User99

Hello, guys. I'll give you the full low-down of my problem that occured today. I'm on a vista premium laptop and today my facebook status was changed without my knowledge. So, I thought it may have been a mate kidding around but upon fully scanning with avira antivir, a trojan was detected.

I know this is no help that I can't offer exactly what the trojan name was, but it was along the lines of '[...]FraudLoad.vaag', so I reformatted via the vista OS OEM disk and 'formatted' both hard-drives or partitions as I'm not fussed about losing any data on the laptop. Now, I've completely reformatted vista and changed all my passwords via another clean computer. For some reason, I am still paranoid that I'm still infected. I ran another full virus scan via mcafee security centre after the format and it threw up 6 detections and removed all 6 detections (I couldn't even check what the file names/source was as windows update restarted the computer straight after the scan so I don't even know whether they were actual threats).

I'd be appreciative if any of you guys could give me information on what this FraudLoad.vaag was and just as importantly review the following info (the stuff you guys require from the sticky) and check the laptop is clean now. Also, is it possible that it could have infected another laptop in the house that connects wirelessly? (I don't file share or connect them over the network). I use paypal and such and I've never been 'hacked' before so I have no idea when I contracted the trojan at all and I've NEVER dl'ed any p2p programs etc. nor have I even dl'ed anything of recent. I'm wondering whether it could have infected my iPod when I'm syncing it up to add songs and such and transfer university work? If that is possible, does that mean if I connect the iPod that I'll get infected again? I've virus scanned the other laptop in the house with kaspersky and the only thing it came up with was adobe not having the latest vendor patch, but no suspect trojans etc.

Oh, before I throw up the logs, I ran another virus scan on mcafee which popped up with no detections this time. I would however like if someone could give me the all clear as it would be relieving. Thank you very much in advance.


(Via mcafee)


Details
Number of items scanned: 115042
Number of items detected: 0
Number of items repaired: 0
Number of items quarantined: 0
Number of items removed: 0


DDS (Ver_09-07-30.01) - NTFSx86
Run by Scott at 23:35:17.32 on 17/09/2009
Internet Explorer: 7.0.6000.16448
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.44.1033.18.1790.951 [GMT 1:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Scott\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptcl.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
uRun: [Power2GoExpress] NA
uRunOnce: [UniblueRegistryBooster] "c:\program files\uniblue\registrybooster 2009\launcher.exe" delay 20000
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
uPolicies-system: NoHotStart = 0 (0x0)
mPolicies-system: NoHotStart = 0 (0x0)

================= FIREFOX ===================

FF - ProfilePath - c:\users\scott\appdata\roaming\mozilla\firefox\profiles\f4jw5i97.default\
FF - prefs.js: browser.startup.homepage - about:blank

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\drivers\KMDFMEMIO.sys [2009-9-17 13312]

