12:12   8   --a------   c:\windows\sess_f889bb62a98d6c353f506a21620e1a00
2008-11-06 11:58 . 2008-11-06 11:58   <DIR>   d--------   C:\BCM_REL_4_100_15_5_WHQL
2008-11-06 10:19 . 2008-11-06 10:19   <DIR>   d--------   c:\program files\AMD
2008-11-06 10:03 . 2008-11-06 10:03   <DIR>   d--------   c:\program files\Gateway
2008-11-06 10:03 . 2008-11-06 11:57   <DIR>   d--------   C:\cabs
2008-11-06 09:45 . 2008-11-06 09:45   <DIR>   d--------   c:\program files\Smart Projects
2008-11-06 08:47 . 2008-11-26 08:38   <DIR>   d--------   c:\documents and settings\Owner.SusanPsychic\Application Data\CyberLink
2008-11-06 08:47 . 2008-11-06 08:47   <DIR>   d--------   c:\documents and settings\All Users\Application Data\CyberLink
2008-11-06 08:40 . 2005-12-15 19:37   86,095   --a------   c:\windows\system32\ImageDrive.cpl
2008-11-06 06:21 . 2008-11-06 08:25   <DIR>   d--------   c:\program files\Macromedia
2008-11-06 06:21 . 2008-11-06 06:24   <DIR>   d--------   c:\program files\Common Files\Macromedia
2008-11-05 17:11 . 2008-11-30 12:32   <DIR>   d--------   C:\NeroCash
2008-11-05 16:54 . 2005-09-01 12:03   127,488   ---------   c:\windows\system32\drivers\imagesrv.sys
2008-11-05 16:54 . 2005-09-01 12:03   5,888   ---------   c:\windows\system32\drivers\imagedrv.sys
2008-11-05 16:53 . 2004-07-09 09:43   364,544   ---------   c:\windows\system32\TwnLib4.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-03 18:00   ---------   d-----w   c:\program files\Common Files\Symantec Shared
2008-12-01 22:04   ---------   d-----w   c:\program files\Java
2008-11-28 05:46   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\Skype
2008-11-28 05:44   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\skypePM
2008-11-28 00:21   ---------   d-----w   c:\documents and settings\All Users\Application Data\Symantec
2008-11-26 15:38   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\ArcSoft
2008-11-26 15:38   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\AdobeUM
2008-11-26 15:34   295,424   ----a-w   c:\windows\system32\termsrv.dll
2008-11-23 23:19   0   ----a-w   c:\windows\system32\drivers\lvuvc.hs
2008-11-23 23:19   0   ----a-w   c:\windows\system32\drivers\logiflt.iad
2008-11-17 21:40   54,480   ----a-w   c:\documents and settings\Owner.SusanPsychic\Application Data\GDIPFONTCACHEV1.DAT
2008-11-16 22:43   ---------   d-----w   c:\program files\Common Files\Adobe
2008-11-16 17:56   ---------   d-----w   c:\program files\Google
2008-11-16 13:50   ---------   d--h--w   c:\program files\InstallShield Installation Information
2008-11-13 03:56   ---------   d-----w   c:\program files\Common Files\Roxio Shared
2008-11-13 03:55   ---------   d-----w   c:\program files\Common Files\InstallShield
2008-11-06 19:24   ---------   d-----w   c:\program files\Common Files\ArcSoft
2008-11-06 19:24   ---------   d-----w   c:\program files\ArcSoft
2008-11-06 19:18   ---------   d-----w   c:\documents and settings\All Users\Application Data\WinZip
2008-11-05 23:52   ---------   d-----w   c:\program files\Ahead
2008-11-04 05:16   ---------   d-----w   c:\program files\Norton 360
2008-10-29 17:11   ---------   d-----w   c:\program files\MySpace
2008-10-29 17:11   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\MySpace
2008-10-24 11:21   455,296   ----a-w   c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 21:13   202,776   ----a-w   c:\windows\system32\wuweb.dll
2008-10-16 21:13   1,809,944   ----a-w   c:\windows\system32\wuaueng.dll
2008-10-16 21:12   561,688   ----a-w   c:\windows\system32\wuapi.dll
2008-10-16 21:12   323,608   ----a-w   c:\windows\system32\wucltui.dll
2008-10-16 21:09   92,696   ----a-w   c:\windows\system32\cdm.dll
2008-10-16 21:09   51,224   ----a-w   c:\windows\system32\wuauclt.exe
2008-10-16 21:09   43,544   ----a-w   c:\windows\system32\wups2.dll
2008-10-16 21:08   34,328   ----a-w   c:\windows\system32\wups.dll
2008-10-10 12:10   ---------   d-----w   c:\program files\EPSON Print CD
2008-10-08 17:43   ---------   d-----w   c:\program files\FriendBlasterPro
2008-10-08 17:42   ---------   d-----w   c:\program files\Link Buzz
2008-10-08 12:55   ---------   d-----w   c:\program files\VSTplugins
2008-10-08 12:55   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\Publish Providers
2008-10-08 12:52   ---------   d-----w   c:\documents and settings\Owner.SusanPsychic\Application Data\Sony
2008-10-08 12:50   ---------   d-----w   c:\program files\Sony
2008-10-07 18:43   ---------   d-----w   c:\program files\Sony Setup
2008-10-07 00:05   ---------   d-----w   c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-30 23:43   1,286,152   ----a-w   c:\windows\system32\msxml4.dll
2008-09-15 12:12   1,846,400   ----a-w   c:\windows\system32\win32k.sys
2008-09-10 01:14   1,307,648   ------w   c:\windows\system32\msxml6.dll
2008-09-04 17:15   1,106,944   ----a-w   c:\windows\system32\msxml3.dll
.