=============== Created Last 30 ================

2009-09-17 22:07 <DIR> --d----- c:\users\scott\appdata\roaming\Uniblue
2009-09-17 19:29 <DIR> --d----- c:\users\scott\Tracing
2009-09-17 19:27 <DIR> --d----- c:\program files\Microsoft
2009-09-17 19:27 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-09-17 19:26 <DIR> --d----- c:\windows\PCHEALTH
2009-09-17 19:17 <DIR> --d----- c:\program files\common files\Windows Live
2009-09-17 18:57 224,768 a------- c:\windows\system32\drivers\usbport.sys
2009-09-17 18:57 192,000 a------- c:\windows\system32\drivers\usbhub.sys
2009-09-17 18:57 38,400 a------- c:\windows\system32\drivers\usbehci.sys
2009-09-17 18:57 19,456 a------- c:\windows\system32\drivers\usbohci.sys
2009-09-17 18:57 8,704 a------- c:\windows\system32\hccoin.dll
2009-09-17 18:57 5,888 a------- c:\windows\system32\drivers\usbd.sys
2009-09-17 18:56 53,760 a------- c:\windows\system32\drivers\hdaudbus.sys
2009-09-17 18:55 167,424 a------- c:\windows\system32\ActionQueue.dll
2009-09-17 18:54 66,048 a------- c:\windows\system32\drivers\smb.sys
2009-09-17 18:51 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-09-17 18:50 83,456 a------- c:\windows\system32\wudriver.dll
2009-09-17 18:49 162,064 a------- c:\windows\system32\wuwebv.dll
2009-09-17 18:49 31,232 a------- c:\windows\system32\wuapp.exe
2009-09-17 18:48 146,944 a------- c:\windows\system32\MMDevAPI.dll
2009-09-17 18:48 5,248 a------- c:\windows\system32\Config.MPF
2009-09-17 18:48 911,872 a------- c:\windows\system32\WlanMM.dll
2009-09-17 18:48 627,712 a------- c:\windows\system32\WLanConn.dll
2009-09-17 18:47 152,576 a------- c:\windows\system32\profsvc.dll
2009-09-17 18:47 29,184 a------- c:\windows\system32\profprov.dll
2009-09-17 18:47 10,702 a------- c:\windows\system32\wbem\UserProfileWmiProvider.mof
2009-09-17 18:46 503,480 a------- c:\windows\system32\drivers\ndis.sys
2009-09-17 18:44 500,224 a------- c:\windows\system32\msdtcprx.dll
2009-09-17 18:44 30,208 a------- c:\windows\system32\xolehlp.dll
2009-09-17 18:43 140,392 a------- c:\windows\system32\drivers\pci.sys
2009-09-17 18:43 50,792 a------- c:\windows\system32\drivers\termdd.sys
2009-09-17 18:43 50,280 a------- c:\windows\system32\drivers\volmgr.sys
2009-09-17 18:43 28,776 a------- c:\windows\system32\drivers\mssmbios.sys
2009-09-17 18:43 22,632 a------- c:\windows\system32\streamci.dll
2009-09-17 18:43 13,928 a------- c:\windows\system32\drivers\msisadrv.sys
2009-09-17 18:43 12,776 a------- c:\windows\system32\drivers\swenum.sys
2009-09-17 18:41 822,784 a------- c:\windows\system32\wininet.dll
2009-09-17 18:41 56,320 a------- c:\windows\system32\iesetup.dll
2009-09-17 18:41 1,383,424 a------- c:\windows\system32\mshtml.tlb
2009-09-17 18:40 311,296 a------- c:\windows\system32\mswmdm.dll
2009-09-17 18:40 36,864 a------- c:\windows\system32\wmdmps.dll
2009-09-17 18:40 31,744 a------- c:\windows\system32\wmdmlog.dll
2009-09-17 18:39 33,978 a------- c:\windows\system32\RacUR.xml
2009-09-17 18:39 2,048 a------- c:\windows\system32\wertargets.wtl
2009-09-17 18:38 376,320 a------- c:\windows\system32\winsrv.dll
2009-09-17 18:38 49,664 a------- c:\windows\system32\csrsrv.dll
2009-09-17 18:38 2,026,496 a------- c:\windows\system32\win32k.sys
2009-09-17 18:38 633,856 a------- c:\windows\system32\user32.dll
2009-09-17 18:37 4,153,344 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-17 18:37 1,686,016 a------- c:\windows\system32\gameux.dll
2009-09-17 18:36 414,208 a------- c:\windows\system32\msscp.dll
2009-09-17 18:36 974,336 a------- c:\windows\system32\crypt32.dll
2009-09-17 18:36 104,448 a------- c:\windows\system32\DWWIN.EXE
2009-09-17 18:35 74,752 a------- c:\windows\system32\drivers\rasl2tp.sys
2009-09-17 18:35 60,928 a------- c:\windows\system32\drivers\raspptp.sys
2009-09-17 18:34 135,680 a------- c:\windows\system32\wusa.exe
2009-09-17 18:33 229,888 a------- c:\windows\system32\msshsq.dll
2009-09-17 18:33 292,352 a------- c:\windows\system32\psisdecd.dll
2009-09-17 18:33 218,624 a------- c:\windows\system32\psisrndr.ax
2009-09-17 18:33 80,896 a------- c:\windows\system32\MSNP.ax
2009-09-17 18:33 68,608 a------- c:\windows\system32\Mpeg2Data.ax
2009-09-17 18:33 57,856 a------- c:\windows\system32\MSDvbNP.ax
2009-09-17 18:27 37,480 a------- c:\windows\system32\drivers\mfesmfk.sys
2009-09-17 18:27 32,008 a------- c:\windows\system32\drivers\mferkdk.sys
2009-09-17 18:27 34,184 a------- c:\windows\system32\drivers\mfebopk.sys
2009-09-17 18:27 170,408 a------- c:\windows\system32\drivers\mfehidk.sys
2009-09-17 18:27 71,496 a------- c:\windows\system32\drivers\mfeavfk.sys
2009-09-17 18:27 117,848 a------- c:\windows\system32\drivers\Mpfp.sys
2009-09-17 18:27 <DIR> --d----- c:\program files\McAfee.com
2009-09-17 18:27 <DIR> --d----- c:\program files\common files\McAfee
2009-09-17 18:26 <DIR> --d----- c:\program files\McAfee
2009-09-17 18:26 <DIR> --d----- c:\programdata\McAfee
2009-09-17 18:25 172,032 a------- c:\windows\SMCM.dll
2009-09-17 18:25 2,438 a------- c:\windows\ebm.reg
2009-09-17 18:20 377,856 a------- c:\windows\system32\SetAutoConsole.exe
2009-09-17 18:20 9,541 a------- c:\windows\system32\SetAutoFailover.cmd
2009-09-17 18:20 151 a------- c:\windows\system32\SamsungSetAutoFailover.cmd
2009-09-17 18:20 <DIR> --d----- c:\windows\WinClon
2009-09-17 18:19 <DIR> --d----- C:\Samsung
2009-09-17 18:19 <DIR> --d----- c:\windows\system32\NetsyncAgent
2009-09-17 18:18 <DIR> --d----- c:\program files\MSSOAP
2009-09-17 18:18 <DIR> --d----- c:\program files\common files\MSSoap
2009-09-17 18:16 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_KMDFMEMIO_01000.Wdf
2009-09-17 18:15 13,312 a------- c:\windows\system32\drivers\KMDFMEMIO.sys
2009-09-17 18:15 135 a----r-- c:\windows\system32\lngEng.ini
2009-09-17 18:15 117 a------- c:\windows\system32\lngKor.ini
2009-09-17 18:15 <DIR> --d----- c:\program files\Samsung
2009-09-17 18:12 <DIR> --d----- C:\MyWorks
2009-09-17 18:12 631 -------- C:\PDVD.iss
2009-09-17 18:12 47,136 a------- c:\windows\system32\msxm9250.rra
2009-09-17 18:12 27,168 -------- c:\windows\system32\msxml3a.dll
2009-09-17 18:11 <DIR> --d----- c:\programdata\Adobe
2009-09-17 18:10 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-09-17 18:10 <DIR> --d----- c:\program files\Synaptics
2009-09-17 18:10 182,584 a------- c:\windows\system32\drivers\SynTP.sys
2009-09-17 18:10 1,060,424 a------- c:\windows\system32\WdfCoInstaller01000.dll
2009-09-17 18:10 196,608 a------- c:\windows\system32\SynCtrl.dll
2009-09-17 18:10 163,840 a------- c:\windows\system32\SynCOM.dll
2009-09-17 18:10 143,360 a------- c:\windows\system32\SynTPAPI.dll
2009-09-17 18:10 110,592 a------- c:\windows\system32\SynTPCo4.dll
2009-09-17 18:09 <DIR> --d----- c:\program files\Atheros WLAN Client
2009-09-17 18:08 245,248 a------- c:\windows\system32\drivers\yk60x86.sys
2009-09-17 18:07 <DIR> --d----- c:\windows\system32\RTCOM
2009-09-17 18:07 319,456 a------- c:\windows\DIFxAPI.dll
2009-09-17 18:07 1,191,936 a------- c:\windows\RtlUpd.exe
2009-09-17 18:07 4,489,216 a------- c:\windows\RtHDVCpl.exe
2009-09-17 18:07 1,787,816 a------- c:\windows\system32\drivers\RTKVHDA.sys
2009-09-17 18:07 532,480 a------- c:\windows\system32\RTSndMgr.cpl
2009-09-17 18:07 970,752 a------- c:\windows\system32\EDSPropPageExt.dll
2009-09-17 18:07 71,680 a------- c:\windows\system32\EDSAPODll.dll
2009-09-17 18:07 <DIR> --d----- c:\program files\Realtek
2009-09-17 18:07 315,392 a------- c:\windows\HideWin.exe
2009-09-17 18:07 520,192 -----r-- c:\windows\RtlExUpd.dll
2009-09-17 18:04 <DIR> --d----- c:\program files\ATI Technologies
2009-09-17 18:04 3,107,788 a------- c:\windows\system32\atiumdva.dat
2009-09-17 18:04 339,968 a------- c:\windows\system32\ATIDEMGX.dll
2009-09-17 18:04 43,760 a------- c:\windows\system32\drivers\ativvpxx.vp
2009-09-17 18:04 11,557 a------- c:\windows\atiogl.xml
2009-09-17 18:04 2,096 a------- c:\windows\system32\drivers\ativpkxx.vp
2009-09-17 18:04 2,096 a------- c:\windows\system32\drivers\ativokxx.vp
2009-09-17 18:04 2,096 a------- c:\windows\system32\drivers\ativdkxx.vp
2009-09-17 18:03 <DIR> --d----- c:\program files\ATI
2009-09-17 18:03 <DIR> --dsh--- c:\windows\Installer
2009-09-17 18:02 7,680 a------- c:\windows\system32\drivers\AtiPcie.sys
2009-09-17 17:59 <DIR> --d----- c:\users\Scott