------- Sigcheck -------

2005-03-10 07:49 295424 c29a5286e64d97385178452d5f307b98   c:\windows\$NtServicePackUninstall$\termsrv.dll
2004-08-10 12:00 295424 b60c877d16d9c880b952fda04adf16e6   c:\windows\$NtUninstallKB895961$\termsrv.dll
2008-04-13 17:12 295424 ff3477c03be7201c294c35f684b3479f   c:\windows\ServicePackFiles\i386\termsrv.dll
2008-11-26 08:34 295424 63999d0abd8dabfd76a9c07f6e104868   c:\windows\system32\termsrv.dll
.
((((((((((((((((((((((((((((( snapshot@2008-12-01_14.13.37.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-21 03:02:28   163,328   ----a-w   c:\windows\ERDNT\subs\ERDNT.EXE
- 2005-03-04 09:06:58   49,248   ----a-w   c:\windows\system32\java.exe
+ 2008-12-01 22:04:31   144,792   ----a-w   c:\windows\system32\java.exe
- 2005-03-04 09:07:06   49,250   ----a-w   c:\windows\system32\javaw.exe
+ 2008-12-01 22:04:32   144,792   ----a-w   c:\windows\system32\javaw.exe
- 2005-03-04 10:36:48   127,078   ----a-w   c:\windows\system32\javaws.exe
+ 2008-12-01 22:04:32   148,888   ----a-w   c:\windows\system32\javaws.exe
+ 2008-12-03 18:00:29   16,384   ----atw   c:\windows\Temp\Perflib_Perfdata_110.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-10-31 12:24   576352   --a------   c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-10-31 12:24   576352   --a------   c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-10-31 12:24   576352   --a------   c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"EPSON Stylus Photo RX680 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICJA.EXE" [2007-04-13 182272]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY" [X]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-05 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-05 688218]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2005-02-25 966656]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-28 344064]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-01 136600]
"Logitech Utility"="LOGI_MWX.EXE" [2003-11-07 c:\windows\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-04-17 9117696]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2008-11-08 25214]
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
BigFix.lnk - c:\program files\BigFix\BigFix.exe [2008-06-01 1742384]
FileOpenAPI.exe.lnk - c:\program files\FileOpen\plug_ins\FileOpenAPI.exe [2008-06-01 57344]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-06-02 67128]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:ooVoo TCP port 443
"443:UDP"= 443:UDP:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:ooVoo UDP port 37675
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-11-17 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-11-17 55024]
R2 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [2008-02-18 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-11-23 99376]
R3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\DRIVERS\PTDMBus.sys [2008-06-04 29952]
R3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\DRIVERS\PTDMMdm.sys [2008-06-04 41856]
R3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\DRIVERS\PTDMVsp.sys [2008-06-04 39936]
R3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\DRIVERS\PTDMWWAN.sys [2008-06-04 59520]
S1 c2scsi;c2scsi; []
S3 COH_Mon;COH_Mon;\??\c:\windows\system32\Drivers\COH_Mon.sys [2008-01-12 23888]
S3 el575nd5;3Com Megahertz 10/100 LAN CardBus PC Card Driver;c:\windows\system32\DRIVERS\el575nd5.sys [2008-06-01 69692]
S3 HSFHWATI;HSFHWATI;c:\windows\system32\DRIVERS\HSFHWATI.sys [2008-06-01 200576]
S3 kwkxusb;Kyocera CDMA Wireless Modem Driver;c:\windows\system32\DRIVERS\kwusb2k.sys [2007-08-28 191104]
S3 qcmdmxp;HTC Proprietary USB Driver (PID 0B03);c:\windows\system32\DRIVERS\qcmdmxp.sys [2008-08-25 92800]
S3 qcserxp;HTC Diagnostic Port (PID 0B03);c:\windows\system32\DRIVERS\qcserxp.sys [2008-08-25 92800]
S3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-11-17 7408]