==================== Find3M ====================

2009-09-17 19:08 51,200 a------- c:\windows\inf\infpub.dat
2009-09-17 19:07 665,600 a------- c:\windows\inf\drvindex.dat
2009-09-17 19:07 86,016 a------- c:\windows\inf\infstor.dat
2009-09-17 19:07 86,016 a------- c:\windows\inf\infstrng.dat
2009-09-17 18:46 160,872 a------- c:\windows\system32\halmacpi.dll
2009-09-17 18:46 134,760 a------- c:\windows\system32\halacpi.dll
2009-09-17 18:37 449,024 a------- c:\windows\apppatch\AcSpecfc.dll
2009-09-17 18:37 2,560 a------- c:\windows\apppatch\AcRes.dll
2009-09-17 18:37 2,143,744 a------- c:\windows\apppatch\AcGenral.dll
2009-09-17 18:37 537,600 a------- c:\windows\apppatch\AcLayers.dll
2009-09-17 18:37 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-07-26 16:44 48,448 a------- c:\windows\system32\sirenacm.dll
2006-11-02 13:50 174 a--sh--- c:\program files\desktop.ini
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2007-01-03 11:52 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT

============= FINISH: 23:35:50.61 ===============

Attached Files

Attach.zip.zip (2.0 KB, 0 views)

User99

Bump, please.