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder

2008-06-01 c:\windows\Tasks\ISP signup reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-04-13 17:12]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-03 11:00:46
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1296)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccProxy.exe
c:\windows\system32\WLTRYSVC.EXE
c:\windows\system32\BCMWLTRY.EXE
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
c:\windows\system32\searchindexer.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\WLTRAY.EXE
c:\program files\Adobe\Acrobat 7.0\Acrobat\Acrobat_sl.exe
c:\progra~1\MICROS~3\rapimgr.exe
c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
c:\windows\system32\verclsid.exe
.
**************************************************************************
.
Completion time: 2008-12-03 11:06:51 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-03 18:06:43
ComboFix2.txt 2008-12-01 22:14:36
ComboFix3.txt 2008-12-01 21:35:17
ComboFix4.txt 2008-12-01 21:14:34

Pre-Run: 38,588,633,088 bytes free
Post-Run: 38,618,279,936 bytes free

327   --- E O F ---   2008-11-12 13:27:53

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:08:44, on 12/3/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\LOGI_MWX.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\BigFix\BigFix.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\FileOpen\plug_ins\FileOpenAPI.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo RX680 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICJA.EXE /FU "C:\WINDOWS\TEMP\E_S343.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_1_0 -reboot 1
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: FileOpenAPI.exe.lnk = C:\Program Files\FileOpen\plug_ins\FileOpenAPI.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212376501765
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{310E12DE-FBE4-44B3-87CA-A01D9BBBA7B2}: NameServer = 66.174.92.14 69.78.96.14
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 12594 bytes

Thank you the Pop Up didn't come up when the computer restarted

Rob

bamajim · « **Reply #14 on:** December 03, 2008, 12:25:49 PM »

RobSedona

Excellent!

How's your PC running now?

News:

Author Topic: [ Done ] I have a Pop Up MSC that Spyware.Ispynow (Read 2701 times)

RobSedona

[ Done ] I have a Pop Up MSC that Spyware.Ispynow

bamajim

Re: I have a Pop Up MSC that Spyware.Ispynow

RobSedona

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

RobSedona

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

RobSedona

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

RobSedona

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

bamajim

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

RobSedona

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

bamajim

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

RobSedona

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

bamajim

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

RobSedona

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

bamajim

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

RobSedona

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow

bamajim

Re: [ In Progress] I have a Pop Up MSC that Spyware.Ispynow